last executing test programs:

7.998336657s ago: executing program 0 (id=1160):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0xb4}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000580)=[0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x45, &(0x7f0000000680)=[{}], 0x8, 0x10, &(0x7f00000006c0), 0x0, 0x0, 0x89, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000005c0)=ANY=[@ANYRES16=r2], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x10, 0x3}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0}, {&(0x7f0000000540)=""/29, 0x1d}], 0x3, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff0}], 0x1, 0x40012140, &(0x7f0000000a00))
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x41, 0x0, 0x7, 0x7ffc0001}]})
syz_io_uring_setup(0x2641, &(0x7f0000000980)={0x0, 0xb606, 0x80, 0x10000000}, &(0x7f0000000940), &(0x7f0000000280))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_stats_latency\x00', r7, 0x0, 0x40000000}, 0x18)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
unshare(0x22020600)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x100b300, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)

7.204904078s ago: executing program 0 (id=1165):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010300007541ef7100001100000008000300", @ANYRES32=r1], 0x1c}}, 0x0)

7.106134665s ago: executing program 0 (id=1168):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xd4}}, 0x0)

6.86655129s ago: executing program 0 (id=1169):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000200)=ANY=[@ANYBLOB="0100"])
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r1], &(0x7f0000000200), &(0x7f0000000580), 0x0})

6.730629632s ago: executing program 0 (id=1170):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00'})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r5, &(0x7f0000000280)={0x1, 0x2d, 0x0, 0x3a, 0xfffffffffffffffe, 0x2c}, 0x48)
getsockopt$inet6_tcp_buf(r5, 0x6, 0xd, 0x0, &(0x7f0000000280))
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)={[&(0x7f0000000180)='.+-:\x00', &(0x7f0000000740)=' 6\xd3V\xde\x19\x82\xc3y\x1a$\x17T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x13\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\\h\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc\xdc\n\x88\xfc\xcci\xc1\xe8\xf8\x1e6&\bE\x8f\x9b\xc6\x8d0\xa7 -\xecC8O*7\xfa&\xf9\aC\xab\x03g\x06<Z\x16\x94\x9a\xe6\x8d\x10Y-\xf9\xd1\x8a\x8e\xc8\x0f\x89<O>\xda\x8c)\xae\xe3\x16\x9dz\x87\xd6OZX\xa4\xee\xa7\xebe\x14Qp\x96\x00\xd0VK\xe2$i\xd4\xcb-\xd4\x82w\x13\x98\xfcW\x9d\xff\xed\xd4\x14;]\xf8\xccS\xddl\x96v\x97\x988\xa7sQ\x1aN\xbdU.\x89\\\xfa\xc2\xcd\xde', &(0x7f0000000640)='s\x00\xd0(\x00itq.\xe4o\xd7\xe1I\xd3\b\xcd\xbf\xc6\xf8\x12\xde>=M\xe1\xd9;\x84\xcb\xbb\x8c\xea\x10\x8d\x97\x83\xa3\xc3\x99K\aP\xca<\x9c\xc8\xf25*D\x11wMS\x01\x9aFu\x06\xa9q?uN7\xab\xa0d\x06<\xe7\xbf\xf9\xd6\xc4n\xca\xd7\x93\xf6{\x10\x15\xfc{DG\x01)\xb9\xc0\xe7\x86\xaf\xce\xbb\x19\xa0\xe6Q>\xbfO\xc8\xbf}=y\f\xac\xdd~\xa2~\x10\x83B\xb1\x95\x1f\xa8\xac\xed\xf3\x95\x8b+\xccG\xa9\xf6$\x10\x0f\xf4\xed\x9d\xaa\x12M}\xfa\x8ew.\x83,\x9d\x0e\xa5-T\x8e\x9cF\x00\xec\x01W\xb5\x9bL\xe4\x85\xfb\xf7\x1d\xa7\xdf\x8e\x19\xfc\xcd\xdb\x91F\xf1\xdc\x9b{\xde\x98\xb8\xfd*`\xb1\xd2V\n\x00\'CD\xe5\xa0\xf2,\xef\x97\x12=\nX&K/r\x8bi\bK\t\xc5\xa49}\xc5\vI\x16<!\xe5\x03l\xdc\xfd\xa4e\xc317\xbf(\xb2\xf1\x17\xeb\xd7:\\@\xfc\xbbB;\x96\x7f\xc2\xf0\xcboD', 0x0, &(0x7f0000000480)='+.\x00\x88(\xfe*\xc8\x91\n\xd0\x1f\xc2Q,\xc9]a\xd6\xda\xe0\x8b.\xb6}\x12N\xed\x9e\xb2\x96o\x1f\x05c\xce\x0f\xc8\xfb\xec\xbb\xb8\xe4\x14\x95\x9cd\xd5E\xbf\x94\x95\xdf\xcb\x9b3\xbfm\x8b\xd0\x1e\xe2k\x8b\xd6\xe0~2\xaeeD\xee\x1b2\xc8\x0f\x80s\xb7\xb6\xe7On\xd5\xc7X\xa5j \f\xa8\x1eO\xb2\xd8\xa92>\x00\x00\x00\x00v\xafQ\xb6K\'W#5\xa8\xaa\x99\xfdu\xa52 #\xd6\x8f#\xad\xceu\xbbA\r\xe58\xff\xc2\x19SO\xce@\x8d\x86\xca\x94\xe0C(\xd3\"\x94\b\xda\xd9+\xf9\x05\xc5J\xd1\x17\x85>\a{s\x82\x8d\x96\xa3\xec\xee\xcar\x8b\xaeW\xe4\xd8l4\xa2*\x93\xe7\xd4|\x13\x01\x14\x94\xe5\x1d\x0e\x8f\xac<\xd8\xba\x0e2\xd2\xd0\xaaB>\xc8-\xb1\xc9%\fs\x1e\x9a\x8fKDBJ#\xebqW\xeab\xc7y\'n\xda+\x8b<\xdf\x9ejn\x97\xa66y\xec)\xb0\xda\xcf\xf7:\xfc\xe2M\xce\xfd\x00\x17\xc1\xd9E\x95S\xfa\x95(?\x9c]\xa6\xd1GPm\x14\xd3\xf5X\xb3\x9e\xf8\x15\xb4\xb6\xe9\x0e\x8c', 0x0]})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mq_notify(r5, &(0x7f0000000300)={0x0, 0x3e, 0x4, @tid=r1})
close(r6)

5.571828711s ago: executing program 2 (id=1175):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x7, [@var={0xe, 0x0, 0x0, 0xe, 0x2}, @const={0xa}]}, {0x0, [0x1e, 0x5f, 0x61, 0x2e, 0x0]}}, &(0x7f0000000180)=""/192, 0x3b, 0xc0, 0x0, 0x8d55}, 0x28)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x2}]})

5.398884127s ago: executing program 2 (id=1176):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=@newtaction={0x1348, 0x30, 0x1, 0x0, 0x0, {}, [{0x1334, 0x1, [@m_ct={0x34, 0x9, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_ACTION={0x6, 0x3, 0x3d}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xa0, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x5a, 0x6, "a5407e5b89d35c472a405e38f60ac2fa93bd56806d5d87a810509be33bed1d54a1f55473227bf62af95daa24e95714a8e74978dba2d6e7743eadb2577baef77daf4d72c19378c37364661861f36f8fb3b5f9578a2ca3"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_simple={0x14c, 0x11, 0x0, 0x0, {{0xb}, {0x4c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x3, 0x8, 0x4, 0xffff}}, @TCA_DEF_PARMS={0x18, 0x2, {0x1, 0xc61, 0x4, 0x2, 0x80}}, @TCA_DEF_PARMS={0x18, 0x2, {0x100, 0x1, 0xffffffffffffffff, 0x1, 0x8}}]}, {0xd6, 0x6, "4dd39bdf1a272e1db18e485e53dc8a0d6f98df972dcc9a8e7f323175abf12e67cda5ef488d4a11c66fdf20540569d97b54106ae028a31ccc71a876b6c17fa26057479c1d10c3a900d5f6554b158edbfb3234a71b9c99fcd94d615aa0c642e599ba9e182ff38b432dda4f094395b9c3a5f9c3888797201bcb33854b0cf2b99e6c4b9e651973116a568030b690d204bde338ebe0e00fc7b8b2377aac22a7d692f09f82bee84dbc1e6977a911f7c62d37148880c10158c6b848374a31bd0a519a9c088370ebf1b3bf57813635cab79338cba160"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_police={0x1110, 0x1b, 0x0, 0x0, {{0xb}, {0x10d8, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x6, 0x82de, 0xf7, 0x0, 0x7fffffff, 0x8001, 0xd6eb, 0x80, 0x4, 0x11, 0xfffffff7, 0x460, 0x0, 0x17200000, 0x7, 0x4, 0x1000, 0x9, 0xd3, 0x32, 0x800, 0x7f, 0x5000000, 0x5, 0xbd3, 0x7f, 0x1, 0x400, 0xfffffffe, 0x0, 0x2, 0x4, 0xc, 0x4, 0x0, 0x2, 0x8, 0xffffffc0, 0x9, 0x8, 0x9, 0x2, 0x1, 0x6, 0x5, 0x2, 0x6a52, 0x3ff, 0x1, 0x10, 0x9, 0x2, 0x3, 0xffff, 0x7, 0xffff19c8, 0x401, 0x1, 0x6, 0x22, 0x6, 0x5, 0x7, 0x7, 0x9, 0x8001, 0x9, 0x4, 0x1, 0x4, 0xa, 0x917, 0x6, 0x7, 0x400, 0x4, 0x80, 0x0, 0x7, 0x7dd, 0x8, 0x1, 0x101, 0x88b6, 0x5, 0x6, 0x0, 0x9, 0x7, 0x1, 0x2e9f, 0x7, 0x9, 0x4, 0x8000, 0x2, 0x2, 0xe0, 0x8, 0x4, 0x81, 0x9, 0x7fff, 0x8, 0xfffffffb, 0x5, 0x6, 0x1, 0x7, 0x1, 0x10, 0x2709, 0xb, 0x9, 0x6, 0x400, 0x6, 0x5, 0xff, 0x401, 0x81, 0xe8, 0x9, 0x4, 0x400, 0x3, 0x7, 0x6, 0x9, 0x6, 0xc07, 0xffffffff, 0x40, 0xffffffff, 0x6, 0x5, 0x2400, 0xd8f, 0x4, 0x100, 0x1, 0xde2, 0x2, 0x8001, 0x0, 0x0, 0x6, 0x7ff, 0x621d, 0x10000, 0x80000001, 0xffff9915, 0x6, 0x9, 0xd, 0x0, 0x8, 0x70, 0x4, 0xf8, 0x3, 0x3, 0x9, 0x956, 0x80000000, 0x4, 0x3, 0x100, 0x6, 0x10000, 0xcd, 0x4, 0x6, 0x7e6, 0xab4, 0xe, 0x8, 0x80000000, 0x2, 0x80, 0x4, 0xffffff81, 0x4, 0xe, 0x5, 0x39e27082, 0x10001, 0x6, 0x951, 0x7c, 0xfffffffd, 0x9, 0x7, 0xffff2b3a, 0x5565, 0x3, 0x5, 0x9, 0x3, 0x1, 0xa1, 0x6, 0xfffeffff, 0x5, 0x6, 0x5, 0xd70, 0xe, 0x1, 0x6, 0x6, 0xfffffffd, 0x80000000, 0x2, 0x1, 0x55, 0xfff, 0x0, 0x8, 0x2, 0x3, 0x6, 0x40, 0x7, 0x8, 0x1000, 0x6, 0x290, 0x65ef, 0xdac, 0x3e, 0x9, 0x3, 0x0, 0x6, 0x2, 0x2000000, 0x4, 0x0, 0x9, 0xfff, 0x7, 0x0, 0x8b4, 0x39ed, 0x4, 0x7, 0x5, 0x3, 0x0, 0x8, 0x9, 0x1, 0x80000000, 0x9]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8001}, @TCA_POLICE_RESULT={0x8, 0x5, 0xb}, @TCA_POLICE_RATE={0x404, 0x2, [0x13f, 0x0, 0x0, 0xffff, 0x9, 0x6, 0x2, 0x5, 0xff, 0x2, 0x6, 0x4, 0xfd, 0x7, 0x800, 0x9, 0x9, 0x3, 0xfffffffb, 0x6, 0x7, 0x271, 0x8, 0x2, 0x8, 0xa, 0x1, 0x6, 0x6, 0x2, 0xf, 0x0, 0x7, 0xb, 0x4, 0x3ff, 0xe, 0x1, 0x7, 0x0, 0x9, 0x9, 0x8, 0x6, 0x5, 0x4, 0x0, 0xb, 0x80000001, 0xdbd7, 0x14d, 0xffffff59, 0x8c, 0x4, 0x4, 0x7ff, 0x7, 0x4, 0xd, 0x10000, 0x80, 0x4, 0x7ff, 0x8, 0x0, 0xff, 0x5, 0x1, 0x81, 0x1, 0x0, 0x7fff, 0x9, 0x5, 0x9, 0x6, 0x1, 0xffffffff, 0xfffff98d, 0x9, 0xa, 0x6, 0xd, 0x101, 0x3ff, 0x72c781ec, 0x8001, 0x4, 0x0, 0x8000, 0x7ff, 0x81, 0x3, 0x2, 0x4, 0x0, 0x6, 0x401, 0x2, 0x6d3f, 0x5, 0x3, 0x3, 0x8, 0x6, 0x1a8, 0x9, 0xfff, 0xfffffffe, 0x3ee4d4aa, 0x7ff, 0x9, 0x3, 0x9, 0x7, 0x7fffffff, 0xb2, 0x8, 0xc4, 0x7, 0x3, 0x73c, 0x3c6, 0x4, 0x5, 0xe0, 0x6, 0x8, 0x0, 0x3, 0xc387, 0x0, 0x8, 0x4, 0x7, 0x5, 0x634, 0x6, 0xfff, 0xfc8, 0x904e, 0xff, 0x1ff, 0x6, 0x400000, 0x1, 0xec, 0x3, 0x663, 0x2, 0x5, 0xe, 0x9, 0x0, 0x8, 0x698, 0x7, 0x174, 0xc57, 0x0, 0x0, 0x1e, 0x3, 0x40, 0xac, 0x2, 0x3, 0x8, 0x7, 0x5, 0xffffffff, 0xfffffff4, 0xffffffff, 0xf, 0x1, 0x8615, 0xc, 0x7, 0x30d, 0x3, 0x5, 0x10, 0x8, 0x4, 0x2ae, 0x3, 0x3000, 0x6, 0x4, 0xfff, 0x8, 0x2, 0x2, 0x8, 0x200, 0x0, 0xc7, 0xfffffff8, 0x6b, 0x1ff, 0x0, 0xfffffbff, 0x8, 0x48d, 0x4, 0x8, 0x9, 0x6, 0x6, 0x200, 0x1ff, 0x10001, 0x80000001, 0x7, 0x0, 0x3, 0x7f, 0x9, 0x6, 0xfffffff3, 0x3, 0x9, 0x0, 0x7, 0x10001, 0x0, 0x0, 0x35d6, 0x9, 0x9, 0x9, 0x6, 0x3, 0x4, 0x0, 0x4, 0x5, 0x98ab, 0x4, 0x3, 0x8fc7, 0x9, 0x1000, 0xff000000, 0x0, 0x0, 0x88, 0x2, 0x5, 0x874, 0x800, 0x6, 0xfffffffd, 0x0, 0x7, 0x8c9e]}, @TCA_POLICE_PEAKRATE64={0xc}], [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0xffffffff, 0x4, 0x5, 0x4, 0x0, 0x1, 0x9, 0x2e, 0xffffffff, 0x5, 0x1, 0x0, 0x7fff, 0xdde8, 0xc59e, 0x7, 0x6, 0x94, 0x6, 0x5, 0xab01, 0x0, 0x0, 0x3, 0x0, 0x55, 0x29, 0x5, 0x7fff, 0x5, 0xa, 0x3, 0x1ff, 0x55a6, 0x7, 0x1, 0x8, 0x6, 0x3, 0x7ff, 0x9, 0xfffffc00, 0xc187, 0x51d, 0x3dfc, 0x0, 0x7, 0xfffffff7, 0x5f, 0x1, 0x1, 0x1, 0x6, 0x8, 0x7ff, 0x6c6, 0x9, 0x10, 0x1, 0x3a8f, 0x7, 0x10001, 0x4, 0x5, 0x7, 0x8, 0x5, 0xed, 0x206, 0x8, 0xe2, 0x3ff, 0xb, 0x80000001, 0x3, 0x10001, 0x7, 0x7fffffff, 0x0, 0x2c, 0x2, 0x9, 0x5800, 0x9, 0xaa, 0x0, 0x1, 0x3, 0x8000, 0x4, 0x8, 0x3, 0x5, 0xffff, 0x7, 0x4, 0xfffffff8, 0x1ff, 0xfffffffd, 0x10, 0x3, 0x1, 0xef, 0xb, 0x6, 0x400, 0xb, 0x2620ff4a, 0x5, 0x6, 0x0, 0x6, 0xa, 0x0, 0x8, 0x5, 0x0, 0xa9fd, 0x1, 0x5, 0x2, 0x0, 0x9, 0xc1, 0x38, 0x4, 0x3, 0xd79, 0xfe, 0xc9, 0x6, 0x4acf72d3, 0x4, 0x2, 0x4dcd, 0x1, 0x6, 0x5, 0x8001, 0x1, 0x5, 0x9, 0x0, 0x0, 0x3ff, 0xffffffff, 0x2, 0x0, 0x9, 0x100, 0x0, 0x8, 0x6, 0x4, 0x4, 0x3, 0x208, 0x6, 0x101, 0xf, 0x2, 0x1, 0xffff, 0x200, 0x205, 0x4, 0x3, 0xfffffffe, 0x9, 0xfffffffd, 0x1ff, 0xfffffff8, 0x59, 0xfffffc01, 0x50a, 0xfffffff7, 0xa, 0xfffffffd, 0x1, 0x6509, 0x5, 0x1000, 0x5, 0x10000, 0x400, 0x0, 0x5, 0x5, 0xfffffff8, 0x10000, 0x8001, 0xffff56bc, 0x9, 0x6, 0x8, 0x400, 0xffffffff, 0x1000, 0x6, 0xa54, 0x3, 0xd, 0x1, 0x1, 0x401, 0x30, 0x9, 0x2, 0xffffffff, 0x0, 0x7, 0xfffffffe, 0x2, 0x7f, 0x2, 0x5, 0x5, 0x10001, 0xa59, 0x7, 0x9, 0x6, 0x6, 0x2, 0x42, 0xffff, 0x35, 0x2, 0x9, 0x9, 0xf1d, 0x7, 0x7, 0x1, 0x9, 0x2, 0x2, 0x4, 0xffff0001, 0x4, 0x80, 0x0, 0x1, 0x70ff, 0x6, 0x10001, 0x9, 0x5, 0xffffff73, 0x401, 0xff, 0xfffffffa, 0x4, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x800}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x1, 0xfffffffc, 0x0, 0x80000001, {0x52, 0x1, 0xfff, 0x9, 0x4, 0x1}, {0x8, 0x2, 0x8, 0xd53, 0x0, 0x5}, 0x6, 0xa, 0xfffff001}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x3, 0x5, 0xfffffff9, 0x1ff, 0x9c3, 0x689c0747, 0xb43, 0x8, 0x4, 0x9, 0x1, 0xffff, 0x8000, 0x8, 0x8, 0xf569, 0x7, 0xf, 0x9, 0x4, 0x0, 0x4, 0x10000, 0x27, 0x9c9, 0xf, 0x9, 0x5b400, 0x6, 0x1ff, 0xae2e, 0xffffffff, 0x2, 0x976, 0x7, 0xfffffffe, 0x5, 0x4161, 0x7, 0x7, 0xffffff21, 0xc, 0x8, 0xb73f, 0x309b299a, 0x6, 0x1, 0x3, 0x9, 0x4, 0x80000000, 0x1000, 0x7, 0xffffffff, 0x2, 0x84e6, 0x6bcc792f, 0x400, 0x8, 0x7, 0x5, 0x0, 0x10001, 0x7fff, 0x6, 0x2, 0x9, 0x4, 0xffffffff, 0x5908, 0x6, 0x4, 0x9, 0xffffffff, 0x7, 0x3, 0xff, 0xfffffffd, 0x9, 0x8000, 0xff, 0x80000000, 0x6, 0x3, 0x4, 0x1, 0x80000001, 0xfffff9ac, 0x8, 0x5, 0x8001, 0x101, 0xffff0000, 0x8b6c, 0xe, 0x4, 0x0, 0x4, 0x80000000, 0x6, 0x2, 0x941, 0x7, 0x1c, 0x6, 0x7, 0x80000000, 0xa481, 0x10, 0x8, 0xfc98, 0x8, 0x0, 0x9, 0x3, 0x40, 0x2, 0x3bfa, 0x5, 0xa, 0x12800000, 0x1, 0x9, 0x2, 0x8, 0x389e, 0x1, 0x4, 0x4, 0x8, 0x7, 0x4, 0xfffffff9, 0x91, 0x4, 0x5, 0xfffffffe, 0x1f7, 0x1, 0x3e2c38ca, 0x4, 0xffffff5a, 0x0, 0x8, 0x3ff, 0x8, 0x99a, 0x4, 0x2, 0x8, 0x3, 0x3, 0x1, 0x40, 0x10, 0x4, 0x6, 0x1, 0x7bb9f59f, 0xe, 0x7fff, 0x4, 0x6, 0xffff, 0x8001, 0xffff, 0x7, 0x10000, 0x800000, 0x43fc, 0x0, 0x0, 0x9, 0x4d, 0x4, 0x4, 0x5, 0x8, 0x7167, 0x1, 0x5, 0x3, 0xb6, 0x8, 0x8, 0x8, 0x9, 0x9, 0xd4, 0x9, 0x8, 0x80000000, 0xfffffffb, 0x4, 0x2, 0x19, 0x9, 0x8, 0xc, 0x5053, 0x7ff, 0x9, 0x0, 0x1, 0x7, 0x7fff, 0x9, 0x61db, 0xc, 0xfffffff9, 0x1000, 0x0, 0x8001, 0x0, 0x5297, 0xee, 0x2, 0x80000000, 0xfffffffc, 0x4, 0x3, 0x0, 0x7, 0x5, 0x7, 0x4, 0x2, 0xffff, 0xfffffff9, 0x1, 0x3, 0x1, 0x200, 0x90, 0x6, 0xeb4c, 0x6, 0xddd, 0x9f6, 0x68f5, 0xbe9, 0x8, 0x400, 0x1, 0x1, 0x8, 0x6c, 0x8, 0x967, 0x8d, 0x7e7a, 0x7, 0x4, 0x2, 0x1000000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x8, 0xd, {0x1, 0x0, 0x6, 0x52, 0x2, 0x7}, {0x0, 0x2, 0xa6af, 0x7, 0x7, 0x3ff}, 0x6, 0x7, 0x3}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7}, @TCA_POLICE_PEAKRATE64={0xc}]]}, {0xe, 0x6, "157373ba39f5ca8c43fa"}, {0xc}, {0xc, 0x8, {0x4, 0x1}}}}]}]}, 0x1348}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='generic_add_lease\x00', r4}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

5.226875504s ago: executing program 3 (id=1177):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xd4}}, 0x0)

5.104571947s ago: executing program 3 (id=1178):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
getsockopt$ax25_int(r0, 0x101, 0x2, &(0x7f0000000080), &(0x7f0000000000)=0x4)
r1 = syz_io_uring_setup(0x26fb, &(0x7f00000003c0)={0x0, 0x4418, 0xc85, 0x8000000, 0x126}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
getsockopt$bt_rfcomm_RFCOMM_LM(r4, 0x12, 0x3, &(0x7f0000000040), &(0x7f0000000280)=0x4)
clock_gettime(0x9, &(0x7f0000000280))
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x60)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r5, 0x40044103, &(0x7f00000002c0)=0x9)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, &(0x7f0000000500)=ANY=[@ANYBLOB="320600000a004e2400000004ff05000000000000000a000000000001052581e25dcd34990383000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f7e50ad7a74f6bb1add93dbf98f3c63a804983e5d34f71fe1e66590f582cbee47be89d3ce1dcbc179e8b84ebbb27f5680761e2d53d6908454f6b7f3fd269dac91fa97a20a5e960094b8c5dbafb532e74e14e18029766cbe01f8198c399ffa8fb2a7b9cca88cf61afc8671c0aea503404b11943998929280ccf5637680bdf18bb102df314a3cb854daa65f12c5f0636edb9e9299b673271"], 0x8c)
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x2185}, 0x1})
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r8, 0x40000000af01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_usbip_server_init(0x3)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/164, &(0x7f0000000100)=""/47, 0xf000})
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000340))
dup(r7)

3.713306777s ago: executing program 3 (id=1183):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pipe(&(0x7f00000000c0))
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
rt_sigaction(0x8, &(0x7f0000000080)={&(0x7f0000000200)="2437460f1c2bc4a2f99c9022000000c4a2f1002746c44179700d32233333a738e7c44240f29a3b470000a5c4c4a14d590c9736fe0d094e486ff5f5bb559a00000f75bed5370b1c2665d2950e000000db37", 0x88000007, 0x0}, 0x0, 0x8, &(0x7f0000000300))
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='stat\x00')
lseek(r2, 0x9, 0x0)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
write$6lowpan_control(0xffffffffffffffff, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000015c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x3c, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x0)
r6 = inotify_init1(0x0)
inotify_add_watch(r6, &(0x7f0000000180)='./control\x00', 0x64000ba6)
inotify_add_watch(r6, &(0x7f0000000180)='./control\x00', 0xa4000960)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000000)=0xffff0018)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNISCRNMAP(r7, 0x4b46, &(0x7f00000000c0))
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000100070000000900020073797a31000000000c00078008001240000000000c000300686173683a697000050005000a0000000500040001000000539a16cf3d7deeae58aac45f8a97fa8b2c43b9535cbc6ea887346a6b020d9c71ded2b903209bf323ce1ce7152c1c1445ec7be865ad7cdbba57c4a0635ffb332ed65dc61f5b8a829fa3d593782ddee3e32e9970fd3af331088a815f3d95deadf49eea66a2bfb170ff3e7cc1ccc096baff43319393a3ccddd5bf59366590c347f941a861b467cb65a5bf4024ff427db339465f4d32d37092159ab7055971bf98ba"], 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x40080)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c030000000601010000000000000000eeff00000500010607000000144ea899f74ed63ca8c057583b2d39b8248d56"], 0x1c}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
sched_setattr(r3, &(0x7f00000001c0)={0x38, 0x3, 0xc, 0x101, 0x6, 0x7, 0x6b4, 0x510000000, 0x6, 0x40}, 0x0)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0xffe, 0x0, 0x0)

2.5503147s ago: executing program 0 (id=1185):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010002000000102505a8a4032e8233cd7f00000000000000ff0207010100090501020000130000"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x60b, 0x0)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x1)
connect$llc(r2, &(0x7f0000000040)={0x1a, 0x4, 0x8, 0x5, 0x65, 0xff, @remote}, 0x10)
write$char_usb(r1, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

2.541395739s ago: executing program 2 (id=1186):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xd4}}, 0x0)

2.501423258s ago: executing program 2 (id=1187):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x5, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, 0x200}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f00000001c0))
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.463270665s ago: executing program 2 (id=1188):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r2 = socket$pppoe(0x18, 0x1, 0x0) (rerun: 32)
connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r3 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) (async)
connect$pptp(r3, &(0x7f00000001c0)={0x18, 0x2, {0x1, @multicast1}}, 0x1e) (async)
r4 = fsopen(&(0x7f0000002200)='ramfs\x00', 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='\x00', 0x0) (async)
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000001f00)) (async)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r6, 0x40047438, &(0x7f0000000040)=0x2) (async, rerun: 32)
ioctl$PPPIOCBRIDGECHAN(r6, 0x40047435, &(0x7f0000000200)=0x1) (rerun: 32)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x43, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2202e}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048050}, 0x40014)

2.317387894s ago: executing program 1 (id=1189):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
syz_emit_ethernet(0x46, &(0x7f0000000500)={@local, @random="18dacb862683", @val={@val={0x88a8, 0x7, 0x1, 0x3}, {0x8100, 0x1, 0x1, 0x3}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x24, 0x0, {0x5, 0x4, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @multicast2}}}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c0c8)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000003c0))
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r3, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
process_madvise(r0, &(0x7f00000001c0)=[{&(0x7f00000005c0)="3e33934c6e6ecc431a4c5e26e29ea492f4e3c77c1365d57f48c2e61e457944bd9a960d7b375563ed4ba1fe12977d74b44f84b5629070760c53042854b99dd1bddb61b60e0557d79da0d97225254e27380c1bcff18036e1abb0df8ec9747b4f1f2456f5dcfdbc13c154ad119d16cb022eb81e74812ae10117efc52db1a04b3210a412ff8ce20d5ddfe87840935382f82d061be5656d940187c0812893", 0x9c}, {&(0x7f0000000680)="1c8b9d4ab19e08b14aeb81ed700909cbda2c5285d1875660ab69834a21d8661b183b21781514c65dd5d152d268f89fd75763a77643312dd8f83f29391d5bc25463ab599673bbbd38162447880d7d927afcb7ab72946eaa3c8c245342032c5e78aa64132d9af85a7f5602a85925ccf04fdf8704131d90f9014727751c639a76551f2283ce046ebdee01f62ba00ceddef8d7d9f553befe09185f02b30bb19a36e1f2cfed19b956ce88013f1562f9b913f37c94c3615976858358a089dde37a16fc4fc4bc407987a233373f0336a62c353fca4ab80af2fd2eabd2771ae44565141365cf6180b9fa207081d9c0eb", 0xec}, {&(0x7f0000000040)="abae0b9f5867ce1837b0a166d2c11c5f65718f867a0a4add319dae61ace2c03eb3f805f64302ab9b2688ddaf55cdda6050c5a28ec65a43fa", 0x38}], 0x3, 0xd, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3f1f}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x7, 0x9, 0x0, 0x0, 0x5c}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x6, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, 0x0, 0x0}, 0x20)

2.239623382s ago: executing program 1 (id=1190):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=@newtaction={0x1348, 0x30, 0x1, 0x0, 0x0, {}, [{0x1334, 0x1, [@m_ct={0x34, 0x9, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_ACTION={0x6, 0x3, 0x3d}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xa0, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x5a, 0x6, "a5407e5b89d35c472a405e38f60ac2fa93bd56806d5d87a810509be33bed1d54a1f55473227bf62af95daa24e95714a8e74978dba2d6e7743eadb2577baef77daf4d72c19378c37364661861f36f8fb3b5f9578a2ca3"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_simple={0x14c, 0x11, 0x0, 0x0, {{0xb}, {0x4c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x3, 0x8, 0x4, 0xffff}}, @TCA_DEF_PARMS={0x18, 0x2, {0x1, 0xc61, 0x4, 0x2, 0x80}}, @TCA_DEF_PARMS={0x18, 0x2, {0x100, 0x1, 0xffffffffffffffff, 0x1, 0x8}}]}, {0xd6, 0x6, "4dd39bdf1a272e1db18e485e53dc8a0d6f98df972dcc9a8e7f323175abf12e67cda5ef488d4a11c66fdf20540569d97b54106ae028a31ccc71a876b6c17fa26057479c1d10c3a900d5f6554b158edbfb3234a71b9c99fcd94d615aa0c642e599ba9e182ff38b432dda4f094395b9c3a5f9c3888797201bcb33854b0cf2b99e6c4b9e651973116a568030b690d204bde338ebe0e00fc7b8b2377aac22a7d692f09f82bee84dbc1e6977a911f7c62d37148880c10158c6b848374a31bd0a519a9c088370ebf1b3bf57813635cab79338cba160"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_police={0x1110, 0x1b, 0x0, 0x0, {{0xb}, {0x10d8, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x6, 0x82de, 0xf7, 0x0, 0x7fffffff, 0x8001, 0xd6eb, 0x80, 0x4, 0x11, 0xfffffff7, 0x460, 0x0, 0x17200000, 0x7, 0x4, 0x1000, 0x9, 0xd3, 0x32, 0x800, 0x7f, 0x5000000, 0x5, 0xbd3, 0x7f, 0x1, 0x400, 0xfffffffe, 0x0, 0x2, 0x4, 0xc, 0x4, 0x0, 0x2, 0x8, 0xffffffc0, 0x9, 0x8, 0x9, 0x2, 0x1, 0x6, 0x5, 0x2, 0x6a52, 0x3ff, 0x1, 0x10, 0x9, 0x2, 0x3, 0xffff, 0x7, 0xffff19c8, 0x401, 0x1, 0x6, 0x22, 0x6, 0x5, 0x7, 0x7, 0x9, 0x8001, 0x9, 0x4, 0x1, 0x4, 0xa, 0x917, 0x6, 0x7, 0x400, 0x4, 0x80, 0x0, 0x7, 0x7dd, 0x8, 0x1, 0x101, 0x88b6, 0x5, 0x6, 0x0, 0x9, 0x7, 0x1, 0x2e9f, 0x7, 0x9, 0x4, 0x8000, 0x2, 0x2, 0xe0, 0x8, 0x4, 0x81, 0x9, 0x7fff, 0x8, 0xfffffffb, 0x5, 0x6, 0x1, 0x7, 0x1, 0x10, 0x2709, 0xb, 0x9, 0x6, 0x400, 0x6, 0x5, 0xff, 0x401, 0x81, 0xe8, 0x9, 0x4, 0x400, 0x3, 0x7, 0x6, 0x9, 0x6, 0xc07, 0xffffffff, 0x40, 0xffffffff, 0x6, 0x5, 0x2400, 0xd8f, 0x4, 0x100, 0x1, 0xde2, 0x2, 0x8001, 0x0, 0x0, 0x6, 0x7ff, 0x621d, 0x10000, 0x80000001, 0xffff9915, 0x6, 0x9, 0xd, 0x0, 0x8, 0x70, 0x4, 0xf8, 0x3, 0x3, 0x9, 0x956, 0x80000000, 0x4, 0x3, 0x100, 0x6, 0x10000, 0xcd, 0x4, 0x6, 0x7e6, 0xab4, 0xe, 0x8, 0x80000000, 0x2, 0x80, 0x4, 0xffffff81, 0x4, 0xe, 0x5, 0x39e27082, 0x10001, 0x6, 0x951, 0x7c, 0xfffffffd, 0x9, 0x7, 0xffff2b3a, 0x5565, 0x3, 0x5, 0x9, 0x3, 0x1, 0xa1, 0x6, 0xfffeffff, 0x5, 0x6, 0x5, 0xd70, 0xe, 0x1, 0x6, 0x6, 0xfffffffd, 0x80000000, 0x2, 0x1, 0x55, 0xfff, 0x0, 0x8, 0x2, 0x3, 0x6, 0x40, 0x7, 0x8, 0x1000, 0x6, 0x290, 0x65ef, 0xdac, 0x3e, 0x9, 0x3, 0x0, 0x6, 0x2, 0x2000000, 0x4, 0x0, 0x9, 0xfff, 0x7, 0x0, 0x8b4, 0x39ed, 0x4, 0x7, 0x5, 0x3, 0x0, 0x8, 0x9, 0x1, 0x80000000, 0x9]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8001}, @TCA_POLICE_RESULT={0x8, 0x5, 0xb}, @TCA_POLICE_RATE={0x404, 0x2, [0x13f, 0x0, 0x0, 0xffff, 0x9, 0x6, 0x2, 0x5, 0xff, 0x2, 0x6, 0x4, 0xfd, 0x7, 0x800, 0x9, 0x9, 0x3, 0xfffffffb, 0x6, 0x7, 0x271, 0x8, 0x2, 0x8, 0xa, 0x1, 0x6, 0x6, 0x2, 0xf, 0x0, 0x7, 0xb, 0x4, 0x3ff, 0xe, 0x1, 0x7, 0x0, 0x9, 0x9, 0x8, 0x6, 0x5, 0x4, 0x0, 0xb, 0x80000001, 0xdbd7, 0x14d, 0xffffff59, 0x8c, 0x4, 0x4, 0x7ff, 0x7, 0x4, 0xd, 0x10000, 0x80, 0x4, 0x7ff, 0x8, 0x0, 0xff, 0x5, 0x1, 0x81, 0x1, 0x0, 0x7fff, 0x9, 0x5, 0x9, 0x6, 0x1, 0xffffffff, 0xfffff98d, 0x9, 0xa, 0x6, 0xd, 0x101, 0x3ff, 0x72c781ec, 0x8001, 0x4, 0x0, 0x8000, 0x7ff, 0x81, 0x3, 0x2, 0x4, 0x0, 0x6, 0x401, 0x2, 0x6d3f, 0x5, 0x3, 0x3, 0x8, 0x6, 0x1a8, 0x9, 0xfff, 0xfffffffe, 0x3ee4d4aa, 0x7ff, 0x9, 0x3, 0x9, 0x7, 0x7fffffff, 0xb2, 0x8, 0xc4, 0x7, 0x3, 0x73c, 0x3c6, 0x4, 0x5, 0xe0, 0x6, 0x8, 0x0, 0x3, 0xc387, 0x0, 0x8, 0x4, 0x7, 0x5, 0x634, 0x6, 0xfff, 0xfc8, 0x904e, 0xff, 0x1ff, 0x6, 0x400000, 0x1, 0xec, 0x3, 0x663, 0x2, 0x5, 0xe, 0x9, 0x0, 0x8, 0x698, 0x7, 0x174, 0xc57, 0x0, 0x0, 0x1e, 0x3, 0x40, 0xac, 0x2, 0x3, 0x8, 0x7, 0x5, 0xffffffff, 0xfffffff4, 0xffffffff, 0xf, 0x1, 0x8615, 0xc, 0x7, 0x30d, 0x3, 0x5, 0x10, 0x8, 0x4, 0x2ae, 0x3, 0x3000, 0x6, 0x4, 0xfff, 0x8, 0x2, 0x2, 0x8, 0x200, 0x0, 0xc7, 0xfffffff8, 0x6b, 0x1ff, 0x0, 0xfffffbff, 0x8, 0x48d, 0x4, 0x8, 0x9, 0x6, 0x6, 0x200, 0x1ff, 0x10001, 0x80000001, 0x7, 0x0, 0x3, 0x7f, 0x9, 0x6, 0xfffffff3, 0x3, 0x9, 0x0, 0x7, 0x10001, 0x0, 0x0, 0x35d6, 0x9, 0x9, 0x9, 0x6, 0x3, 0x4, 0x0, 0x4, 0x5, 0x98ab, 0x4, 0x3, 0x8fc7, 0x9, 0x1000, 0xff000000, 0x0, 0x0, 0x88, 0x2, 0x5, 0x874, 0x800, 0x6, 0xfffffffd, 0x0, 0x7, 0x8c9e]}, @TCA_POLICE_PEAKRATE64={0xc}], [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0xffffffff, 0x4, 0x5, 0x4, 0x0, 0x1, 0x9, 0x2e, 0xffffffff, 0x5, 0x1, 0x0, 0x7fff, 0xdde8, 0xc59e, 0x7, 0x6, 0x94, 0x6, 0x5, 0xab01, 0x0, 0x0, 0x3, 0x0, 0x55, 0x29, 0x5, 0x7fff, 0x5, 0xa, 0x3, 0x1ff, 0x55a6, 0x7, 0x1, 0x8, 0x6, 0x3, 0x7ff, 0x9, 0xfffffc00, 0xc187, 0x51d, 0x3dfc, 0x0, 0x7, 0xfffffff7, 0x5f, 0x1, 0x1, 0x1, 0x6, 0x8, 0x7ff, 0x6c6, 0x9, 0x10, 0x1, 0x3a8f, 0x7, 0x10001, 0x4, 0x5, 0x7, 0x8, 0x5, 0xed, 0x206, 0x8, 0xe2, 0x3ff, 0xb, 0x80000001, 0x3, 0x10001, 0x7, 0x7fffffff, 0x0, 0x2c, 0x2, 0x9, 0x5800, 0x9, 0xaa, 0x0, 0x1, 0x3, 0x8000, 0x4, 0x8, 0x3, 0x5, 0xffff, 0x7, 0x4, 0xfffffff8, 0x1ff, 0xfffffffd, 0x10, 0x3, 0x1, 0xef, 0xb, 0x6, 0x400, 0xb, 0x2620ff4a, 0x5, 0x6, 0x0, 0x6, 0xa, 0x0, 0x8, 0x5, 0x0, 0xa9fd, 0x1, 0x5, 0x2, 0x0, 0x9, 0xc1, 0x38, 0x4, 0x3, 0xd79, 0xfe, 0xc9, 0x6, 0x4acf72d3, 0x4, 0x2, 0x4dcd, 0x1, 0x6, 0x5, 0x8001, 0x1, 0x5, 0x9, 0x0, 0x0, 0x3ff, 0xffffffff, 0x2, 0x0, 0x9, 0x100, 0x0, 0x8, 0x6, 0x4, 0x4, 0x3, 0x208, 0x6, 0x101, 0xf, 0x2, 0x1, 0xffff, 0x200, 0x205, 0x4, 0x3, 0xfffffffe, 0x9, 0xfffffffd, 0x1ff, 0xfffffff8, 0x59, 0xfffffc01, 0x50a, 0xfffffff7, 0xa, 0xfffffffd, 0x1, 0x6509, 0x5, 0x1000, 0x5, 0x10000, 0x400, 0x0, 0x5, 0x5, 0xfffffff8, 0x10000, 0x8001, 0xffff56bc, 0x9, 0x6, 0x8, 0x400, 0xffffffff, 0x1000, 0x6, 0xa54, 0x3, 0xd, 0x1, 0x1, 0x401, 0x30, 0x9, 0x2, 0xffffffff, 0x0, 0x7, 0xfffffffe, 0x2, 0x7f, 0x2, 0x5, 0x5, 0x10001, 0xa59, 0x7, 0x9, 0x6, 0x6, 0x2, 0x42, 0xffff, 0x35, 0x2, 0x9, 0x9, 0xf1d, 0x7, 0x7, 0x1, 0x9, 0x2, 0x2, 0x4, 0xffff0001, 0x4, 0x80, 0x0, 0x1, 0x70ff, 0x6, 0x10001, 0x9, 0x5, 0xffffff73, 0x401, 0xff, 0xfffffffa, 0x4, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x800}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x1, 0xfffffffc, 0x0, 0x80000001, {0x52, 0x1, 0xfff, 0x9, 0x4, 0x1}, {0x8, 0x2, 0x8, 0xd53, 0x0, 0x5}, 0x6, 0xa, 0xfffff001}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x3, 0x5, 0xfffffff9, 0x1ff, 0x9c3, 0x689c0747, 0xb43, 0x8, 0x4, 0x9, 0x1, 0xffff, 0x8000, 0x8, 0x8, 0xf569, 0x7, 0xf, 0x9, 0x4, 0x0, 0x4, 0x10000, 0x27, 0x9c9, 0xf, 0x9, 0x5b400, 0x6, 0x1ff, 0xae2e, 0xffffffff, 0x2, 0x976, 0x7, 0xfffffffe, 0x5, 0x4161, 0x7, 0x7, 0xffffff21, 0xc, 0x8, 0xb73f, 0x309b299a, 0x6, 0x1, 0x3, 0x9, 0x4, 0x80000000, 0x1000, 0x7, 0xffffffff, 0x2, 0x84e6, 0x6bcc792f, 0x400, 0x8, 0x7, 0x5, 0x0, 0x10001, 0x7fff, 0x6, 0x2, 0x9, 0x4, 0xffffffff, 0x5908, 0x6, 0x4, 0x9, 0xffffffff, 0x7, 0x3, 0xff, 0xfffffffd, 0x9, 0x8000, 0xff, 0x80000000, 0x6, 0x3, 0x4, 0x1, 0x80000001, 0xfffff9ac, 0x8, 0x5, 0x8001, 0x101, 0xffff0000, 0x8b6c, 0xe, 0x4, 0x0, 0x4, 0x80000000, 0x6, 0x2, 0x941, 0x7, 0x1c, 0x6, 0x7, 0x80000000, 0xa481, 0x10, 0x8, 0xfc98, 0x8, 0x0, 0x9, 0x3, 0x40, 0x2, 0x3bfa, 0x5, 0xa, 0x12800000, 0x1, 0x9, 0x2, 0x8, 0x389e, 0x1, 0x4, 0x4, 0x8, 0x7, 0x4, 0xfffffff9, 0x91, 0x4, 0x5, 0xfffffffe, 0x1f7, 0x1, 0x3e2c38ca, 0x4, 0xffffff5a, 0x0, 0x8, 0x3ff, 0x8, 0x99a, 0x4, 0x2, 0x8, 0x3, 0x3, 0x1, 0x40, 0x10, 0x4, 0x6, 0x1, 0x7bb9f59f, 0xe, 0x7fff, 0x4, 0x6, 0xffff, 0x8001, 0xffff, 0x7, 0x10000, 0x800000, 0x43fc, 0x0, 0x0, 0x9, 0x4d, 0x4, 0x4, 0x5, 0x8, 0x7167, 0x1, 0x5, 0x3, 0xb6, 0x8, 0x8, 0x8, 0x9, 0x9, 0xd4, 0x9, 0x8, 0x80000000, 0xfffffffb, 0x4, 0x2, 0x19, 0x9, 0x8, 0xc, 0x5053, 0x7ff, 0x9, 0x0, 0x1, 0x7, 0x7fff, 0x9, 0x61db, 0xc, 0xfffffff9, 0x1000, 0x0, 0x8001, 0x0, 0x5297, 0xee, 0x2, 0x80000000, 0xfffffffc, 0x4, 0x3, 0x0, 0x7, 0x5, 0x7, 0x4, 0x2, 0xffff, 0xfffffff9, 0x1, 0x3, 0x1, 0x200, 0x90, 0x6, 0xeb4c, 0x6, 0xddd, 0x9f6, 0x68f5, 0xbe9, 0x8, 0x400, 0x1, 0x1, 0x8, 0x6c, 0x8, 0x967, 0x8d, 0x7e7a, 0x7, 0x4, 0x2, 0x1000000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x8, 0xd, {0x1, 0x0, 0x6, 0x52, 0x2, 0x7}, {0x0, 0x2, 0xa6af, 0x7, 0x7, 0x3ff}, 0x6, 0x7, 0x3}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7}, @TCA_POLICE_PEAKRATE64={0xc}]]}, {0xe, 0x6, "157373ba39f5ca8c43fa"}, {0xc}, {0xc, 0x8, {0x4, 0x1}}}}]}]}, 0x1348}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
write$6lowpan_enable(r0, &(0x7f00000003c0)='0', 0x1)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

2.058234736s ago: executing program 2 (id=1191):
prctl$PR_GET_SPECULATION_CTRL(0x23, 0x4, 0x7fffffffefff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB="feffffff00"/19, @ANYRES32=0x0, @ANYRES32, @ANYRES8=r0, @ANYRES32, @ANYRESHEX=r0], 0x50)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x8aa56c3d7ee4c6e5, 0x84)
shutdown(r1, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180), 0x12)
syz_usb_connect(0x3, 0x3f, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000ffed000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2(&(0x7f00000004c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(0xffffffffffffffff, 0x40046103, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
capset(0x0, 0x0)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x20000881}, 0x0)
sendmmsg$inet6(r7, 0x0, 0x0, 0x240008c8)
getsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000000)={@remote, @multicast1}, &(0x7f00000003c0)=0xc)
write$6lowpan_enable(r7, &(0x7f0000000200)='1', 0x1)
syz_io_uring_setup(0x4e1, &(0x7f0000000100)={0x0, 0x1ffffd, 0x10100, 0xfffffffe, 0x9}, &(0x7f0000000300), &(0x7f00000001c0))

1.343485857s ago: executing program 1 (id=1192):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x5, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, 0x200}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f00000001c0))
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.282570448s ago: executing program 1 (id=1193):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TCSETS(r1, 0x8925, &(0x7f00000001c0)={0xd729, 0x2, 0x8, 0x7, 0x5, "f5103746453df8814a84c60a2e83314ef0bfb6"})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f00000003c0)=@buf)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvtap0\x00'})
socket$netlink(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000180)=""/9, 0x9}], 0x1, 0x2f, 0x0)

1.227214351s ago: executing program 1 (id=1194):
io_setup(0x23, &(0x7f0000000280))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
getgid()
openat$sndseq(0xffffff9c, &(0x7f00000000c0), 0x400)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x80)
sendto$packet(r2, &(0x7f00000002c0)="44c33b69ebc9e05e9bdec0c286dd", 0xe, 0x830, &(0x7f0000000440)={0x11, 0x0, r5, 0x1, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x14)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
eventfd2(0x4, 0x80000)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)={0x6})
eventfd2(0xfffffffb, 0x80000)
syz_open_dev$sg(&(0x7f0000000180), 0x5, 0x121600)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)

618.57207ms ago: executing program 3 (id=1195):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0xd4}}, 0x0)

538.119354ms ago: executing program 3 (id=1196):
mknod$loop(0x0, 0x10, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000180)=0x2000000)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup/syz0\x00', 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000001c0), 0x12)
sync()
r5 = socket$inet6(0xa, 0x80002, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80882, 0x0)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (fail_nth: 1)

200.656621ms ago: executing program 1 (id=1197):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x2, 0xa}, {0x1, 0xfff1}, {0x7, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
recvmmsg(r9, &(0x7f00000002c0), 0x220, 0x100, 0x0)
r10 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r11 = fcntl$dupfd(r10, 0x406, r10)
write$sndseq(r11, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r11, 0x2286, &(0x7f00000018c0))
syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x22000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 3 (id=1198):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
read$FUSE(r0, &(0x7f00000092c0)={0x2020}, 0x2020)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000080)=0x13)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000640)=0x11)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

kernel console output (not intermixed with test programs):

bian-1.16.3-2~bpo12+1 04/01/2014
[  191.243022][ T8695] Call Trace:
[  191.243026][ T8695]  <TASK>
[  191.243030][ T8695]  dump_stack_lvl+0x16c/0x1f0
[  191.243048][ T8695]  should_fail_ex+0x512/0x640
[  191.243069][ T8695]  _copy_from_iter+0x29f/0x1720
[  191.243087][ T8695]  ? __alloc_skb+0x200/0x380
[  191.243100][ T8695]  ? __pfx__copy_from_iter+0x10/0x10
[  191.243117][ T8695]  ? __pfx___might_resched+0x10/0x10
[  191.243132][ T8695]  netlink_sendmsg+0x829/0xdd0
[  191.243149][ T8695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.243164][ T8695]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  191.243179][ T8695]  ____sys_sendmsg+0xa98/0xc70
[  191.243190][ T8695]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.243199][ T8695]  ? get_compat_msghdr+0x11a/0x170
[  191.243233][ T8695]  ___sys_sendmsg+0x134/0x1d0
[  191.243248][ T8695]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.243267][ T8695]  ? find_held_lock+0x2b/0x80
[  191.243287][ T8695]  __sys_sendmsg+0x16d/0x220
[  191.243300][ T8695]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.243320][ T8695]  ? rcu_is_watching+0x12/0xc0
[  191.243333][ T8695]  __do_fast_syscall_32+0x7c/0x3a0
[  191.243348][ T8695]  do_fast_syscall_32+0x32/0x80
[  191.243361][ T8695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.243374][ T8695] RIP: 0023:0xf70fe579
[  191.243383][ T8695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.243393][ T8695] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  191.243404][ T8695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  191.243411][ T8695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  191.243416][ T8695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.243422][ T8695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.243430][ T8695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.243443][ T8695]  </TASK>
[  191.745764][ T8707] netlink: 51 bytes leftover after parsing attributes in process `syz.2.781'.
[  193.236193][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  193.236205][   T40] audit: type=1326 audit(1755902578.706:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8731 comm="syz.0.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7fc00000
[  193.363164][ T8743] FAULT_INJECTION: forcing a failure.
[  193.363164][ T8743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.368052][ T8743] CPU: 0 UID: 0 PID: 8743 Comm: syz.3.794 Not tainted syzkaller #0 PREEMPT(full) 
[  193.368067][ T8743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.368074][ T8743] Call Trace:
[  193.368077][ T8743]  <TASK>
[  193.368082][ T8743]  dump_stack_lvl+0x16c/0x1f0
[  193.368100][ T8743]  should_fail_ex+0x512/0x640
[  193.368117][ T8743]  _copy_from_user+0x2e/0xd0
[  193.368134][ T8743]  kstrtouint_from_user+0xd6/0x1d0
[  193.368147][ T8743]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  193.368159][ T8743]  ? __lock_acquire+0xb97/0x1ce0
[  193.368174][ T8743]  ? __bpf_trace_contention_end+0xc9/0x110
[  193.368193][ T8743]  proc_fail_nth_write+0x83/0x220
[  193.368205][ T8743]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  193.368219][ T8743]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  193.368230][ T8743]  vfs_write+0x29d/0x11d0
[  193.368245][ T8743]  ? __pfx_vfs_write+0x10/0x10
[  193.368256][ T8743]  ? find_held_lock+0x2b/0x80
[  193.368270][ T8743]  ? __fget_files+0x20e/0x3c0
[  193.368281][ T8743]  ? handle_mm_fault+0x290/0xd10
[  193.368295][ T8743]  ksys_write+0x12a/0x250
[  193.368307][ T8743]  ? __pfx_ksys_write+0x10/0x10
[  193.368320][ T8743]  ? rcu_is_watching+0x12/0xc0
[  193.368332][ T8743]  __do_fast_syscall_32+0x7c/0x3a0
[  193.368348][ T8743]  do_fast_syscall_32+0x32/0x80
[  193.368361][ T8743]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.368381][ T8743] RIP: 0023:0xf7f32579
[  193.368390][ T8743] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.368400][ T8743] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  193.368410][ T8743] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[  193.368416][ T8743] RDX: 0000000000000001 RSI: 00000000f73c4ff4 RDI: 0000000000000000
[  193.368422][ T8743] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  193.368428][ T8743] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.368434][ T8743] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.368447][ T8743]  </TASK>
[  193.590559][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.593562][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.781815][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  196.448039][   T34] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  196.600173][   T34] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  196.603720][   T34] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  196.608102][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  196.613613][   T34] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  196.616918][   T34] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  196.620490][   T34] usb 8-1: Product: syz
[  196.621997][   T34] usb 8-1: Manufacturer: syz
[  196.623597][   T34] usb 8-1: SerialNumber: syz
[  196.633985][   T34] usb 8-1: config 0 descriptor??
[  196.641083][   T34] hub 8-1:0.0: bad descriptor, ignoring hub
[  196.643026][   T34] hub 8-1:0.0: probe with driver hub failed with error -5
[  196.646566][   T34] usb 8-1: selecting invalid altsetting 0
[  196.661949][ T8787] 9pnet: p9_errstr2errno: server reported unknown error �@íÎ0x0000000000000008
[  196.925050][ T8789] __nla_validate_parse: 1 callbacks suppressed
[  196.925062][ T8789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  196.933841][ T8789] bridge_slave_1: left allmulticast mode
[  196.935792][ T8789] bridge_slave_1: left promiscuous mode
[  196.938082][ T8789] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.944408][ T8789] bridge_slave_0: left allmulticast mode
[  196.946206][ T8789] bridge_slave_0: left promiscuous mode
[  196.948322][ T8789] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.054484][ T8786] netlink: 'syz.0.808': attribute type 1 has an invalid length.
[  197.058130][ T8786] netlink: 224 bytes leftover after parsing attributes in process `syz.0.808'.
[  197.066556][ T8805] netlink: 4 bytes leftover after parsing attributes in process `syz.2.811'.
[  197.263434][ T8806] netlink: 48 bytes leftover after parsing attributes in process `syz.1.813'.
[  197.527832][ T8776] usb 8-1: reset high-speed USB device number 36 using dummy_hcd
[  197.679957][ T8776] usb 8-1: device firmware changed
[  197.682472][   T34] usb 8-1: USB disconnect, device number 36
[  197.867747][   T34] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  197.937550][ T8821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.818'.
[  197.947468][ T8824] netlink: 24 bytes leftover after parsing attributes in process `syz.1.819'.
[  198.041707][   T34] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  198.045108][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.047563][   T34] usb 8-1: Product: syz
[  198.064523][   T34] usb 8-1: Manufacturer: syz
[  198.069258][   T34] usb 8-1: SerialNumber: syz
[  198.082983][ T8827] netlink: 72 bytes leftover after parsing attributes in process `syz.1.820'.
[  198.111441][   T34] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  198.150480][ T5982] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[  198.243285][   T61] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  198.506103][ T8776] siw: device registration error -23
[  198.522602][   T10] usb 8-1: USB disconnect, device number 37
[  199.447695][   T61] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  199.449986][   T61] ath9k_htc: Failed to initialize the device
[  199.456207][   T10] usb 8-1: ath9k_htc: USB layer deinitialized
[  200.308160][ T8861] netlink: 'syz.0.829': attribute type 3 has an invalid length.
[  200.310640][ T8861] netlink: 'syz.0.829': attribute type 1 has an invalid length.
[  200.313111][ T8861] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.829'.
[  200.637746][   T61] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  200.790267][   T61] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  200.793006][   T61] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  200.795951][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.802573][   T61] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  200.805422][   T61] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  200.808293][   T61] usb 7-1: Product: syz
[  200.809713][   T61] usb 7-1: Manufacturer: syz
[  200.811320][   T61] usb 7-1: SerialNumber: syz
[  200.814226][   T61] usb 7-1: config 0 descriptor??
[  200.821647][   T61] hub 7-1:0.0: bad descriptor, ignoring hub
[  200.823951][   T61] hub 7-1:0.0: probe with driver hub failed with error -5
[  200.830601][   T61] usb 7-1: selecting invalid altsetting 0
[  201.017810][ T1022] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  201.169112][ T1022] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.172917][ T1022] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.175896][ T1022] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  201.178798][ T1022] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.182532][ T1022] usb 8-1: config 0 descriptor??
[  201.255446][ T8882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.835'.
[  201.391137][ T1022] usbhid 8-1:0.0: can't add hid device: -71
[  201.393663][ T1022] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  201.400704][ T1022] usb 8-1: USB disconnect, device number 38
[  201.617771][   T34] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  201.717852][ T8869] usb 7-1: reset high-speed USB device number 49 using dummy_hcd
[  201.769131][   T34] usb 5-1: Using ep0 maxpacket: 8
[  201.772577][   T34] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  201.775900][   T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  201.780061][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  201.783901][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  201.787863][   T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  201.793096][   T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  201.796400][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.827701][ T6612] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  201.868266][ T8869] usb 7-1: device firmware changed
[  201.870515][   T61] usb 7-1: USB disconnect, device number 49
[  201.979459][ T6612] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.984222][ T6612] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.988592][ T6612] usb 8-1: New USB device found, idVendor=047f, idProduct=3333, bcdDevice= 0.40
[  201.992418][ T6612] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.996585][ T6612] usb 8-1: config 0 descriptor??
[  202.004451][   T34] usb 5-1: GET_CAPABILITIES returned 0
[  202.006430][   T34] usbtmc 5-1:16.0: can't read capabilities
[  202.017735][   T61] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  202.171259][   T61] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  202.174323][   T61] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.176803][   T61] usb 7-1: Product: syz
[  202.178254][   T61] usb 7-1: Manufacturer: syz
[  202.179715][   T61] usb 7-1: SerialNumber: syz
[  202.186060][   T61] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  202.204290][   T61] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  202.403024][ T6612] plantronics 0003:047F:3333.0014: unknown main item tag 0x0
[  202.416415][ T6612] plantronics 0003:047F:3333.0014: hiddev1,hidraw1: USB HID v0.00 Device [HID 047f:3333] on usb-dummy_hcd.3-1/input0
[  202.418751][ T8869] siw: device registration error -23
[  202.429349][ T6069] usb 7-1: USB disconnect, device number 50
[  202.822143][    T9] usb 8-1: USB disconnect, device number 39
[  203.197092][ T8906] lo speed is unknown, defaulting to 1000
[  203.249353][ T8907] lo speed is unknown, defaulting to 1000
[  203.287870][   T61] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  203.290654][   T61] ath9k_htc: Failed to initialize the device
[  203.293004][ T6069] usb 7-1: ath9k_htc: USB layer deinitialized
[  203.637703][ T1336] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[  203.799322][ T1336] usb 8-1: config 0 has no interfaces?
[  203.801700][ T1336] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  203.805676][ T1336] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.813220][ T1336] usb 8-1: config 0 descriptor??
[  203.992128][ T8919] netlink: 24 bytes leftover after parsing attributes in process `syz.1.844'.
[  204.036710][ T1336] usb 8-1: USB disconnect, device number 40
[  204.151710][ T8921] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  204.189401][ T8925] FAULT_INJECTION: forcing a failure.
[  204.189401][ T8925] name failslab, interval 1, probability 0, space 0, times 0
[  204.193677][ T8925] CPU: 0 UID: 0 PID: 8925 Comm: syz.2.846 Not tainted syzkaller #0 PREEMPT(full) 
[  204.193702][ T8925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.193708][ T8925] Call Trace:
[  204.193713][ T8925]  <TASK>
[  204.193717][ T8925]  dump_stack_lvl+0x16c/0x1f0
[  204.193735][ T8925]  should_fail_ex+0x512/0x640
[  204.193750][ T8925]  ? fs_reclaim_acquire+0xae/0x150
[  204.193767][ T8925]  ? tomoyo_encode2+0x100/0x3e0
[  204.193781][ T8925]  should_failslab+0xc2/0x120
[  204.193796][ T8925]  __kmalloc_noprof+0xd2/0x510
[  204.193808][ T8925]  ? d_absolute_path+0x136/0x1a0
[  204.193825][ T8925]  tomoyo_encode2+0x100/0x3e0
[  204.193841][ T8925]  tomoyo_encode+0x29/0x50
[  204.193858][ T8925]  tomoyo_realpath_from_path+0x18f/0x6e0
[  204.193876][ T8925]  tomoyo_path_number_perm+0x245/0x580
[  204.193888][ T8925]  ? tomoyo_path_number_perm+0x237/0x580
[  204.193902][ T8925]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  204.193928][ T8925]  ? find_held_lock+0x2b/0x80
[  204.193939][ T8925]  ? hook_file_ioctl_common+0x145/0x410
[  204.193956][ T8925]  ? __fget_files+0x20e/0x3c0
[  204.193970][ T8925]  security_file_ioctl_compat+0x9b/0x240
[  204.193985][ T8925]  __ia32_compat_sys_ioctl+0xc3/0x370
[  204.194003][ T8925]  __do_fast_syscall_32+0x7c/0x3a0
[  204.194018][ T8925]  do_fast_syscall_32+0x32/0x80
[  204.194032][ T8925]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.194045][ T8925] RIP: 0023:0xf70fe579
[  204.194054][ T8925] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.194064][ T8925] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  204.194074][ T8925] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000009201
[  204.194080][ T8925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  204.194086][ T8925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.194092][ T8925] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.194097][ T8925] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.194111][ T8925]  </TASK>
[  204.194155][ T8925] ERROR: Out of memory at tomoyo_realpath_from_path.
[  204.328836][ T8925] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  204.517706][ T1336] usb 8-1: new high-speed USB device number 41 using dummy_hcd
[  204.570753][ T8939] netlink: 216 bytes leftover after parsing attributes in process `syz.1.850'.
[  204.575798][ T8939] netlink: 216 bytes leftover after parsing attributes in process `syz.1.850'.
[  204.590644][ T8941] FAULT_INJECTION: forcing a failure.
[  204.590644][ T8941] name failslab, interval 1, probability 0, space 0, times 0
[  204.595506][ T8941] CPU: 0 UID: 0 PID: 8941 Comm: syz.2.851 Not tainted syzkaller #0 PREEMPT(full) 
[  204.595521][ T8941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.595527][ T8941] Call Trace:
[  204.595531][ T8941]  <TASK>
[  204.595536][ T8941]  dump_stack_lvl+0x16c/0x1f0
[  204.595553][ T8941]  should_fail_ex+0x512/0x640
[  204.595570][ T8941]  should_failslab+0xc2/0x120
[  204.595584][ T8941]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  204.595596][ T8941]  ? skb_clone+0x190/0x3f0
[  204.595612][ T8941]  skb_clone+0x190/0x3f0
[  204.595625][ T8941]  packet_rcv+0x610/0x15a0
[  204.595639][ T8941]  ? __pfx_packet_rcv+0x10/0x10
[  204.595651][ T8941]  __netif_receive_skb_core.constprop.0+0xe29/0x48c0
[  204.595671][ T8941]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  204.595687][ T8941]  ? __skb_flow_dissect+0x11b2/0x7d90
[  204.595699][ T8941]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  204.595715][ T8941]  ? __pfx___skb_flow_dissect+0x10/0x10
[  204.595731][ T8941]  ? __lock_acquire+0x62e/0x1ce0
[  204.595747][ T8941]  __netif_receive_skb_one_core+0xb0/0x1e0
[  204.595759][ T8941]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  204.595772][ T8941]  ? lock_acquire+0x179/0x350
[  204.595786][ T8941]  ? __phys_addr+0xe8/0x180
[  204.595800][ T8941]  __netif_receive_skb+0x1d/0x160
[  204.595812][ T8941]  netif_receive_skb+0x137/0x7b0
[  204.595823][ T8941]  ? __pfx_netif_receive_skb+0x10/0x10
[  204.595839][ T8941]  tun_rx_batched.isra.0+0x3ee/0x740
[  204.595858][ T8941]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  204.595877][ T8941]  ? tun_get_user+0x1d8a/0x3ce0
[  204.595886][ T8941]  ? rcu_is_watching+0x12/0xc0
[  204.595899][ T8941]  tun_get_user+0x28e4/0x3ce0
[  204.595917][ T8941]  ? __pfx_tun_get_user+0x10/0x10
[  204.595928][ T8941]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  204.595947][ T8941]  ? find_held_lock+0x2b/0x80
[  204.595957][ T8941]  ? tun_get+0x191/0x370
[  204.595975][ T8941]  tun_chr_write_iter+0xdc/0x210
[  204.595987][ T8941]  vfs_write+0x7d0/0x11d0
[  204.596000][ T8941]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  204.596012][ T8941]  ? __pfx_vfs_write+0x10/0x10
[  204.596022][ T8941]  ? find_held_lock+0x2b/0x80
[  204.596040][ T8941]  ksys_write+0x12a/0x250
[  204.596052][ T8941]  ? __pfx_ksys_write+0x10/0x10
[  204.596064][ T8941]  ? rcu_is_watching+0x12/0xc0
[  204.596076][ T8941]  __do_fast_syscall_32+0x7c/0x3a0
[  204.596091][ T8941]  do_fast_syscall_32+0x32/0x80
[  204.596104][ T8941]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.596117][ T8941] RIP: 0023:0xf70fe579
[  204.596126][ T8941] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.596136][ T8941] RSP: 002b:00000000f54ee520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  204.596146][ T8941] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000280
[  204.596153][ T8941] RDX: 0000000000000036 RSI: 00000000f7464ff4 RDI: 0000000000000000
[  204.596158][ T8941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.596164][ T8941] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.596170][ T8941] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.596183][ T8941]  </TASK>
[  204.733238][ T1336] usb 8-1: config 0 has no interfaces?
[  204.735366][ T1336] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  204.738354][ T1336] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.742495][ T1336] usb 8-1: config 0 descriptor??
[  204.948750][ T1336] usb 8-1: USB disconnect, device number 41
[  204.997808][ T6069] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[  205.147723][ T6069] usb 7-1: device descriptor read/64, error -71
[  205.387984][ T6069] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[  205.433917][ T8945] netlink: 24 bytes leftover after parsing attributes in process `syz.1.853'.
[  205.510001][   T40] audit: type=1326 audit(1755902590.986:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8946 comm="syz.1.854" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x0
[  205.517733][ T6069] usb 7-1: device descriptor read/64, error -71
[  205.597835][   T61] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[  205.627999][ T6069] usb usb7-port1: attempt power cycle
[  205.749780][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  205.753699][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  205.756802][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  205.760346][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  205.765692][   T61] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  205.769274][   T61] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.772459][   T61] usb 8-1: Product: syz
[  205.774188][   T61] usb 8-1: Manufacturer: syz
[  205.775917][   T61] usb 8-1: SerialNumber: syz
[  205.779529][   T61] usb 8-1: config 0 descriptor??
[  205.967812][ T6069] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[  205.988584][ T6069] usb 7-1: device descriptor read/8, error -71
[  206.227725][ T6069] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[  206.248593][ T6069] usb 7-1: device descriptor read/8, error -71
[  206.359239][ T6069] usb usb7-port1: unable to enumerate USB device
[  206.541206][ T8955] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  206.556507][ T8955] bond3: entered allmulticast mode
[  206.558633][ T8955] 8021q: adding VLAN 0 to HW filter on device bond3
[  207.289270][ T8889] usbtmc 5-1:16.0: usb_control_msg returned -110
[  207.316391][   T61] adutux 8-1:0.0: ADU208  now attached to /dev/usb/adutux1
[  207.322372][   T61] usb 8-1: USB disconnect, device number 42
[  207.349054][   T34] usb 5-1: USB disconnect, device number 42
[  207.566318][ T8971] netlink: 24 bytes leftover after parsing attributes in process `syz.0.862'.
[  207.986542][ T8977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.864'.
[  209.048154][    T9] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[  209.209054][    T9] usb 8-1: config 0 has no interfaces?
[  209.211279][    T9] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  209.214865][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.220375][    T9] usb 8-1: config 0 descriptor??
[  209.570939][ T1336] usb 8-1: USB disconnect, device number 43
[  209.887910][   T34] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[  210.027817][ T1336] usb 8-1: new high-speed USB device number 44 using dummy_hcd
[  210.027846][   T34] usb 7-1: device descriptor read/64, error -71
[  210.179436][ T1336] usb 8-1: config 0 has no interfaces?
[  210.181800][ T1336] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  210.185680][ T1336] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.192060][ T1336] usb 8-1: config 0 descriptor??
[  210.278065][   T34] usb 7-1: new high-speed USB device number 56 using dummy_hcd
[  210.396869][ T1336] usb 8-1: USB disconnect, device number 44
[  210.427953][   T34] usb 7-1: device descriptor read/64, error -71
[  210.540190][   T34] usb usb7-port1: attempt power cycle
[  210.897948][   T34] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[  210.921636][   T34] usb 7-1: device descriptor read/8, error -71
[  211.057714][ T1336] usb 8-1: new high-speed USB device number 45 using dummy_hcd
[  211.177789][   T34] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[  211.210582][   T34] usb 7-1: device descriptor read/8, error -71
[  211.229274][ T1336] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  211.233038][ T1336] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  211.237473][ T1336] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  211.241446][ T1336] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  211.247939][ T1336] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  211.251943][ T1336] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.255560][ T1336] usb 8-1: Product: syz
[  211.257528][ T1336] usb 8-1: Manufacturer: syz
[  211.259272][ T1336] usb 8-1: SerialNumber: syz
[  211.263940][ T1336] usb 8-1: config 0 descriptor??
[  211.328284][   T34] usb usb7-port1: unable to enumerate USB device
[  211.672692][ T1336] adutux 8-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  211.678190][ T1336] usb 8-1: USB disconnect, device number 45
[  212.718655][ T9035] netlink: 24 bytes leftover after parsing attributes in process `syz.2.878'.
[  213.344339][ T9051] netlink: 20 bytes leftover after parsing attributes in process `syz.0.881'.
[  214.444081][ T9069] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  214.603999][   T40] audit: type=1326 audit(1755902600.006:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.841578][   T40] audit: type=1326 audit(1755902600.006:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.855667][   T40] audit: type=1326 audit(1755902600.006:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.875572][   T40] audit: type=1326 audit(1755902600.016:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.892665][   T40] audit: type=1326 audit(1755902600.016:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.911741][   T40] audit: type=1326 audit(1755902600.016:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.921575][   T40] audit: type=1326 audit(1755902600.016:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.930261][   T40] audit: type=1326 audit(1755902600.016:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.938228][   T40] audit: type=1326 audit(1755902600.016:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  214.945347][   T40] audit: type=1326 audit(1755902600.016:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.0.887" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  215.123183][ T9076] overlayfs: failed to clone upperpath
[  215.265751][ T9098] lo speed is unknown, defaulting to 1000
[  215.280562][ T9094] FAULT_INJECTION: forcing a failure.
[  215.280562][ T9094] name failslab, interval 1, probability 0, space 0, times 0
[  215.280615][ T9094] CPU: 1 UID: 0 PID: 9094 Comm: syz.2.892 Not tainted syzkaller #0 PREEMPT(full) 
[  215.280627][ T9094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.280633][ T9094] Call Trace:
[  215.280637][ T9094]  <TASK>
[  215.280641][ T9094]  dump_stack_lvl+0x16c/0x1f0
[  215.280659][ T9094]  should_fail_ex+0x512/0x640
[  215.280673][ T9094]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  215.280686][ T9094]  should_failslab+0xc2/0x120
[  215.280700][ T9094]  __kmalloc_cache_noprof+0x6a/0x3e0
[  215.280711][ T9094]  ? drm_atomic_state_alloc+0xb8/0x120
[  215.280726][ T9094]  drm_atomic_state_alloc+0xb8/0x120
[  215.280737][ T9094]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  215.280748][ T9094]  ? __pfx___might_resched+0x10/0x10
[  215.280764][ T9094]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  215.280776][ T9094]  ? __mutex_lock+0x1c5/0x1060
[  215.280798][ T9094]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  215.280817][ T9094]  drm_client_modeset_commit_locked+0x14d/0x580
[  215.280831][ T9094]  drm_fb_helper_pan_display+0x32d/0xa40
[  215.280849][ T9094]  ? clear_pending_if_disabled+0xa8/0x210
[  215.280867][ T9094]  fb_pan_display+0x47c/0x7d0
[  215.280893][ T9094]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  215.280912][ T9094]  bit_update_start+0x49/0x1f0
[  215.280927][ T9094]  fbcon_switch+0xbf8/0x14c0
[  215.280944][ T9094]  ? __pfx_fbcon_switch+0x10/0x10
[  215.280965][ T9094]  ? __pfx_bit_cursor+0x10/0x10
[  215.280978][ T9094]  ? fbcon_cursor+0x40c/0x5f0
[  215.280995][ T9094]  csi_J+0x863/0xad0
[  215.281011][ T9094]  do_con_write+0x41d7/0x8280
[  215.281024][ T9094]  ? __pfx___might_resched+0x10/0x10
[  215.281035][ T9094]  ? rcu_is_watching+0x12/0xc0
[  215.281047][ T9094]  ? trace_contention_end+0xdd/0x130
[  215.281068][ T9094]  ? __pfx_do_con_write+0x10/0x10
[  215.281081][ T9094]  ? __pfx_bit_cursor+0x10/0x10
[  215.281094][ T9094]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  215.281112][ T9094]  ? con_write+0x93/0xb0
[  215.281127][ T9094]  con_write+0x23/0xb0
[  215.281140][ T9094]  n_tty_write+0x41f/0x11e0
[  215.281158][ T9094]  ? __pfx_n_tty_write+0x10/0x10
[  215.281167][ T9094]  ? rcu_is_watching+0x12/0xc0
[  215.281177][ T9094]  ? __pfx_woken_wake_function+0x10/0x10
[  215.281194][ T9094]  ? kfree+0x24f/0x4d0
[  215.281202][ T9094]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  215.281218][ T9094]  ? __pfx_n_tty_write+0x10/0x10
[  215.281228][ T9094]  file_tty_write.constprop.0+0x504/0x9b0
[  215.281247][ T9094]  vfs_write+0x7d0/0x11d0
[  215.281260][ T9094]  ? __pfx_tty_write+0x10/0x10
[  215.281275][ T9094]  ? __pfx_vfs_write+0x10/0x10
[  215.281285][ T9094]  ? find_held_lock+0x2b/0x80
[  215.281306][ T9094]  ksys_write+0x12a/0x250
[  215.281318][ T9094]  ? __pfx_ksys_write+0x10/0x10
[  215.281331][ T9094]  ? rcu_is_watching+0x12/0xc0
[  215.281357][ T9094]  __do_fast_syscall_32+0x7c/0x3a0
[  215.281373][ T9094]  do_fast_syscall_32+0x32/0x80
[  215.281386][ T9094]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.281399][ T9094] RIP: 0023:0xf70fe579
[  215.281407][ T9094] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.281417][ T9094] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  215.281427][ T9094] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080002080
[  215.281433][ T9094] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[  215.281439][ T9094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.281445][ T9094] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.281451][ T9094] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.281465][ T9094]  </TASK>
[  215.378525][   T34] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  215.527801][   T34] usb 5-1: Using ep0 maxpacket: 8
[  215.534705][   T34] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  215.534761][   T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  215.534786][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  215.534811][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  215.534842][   T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  215.534882][   T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  215.534905][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.749641][   T34] usb 5-1: GET_CAPABILITIES returned 0
[  215.751947][   T34] usbtmc 5-1:16.0: can't read capabilities
[  215.948318][ T9120] netlink: 24 bytes leftover after parsing attributes in process `syz.1.893'.
[  215.978241][ T9091] FAULT_INJECTION: forcing a failure.
[  215.978241][ T9091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.986010][ T9091] CPU: 3 UID: 0 PID: 9091 Comm: syz.0.891 Not tainted syzkaller #0 PREEMPT(full) 
[  215.986030][ T9091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.986037][ T9091] Call Trace:
[  215.986041][ T9091]  <TASK>
[  215.986046][ T9091]  dump_stack_lvl+0x16c/0x1f0
[  215.986064][ T9091]  should_fail_ex+0x512/0x640
[  215.986081][ T9091]  _copy_from_user+0x2e/0xd0
[  215.986099][ T9091]  kstrtouint_from_user+0xd6/0x1d0
[  215.986112][ T9091]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  215.986124][ T9091]  ? __lock_acquire+0xb97/0x1ce0
[  215.986144][ T9091]  proc_fail_nth_write+0x83/0x220
[  215.986157][ T9091]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  215.986172][ T9091]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  215.986182][ T9091]  vfs_write+0x29d/0x11d0
[  215.986198][ T9091]  ? __pfx_vfs_write+0x10/0x10
[  215.986209][ T9091]  ? find_held_lock+0x2b/0x80
[  215.986223][ T9091]  ? __fget_files+0x20e/0x3c0
[  215.986239][ T9091]  ksys_write+0x12a/0x250
[  215.986251][ T9091]  ? __pfx_ksys_write+0x10/0x10
[  215.986263][ T9091]  ? rcu_is_watching+0x12/0xc0
[  215.986277][ T9091]  __do_fast_syscall_32+0x7c/0x3a0
[  215.986293][ T9091]  do_fast_syscall_32+0x32/0x80
[  215.986306][ T9091]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.986319][ T9091] RIP: 0023:0xf7fb6579
[  215.986328][ T9091] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.986338][ T9091] RSP: 002b:00000000f54d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  215.986348][ T9091] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54d6620
[  215.986354][ T9091] RDX: 0000000000000001 RSI: 00000000f7444ff4 RDI: 0000000000000000
[  215.986360][ T9091] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  215.986366][ T9091] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.986372][ T9091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.986386][ T9091]  </TASK>
[  216.049067][    C3] vkms_vblank_simulate: vblank timer overrun
[  216.169107][    T9] usb 5-1: USB disconnect, device number 43
[  216.290345][ T9131] @: renamed from vlan0
[  216.327222][ T9134] FAULT_INJECTION: forcing a failure.
[  216.327222][ T9134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.334256][ T9134] CPU: 2 UID: 0 PID: 9134 Comm: syz.2.898 Not tainted syzkaller #0 PREEMPT(full) 
[  216.334279][ T9134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.334288][ T9134] Call Trace:
[  216.334294][ T9134]  <TASK>
[  216.334300][ T9134]  dump_stack_lvl+0x16c/0x1f0
[  216.334327][ T9134]  should_fail_ex+0x512/0x640
[  216.334352][ T9134]  _copy_from_iter+0x29f/0x1720
[  216.334380][ T9134]  ? __alloc_skb+0x200/0x380
[  216.334400][ T9134]  ? __pfx__copy_from_iter+0x10/0x10
[  216.334427][ T9134]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  216.334456][ T9134]  netlink_sendmsg+0x829/0xdd0
[  216.334480][ T9134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.334504][ T9134]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  216.334530][ T9134]  ____sys_sendmsg+0xa98/0xc70
[  216.334548][ T9134]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.334561][ T9134]  ? get_compat_msghdr+0x11a/0x170
[  216.334591][ T9134]  ___sys_sendmsg+0x134/0x1d0
[  216.334612][ T9134]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.334644][ T9134]  ? find_held_lock+0x2b/0x80
[  216.334675][ T9134]  __sys_sendmsg+0x16d/0x220
[  216.334696][ T9134]  ? __pfx___sys_sendmsg+0x10/0x10
[  216.334727][ T9134]  ? rcu_is_watching+0x12/0xc0
[  216.334746][ T9134]  __do_fast_syscall_32+0x7c/0x3a0
[  216.334769][ T9134]  do_fast_syscall_32+0x32/0x80
[  216.334789][ T9134]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.334807][ T9134] RIP: 0023:0xf70fe579
[  216.334820][ T9134] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.334835][ T9134] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  216.334850][ T9134] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  216.334860][ T9134] RDX: 0000000000020010 RSI: 0000000000000000 RDI: 0000000000000000
[  216.334869][ T9134] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.334877][ T9134] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.334886][ T9134] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.334906][ T9134]  </TASK>
[  217.165265][ T9152] netlink: 96 bytes leftover after parsing attributes in process `syz.0.901'.
[  217.413185][ T9160] netlink: 24 bytes leftover after parsing attributes in process `syz.1.904'.
[  217.439788][ T5989] Bluetooth: hci4: sending frame failed (-49)
[  217.443837][ T5982] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  218.123970][ T9179] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.908'.
[  218.660428][ T9189] : entered promiscuous mode
[  218.716208][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.909'.
[  219.216642][ T9202] netlink: 24 bytes leftover after parsing attributes in process `syz.0.913'.
[  219.319498][ T9206] netlink: 8 bytes leftover after parsing attributes in process `syz.2.914'.
[  220.488049][ T9215] netlink: 216 bytes leftover after parsing attributes in process `syz.0.917'.
[  220.491988][ T9215] netlink: 216 bytes leftover after parsing attributes in process `syz.0.917'.
[  220.999961][ T9233] netlink: 'syz.2.920': attribute type 1 has an invalid length.
[  221.063889][ T9234] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  221.068437][ T9234] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  221.240902][ T9242] FAULT_INJECTION: forcing a failure.
[  221.240902][ T9242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.247077][ T9242] CPU: 2 UID: 0 PID: 9242 Comm: syz.2.923 Not tainted syzkaller #0 PREEMPT(full) 
[  221.247093][ T9242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.247099][ T9242] Call Trace:
[  221.247104][ T9242]  <TASK>
[  221.247109][ T9242]  dump_stack_lvl+0x16c/0x1f0
[  221.247127][ T9242]  should_fail_ex+0x512/0x640
[  221.247145][ T9242]  _copy_from_user+0x2e/0xd0
[  221.247161][ T9242]  cmsghdr_from_user_compat_to_kern+0x4ec/0x7d0
[  221.247180][ T9242]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  221.247197][ T9242]  ____sys_sendmsg+0x488/0xc70
[  221.247210][ T9242]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.247219][ T9242]  ? get_compat_msghdr+0x11a/0x170
[  221.247233][ T9242]  ? __pfx__kstrtoull+0x10/0x10
[  221.247247][ T9242]  ___sys_sendmsg+0x134/0x1d0
[  221.247262][ T9242]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.247291][ T9242]  __sys_sendmmsg+0x2f9/0x420
[  221.247306][ T9242]  ? __pfx___sys_sendmmsg+0x10/0x10
[  221.247324][ T9242]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  221.247343][ T9242]  ? fput+0x9b/0xd0
[  221.247358][ T9242]  ? ksys_write+0x1ac/0x250
[  221.247369][ T9242]  ? __pfx_ksys_write+0x10/0x10
[  221.247383][ T9242]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  221.247397][ T9242]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  221.247410][ T9242]  __do_fast_syscall_32+0x7c/0x3a0
[  221.247425][ T9242]  do_fast_syscall_32+0x32/0x80
[  221.247439][ T9242]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.247452][ T9242] RIP: 0023:0xf70fe579
[  221.247461][ T9242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.247471][ T9242] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  221.247481][ T9242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002c00
[  221.247488][ T9242] RDX: 0000000000000001 RSI: 0000000000040010 RDI: 0000000000000000
[  221.247494][ T9242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.247500][ T9242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.247505][ T9242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.247518][ T9242]  </TASK>
[  221.320984][ T9245] FAULT_INJECTION: forcing a failure.
[  221.320984][ T9245] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.327199][ T9245] CPU: 0 UID: 0 PID: 9245 Comm: syz.3.925 Not tainted syzkaller #0 PREEMPT(full) 
[  221.327223][ T9245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.327233][ T9245] Call Trace:
[  221.327239][ T9245]  <TASK>
[  221.327245][ T9245]  dump_stack_lvl+0x16c/0x1f0
[  221.327271][ T9245]  should_fail_ex+0x512/0x640
[  221.327297][ T9245]  _copy_to_user+0x32/0xd0
[  221.327314][ T9245]  simple_read_from_buffer+0xcb/0x170
[  221.327333][ T9245]  proc_fail_nth_read+0x197/0x240
[  221.327352][ T9245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.327371][ T9245]  ? rw_verify_area+0xcf/0x6c0
[  221.327386][ T9245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.327403][ T9245]  vfs_read+0x1e4/0xcf0
[  221.327426][ T9245]  ? __pfx_vfs_read+0x10/0x10
[  221.327442][ T9245]  ? find_held_lock+0x2b/0x80
[  221.327464][ T9245]  ? __fget_files+0x20e/0x3c0
[  221.327489][ T9245]  ksys_read+0x12a/0x250
[  221.327506][ T9245]  ? __pfx_ksys_read+0x10/0x10
[  221.327524][ T9245]  ? fput+0x9b/0xd0
[  221.327545][ T9245]  ? rcu_is_watching+0x12/0xc0
[  221.327563][ T9245]  __do_fast_syscall_32+0x7c/0x3a0
[  221.327587][ T9245]  do_fast_syscall_32+0x32/0x80
[  221.327608][ T9245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.327643][ T9245] RIP: 0023:0xf7f32579
[  221.327656][ T9245] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.327671][ T9245] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  221.327686][ T9245] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[  221.327696][ T9245] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[  221.327705][ T9245] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  221.327715][ T9245] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  221.327724][ T9245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.327746][ T9245]  </TASK>
[  222.377748][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.928'.
[  222.678775][ T9300] netlink: 24 bytes leftover after parsing attributes in process `syz.3.942'.
[  222.842333][ T9304] netlink: 8 bytes leftover after parsing attributes in process `syz.0.940'.
[  223.197527][ T9306] netlink: 'syz.1.943': attribute type 4 has an invalid length.
[  223.203717][ T9306] netlink: 17 bytes leftover after parsing attributes in process `syz.1.943'.
[  223.736179][ T9318] FAULT_INJECTION: forcing a failure.
[  223.736179][ T9318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.740514][ T9318] CPU: 3 UID: 0 PID: 9318 Comm: syz.3.948 Not tainted syzkaller #0 PREEMPT(full) 
[  223.740530][ T9318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.740537][ T9318] Call Trace:
[  223.740540][ T9318]  <TASK>
[  223.740544][ T9318]  dump_stack_lvl+0x16c/0x1f0
[  223.740567][ T9318]  should_fail_ex+0x512/0x640
[  223.740584][ T9318]  _copy_to_user+0x32/0xd0
[  223.740595][ T9318]  simple_read_from_buffer+0xcb/0x170
[  223.740608][ T9318]  proc_fail_nth_read+0x197/0x240
[  223.740620][ T9318]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.740632][ T9318]  ? rw_verify_area+0xcf/0x6c0
[  223.740642][ T9318]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.740653][ T9318]  vfs_read+0x1e4/0xcf0
[  223.740667][ T9318]  ? __pfx_vfs_read+0x10/0x10
[  223.740677][ T9318]  ? find_held_lock+0x2b/0x80
[  223.740691][ T9318]  ? __fget_files+0x20e/0x3c0
[  223.740706][ T9318]  ksys_read+0x12a/0x250
[  223.740718][ T9318]  ? __pfx_ksys_read+0x10/0x10
[  223.740730][ T9318]  ? rcu_is_watching+0x12/0xc0
[  223.740743][ T9318]  __do_fast_syscall_32+0x7c/0x3a0
[  223.740758][ T9318]  do_fast_syscall_32+0x32/0x80
[  223.740772][ T9318]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.740784][ T9318] RIP: 0023:0xf7f32579
[  223.740793][ T9318] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.740805][ T9318] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  223.740815][ T9318] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[  223.740822][ T9318] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[  223.740828][ T9318] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  223.740834][ T9318] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.740840][ T9318] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.740853][ T9318]  </TASK>
[  223.854655][ T9322] netlink: 216 bytes leftover after parsing attributes in process `syz.3.949'.
[  223.857454][ T9322] netlink: 216 bytes leftover after parsing attributes in process `syz.3.949'.
[  224.552356][ T9328] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  224.877388][ T9349] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  224.994820][ T9357] bridge_slave_0: default FDB implementation only supports local addresses
[  225.733775][ T9372] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  225.833179][ T9374] netlink: 216 bytes leftover after parsing attributes in process `syz.3.962'.
[  225.837855][ T9374] netlink: 216 bytes leftover after parsing attributes in process `syz.3.962'.
[  226.151352][ T9387] netlink: 24 bytes leftover after parsing attributes in process `syz.0.967'.
[  227.357779][   T61] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  227.393251][ T9399] netlink: 216 bytes leftover after parsing attributes in process `syz.2.971'.
[  227.397404][ T9399] netlink: 216 bytes leftover after parsing attributes in process `syz.2.971'.
[  227.511991][   T61] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  227.515289][   T61] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  227.519697][   T61] usb 5-1: config 0 interface 0 has no altsetting 0
[  227.524606][   T61] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  227.530691][   T61] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  227.534198][   T61] usb 5-1: Product: syz
[  227.535975][   T61] usb 5-1: Manufacturer: syz
[  227.539017][   T61] usb 5-1: SerialNumber: syz
[  227.542893][   T61] usb 5-1: config 0 descriptor??
[  227.548048][   T61] hub 5-1:0.0: bad descriptor, ignoring hub
[  227.554261][   T61] hub 5-1:0.0: probe with driver hub failed with error -5
[  227.559724][   T61] usb 5-1: selecting invalid altsetting 0
[  228.437842][ T9397] usb 5-1: reset high-speed USB device number 44 using dummy_hcd
[  228.598951][ T9397] usb 5-1: device firmware changed
[  228.609546][   T61] usb 5-1: USB disconnect, device number 44
[  228.767758][   T61] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  228.799470][ T9431] xt_socket: unknown flags 0x50
[  228.832303][ T9435] openvswitch: netlink: Duplicate key (type 6).
[  228.915059][ T9441] netlink: 216 bytes leftover after parsing attributes in process `syz.1.985'.
[  228.919749][ T9441] netlink: 216 bytes leftover after parsing attributes in process `syz.1.985'.
[  228.930313][   T61] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  228.933615][   T61] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.936086][   T61] usb 5-1: Product: syz
[  228.937434][   T61] usb 5-1: Manufacturer: syz
[  228.939177][   T61] usb 5-1: SerialNumber: syz
[  228.946525][   T61] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  228.970013][   T61] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  229.204245][ T6044] usb 5-1: USB disconnect, device number 45
[  229.923935][ T9457] sctp: [Deprecated]: syz.1.990 (pid 9457) Use of int in max_burst socket option deprecated.
[  229.923935][ T9457] Use struct sctp_assoc_value instead
[  230.008049][   T61] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  230.021585][   T61] ath9k_htc: Failed to initialize the device
[  230.037978][ T6044] usb 5-1: ath9k_htc: USB layer deinitialized
[  230.154375][ T9462] FAULT_INJECTION: forcing a failure.
[  230.154375][ T9462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.162764][ T9462] CPU: 0 UID: 0 PID: 9462 Comm: syz.3.993 Not tainted syzkaller #0 PREEMPT(full) 
[  230.162781][ T9462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.162788][ T9462] Call Trace:
[  230.162792][ T9462]  <TASK>
[  230.162797][ T9462]  dump_stack_lvl+0x16c/0x1f0
[  230.162816][ T9462]  should_fail_ex+0x512/0x640
[  230.162834][ T9462]  _copy_from_user+0x2e/0xd0
[  230.162850][ T9462]  video_usercopy+0x723/0x1440
[  230.162865][ T9462]  ? __pfx___video_do_ioctl+0x10/0x10
[  230.162879][ T9462]  ? __pfx_video_usercopy+0x10/0x10
[  230.162897][ T9462]  ? hook_file_ioctl_common+0x145/0x410
[  230.162914][ T9462]  v4l2_ioctl+0x1ba/0x250
[  230.162928][ T9462]  v4l2_compat_ioctl32+0x214/0x2c0
[  230.162939][ T9462]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  230.162951][ T9462]  __ia32_compat_sys_ioctl+0x23f/0x370
[  230.162970][ T9462]  __do_fast_syscall_32+0x7c/0x3a0
[  230.162987][ T9462]  do_fast_syscall_32+0x32/0x80
[  230.163000][ T9462]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  230.163013][ T9462] RIP: 0023:0xf7f32579
[  230.163022][ T9462] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  230.163045][ T9462] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  230.163056][ T9462] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845658
[  230.163062][ T9462] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  230.163069][ T9462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  230.163074][ T9462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  230.163080][ T9462] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  230.163094][ T9462]  </TASK>
[  230.871366][   T40] kauditd_printk_skb: 63 callbacks suppressed
[  230.871382][   T40] audit: type=1800 audit(1755902616.346:431): pid=9475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.997" name="nullb0" dev="tmpfs" ino=1261 res=0 errno=0
[  231.843482][ T9566] wg2: entered allmulticast mode
[  232.278740][ T9566] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.395821][ T9566] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.986017][ T1145] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.991421][ T1145] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.994087][ T1145] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.996831][ T1145] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.008232][ T6356] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  233.039440][ T9587] FAULT_INJECTION: forcing a failure.
[  233.039440][ T9587] name failslab, interval 1, probability 0, space 0, times 0
[  233.043660][ T9587] CPU: 2 UID: 0 PID: 9587 Comm: syz.0.1013 Not tainted syzkaller #0 PREEMPT(full) 
[  233.043675][ T9587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.043682][ T9587] Call Trace:
[  233.043685][ T9587]  <TASK>
[  233.043689][ T9587]  dump_stack_lvl+0x16c/0x1f0
[  233.043711][ T9587]  should_fail_ex+0x512/0x640
[  233.043726][ T9587]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  233.043739][ T9587]  should_failslab+0xc2/0x120
[  233.043753][ T9587]  __kmalloc_cache_noprof+0x6a/0x3e0
[  233.043763][ T9587]  ? drm_atomic_state_alloc+0xb8/0x120
[  233.043775][ T9587]  ? kasan_save_track+0x14/0x30
[  233.043788][ T9587]  drm_atomic_state_alloc+0xb8/0x120
[  233.043799][ T9587]  drm_mode_atomic_ioctl+0x393/0x25f0
[  233.043818][ T9587]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  233.043830][ T9587]  ? __lock_acquire+0xb97/0x1ce0
[  233.043852][ T9587]  ? drm_is_current_master+0x2c/0x40
[  233.043864][ T9587]  ? do_raw_spin_unlock+0x172/0x230
[  233.043882][ T9587]  drm_ioctl_kernel+0x1f4/0x3e0
[  233.043896][ T9587]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  233.043909][ T9587]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  233.043932][ T9587]  drm_ioctl+0x5c9/0xc30
[  233.043949][ T9587]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  233.043961][ T9587]  ? __pfx_drm_ioctl+0x10/0x10
[  233.043987][ T9587]  drm_compat_ioctl+0x327/0x460
[  233.044000][ T9587]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  233.044012][ T9587]  __ia32_compat_sys_ioctl+0x23f/0x370
[  233.044031][ T9587]  __do_fast_syscall_32+0x7c/0x3a0
[  233.044046][ T9587]  do_fast_syscall_32+0x32/0x80
[  233.044060][ T9587]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.044072][ T9587] RIP: 0023:0xf7fb6579
[  233.044081][ T9587] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.044092][ T9587] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  233.044103][ T9587] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c03864bc
[  233.044109][ T9587] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  233.044115][ T9587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.044122][ T9587] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.044127][ T9587] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.044140][ T9587]  </TASK>
[  233.193776][ T9596] FAULT_INJECTION: forcing a failure.
[  233.193776][ T9596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.198198][ T9596] CPU: 3 UID: 0 PID: 9596 Comm: syz.0.1017 Not tainted syzkaller #0 PREEMPT(full) 
[  233.198213][ T9596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.198219][ T9596] Call Trace:
[  233.198222][ T9596]  <TASK>
[  233.198226][ T9596]  dump_stack_lvl+0x16c/0x1f0
[  233.198245][ T9596]  should_fail_ex+0x512/0x640
[  233.198262][ T9596]  _copy_from_iter+0x29f/0x1720
[  233.198280][ T9596]  ? __alloc_skb+0x200/0x380
[  233.198293][ T9596]  ? __pfx__copy_from_iter+0x10/0x10
[  233.198310][ T9596]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  233.198329][ T9596]  netlink_sendmsg+0x829/0xdd0
[  233.198345][ T9596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.198360][ T9596]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  233.198375][ T9596]  ____sys_sendmsg+0xa98/0xc70
[  233.198386][ T9596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.198398][ T9596]  ? get_compat_msghdr+0x11a/0x170
[  233.198416][ T9596]  ___sys_sendmsg+0x134/0x1d0
[  233.198431][ T9596]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.198450][ T9596]  ? find_held_lock+0x2b/0x80
[  233.198474][ T9596]  __sys_sendmsg+0x16d/0x220
[  233.198488][ T9596]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.198507][ T9596]  ? rcu_is_watching+0x12/0xc0
[  233.198520][ T9596]  __do_fast_syscall_32+0x7c/0x3a0
[  233.198535][ T9596]  do_fast_syscall_32+0x32/0x80
[  233.198549][ T9596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.198562][ T9596] RIP: 0023:0xf7fb6579
[  233.198570][ T9596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.198580][ T9596] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  233.198590][ T9596] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  233.198597][ T9596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  233.198602][ T9596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.198608][ T9596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.198614][ T9596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.198627][ T9596]  </TASK>
[  233.277170][    C3] vkms_vblank_simulate: vblank timer overrun
[  233.314654][ T9598] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1018'.
[  233.654946][ T9603] cgroup: fork rejected by pids controller in /syz2
[  234.174368][T10057] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1019'.
[  234.265346][T10060] FAULT_INJECTION: forcing a failure.
[  234.265346][T10060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.269461][T10060] CPU: 3 UID: 0 PID: 10060 Comm: syz.0.1020 Not tainted syzkaller #0 PREEMPT(full) 
[  234.269476][T10060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.269482][T10060] Call Trace:
[  234.269487][T10060]  <TASK>
[  234.269491][T10060]  dump_stack_lvl+0x16c/0x1f0
[  234.269510][T10060]  should_fail_ex+0x512/0x640
[  234.269528][T10060]  _copy_to_user+0x32/0xd0
[  234.269539][T10060]  simple_read_from_buffer+0xcb/0x170
[  234.269551][T10060]  proc_fail_nth_read+0x197/0x240
[  234.269564][T10060]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.269576][T10060]  ? rw_verify_area+0xcf/0x6c0
[  234.269586][T10060]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.269597][T10060]  vfs_read+0x1e4/0xcf0
[  234.269611][T10060]  ? __pfx_vfs_read+0x10/0x10
[  234.269622][T10060]  ? find_held_lock+0x2b/0x80
[  234.269636][T10060]  ? __fget_files+0x20e/0x3c0
[  234.269651][T10060]  ksys_read+0x12a/0x250
[  234.269663][T10060]  ? __pfx_ksys_read+0x10/0x10
[  234.269675][T10060]  ? rcu_is_watching+0x12/0xc0
[  234.269688][T10060]  __do_fast_syscall_32+0x7c/0x3a0
[  234.269705][T10060]  do_fast_syscall_32+0x32/0x80
[  234.269718][T10060]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.269731][T10060] RIP: 0023:0xf7fb6579
[  234.269740][T10060] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.269750][T10060] RSP: 002b:00000000f54d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  234.269773][T10060] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54d6620
[  234.269780][T10060] RDX: 000000000000000f RSI: 00000000f7444ff4 RDI: 0000000000000000
[  234.269786][T10060] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  234.269792][T10060] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.269797][T10060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.269811][T10060]  </TASK>
[  234.340021][    C3] vkms_vblank_simulate: vblank timer overrun
[  234.356831][T10062] FAULT_INJECTION: forcing a failure.
[  234.356831][T10062] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  234.361251][T10062] CPU: 3 UID: 0 PID: 10062 Comm: syz.0.1021 Not tainted syzkaller #0 PREEMPT(full) 
[  234.361266][T10062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.361272][T10062] Call Trace:
[  234.361276][T10062]  <TASK>
[  234.361280][T10062]  dump_stack_lvl+0x16c/0x1f0
[  234.361298][T10062]  should_fail_ex+0x512/0x640
[  234.361314][T10062]  should_fail_alloc_page+0xe7/0x130
[  234.361330][T10062]  prepare_alloc_pages+0x3c2/0x610
[  234.361347][T10062]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  234.361361][T10062]  ? __pfx_stack_trace_save+0x10/0x10
[  234.361374][T10062]  ? stack_depot_save_flags+0x29/0x9c0
[  234.361393][T10062]  ? find_held_lock+0x2b/0x80
[  234.361406][T10062]  ? kasan_save_stack+0x42/0x60
[  234.361417][T10062]  ? kasan_save_stack+0x33/0x60
[  234.361428][T10062]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  234.361440][T10062]  ? alloc_vmap_area+0x645/0x29c0
[  234.361454][T10062]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  234.361465][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361477][T10062]  ? bpf_prog_alloc+0x3b/0x230
[  234.361487][T10062]  ? bpf_prog_load+0x1a04/0x2490
[  234.361501][T10062]  ? __sys_bpf+0x4a3f/0x4de0
[  234.361514][T10062]  ? __ia32_sys_bpf+0x76/0xe0
[  234.361528][T10062]  ? __do_fast_syscall_32+0x7c/0x3a0
[  234.361541][T10062]  ? do_fast_syscall_32+0x32/0x80
[  234.361560][T10062]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.361576][T10062]  ? policy_nodemask+0xea/0x4e0
[  234.361590][T10062]  alloc_pages_mpol+0x1fb/0x550
[  234.361605][T10062]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  234.361622][T10062]  alloc_pages_noprof+0x131/0x390
[  234.361635][T10062]  get_free_pages_noprof+0x10/0xb0
[  234.361649][T10062]  kasan_populate_vmalloc+0x89/0x1f0
[  234.361663][T10062]  alloc_vmap_area+0x959/0x29c0
[  234.361683][T10062]  ? __pfx_alloc_vmap_area+0x10/0x10
[  234.361701][T10062]  __get_vm_area_node+0x1ca/0x330
[  234.361719][T10062]  __vmalloc_node_range_noprof+0x271/0x14b0
[  234.361729][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361742][T10062]  ? find_held_lock+0x2b/0x80
[  234.361753][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361769][T10062]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  234.361781][T10062]  ? __lock_acquire+0x62e/0x1ce0
[  234.361810][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361821][T10062]  __vmalloc_node_noprof+0xad/0xf0
[  234.361830][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361844][T10062]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.361855][T10062]  ? security_capable+0x7e/0x260
[  234.361867][T10062]  bpf_prog_alloc+0x3b/0x230
[  234.361877][T10062]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.361893][T10062]  bpf_prog_load+0x1a04/0x2490
[  234.361910][T10062]  ? __pfx_bpf_prog_load+0x10/0x10
[  234.361938][T10062]  __sys_bpf+0x4a3f/0x4de0
[  234.361954][T10062]  ? __pfx___sys_bpf+0x10/0x10
[  234.361970][T10062]  ? ksys_write+0x190/0x250
[  234.361985][T10062]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  234.362007][T10062]  ? fput+0x9b/0xd0
[  234.362020][T10062]  ? ksys_write+0x1ac/0x250
[  234.362031][T10062]  ? __pfx_ksys_write+0x10/0x10
[  234.362045][T10062]  __ia32_sys_bpf+0x76/0xe0
[  234.362061][T10062]  __do_fast_syscall_32+0x7c/0x3a0
[  234.362075][T10062]  do_fast_syscall_32+0x32/0x80
[  234.362089][T10062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.362102][T10062] RIP: 0023:0xf7fb6579
[  234.362110][T10062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.362120][T10062] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  234.362130][T10062] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000600
[  234.362136][T10062] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  234.362142][T10062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.362148][T10062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.362154][T10062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.362167][T10062]  </TASK>
[  234.432108][T10062] syz.0.1021: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[  234.432977][    C3] vkms_vblank_simulate: vblank timer overrun
[  234.434952][T10062] ,cpuset=/,mems_allowed=0-1
[  234.502504][T10062] CPU: 2 UID: 0 PID: 10062 Comm: syz.0.1021 Not tainted syzkaller #0 PREEMPT(full) 
[  234.502517][T10062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.502523][T10062] Call Trace:
[  234.502528][T10062]  <TASK>
[  234.502532][T10062]  dump_stack_lvl+0x16c/0x1f0
[  234.502550][T10062]  warn_alloc+0x248/0x3a0
[  234.502564][T10062]  ? __pfx_warn_alloc+0x10/0x10
[  234.502576][T10062]  ? kfree+0x2b4/0x4d0
[  234.502589][T10062]  ? __get_vm_area_node+0x208/0x330
[  234.502609][T10062]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  234.502620][T10062]  ? find_held_lock+0x2b/0x80
[  234.502634][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.502650][T10062]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  234.502662][T10062]  ? __lock_acquire+0x62e/0x1ce0
[  234.502677][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.502689][T10062]  __vmalloc_node_noprof+0xad/0xf0
[  234.502698][T10062]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.502711][T10062]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  234.502723][T10062]  ? security_capable+0x7e/0x260
[  234.502735][T10062]  bpf_prog_alloc+0x3b/0x230
[  234.502746][T10062]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.502762][T10062]  bpf_prog_load+0x1a04/0x2490
[  234.502780][T10062]  ? __pfx_bpf_prog_load+0x10/0x10
[  234.502807][T10062]  __sys_bpf+0x4a3f/0x4de0
[  234.502823][T10062]  ? __pfx___sys_bpf+0x10/0x10
[  234.502838][T10062]  ? ksys_write+0x190/0x250
[  234.502853][T10062]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  234.502875][T10062]  ? fput+0x9b/0xd0
[  234.502888][T10062]  ? ksys_write+0x1ac/0x250
[  234.502900][T10062]  ? __pfx_ksys_write+0x10/0x10
[  234.502914][T10062]  __ia32_sys_bpf+0x76/0xe0
[  234.502930][T10062]  __do_fast_syscall_32+0x7c/0x3a0
[  234.502945][T10062]  do_fast_syscall_32+0x32/0x80
[  234.502959][T10062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.502972][T10062] RIP: 0023:0xf7fb6579
[  234.502980][T10062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.502990][T10062] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  234.503000][T10062] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000600
[  234.503006][T10062] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  234.503012][T10062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.503018][T10062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.503024][T10062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.503037][T10062]  </TASK>
[  234.503040][T10062] Mem-Info:
[  234.585169][T10062] active_anon:7913 inactive_anon:82 isolated_anon:0
[  234.585169][T10062]  active_file:6993 inactive_file:34581 isolated_file:0
[  234.585169][T10062]  unevictable:1768 dirty:433 writeback:0
[  234.585169][T10062]  slab_reclaimable:7950 slab_unreclaimable:59072
[  234.585169][T10062]  mapped:23817 shmem:5139 pagetables:1093
[  234.585169][T10062]  sec_pagetables:316 bounce:0
[  234.585169][T10062]  kernel_misc_reclaimable:0
[  234.585169][T10062]  free:37966 free_pcp:12782 free_cma:0
[  234.599066][T10062] Node 0 active_anon:380kB inactive_anon:4kB active_file:60kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:4kB writeback:0kB shmem:3556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8836kB pagetables:1596kB sec_pagetables:1168kB all_unreclaimable? no Balloon:0kB
[  234.608946][T10062] Node 1 active_anon:31272kB inactive_anon:324kB active_file:27912kB inactive_file:138324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95188kB dirty:1728kB writeback:0kB shmem:17000kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6084kB pagetables:2776kB sec_pagetables:96kB all_unreclaimable? no Balloon:0kB
[  234.618689][T10062] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:412kB local_pcp:128kB free_cma:0kB
[  234.627764][T10062] lowmem_reserve[]: 0 288 288 288 288
[  234.629534][T10062] Node 0 DMA32 free:21196kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:256KB active_anon:380kB inactive_anon:4kB active_file:60kB inactive_file:0kB unevictable:3536kB writepending:4kB present:1032196kB managed:295140kB mlocked:0kB bounce:0kB free_pcp:11760kB local_pcp:3380kB free_cma:0kB
[  234.639092][T10062] lowmem_reserve[]: 0 0 0 0 0
[  234.640616][T10062] Node 1 DMA32 free:128592kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31272kB inactive_anon:324kB active_file:27912kB inactive_file:138324kB unevictable:3536kB writepending:1728kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:38956kB local_pcp:14920kB free_cma:0kB
[  234.651342][T10062] lowmem_reserve[]: 0 0 0 0 0
[  234.652911][T10062] Node 0 DMA: 63*4kB (UM) 32*8kB (UM) 14*16kB (UM) 0*32kB 1*64kB (M) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2076kB
[  234.657283][T10062] Node 0 DMA32: 342*4kB (UMEH) 281*8kB (UME) 86*16kB (MEH) 89*32kB (UMEH) 59*64kB (UME) 27*128kB (UME) 8*256kB (UM) 4*512kB (M) 2*1024kB (UM) 0*2048kB 0*4096kB = 21216kB
[  234.663011][T10062] Node 1 DMA32: 43*4kB (ME) 143*8kB (UME) 238*16kB (UM) 349*32kB (UME) 378*64kB (UME) 155*128kB (UME) 65*256kB (UME) 33*512kB (UME) 24*1024kB (UM) 5*2048kB (M) 0*4096kB = 128676kB
[  234.668829][T10062] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  234.671847][T10062] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  234.674773][T10062] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  234.677791][T10062] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  234.680863][T10062] 47400 total pagecache pages
[  234.682360][T10062] 691 pages in swap cache
[  234.683753][T10062] Free swap  = 119224kB
[  234.685099][T10062] Total swap = 124996kB
[  234.686428][T10062] 524155 pages RAM
[  234.687707][T10062] 0 pages HighMem/MovableOnly
[  234.689223][T10062] 209475 pages reserved
[  234.690544][T10062] 0 pages cma reserved
[  235.670472][T10104] batman_adv: batadv0: Removing interface: team0
[  235.676519][T10104] bond0: (slave bond_slave_0): Releasing backup interface
[  235.681048][T10104] bond0: (slave bond_slave_1): Releasing backup interface
[  235.695833][T10104] team0: Port device team_slave_0 removed
[  235.706743][T10104] team0: Port device team_slave_1 removed
[  235.710547][T10104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.722536][T10104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.745369][T10105] team0: Mode changed to "loadbalance"
[  235.776233][T10104] netlink: 'syz.0.1032': attribute type 10 has an invalid length.
[  235.782094][T10104] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.787181][T10104] team0: Port device bond0 added
[  235.799174][T10104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1032'.
[  235.817725][ T6044] usb 7-1: new high-speed USB device number 59 using dummy_hcd
[  235.898221][T10104] team0 (unregistering): Port device bond0 removed
[  235.981658][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  235.992618][ T6044] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  235.996659][ T6044] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.009104][ T6044] usb 7-1: Product: syz
[  236.010552][ T6044] usb 7-1: Manufacturer: syz
[  236.014684][ T6044] usb 7-1: SerialNumber: syz
[  236.079383][ T6044] usb 7-1: config 0 descriptor??
[  236.185067][T10107] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1033'.
[  236.408939][T10118] trusted_key: encrypted_key: insufficient parameters specified
[  236.501513][T10101] sch_fq: defrate 9 ignored.
[  236.684767][T10101] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1031'.
[  237.324212][T10140] overlayfs: failed to clone upperpath
[  238.460307][T10162] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1049'.
[  238.467754][   T10] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  238.671062][   T10] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  238.677813][   T10] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  238.682142][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  238.687990][   T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  238.692368][   T10] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  238.695987][   T10] usb 5-1: Product: syz
[  238.697404][   T10] usb 5-1: Manufacturer: syz
[  238.698985][   T10] usb 5-1: SerialNumber: syz
[  238.706934][   T10] usb 5-1: config 0 descriptor??
[  238.716996][   T10] hub 5-1:0.0: bad descriptor, ignoring hub
[  238.720590][   T10] hub 5-1:0.0: probe with driver hub failed with error -5
[  238.723639][T10170] netlink: 'syz.1.1052': attribute type 3 has an invalid length.
[  238.725989][   T10] usb 5-1: selecting invalid altsetting 0
[  238.726313][T10170] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1052'.
[  238.731601][ T5989] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  238.850548][ T6044] usb 7-1: USB disconnect, device number 59
[  238.881039][T10176] 9pnet_fd: Insufficient options for proto=fd
[  239.027917][   T10] usb 5-1: USB disconnect, device number 46
[  239.377864][   T10] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  239.553403][   T10] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  239.559232][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.564098][   T10] usb 5-1: Product: syz
[  239.566690][   T10] usb 5-1: Manufacturer: syz
[  239.569184][   T10] usb 5-1: SerialNumber: syz
[  239.585670][   T10] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  239.623263][ T6069] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  239.832922][   T61] usb 5-1: USB disconnect, device number 47
[  239.904487][T10192] MTD: Couldn't look up './file0': -15
[  240.375243][T10202] FAULT_INJECTION: forcing a failure.
[  240.375243][T10202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.379594][T10202] CPU: 2 UID: 0 PID: 10202 Comm: syz.0.1063 Not tainted syzkaller #0 PREEMPT(full) 
[  240.379635][T10202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  240.379647][T10202] Call Trace:
[  240.379654][T10202]  <TASK>
[  240.379663][T10202]  dump_stack_lvl+0x16c/0x1f0
[  240.379690][T10202]  should_fail_ex+0x512/0x640
[  240.379718][T10202]  _copy_from_iter+0x29f/0x1720
[  240.379748][T10202]  ? __alloc_skb+0x200/0x380
[  240.379769][T10202]  ? __pfx__copy_from_iter+0x10/0x10
[  240.379799][T10202]  ? __pfx___might_resched+0x10/0x10
[  240.379827][T10202]  netlink_sendmsg+0x829/0xdd0
[  240.379857][T10202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.379884][T10202]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  240.379909][T10202]  ____sys_sendmsg+0xa98/0xc70
[  240.379928][T10202]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.379944][T10202]  ? get_compat_msghdr+0x11a/0x170
[  240.379978][T10202]  ___sys_sendmsg+0x134/0x1d0
[  240.380004][T10202]  ? __pfx____sys_sendmsg+0x10/0x10
[  240.380041][T10202]  ? find_held_lock+0x2b/0x80
[  240.380078][T10202]  __sys_sendmsg+0x16d/0x220
[  240.380103][T10202]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.380163][T10202]  ? rcu_is_watching+0x12/0xc0
[  240.380185][T10202]  __do_fast_syscall_32+0x7c/0x3a0
[  240.380210][T10202]  do_fast_syscall_32+0x32/0x80
[  240.380233][T10202]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.380254][T10202] RIP: 0023:0xf7fb6579
[  240.380267][T10202] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.380283][T10202] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  240.380300][T10202] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000580
[  240.380311][T10202] RDX: 000000002008c894 RSI: 0000000000000000 RDI: 0000000000000000
[  240.380320][T10202] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.380330][T10202] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  240.380339][T10202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.380362][T10202]  </TASK>
[  240.647772][ T6069] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  240.651565][ T6069] ath9k_htc: Failed to initialize the device
[  240.654346][   T61] usb 5-1: ath9k_htc: USB layer deinitialized
[  241.539234][   T61] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[  241.701943][   T61] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  241.705411][   T61] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  241.709780][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  241.716590][   T61] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  241.722760][   T61] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  241.726203][   T61] usb 7-1: Product: syz
[  241.728190][   T61] usb 7-1: Manufacturer: syz
[  241.729992][   T61] usb 7-1: SerialNumber: syz
[  241.734391][   T61] usb 7-1: config 0 descriptor??
[  241.739333][   T61] hub 7-1:0.0: bad descriptor, ignoring hub
[  241.742195][   T61] hub 7-1:0.0: probe with driver hub failed with error -5
[  241.747786][   T61] usb 7-1: selecting invalid altsetting 0
[  242.284867][T10241] FAULT_INJECTION: forcing a failure.
[  242.284867][T10241] name failslab, interval 1, probability 0, space 0, times 0
[  242.288719][T10241] CPU: 1 UID: 0 PID: 10241 Comm: syz.0.1077 Not tainted syzkaller #0 PREEMPT(full) 
[  242.288733][T10241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.288739][T10241] Call Trace:
[  242.288743][T10241]  <TASK>
[  242.288747][T10241]  dump_stack_lvl+0x16c/0x1f0
[  242.288764][T10241]  should_fail_ex+0x512/0x640
[  242.288780][T10241]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  242.288792][T10241]  should_failslab+0xc2/0x120
[  242.288806][T10241]  __kmalloc_cache_noprof+0x6a/0x3e0
[  242.288817][T10241]  ? rtnl_newlink+0x11b/0x2000
[  242.288833][T10241]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.288846][T10241]  rtnl_newlink+0x11b/0x2000
[  242.288859][T10241]  ? find_held_lock+0x2b/0x80
[  242.288870][T10241]  ? is_bpf_text_address+0x8a/0x1a0
[  242.288883][T10241]  ? bpf_ksym_find+0x124/0x1c0
[  242.288893][T10241]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  242.288907][T10241]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.288921][T10241]  ? __kernel_text_address+0xd/0x40
[  242.288931][T10241]  ? unwind_get_return_address+0x59/0xa0
[  242.288942][T10241]  ? arch_stack_walk+0xa6/0x100
[  242.288959][T10241]  ? __lock_acquire+0x62e/0x1ce0
[  242.288974][T10241]  ? rcu_is_watching+0x12/0xc0
[  242.288989][T10241]  ? find_held_lock+0x2b/0x80
[  242.288999][T10241]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.289012][T10241]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.289024][T10241]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  242.289039][T10241]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.289053][T10241]  rtnetlink_rcv_msg+0x95e/0xe90
[  242.289068][T10241]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  242.289084][T10241]  ? __lock_acquire+0x62e/0x1ce0
[  242.289100][T10241]  netlink_rcv_skb+0x158/0x420
[  242.289115][T10241]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  242.289130][T10241]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  242.289163][T10241]  ? netlink_deliver_tap+0x1ae/0xd30
[  242.289176][T10241]  ? is_vmalloc_addr+0x86/0xa0
[  242.289190][T10241]  netlink_unicast+0x5a7/0x870
[  242.289205][T10241]  ? __pfx_netlink_unicast+0x10/0x10
[  242.289219][T10241]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  242.289236][T10241]  netlink_sendmsg+0x8d1/0xdd0
[  242.289252][T10241]  ? __pfx_netlink_sendmsg+0x10/0x10
[  242.289268][T10241]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  242.289282][T10241]  ____sys_sendmsg+0xa98/0xc70
[  242.289293][T10241]  ? __pfx_____sys_sendmsg+0x10/0x10
[  242.289302][T10241]  ? get_compat_msghdr+0x11a/0x170
[  242.289324][T10241]  ___sys_sendmsg+0x134/0x1d0
[  242.289338][T10241]  ? __pfx____sys_sendmsg+0x10/0x10
[  242.289358][T10241]  ? find_held_lock+0x2b/0x80
[  242.289376][T10241]  __sys_sendmsg+0x16d/0x220
[  242.289389][T10241]  ? __pfx___sys_sendmsg+0x10/0x10
[  242.289408][T10241]  ? rcu_is_watching+0x12/0xc0
[  242.289420][T10241]  __do_fast_syscall_32+0x7c/0x3a0
[  242.289435][T10241]  do_fast_syscall_32+0x32/0x80
[  242.289449][T10241]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.289461][T10241] RIP: 0023:0xf7fb6579
[  242.289470][T10241] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.289480][T10241] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  242.289490][T10241] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  242.289496][T10241] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  242.289502][T10241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.289508][T10241] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.289514][T10241] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.289526][T10241]  </TASK>
[  242.677852][T10226] usb 7-1: reset high-speed USB device number 60 using dummy_hcd
[  242.848324][T10226] usb 7-1: device firmware changed
[  242.858329][ T6356] usb 7-1: USB disconnect, device number 60
[  243.007737][ T6356] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[  243.451708][ T6356] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  243.455050][ T6356] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.457824][ T6356] usb 7-1: Product: syz
[  243.459304][ T6356] usb 7-1: Manufacturer: syz
[  243.460921][ T6356] usb 7-1: SerialNumber: syz
[  243.470339][ T6356] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  243.483881][ T6356] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  243.595251][T10286] FAULT_INJECTION: forcing a failure.
[  243.595251][T10286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.602460][T10286] CPU: 0 UID: 0 PID: 10286 Comm: syz.3.1091 Not tainted syzkaller #0 PREEMPT(full) 
[  243.602497][T10286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.602508][T10286] Call Trace:
[  243.602513][T10286]  <TASK>
[  243.602520][T10286]  dump_stack_lvl+0x16c/0x1f0
[  243.602546][T10286]  should_fail_ex+0x512/0x640
[  243.602574][T10286]  _copy_from_user+0x2e/0xd0
[  243.602605][T10286]  kstrtouint_from_user+0xd6/0x1d0
[  243.602625][T10286]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  243.602643][T10286]  ? __lock_acquire+0xb97/0x1ce0
[  243.602676][T10286]  proc_fail_nth_write+0x83/0x220
[  243.602696][T10286]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  243.602720][T10286]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  243.602736][T10286]  vfs_write+0x29d/0x11d0
[  243.602761][T10286]  ? __pfx_vfs_write+0x10/0x10
[  243.602778][T10286]  ? find_held_lock+0x2b/0x80
[  243.602801][T10286]  ? __fget_files+0x20e/0x3c0
[  243.602825][T10286]  ksys_write+0x12a/0x250
[  243.602845][T10286]  ? __pfx_ksys_write+0x10/0x10
[  243.602866][T10286]  ? rcu_is_watching+0x12/0xc0
[  243.602885][T10286]  __do_fast_syscall_32+0x7c/0x3a0
[  243.602910][T10286]  do_fast_syscall_32+0x32/0x80
[  243.602931][T10286]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.602951][T10286] RIP: 0023:0xf7f32579
[  243.602963][T10286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.602979][T10286] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  243.602995][T10286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5456620
[  243.603007][T10286] RDX: 0000000000000001 RSI: 00000000f73c4ff4 RDI: 0000000000000000
[  243.603016][T10286] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  243.603025][T10286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.603036][T10286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.603057][T10286]  </TASK>
[  243.707876][ T1336] usb 7-1: USB disconnect, device number 61
[  243.730319][T10290] afs: Bad value for 'source'
[  243.814652][T10287] wireguard0: entered promiscuous mode
[  243.827736][T10287] wireguard0: entered allmulticast mode
[  243.868354][T10290] netlink: 'syz.3.1092': attribute type 4 has an invalid length.
[  244.032189][T10295] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1093'.
[  244.035121][T10295] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1093'.
[  244.340363][T10307] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  244.342515][T10307] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  244.345987][T10307] vhci_hcd vhci_hcd.0: Device attached
[  244.567926][ T6356] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  244.596692][ T6356] ath9k_htc: Failed to initialize the device
[  244.597967][  T841] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  244.623511][ T1336] usb 7-1: ath9k_htc: USB layer deinitialized
[  244.685335][T10319] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.020353][T10325] FAULT_INJECTION: forcing a failure.
[  245.020353][T10325] name failslab, interval 1, probability 0, space 0, times 0
[  245.024591][T10325] CPU: 0 UID: 0 PID: 10325 Comm: syz.0.1103 Not tainted syzkaller #0 PREEMPT(full) 
[  245.024608][T10325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.024614][T10325] Call Trace:
[  245.024618][T10325]  <TASK>
[  245.024622][T10325]  dump_stack_lvl+0x16c/0x1f0
[  245.024641][T10325]  should_fail_ex+0x512/0x640
[  245.024656][T10325]  ? __kmalloc_noprof+0xbf/0x510
[  245.024670][T10325]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  245.024689][T10325]  should_failslab+0xc2/0x120
[  245.024703][T10325]  __kmalloc_noprof+0xd2/0x510
[  245.024714][T10325]  ? __lock_acquire+0xb97/0x1ce0
[  245.024728][T10325]  ? wg_pubkey_hashtable_lookup+0x1d6/0x3f0
[  245.024746][T10325]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  245.024766][T10325]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  245.024783][T10325]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  245.024805][T10325]  ? bpf_lsm_capable+0x9/0x10
[  245.024816][T10325]  ? security_capable+0x7e/0x260
[  245.024827][T10325]  ? ns_capable+0xd7/0x110
[  245.024841][T10325]  genl_rcv_msg+0x55c/0x800
[  245.024859][T10325]  ? __pfx_genl_rcv_msg+0x10/0x10
[  245.024875][T10325]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  245.024890][T10325]  ? __lock_acquire+0x62e/0x1ce0
[  245.024909][T10325]  netlink_rcv_skb+0x158/0x420
[  245.024923][T10325]  ? __pfx_genl_rcv_msg+0x10/0x10
[  245.024940][T10325]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  245.024960][T10325]  ? netlink_deliver_tap+0x1ae/0xd30
[  245.024974][T10325]  ? is_vmalloc_addr+0x86/0xa0
[  245.024988][T10325]  genl_rcv+0x28/0x40
[  245.025002][T10325]  netlink_unicast+0x5a7/0x870
[  245.025019][T10325]  ? __pfx_netlink_unicast+0x10/0x10
[  245.025038][T10325]  netlink_sendmsg+0x8d1/0xdd0
[  245.025055][T10325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.025072][T10325]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  245.025086][T10325]  ____sys_sendmsg+0xa98/0xc70
[  245.025098][T10325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.025108][T10325]  ? get_compat_msghdr+0x11a/0x170
[  245.025128][T10325]  ___sys_sendmsg+0x134/0x1d0
[  245.025143][T10325]  ? __pfx____sys_sendmsg+0x10/0x10
[  245.025164][T10325]  ? find_held_lock+0x2b/0x80
[  245.025184][T10325]  __sys_sendmsg+0x16d/0x220
[  245.025198][T10325]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.025219][T10325]  ? rcu_is_watching+0x12/0xc0
[  245.025232][T10325]  __do_fast_syscall_32+0x7c/0x3a0
[  245.025248][T10325]  do_fast_syscall_32+0x32/0x80
[  245.025262][T10325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  245.025276][T10325] RIP: 0023:0xf7fb6579
[  245.025285][T10325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  245.025295][T10325] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  245.025306][T10325] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  245.025313][T10325] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  245.025324][T10325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  245.025330][T10325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  245.025336][T10325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.025350][T10325]  </TASK>
[  245.156607][T10308] vhci_hcd: connection reset by peer
[  245.163469][ T9539] vhci_hcd: stop threads
[  245.165631][ T9539] vhci_hcd: release socket
[  245.171082][ T9539] vhci_hcd: disconnect device
[  245.697443][T10333] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.412453][T10326] delete_channel: no stack
[  246.554223][T10351] input: syz1 as /devices/virtual/input/input6
[  247.500119][ T1336] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  247.649423][ T1336] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  247.652887][ T1336] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  247.656858][ T1336] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  247.660944][ T1336] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  247.665255][ T1336] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  247.671541][ T1336] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  247.675090][ T1336] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  247.678761][ T1336] usb 5-1: Product: syz
[  247.680463][ T1336] usb 5-1: Manufacturer: syz
[  247.687836][ T1336] cdc_wdm 5-1:1.0: skipping garbage
[  247.689962][ T1336] cdc_wdm 5-1:1.0: skipping garbage
[  247.695136][ T1336] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  247.697568][ T1336] cdc_wdm 5-1:1.0: Unknown control protocol
[  247.747833][   T61] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[  247.929442][   T61] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  247.937761][   T61] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  247.943305][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  247.954824][   T61] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  247.958810][   T61] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  247.962507][   T61] usb 7-1: Product: syz
[  247.964509][   T61] usb 7-1: Manufacturer: syz
[  247.966229][   T61] usb 7-1: SerialNumber: syz
[  247.973335][   T61] usb 7-1: config 0 descriptor??
[  247.978865][   T61] hub 7-1:0.0: bad descriptor, ignoring hub
[  247.981343][   T61] hub 7-1:0.0: probe with driver hub failed with error -5
[  247.990721][   T61] usb 7-1: selecting invalid altsetting 0
[  248.647929][T10381] usb 7-1: reset high-speed USB device number 62 using dummy_hcd
[  248.824320][T10381] usb 7-1: device firmware changed
[  248.941994][   T34] usb 7-1: USB disconnect, device number 62
[  249.097791][   T34] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[  249.279759][   T34] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  249.283760][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.286876][   T34] usb 7-1: Product: syz
[  249.295771][   T34] usb 7-1: Manufacturer: syz
[  249.297302][   T34] usb 7-1: SerialNumber: syz
[  249.333534][   T34] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  249.526627][   T61] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  249.697811][  T841] vhci_hcd: vhci_device speed not set
[  249.753996][ T1336] usb 7-1: USB disconnect, device number 63
[  250.195877][   T34] usb 5-1: USB disconnect, device number 48
[  250.330516][T10416] block nbd0: Attempted send on invalid socket
[  250.333509][T10416] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  250.419394][T10420] netlink: 216 bytes leftover after parsing attributes in process `syz.2.1128'.
[  250.427807][T10420] netlink: 216 bytes leftover after parsing attributes in process `syz.2.1128'.
[  250.568317][   T61] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  250.571841][   T61] ath9k_htc: Failed to initialize the device
[  250.580050][ T1336] usb 7-1: ath9k_htc: USB layer deinitialized
[  250.935418][T10434] netlink: 'syz.3.1131': attribute type 4 has an invalid length.
[  251.147023][T10438] netlink: 'syz.3.1132': attribute type 4 has an invalid length.
[  251.149872][T10438] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1132'.
[  251.160361][T10438] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1132'.
[  251.568850][T10447] 9pnet_fd: p9_fd_create_unix (10447): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  251.581309][T10447] sock: sock_timestamping_bind_phc: sock not bind to device
[  251.604680][T10449] FAULT_INJECTION: forcing a failure.
[  251.604680][T10449] name failslab, interval 1, probability 0, space 0, times 0
[  251.616831][T10449] CPU: 2 UID: 0 PID: 10449 Comm: syz.2.1136 Not tainted syzkaller #0 PREEMPT(full) 
[  251.616846][T10449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.616853][T10449] Call Trace:
[  251.616857][T10449]  <TASK>
[  251.616862][T10449]  dump_stack_lvl+0x16c/0x1f0
[  251.616881][T10449]  should_fail_ex+0x512/0x640
[  251.616896][T10449]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  251.616909][T10449]  should_failslab+0xc2/0x120
[  251.616924][T10449]  __kmalloc_cache_noprof+0x6a/0x3e0
[  251.616934][T10449]  ? __pfx_snprintf+0x10/0x10
[  251.616947][T10449]  ? init_srcu_struct_fields+0x97a/0xde0
[  251.616967][T10449]  init_srcu_struct_fields+0x97a/0xde0
[  251.616983][T10449]  ? lockdep_init_map_type+0x5c/0x280
[  251.617000][T10449]  kvm_dev_ioctl+0x574/0x1af0
[  251.617014][T10449]  ? find_held_lock+0x2b/0x80
[  251.617024][T10449]  ? hook_file_ioctl_common+0x145/0x410
[  251.617039][T10449]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  251.617051][T10449]  ? __fget_files+0x20e/0x3c0
[  251.617066][T10449]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  251.617077][T10449]  __ia32_compat_sys_ioctl+0x23f/0x370
[  251.617096][T10449]  __do_fast_syscall_32+0x7c/0x3a0
[  251.617112][T10449]  do_fast_syscall_32+0x32/0x80
[  251.617126][T10449]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.617140][T10449] RIP: 0023:0xf70fe579
[  251.617149][T10449] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  251.617160][T10449] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  251.617171][T10449] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
[  251.617178][T10449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.617184][T10449] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  251.617190][T10449] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  251.617195][T10449] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.617208][T10449]  </TASK>
[  252.984652][   T40] audit: type=1800 audit(1755902638.456:432): pid=10477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1143" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  253.520382][T10490] FAULT_INJECTION: forcing a failure.
[  253.520382][T10490] name failslab, interval 1, probability 0, space 0, times 0
[  253.525902][T10490] CPU: 2 UID: 0 PID: 10490 Comm: syz.0.1147 Not tainted syzkaller #0 PREEMPT(full) 
[  253.525927][T10490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.525939][T10490] Call Trace:
[  253.525949][T10490]  <TASK>
[  253.525957][T10490]  dump_stack_lvl+0x16c/0x1f0
[  253.525987][T10490]  should_fail_ex+0x512/0x640
[  253.526013][T10490]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  253.526039][T10490]  should_failslab+0xc2/0x120
[  253.526063][T10490]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  253.526083][T10490]  ? sock_diag_rcv_msg+0x435/0x790
[  253.526103][T10490]  ? netlink_rcv_skb+0x158/0x420
[  253.526147][T10490]  ? __alloc_skb+0x2b2/0x380
[  253.526169][T10490]  ? vfs_writev+0x35f/0xde0
[  253.526192][T10490]  __alloc_skb+0x2b2/0x380
[  253.526214][T10490]  ? __pfx___alloc_skb+0x10/0x10
[  253.526246][T10490]  netlink_dump+0x19b/0xd30
[  253.526268][T10490]  ? aa_get_newest_label+0xd2/0x250
[  253.526288][T10490]  ? __pfx_netlink_dump+0x10/0x10
[  253.526322][T10490]  ? __inet_diag_dump_start+0x434/0x7f0
[  253.526348][T10490]  __netlink_dump_start+0x6d6/0x990
[  253.526375][T10490]  inet_diag_handler_cmd+0x282/0x2e0
[  253.526396][T10490]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  253.526416][T10490]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  253.526434][T10490]  ? __pfx_inet_diag_dump+0x10/0x10
[  253.526451][T10490]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  253.526471][T10490]  ? sock_diag_lock_handler+0x10f/0x2e0
[  253.526499][T10490]  sock_diag_rcv_msg+0x435/0x790
[  253.526529][T10490]  netlink_rcv_skb+0x158/0x420
[  253.526553][T10490]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  253.526575][T10490]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.526611][T10490]  ? netlink_deliver_tap+0x1ae/0xd30
[  253.526632][T10490]  ? is_vmalloc_addr+0x86/0xa0
[  253.526658][T10490]  netlink_unicast+0x5a7/0x870
[  253.526682][T10490]  ? __pfx_netlink_unicast+0x10/0x10
[  253.526702][T10490]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  253.526751][T10490]  netlink_sendmsg+0x8d1/0xdd0
[  253.526780][T10490]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.526806][T10490]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  253.526831][T10490]  sock_write_iter+0x4fc/0x5b0
[  253.526849][T10490]  ? __pfx_sock_write_iter+0x10/0x10
[  253.526878][T10490]  ? __lock_acquire+0x62e/0x1ce0
[  253.526907][T10490]  do_iter_readv_writev+0x662/0x9e0
[  253.526928][T10490]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  253.526952][T10490]  ? bpf_lsm_file_permission+0x9/0x10
[  253.526978][T10490]  ? security_file_permission+0x71/0x210
[  253.527003][T10490]  ? rw_verify_area+0xcf/0x6c0
[  253.527023][T10490]  vfs_writev+0x35f/0xde0
[  253.527050][T10490]  ? __pfx_vfs_writev+0x10/0x10
[  253.527069][T10490]  ? find_held_lock+0x2b/0x80
[  253.527104][T10490]  ? __fget_files+0x20e/0x3c0
[  253.527122][T10490]  ? __fget_files+0x140/0x3c0
[  253.527146][T10490]  ? do_writev+0x28c/0x340
[  253.527164][T10490]  do_writev+0x28c/0x340
[  253.527183][T10490]  ? __pfx_do_writev+0x10/0x10
[  253.527204][T10490]  ? rcu_is_watching+0x12/0xc0
[  253.527226][T10490]  __do_fast_syscall_32+0x7c/0x3a0
[  253.527253][T10490]  do_fast_syscall_32+0x32/0x80
[  253.527276][T10490]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.527299][T10490] RIP: 0023:0xf7fb6579
[  253.527314][T10490] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.527332][T10490] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  253.527351][T10490] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800000c0
[  253.527364][T10490] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  253.527374][T10490] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.527384][T10490] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.527394][T10490] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.527418][T10490]  </TASK>
[  253.822030][T10494] FAULT_INJECTION: forcing a failure.
[  253.822030][T10494] name failslab, interval 1, probability 0, space 0, times 0
[  253.827921][T10494] CPU: 3 UID: 0 PID: 10494 Comm: syz.0.1148 Not tainted syzkaller #0 PREEMPT(full) 
[  253.827946][T10494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.827970][T10494] Call Trace:
[  253.827976][T10494]  <TASK>
[  253.828004][T10494]  dump_stack_lvl+0x16c/0x1f0
[  253.828033][T10494]  should_fail_ex+0x512/0x640
[  253.828056][T10494]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  253.828081][T10494]  should_failslab+0xc2/0x120
[  253.828104][T10494]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  253.828139][T10494]  ? __alloc_skb+0x2b2/0x380
[  253.828165][T10494]  __alloc_skb+0x2b2/0x380
[  253.828186][T10494]  ? __pfx___alloc_skb+0x10/0x10
[  253.828204][T10494]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  253.828231][T10494]  netlink_ack+0x15d/0xb80
[  253.828255][T10494]  ? __lock_acquire+0x62e/0x1ce0
[  253.828285][T10494]  netlink_rcv_skb+0x332/0x420
[  253.828309][T10494]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  253.828336][T10494]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.828369][T10494]  ? netlink_deliver_tap+0x1ae/0xd30
[  253.828392][T10494]  ? is_vmalloc_addr+0x86/0xa0
[  253.828415][T10494]  netlink_unicast+0x5a7/0x870
[  253.828440][T10494]  ? __pfx_netlink_unicast+0x10/0x10
[  253.828469][T10494]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  253.828498][T10494]  netlink_sendmsg+0x8d1/0xdd0
[  253.828525][T10494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.828552][T10494]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  253.828577][T10494]  ____sys_sendmsg+0xa98/0xc70
[  253.828594][T10494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.828611][T10494]  ? get_compat_msghdr+0x11a/0x170
[  253.828643][T10494]  ___sys_sendmsg+0x134/0x1d0
[  253.828667][T10494]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.828701][T10494]  ? find_held_lock+0x2b/0x80
[  253.828734][T10494]  __sys_sendmsg+0x16d/0x220
[  253.828758][T10494]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.828791][T10494]  ? rcu_is_watching+0x12/0xc0
[  253.828813][T10494]  __do_fast_syscall_32+0x7c/0x3a0
[  253.828839][T10494]  do_fast_syscall_32+0x32/0x80
[  253.828862][T10494]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.828883][T10494] RIP: 0023:0xf7fb6579
[  253.828897][T10494] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.828913][T10494] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  253.828931][T10494] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800007c0
[  253.828941][T10494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.828950][T10494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.828959][T10494] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.828970][T10494] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.828992][T10494]  </TASK>
[  253.941430][    C3] vkms_vblank_simulate: vblank timer overrun
[  254.740153][T10514] overlayfs: failed to resolve './file1': -2
[  254.782024][T10516] binder: 10515:10516 ioctl c018620c 80000000 returned -1
[  255.211476][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  255.352963][T10534] FAULT_INJECTION: forcing a failure.
[  255.352963][T10534] name failslab, interval 1, probability 0, space 0, times 0
[  255.360069][T10534] CPU: 2 UID: 0 PID: 10534 Comm: syz.2.1161 Not tainted syzkaller #0 PREEMPT(full) 
[  255.360094][T10534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.360105][T10534] Call Trace:
[  255.360111][T10534]  <TASK>
[  255.360120][T10534]  dump_stack_lvl+0x16c/0x1f0
[  255.360149][T10534]  should_fail_ex+0x512/0x640
[  255.360172][T10534]  ? __kmalloc_noprof+0xbf/0x510
[  255.360194][T10534]  ? kernfs_fop_write_iter+0x237/0x510
[  255.360218][T10534]  should_failslab+0xc2/0x120
[  255.360240][T10534]  __kmalloc_noprof+0xd2/0x510
[  255.360266][T10534]  kernfs_fop_write_iter+0x237/0x510
[  255.360288][T10534]  vfs_write+0x7d0/0x11d0
[  255.360309][T10534]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  255.360329][T10534]  ? __pfx_vfs_write+0x10/0x10
[  255.360348][T10534]  ? find_held_lock+0x2b/0x80
[  255.360384][T10534]  ksys_write+0x12a/0x250
[  255.360405][T10534]  ? __pfx_ksys_write+0x10/0x10
[  255.360428][T10534]  ? rcu_is_watching+0x12/0xc0
[  255.360450][T10534]  __do_fast_syscall_32+0x7c/0x3a0
[  255.360475][T10534]  do_fast_syscall_32+0x32/0x80
[  255.360498][T10534]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.360519][T10534] RIP: 0023:0xf70fe579
[  255.360534][T10534] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.360551][T10534] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  255.360568][T10534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  255.360578][T10534] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  255.360588][T10534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.360598][T10534] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.360609][T10534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.360632][T10534]  </TASK>
[  255.428471][T10537] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1162'.
[  256.565922][T10568] FAULT_INJECTION: forcing a failure.
[  256.565922][T10568] name failslab, interval 1, probability 0, space 0, times 0
[  256.570326][T10568] CPU: 2 UID: 0 PID: 10568 Comm: syz.2.1171 Not tainted syzkaller #0 PREEMPT(full) 
[  256.570342][T10568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.570348][T10568] Call Trace:
[  256.570352][T10568]  <TASK>
[  256.570356][T10568]  dump_stack_lvl+0x16c/0x1f0
[  256.570373][T10568]  should_fail_ex+0x512/0x640
[  256.570387][T10568]  ? fs_reclaim_acquire+0xae/0x150
[  256.570404][T10568]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  256.570419][T10568]  should_failslab+0xc2/0x120
[  256.570432][T10568]  __kmalloc_noprof+0xd2/0x510
[  256.570452][T10568]  tomoyo_realpath_from_path+0xc2/0x6e0
[  256.570467][T10568]  ? tomoyo_profile+0x47/0x60
[  256.570478][T10568]  tomoyo_path_number_perm+0x245/0x580
[  256.570490][T10568]  ? tomoyo_path_number_perm+0x237/0x580
[  256.570504][T10568]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  256.570530][T10568]  ? find_held_lock+0x2b/0x80
[  256.570540][T10568]  ? hook_file_ioctl_common+0x145/0x410
[  256.570557][T10568]  ? __fget_files+0x20e/0x3c0
[  256.570572][T10568]  security_file_ioctl_compat+0x9b/0x240
[  256.570587][T10568]  __ia32_compat_sys_ioctl+0xc3/0x370
[  256.570605][T10568]  __do_fast_syscall_32+0x7c/0x3a0
[  256.570620][T10568]  do_fast_syscall_32+0x32/0x80
[  256.570633][T10568]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.570646][T10568] RIP: 0023:0xf70fe579
[  256.570654][T10568] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  256.570665][T10568] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  256.570675][T10568] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c03864bc
[  256.570681][T10568] RDX: 0000000080000500 RSI: 0000000000000000 RDI: 0000000000000000
[  256.570690][T10568] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  256.570695][T10568] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  256.570701][T10568] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.570714][T10568]  </TASK>
[  256.570719][T10568] ERROR: Out of memory at tomoyo_realpath_from_path.
[  256.809318][   T40] audit: type=1326 audit(1755902642.286:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.829184][   T40] audit: type=1326 audit(1755902642.286:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.836497][   T40] audit: type=1326 audit(1755902642.286:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.843535][   T40] audit: type=1326 audit(1755902642.286:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.868436][   T40] audit: type=1326 audit(1755902642.286:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.875146][   T40] audit: type=1326 audit(1755902642.286:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.884700][   T40] audit: type=1326 audit(1755902642.286:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.892385][   T40] audit: type=1326 audit(1755902642.286:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.899886][   T40] audit: type=1326 audit(1755902642.286:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.2.1173" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  256.942747][T10577] kernel profiling enabled (shift: 1)
[  257.464308][T10580] netlink: 216 bytes leftover after parsing attributes in process `syz.1.1174'.
[  257.468017][T10580] netlink: 216 bytes leftover after parsing attributes in process `syz.1.1174'.
[  258.231296][T10590] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  258.233739][T10590] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  258.236482][T10590] vhci_hcd vhci_hcd.0: Device attached
[  258.972141][T10591] vhci_hcd: connection closed
[  258.973626][ T9539] vhci_hcd: stop threads
[  258.982322][ T9539] vhci_hcd: release socket
[  258.983879][ T9539] vhci_hcd: disconnect device
[  259.581037][T10577] syz.0.1170: vmalloc error: size 355004416, failed to allocated page array size 693368, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  259.613756][T10577] CPU: 1 UID: 0 PID: 10577 Comm: syz.0.1170 Not tainted syzkaller #0 PREEMPT(full) 
[  259.613785][T10577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.613792][T10577] Call Trace:
[  259.613796][T10577]  <TASK>
[  259.613801][T10577]  dump_stack_lvl+0x16c/0x1f0
[  259.613820][T10577]  warn_alloc+0x248/0x3a0
[  259.613834][T10577]  ? __pfx_warn_alloc+0x10/0x10
[  259.613852][T10577]  ? profile_init+0xd5/0x130
[  259.613862][T10577]  ? __vmalloc_node_noprof+0xad/0xf0
[  259.613875][T10577]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  259.613890][T10577]  ? profile_init+0xd5/0x130
[  259.613904][T10577]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.613916][T10577]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  259.613933][T10577]  ? profile_init+0xd5/0x130
[  259.613942][T10577]  __vmalloc_node_noprof+0xad/0xf0
[  259.613952][T10577]  ? profile_init+0xd5/0x130
[  259.613963][T10577]  ? __pfx_profiling_store+0x10/0x10
[  259.613977][T10577]  profile_init+0xd5/0x130
[  259.613988][T10577]  profiling_store+0x7b/0x120
[  259.614002][T10577]  kobj_attr_store+0x55/0x80
[  259.614016][T10577]  ? __pfx_kobj_attr_store+0x10/0x10
[  259.614029][T10577]  sysfs_kf_write+0xf2/0x150
[  259.614042][T10577]  kernfs_fop_write_iter+0x354/0x510
[  259.614052][T10577]  ? __pfx_sysfs_kf_write+0x10/0x10
[  259.614065][T10577]  vfs_write+0x7d0/0x11d0
[  259.614077][T10577]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  259.614090][T10577]  ? __pfx_vfs_write+0x10/0x10
[  259.614100][T10577]  ? find_held_lock+0x2b/0x80
[  259.614126][T10577]  ksys_write+0x12a/0x250
[  259.614138][T10577]  ? __pfx_ksys_write+0x10/0x10
[  259.614151][T10577]  ? rcu_is_watching+0x12/0xc0
[  259.614164][T10577]  __do_fast_syscall_32+0x7c/0x3a0
[  259.614179][T10577]  do_fast_syscall_32+0x32/0x80
[  259.614193][T10577]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.614207][T10577] RIP: 0023:0xf7fb6579
[  259.614216][T10577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.614226][T10577] RSP: 002b:00000000f549455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  259.614236][T10577] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  259.614243][T10577] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  259.614248][T10577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.614254][T10577] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  259.614260][T10577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.614274][T10577]  </TASK>
[  259.614302][T10577] Mem-Info:
[  259.749354][T10577] active_anon:12860 inactive_anon:105 isolated_anon:0
[  259.749354][T10577]  active_file:7395 inactive_file:25561 isolated_file:0
[  259.749354][T10577]  unevictable:1768 dirty:123 writeback:0
[  259.749354][T10577]  slab_reclaimable:7761 slab_unreclaimable:58784
[  259.749354][T10577]  mapped:33358 shmem:9771 pagetables:1119
[  259.749354][T10577]  sec_pagetables:319 bounce:0
[  259.749354][T10577]  kernel_misc_reclaimable:0
[  259.749354][T10577]  free:41380 free_pcp:4323 free_cma:0
[  259.794466][T10577] Node 0 active_anon:16kB inactive_anon:96kB active_file:292kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:76kB dirty:16kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8936kB pagetables:1460kB sec_pagetables:1180kB all_unreclaimable? yes Balloon:0kB
[  259.820261][T10577] Node 1 active_anon:54504kB inactive_anon:324kB active_file:29288kB inactive_file:102236kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:136056kB dirty:536kB writeback:0kB shmem:38152kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6276kB pagetables:3144kB sec_pagetables:96kB all_unreclaimable? no Balloon:0kB
[  259.841007][T10577] Node 0 DMA free:2020kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:268kB local_pcp:220kB free_cma:0kB
[  259.898935][T10577] lowmem_reserve[]: 0 288 288 288 288
[  259.902524][T10577] Node 0 DMA32 free:16492kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:256KB active_anon:16kB inactive_anon:96kB active_file:292kB inactive_file:8kB unevictable:3536kB writepending:16kB present:1032196kB managed:295140kB mlocked:0kB bounce:0kB free_pcp:4432kB local_pcp:2368kB free_cma:0kB
[  259.943130][T10577] lowmem_reserve[]: 0 0 0 0 0
[  259.945607][T10577] Node 1 DMA32 free:143228kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:49804kB inactive_anon:324kB active_file:29288kB inactive_file:102236kB unevictable:3536kB writepending:560kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:18576kB local_pcp:8676kB free_cma:0kB
[  259.960775][T10577] lowmem_reserve[]: 0 0 0 0 0
[  259.962859][T10577] Node 0 DMA: 11*4kB (UM) 13*8kB (UM) 19*16kB (UM) 7*32kB (UM) 1*64kB (M) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2020kB
[  260.020160][T10577] Node 0 DMA32: 27*4kB (UMH) 106*8kB (UME) 135*16kB (UMEH) 102*32kB (UMEH) 62*64kB (UME) 20*128kB (UME) 8*256kB (UM) 1*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 16492kB
[  260.257886][T10577] Node 1 DMA32: 2*4kB (UE) 20*8kB (UME) 52*16kB (ME) 71*32kB (UE) 189*64kB (UME) 209*128kB (UME) 74*256kB (UME) 49*512kB (UME) 25*1024kB (UM) 9*2048kB (UM) 1*4096kB (M) = 134280kB
[  260.265492][T10577] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.288464][T10577] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  260.292419][T10577] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.296342][T10577] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  260.327677][T10577] 41624 total pagecache pages
[  260.329550][T10577] 746 pages in swap cache
[  260.331392][T10577] Free swap  = 119036kB
[  260.332784][T10577] Total swap = 124996kB
[  260.334105][T10577] 524155 pages RAM
[  260.335299][T10577] 0 pages HighMem/MovableOnly
[  260.336807][T10577] 209475 pages reserved
[  260.348786][T10577] 0 pages cma reserved
[  260.831078][T10621] bridge0: port 3(team0) entered disabled state
[  260.833366][T10621] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.836186][T10621] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.850998][T10621] tipc: Resetting bearer <eth:team0>
[  260.915013][T10621] veth1_to_bond: left allmulticast mode
[  260.963563][T10621] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.976585][T10621] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.113024][ T9539] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  261.118480][ T9539] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  261.122314][ T9539] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  261.126006][ T9539] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  261.986060][   T40] kauditd_printk_skb: 28 callbacks suppressed
[  261.986076][   T40] audit: type=1326 audit(1755902647.456:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  261.991834][T10640] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1194'.
[  261.998156][   T40] audit: type=1326 audit(1755902647.456:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.010627][   T40] audit: type=1326 audit(1755902647.466:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.022429][   T40] audit: type=1326 audit(1755902647.466:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.031433][   T40] audit: type=1326 audit(1755902647.466:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.040648][   T40] audit: type=1326 audit(1755902647.466:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.049724][   T40] audit: type=1326 audit(1755902647.466:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.059456][   T40] audit: type=1326 audit(1755902647.466:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.069051][   T40] audit: type=1326 audit(1755902647.466:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.078209][   T40] audit: type=1326 audit(1755902647.466:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10639 comm="syz.1.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  262.168011][T10605] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  262.177889][ T5989] Bluetooth: hci1: command 0x0406 tx timeout
[  262.182382][T10605] Bluetooth: hci1: Opcode 0x0406 failed: -110
[  262.531095][T10605] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  262.535672][T10605] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  262.539149][T10605] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  262.545628][T10605] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  262.917867][ T6612] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  262.924790][ T6044] usb 7-1: new high-speed USB device number 64 using dummy_hcd
[  263.067764][ T6612] usb 5-1: Using ep0 maxpacket: 16
[  263.070976][ T6612] usb 5-1: too many configurations: 127, using maximum allowed: 8
[  263.077961][ T6044] usb 7-1: device descriptor read/64, error -71
[  263.083175][ T6612] usb 5-1: unable to read config index 0 descriptor/start: -61
[  263.086385][ T6612] usb 5-1: can't read configurations, error -61
[  263.248079][ T6612] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  263.337889][ T6044] usb 7-1: new high-speed USB device number 65 using dummy_hcd
[  263.407823][ T6612] usb 5-1: Using ep0 maxpacket: 16
[  263.413796][ T6612] usb 5-1: too many configurations: 127, using maximum allowed: 8
[  263.428639][ T6612] usb 5-1: unable to read config index 0 descriptor/start: -61
[  263.434553][ T6612] usb 5-1: can't read configurations, error -61
[  263.444547][ T6612] usb usb5-port1: attempt power cycle
[  263.458601][ T6356] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  263.477821][ T6044] usb 7-1: device descriptor read/64, error -71
[  263.590286][ T6044] usb usb7-port1: attempt power cycle
[  263.817877][ T6612] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  263.948681][ T6044] usb 7-1: new high-speed USB device number 66 using dummy_hcd
[  263.953226][ T6612] usb 5-1: device descriptor read/8, error -71
[  263.971206][ T6044] usb 7-1: device descriptor read/8, error -71
[  263.980718][T10683] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1199'.
[  263.983756][T10683] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1199'.
[  264.058351][T10684] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1199'.
[  264.257748][ T5989] Bluetooth: hci1: command 0x0406 tx timeout
[  264.564892][T10696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1203'.
[  264.577877][ T5989] Bluetooth: hci2: command 0x0406 tx timeout
[  265.077257][T10707] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1205'.
[  265.080213][T10707] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1205'.
[  265.083220][T10707] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1205'.
[  265.086140][T10707] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1205'.
[  266.327807][ T5989] Bluetooth: hci1: command 0x0406 tx timeout
[  266.337868][ T5378] BUG: sleeping function called from invalid context at mm/vmalloc.c:3409
[  266.341263][ T5378] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5378, name: klogd
[  266.346155][ T5378] preempt_count: 1, expected: 0
[  266.348470][ T5378] RCU nest depth: 0, expected: 0
[  266.350400][ T5378] no locks held by klogd/5378.
[  266.352193][ T5378] Preemption disabled at:
[  266.352200][ T5378] [<ffffffff8b91bf20>] schedule+0xe0/0x3a0
[  266.356412][ T5378] CPU: 0 UID: 0 PID: 5378 Comm: klogd Not tainted syzkaller #0 PREEMPT(full) 
[  266.356431][ T5378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.356440][ T5378] Call Trace:
[  266.356446][ T5378]  <TASK>
[  266.356453][ T5378]  dump_stack_lvl+0x16c/0x1f0
[  266.356473][ T5378]  __might_resched+0x3c0/0x5e0
[  266.356490][ T5378]  ? __pfx___might_resched+0x10/0x10
[  266.356502][ T5378]  ? pcpu_block_update+0x562/0x660
[  266.356523][ T5378]  ? find_held_lock+0x2b/0x80
[  266.356538][ T5378]  vfree+0x75/0xb50
[  266.356558][ T5378]  ? rcu_is_watching+0x12/0xc0
[  266.356572][ T5378]  ? kfree+0x24f/0x4d0
[  266.356584][ T5378]  ? free_percpu+0x6db/0x13c0
[  266.356601][ T5378]  futex_hash_free+0x98/0xc0
[  266.356618][ T5378]  __mmdrop+0x33f/0x580
[  266.356632][ T5378]  ? rcu_is_watching+0x12/0xc0
[  266.356647][ T5378]  finish_task_switch.isra.0+0x7a4/0xc10
[  266.356660][ T5378]  ? __switch_to+0x7a5/0x11a0
[  266.356678][ T5378]  __schedule+0x1198/0x5de0
[  266.356692][ T5378]  ? _prb_read_valid+0x73c/0x890
[  266.356713][ T5378]  ? __lock_acquire+0x62e/0x1ce0
[  266.356734][ T5378]  ? __pfx___schedule+0x10/0x10
[  266.356752][ T5378]  ? find_held_lock+0x2b/0x80
[  266.356765][ T5378]  ? schedule+0x2d7/0x3a0
[  266.356781][ T5378]  schedule+0xe7/0x3a0
[  266.356796][ T5378]  syslog_print+0x216/0x620
[  266.356815][ T5378]  ? __pfx_syslog_print+0x10/0x10
[  266.356836][ T5378]  ? __pfx_autoremove_wake_function+0x10/0x10
[  266.356853][ T5378]  ? rcu_is_watching+0x12/0xc0
[  266.356871][ T5378]  ? bpf_lsm_capable+0x9/0x10
[  266.356883][ T5378]  ? security_capable+0x7e/0x260
[  266.356899][ T5378]  do_syslog+0x3dc/0x6c0
[  266.356919][ T5378]  ? __pfx_do_syslog+0x10/0x10
[  266.356943][ T5378]  ? xfd_validate_state+0x61/0x180
[  266.356966][ T5378]  __x64_sys_syslog+0x74/0xb0
[  266.356985][ T5378]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.357001][ T5378]  do_syscall_64+0xcd/0x490
[  266.357020][ T5378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.357033][ T5378] RIP: 0033:0x7f9246560a37
[  266.357045][ T5378] Code: 73 01 c3 48 8b 0d c1 f3 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 67 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 f3 0c 00 f7 d8 64 89 01 48
[  266.357059][ T5378] RSP: 002b:00007ffff271ee48 EFLAGS: 00000206 ORIG_RAX: 0000000000000067
[  266.357072][ T5378] RAX: ffffffffffffffda RBX: 00007f9246700490 RCX: 00007f9246560a37
[  266.357080][ T5378] RDX: 00000000000003ff RSI: 00007f9246700490 RDI: 0000000000000002
[  266.357088][ T5378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  266.357096][ T5378] R10: 0000000000004000 R11: 0000000000000206 R12: 00007f9246700490
[  266.357104][ T5378] R13: 00007f92466dddfe R14: 00007f924670062c R15: 00007f924670062c
[  266.357120][ T5378]  </TASK>
[  266.647985][ T5989] Bluetooth: hci2: command 0x0406 tx timeout
[  268.737894][ T5989] Bluetooth: hci2: command 0x0406 tx timeout

VM DIAGNOSIS:
22:44:11  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616d85 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc9002019f3c8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006f R14=ffffffff9b0f96c0 R15=ffffffff85616d20
RIP=ffffffff85616daf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9246396c80 ffffffff 00c00000
GS =0000 ffff8880974c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffda5e3c CR3=0000000020467000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b6f2a0533b13b266 8211616e81b3ebf5
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 002be39d9ea8acf1 e3961f93285e7917
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6030767487c4da29 f6c404c16fa1569d
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d6786e0567e791c3 0d457ba3e9133b3f
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 562729923a2fe059 e9b74482fefd775f
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8ca2ef1601a375b6 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 706c0cf48ca52bfd 56b5d7c7f7502353
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4aa96b1200000000 957ffae6737397cc
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e08c61520e6e7b7b 81c84e71c9f24a8b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 962d1ae6fedc772e ca766c837a71f0bc
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000a6866f RBX=0000000000000001 RCX=ffffffff8b909bf9 RDX=0000000000000000
RSI=ffffffff8de4c5c9 RDI=ffffffff8c162d00 RBP=ffffed1003a5a488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2d2440 R14=ffffffff90ab7990 R15=0000000000000000
RIP=ffffffff8b90875f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5493ffc CR3=00000000498fd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffcfec0 Opmask01=0000000000008000 Opmask02=00000000d711000f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 24f2b9d63ea9d65b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1b8a240a3e122e54
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000c0fe
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b8f04da79e7d1b47 3c6f9d06589d4ccc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a17e95517b4e1856 daf4f2895b90dceb
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 706f682f30687465 2f666e6f632f3676 70692f74656e2f73 79732f636f72702f
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0074696d696c5f70 6f682f306874652f 666e6f632f367670 692f74656e2f7379
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 550a005642444943 5f4b50510a56000a 51404b0a56564449 460a565c560a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a65640a65640a20 3236207020205f62 0a65203620202020 2036203330002036
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000050420b RBX=0000000000000002 RCX=ffffffff8b909bf9 RDX=0000000000000000
RSI=ffffffff8de4c5c9 RDI=ffffffff8c162d00 RBP=ffffed1003a5a910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801d2d4880 R14=ffffffff90ab7990 R15=0000000000000000
RIP=ffffffff8b90875f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffee8774e28 CR3=000000004f0a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004040101 Opmask01=0000000020003fff Opmask02=00000000bfffbfff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee8798d10 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 000000ff00000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005562dbd89e00
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69626572004d52 4c4147495300676e 697361656c657200 4d52455447495300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b4c474057004d52 4c4147495300424b 4c56444049405700 4d52455447495300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 00007ffee87892b1 00007ffee878928b
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee8789266 00007ffee8789241 00007ffee8789220 00007ffee87891fe
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee87891de 00007ffee87891cc 00007ffee87891c1 00007ffee87891b1
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee87891a6 00007ffee8789196 00007ffee8789185 00007ffee8789177
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00060014995f8101 adcf1ad700000000 000080fe00010014 00000007fd80400a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a65640a65640a20 3236207020205f62 0a65203620202020 2036203330002036
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000005085a1 RBX=0000000000000003 RCX=ffffffff8b909bf9 RDX=0000000000000000
RSI=ffffffff8de4c5c9 RDI=ffffffff8c162d00 RBP=ffffed1003a5e000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801d2f0000 R14=ffffffff90ab7990 R15=0000000000000000
RIP=ffffffff8b90875f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000570e099c CR3=00000000675a6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000