last executing test programs:

6.257083478s ago: executing program 2 (id=3031):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x1d)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000001aa40)=ANY=[@ANYBLOB="3c0000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="911165b7337aaa83b4383a84a3e5a7adffa8c8e16000001c0012800b00010067656e65766500000c000280060005004e220000b8adf82ccca0b238c5e9a160acb1d1361c26d77fd5e5990a769d36beb050744214c855ae10f5a5c05b0c51893c145669a2ded2eecf7df5ba5d3b0f84c740"], 0x3c}}, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r7 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r8, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r10, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f000001b240)={0x3e4, r6, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c53, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x60, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x2ec, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x9]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x4002, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x6, 0xfffe, 0x3, 0x9, 0x5, 0x1, 0x8]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x10, 0x2, [{0x1, 0x2}, {0x4, 0x8}, {0x5, 0x2}, {0x5}, {0x1, 0x5}, {0x2, 0x1}, {0x1, 0x5}, {0x6, 0xa}, {0x1, 0x3}, {0x0, 0x8}, {0x6, 0x8}, {0x4, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x7}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8040, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xb}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x3}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_BSS_BASIC_RATES={0x1a, 0x24, [{0x24, 0x1}, {0x3}, {0x24, 0x1}, {0x1b}, {0x3}, {0x1}, {0x16}, {0x1, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x24}, {}, {0x60, 0x1}, {0xc, 0x1}, {0x9}, {0x36, 0x1}, {0x16}, {0x36, 0x1}, {0x18, 0x1}, {0x36}, {0x60, 0x1}, {0xf8d5e63151afee51}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x4}, 0xc0)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r11, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00'})

5.34025542s ago: executing program 3 (id=3036):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x6, 0x36, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d", @ANYRES64], 0xf8)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000001000)={0x10, 0x140d, 0xe3263c25d365e57d, 0x70bd2a, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x50)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @mcast2}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
bind$netlink(r2, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020080000900020073797a31000000000800044000000000090075c585010073797a3000000000080003400000000a140000001100010000000000000000000000000ad8439a3540fd8ff6dee6969812c288a5b5c74a65734059ad60708f139f7375b08950b3135e6e2a718a66f03097e413bc5b21d4aeae03372149f42b96c089245dfd5fd2f48c1a32a36663e4047838ee61338f66c6e2b7417542279746"], 0x64}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
unshare(0x2040400)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCSIFHWADDR(r4, 0x8931, &(0x7f0000000000)={'wlan0\x00'})
socket$inet6(0xa, 0x5, 0x0)

3.790207083s ago: executing program 2 (id=3044):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000b)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRESOCT=r3, @ANYRES64=r2, @ANYRES64=r1, @ANYRES8=r2], 0x44}}, 0x4800)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x5000002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040804}, 0x20000000)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x4, 0x2, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x10000001)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000300)="baf80c66b876d2b28a66efbafc0cbaa10066edef0f3466b9d60a00000f32268bfff20f2aee660f384188e90bb800008ec0670fc7bf007000008ec026c966b9a60a000066b86957000066ba000000000f30", 0x51}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
madvise(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x4)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0x8, &(0x7f0000000080)=0x2, 0x4)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000000004026093333400000000001090224"], 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000180)=ANY=[@ANYRES64=r6])
r8 = socket(0x2a, 0x5, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8b24, &(0x7f0000000000)={'wlan0\x00'})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0xfffffffffffffff7}}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_PORT_MIN={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000000)=0x2)
getsockopt$packet_int(r7, 0x107, 0x6, 0x0, &(0x7f0000000100))
r10 = socket$l2tp(0x2, 0x2, 0x73)
dup3(r10, r7, 0x0)
bind$can_raw(r0, &(0x7f00000001c0), 0x10)
fsopen(&(0x7f0000000040)='gfs2meta\x00', 0x0)

2.716318698s ago: executing program 0 (id=3052):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) (async)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100)=@newqdisc={0x24, 0x24, 0x400, 0x0, 0x25dfdbfc}, 0x24}}, 0x0) (async)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000500)=""/229, 0xe5}, {&(0x7f0000000400)=""/101, 0x65}], 0x2}}], 0x1, 0x60, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe000000000000290000003b000000", 0xfe60)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
recvmsg(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x4000004)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x3938700}, 0x0, 0x0) (async)
r5 = syz_open_dev$sg(0x0, 0x0, 0x400)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x10, @buffer={0x0, 0xc8, &(0x7f0000000640)=""/200}, &(0x7f0000000240)="238d7acf0800", 0x0, 0x0, 0x1b, 0x0, 0x0})
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0) (async)
syz_open_dev$vim2m(0x0, 0x4, 0x2) (async)
socket$key(0xf, 0x3, 0x2) (async, rerun: 64)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040) (rerun: 64)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f00000000c0)={0x2, 0x0, 0x40, 0x0, 0x8}) (async)
syz_open_dev$evdev(0x0, 0x40, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

2.647695655s ago: executing program 0 (id=3053):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000140)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x4d, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}, {"7110b2bedd93d8a889432720bf48ae3656d7947e124ac02747b600000000000000e5088994702d436f0cf7dc2ded51b495e2c96051b4ee545f"}}}}}}}, 0x0)

2.647194747s ago: executing program 0 (id=3054):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x24, 0xa, 0x2, "3258e54601cccf040000000000000000000000130200ffffff00000000b28d00", 0x3631564e}) (async)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, 0xffffffffffffffff) (async, rerun: 64)
syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0)) (async, rerun: 64)
accept4(r2, &(0x7f0000000000)=@ethernet={0x0, @broadcast}, &(0x7f0000000080)=0x80, 0x800)

2.555240873s ago: executing program 0 (id=3055):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'sit0\x00', <r3=>0x0})
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.549364163s ago: executing program 0 (id=3056):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d6920c5542c740000000c00028008000140fffff274140000001100010000000000000000000100000a"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006000400ffff000008"], 0x44}}, 0x0)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x5000002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040804}, 0x20000000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x200000000000}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x1}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000004180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @local, @local, {[], {{0x8000, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x100, 0x0, 0x1}}}}}}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x880)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a80000000060a010400000000000000000a0000050900010073797a310000000054000480500001800a000100696e6e65720000004000028008000440000000171c0005800c0001007061796c6f6164000600028008000740000001010800034000000002080002400000008408000140000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x83, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaa303e81f2aaaa0180c200000086dd608a35f2004d0600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50070000907800007110b2bedd93d8a889432720bf48ae3656d7947e124ac02747b600000000000000e5088994702d436f0cf7dc2ded51b495e2c96051b4ee545f"], 0x0)

2.453947409s ago: executing program 2 (id=3057):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000040)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000140)=0x2c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@newtaction={0xd6c, 0x30, 0xb, 0x0, 0x0, {}, [{0xba8, 0x1, [@m_bpf={0x128, 0x12, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x8, 0x0, 0x3, 0x6, 0x61e}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x5, 0x2, 0xa, 0x6}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x85, 0x6, "3ae155d5758feefb968bb96d9c80cab25007a071d51d2e5072c1ac69659f55a7d20700b0ef8f1d6594f6888be68f1309b07cba1acf2b09074536a2f5c042a4bdf034efd639f13dff9af8cadc348e7a08769ad998e16285bda86c889eda99512d72db19469e076ec2448b1d78078bcb8948c16a3e17b0d058b4617d28945028fd13"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ife={0x148, 0xb, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x20, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x2}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0xad9}]}]}, {0xff, 0x6, "3ff5a9c9ed1a87ed6500c1849cd2cfdfaa845212336ed4cc0e22e74d14f7224a1d7cb2cb70402ba21771a8fae20c03ca2728eaf6206aa32ebfa4157b9ad85694e249462682419171b4c3d00fe7cc11436ade7b9132a68678410ae52a3931877838f805cbb8fefaa9d9b6f75897c6d6fbf7ce578d91294638b38b5bb873d829c9cfa0d821889e2fa78cac93bfb66167735a0f91f4ac7eb36b6b7ecc1adc48271ed27c7895c9c68670746dc4731bf7fa1e06d38e1cdc2ef89a83e817a7c47cc6e119e2d4b7524b58a44fc6bdac7ac352955cb804c0ca0a23484878e9db531baf01adc145cc1e6a934afdcdadae8b3094347004f5f69005c86bf28d0e"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ife={0xc8, 0x7, 0x0, 0x0, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @multicast}, @TCA_IFE_TYPE={0x6, 0x5, 0x1}, @TCA_IFE_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3f62ab673e3d4da1}}, @TCA_IFE_METALST={0x10, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x401}]}, @TCA_IFE_TYPE={0x6, 0x5, 0x1}]}, {0x67, 0x6, "2e2b7d34e010216229ae5ba8da4a31b124e1e9386ad2c95af1d9ad6d3c65eaf365e247ffc5c60266db6258e4ae47f81f139acef203cffd347e9abf6651f690bfa4877d3765427e752f48d5f6185227dac2ae38bf86c915315ef863f230eb5b056d87e6"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_police={0x59c, 0x6, 0x0, 0x0, {{0xb}, {0x4b4, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x1, 0xfffeffff, 0xfffff040, 0x7, 0x700000, 0x7fff, 0x7f, 0x8, 0x7fff, 0xc70, 0x9, 0x4, 0x3, 0x20d5, 0x9, 0x400000, 0x200, 0x101, 0x8, 0x2, 0x1, 0x4, 0x80000001, 0xffff8001, 0x4, 0x9, 0x1, 0x8, 0x3, 0x3, 0x7, 0x7, 0x1, 0x6, 0x4, 0x4, 0x7, 0xffffffff, 0xffff8001, 0x1, 0xffffff81, 0x2, 0x8, 0x5b50, 0x13ae, 0xffffffff, 0xf46523f, 0x7fffffff, 0x6, 0xd, 0xffff7fff, 0x7088144b, 0x62, 0x7, 0x8, 0x2, 0x635, 0xfffffff8, 0xfff, 0x6, 0x0, 0x401, 0x600, 0xde4, 0x6, 0x6e44, 0x4, 0xc70, 0xfffff800, 0x2, 0x8, 0x8, 0x6, 0x5, 0x7, 0x4, 0x3, 0x7, 0x5, 0x8, 0x4, 0x40000000, 0x7eb, 0xaa58, 0x2, 0x1000, 0x5, 0x2, 0x18, 0x3, 0x523, 0x0, 0xafd9, 0x0, 0x9, 0x0, 0x3, 0xb, 0x9, 0x7ff, 0x1, 0x8, 0xc, 0x9, 0x4, 0x6, 0xfff, 0x7, 0xff, 0x2c56, 0x2, 0x3, 0x80000000, 0x8c4, 0x3, 0x9, 0x638, 0xe9, 0x5, 0x2, 0x800, 0x4, 0x3, 0x3, 0x5, 0x9, 0x200, 0x40, 0x7fff, 0x1, 0x5, 0xfffffff9, 0xffff, 0x7a, 0x2, 0x800, 0x1c0e17b4, 0x5, 0xded9, 0x80000001, 0x4, 0x7, 0xfb, 0x1, 0x800, 0x1, 0xd0e3, 0x0, 0x36d, 0xc3, 0x7df, 0x3, 0x10000, 0x7, 0x200, 0x1, 0x3b, 0xacd, 0x7, 0x148714cc, 0x6, 0xffffffff, 0xfffffff9, 0x280, 0x0, 0x7ff, 0x7f, 0xb, 0x4, 0xaf, 0xb3, 0x8, 0x0, 0x4000, 0x800, 0x9, 0x8, 0x100, 0x5, 0x5, 0xd, 0x7, 0x72b, 0x2, 0x8, 0x540f, 0x3, 0x7ff, 0x8, 0x8, 0x7, 0x5, 0x5, 0xe41, 0x86, 0x7, 0x0, 0x1ff, 0x5, 0x2, 0x1, 0x8001, 0xffffff59, 0xa, 0x4, 0x8, 0x9, 0xeec, 0x7, 0xb, 0x78e22900, 0x37f63222, 0x5, 0xfffffffe, 0x9, 0x2a, 0x6, 0x401, 0x4, 0x6, 0x4, 0x7, 0x5, 0xc, 0xe4cc, 0x7, 0x1, 0x7, 0x8, 0x9, 0x6, 0xfffff913, 0x80000001, 0x3, 0x51, 0x0, 0x0, 0x2, 0x2, 0x7, 0x5, 0x85e0, 0x2, 0x9, 0x7fff, 0x67, 0x6, 0xfb, 0x3, 0x2, 0x4, 0xa, 0x100, 0x3ff, 0x7]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x6, 0x0, 0x8, 0xffff, {0x2, 0x1, 0x4, 0x1, 0x3a, 0x548}, {0x3, 0x2, 0x7, 0x0, 0x7984, 0xa6}, 0x9, 0x5, 0x9}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x97}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8001}, @TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x2, 0x1, 0xba2, 0x4100, {0x3, 0x2, 0xf4f, 0x1, 0x2, 0x6}, {0x56, 0x0, 0x8000, 0x9, 0x3, 0x7}, 0x9, 0x5, 0x86}}]]}, {0xc0, 0x6, "f11051a8b4d5c1b4c2a41478366b556846b95b597e31e7fce47b6599d08fff5efb74ed47171e7b9710f1035448e99697b8349a5f12a248ef4bc7e26b8444756189850d0fc0bc53fd7925a6236464fc388d44f0b19189a91e9bd0cf6dc17e9e2747880f3ab8ad0a995f1b66708f0953f428511a2a12904282df871ed5afecf07b5422c99e6448f5999664501a137361cf8f29f1c3f44beb2f5280dbd770fc5051075088d2530009848b71c24fc14ce9b49cfd931a65e2895b9921e8f4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_connmark={0x114, 0x20, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x790f, 0x9, 0x1, 0x9, 0x4}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x122c0000, 0x6, 0x3ff, 0x31}, 0x2}}]}, {0xac, 0x6, "b9cc887e8292f6bfcf9776da421f2f827f5b99189cd73e2816219b9ac722dfc83bb831e3352f8edfe7aefae303f74b42c057819ede4d5d8a3a583badf5c7d132c8df675cc8657269f8c53f95d55b5dcd4f331fdbe32669ffc543f994ccae7c5ea6fe5d1c22d6e13beef75a5fc54861cc86ccc6307d7677e5727936a102eedc6f3c228fde1dc8255bd7469a7b2528c8e9f62fd77a5eaf4b1fccf6ba827d5646a0054cdd8730f73aed"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_csum={0xfc, 0x50, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x9, 0x20000000, 0x2, 0xfffffd96}, 0x2e}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x3, 0x8, 0x1}, 0x6e}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x2, 0x20000000, 0x7, 0x80000000}, 0x7e}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x1, 0x6, 0xfff, 0x9}, 0x59}}]}, {0x5e, 0x6, "9fd22ed9b82deba4e3bdfc3f69a0b83112799634434ecdb35f8a5a8ac829cd86c6fff3ce55d56b3623817ed2949c1291f730646574aa082f5967ddb7ceb850d414b9654a52a018c2f740b8625b0a9c91caa8709476cf4b244325"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ct={0x44, 0x1c, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_CT_ZONE={0x6, 0x4, 0x4}, @TCA_CT_ACTION={0x6, 0x3, 0x25}]}, {0x9, 0x6, "176c96caad"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_csum={0x7c, 0xd, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x7ff, 0x4, 0x0, 0x800}, 0x28}}]}, {0x34, 0x6, "dc1f2ec8f1550429ccfade98d930c397f94d32c817787d5c924639546dcb2018c88756746c3423c9c05ddaba7f8a64e3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, {0x1b0, 0x1, [@m_xt={0x12c, 0x8, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xffff}]}, {0xfc, 0x6, "76c697d37c23408a125a1601dcf9868af60adfc0829e28fa862e8514623b70db6b60ac49dfb6647f357b23015b2005b45bcf4c017a584a4551f59fa076c33580700a49139f23c7b74c262a8c88057e58efaa70d42e4001d2147b374609d5ca94ffcf8254e0bc3ebb6ded61f60514b2babe9c02ea5dca508bd60dd8fb6341c139332a1d1b97a9f8bcb9bd11b21162a560f8495903574be0746861c5fe3f903ea3381b909ab2b2a7b129a8d3a347ed2d51cc29cfa455532cded26e1262b4e99fa764694222e3522a90a2e1a823f881c8154b8e4124cd7d171736f396ba404efeb380d13ca5b111d9aa3fbefcec52ae58cb9286a5e91c7f4b04"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0x80, 0x9, 0x0, 0x0, {{0xc}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0xfffffff7, 0xfffffff2, 0x10000000, 0xbe48, 0x6}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x4}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xd}}]}, {0x2a, 0x6, "08c0250451d8510994e0ea242e9cc4b46f812778753b1bb756f35822c97a627fee4309ea5733"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xd6c}}, 0x0)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000000)={0x5a, 0xa, 0x1, "05fcff410400001b00", 0x34343452})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @local}]}}}, @IFLA_IFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4008030}, 0x2000000)

2.361225196s ago: executing program 2 (id=3058):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
io_uring_setup(0x5ef9, &(0x7f0000000000))
r1 = socket$inet6(0x10, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r2 = syz_open_dev$usbmon(&(0x7f0000000300), 0x0, 0x2100)
ioctl$MON_IOCQ_URB_LEN(r2, 0x9201)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0xfc}]}, 0x8)
sendmmsg$inet(r3, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f00000000c0)={"000600", 0x4, 0x6, 0x2, 0x0, 0x4, "0000000000f4ff00", '\x00\x00\a\x00', "0300", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", "ff81000000008000"]})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800000000fddbdf7700000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r9, @ANYBLOB="08001b00000000"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_io_uring_setup(0x7418, &(0x7f0000000240)={0x0, 0x4cfb, 0x80, 0x3, 0x135}, &(0x7f00000000c0)=<r11=>0x0, &(0x7f0000000080)=<r12=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r11, r12, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00'})
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00', 0x6, 0xfffffffffffffffe)

2.287400805s ago: executing program 3 (id=3059):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000040)={'hsr0\x00', @remote})
syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter\x00')
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
dup(0xffffffffffffffff)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a2c0300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
socket$key(0xf, 0x3, 0x2)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
close(0x3)

1.87187846s ago: executing program 1 (id=3060):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000300)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3}})
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

1.451896624s ago: executing program 2 (id=3061):
r0 = openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000400)={r2, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000040)={r2, r5, r3, 0x7fffffff, 0xffffff2f, 0x0, 0x240, 0x7fffffff, 0x2, 0xffffff80, 0x101, 0x80000001})
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x2760c000) (async)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) (async)
r8 = fsopen(&(0x7f0000000280)='cifs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0) (async)
setsockopt$bt_BT_POWER(r6, 0x112, 0x9, 0x0, 0x39) (async)
r9 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_QUERYBUF(r0, 0xc04c5609, &(0x7f0000000080)=@overlay={0xf83, 0xa, 0x4, 0x10, 0x0, {0x0, 0x2710}, {0x3, 0x0, 0x1, 0x3, 0x4e, 0x1, "72380fe0"}, 0x7, 0x3, {}, 0x8, 0x0, r9})

1.357659209s ago: executing program 1 (id=3062):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYRES8=r2], 0x80}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
r4 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$sock_cred(r4, 0x1, 0x38, 0x0, &(0x7f0000003b40))
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newqdisc={0x2c, 0x24, 0xd10, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0xf, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x24, 0x8}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x55}, 0x4000)

1.346410976s ago: executing program 2 (id=3063):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x1a, 0x3, 0x5)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x1e, 0x201, 0x0, 0x2}, 0x18}}, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="9fcf"], 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32333b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f347cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea56777e001cd34e5cb2f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf054135bbafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd731a0bfc1cb1a4c78f9ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b01979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e49336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba80900000000000000d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0}) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000028000000b7080000000000007b8af8ff00000000b70000000800000000bfa100000000000007010000f80000000000fff7b70200"/73, @ANYRES32, @ANYBLOB="0000000000002000b70500000800000085000000a50000009500000000000000"], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000700000000000000008000008500000075000000950000004b000000"], 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x100}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000011}, 0x0) (async)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 64)
r9 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) (rerun: 64)
close(r9) (async)
ioctl$sock_SIOCSIFBR(r8, 0x8941, &(0x7f00000000c0)=@get={0x1, &(0x7f00000003c0)=""/108, 0xe})
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r10=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$TIOCVHANGUP(r9, 0x5437, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETCRTC(r9, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r10, <r11=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r9, 0xc06864ce, &(0x7f0000000600)={r11, 0x0, 0x1000, 0x10000, 0x3, [<r12=>0x0, 0x0, 0x0, <r13=>0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r9, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r12, 0x0, 0x0, r13], [0x401, 0xff], [0x0, 0x0, 0x0, 0x1]}) (async)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r9, 0x13, &(0x7f0000000080)=[0x0, 0x4], 0x2) (async)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7}) (async)
ioctl$sock_netdev_private(r8, 0x8949, &(0x7f0000000000)) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0x2, 0xb}, {0xd, 0xfff3}}}, 0x24}}, 0x4008000)

1.323916434s ago: executing program 1 (id=3064):
mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080), 0x81)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x82)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f00000001c0))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000300)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3}})
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x4, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
syz_emit_ethernet(0x2ae, &(0x7f00000007c0)={@local, @random="000000010090", @val={@val={0x88a8, 0x3, 0x0, 0x4}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv6={0x86dd, @tipc_packet={0x2, 0x6, "936efc", 0x270, 0x6, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@hopopts={0xea, 0x18, '\x00', [@jumbo={0xc2, 0x4, 0x18c}, @generic={0x5, 0x9c, "216320a19814ca90b249e92af531611a3fb0efede118af8270c985a9bf892856678df0836b135334f5d16847849f366113c0a0111a90fdda6357afbcba77c1074b5a7ae97a34e07fa915760129ee064e65cec532543125eda82a1b19109e08a259eb85f5312c0bd1087840f4ae00666ea45935320237d7c116305794d6f2b3cfa88809be7ded383a6f31cba01bf93cb1dadb1133834b45b499ee83f3"}, @jumbo={0xc2, 0x4, 0x6}, @jumbo={0xc2, 0x4, 0x8}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0xa00}, @jumbo={0xc2, 0x4, 0x7}]}, @hopopts={0x29, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x3}]}, @fragment={0x89, 0x0, 0xf7, 0x0, 0x0, 0x0, 0x68}, @dstopts={0x0, 0x5, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0x5, 0x9, [0x9, 0x8, 0x9, 0xfff]}}, @padn={0x1, 0x2, [0x0, 0x0]}]}, @hopopts={0x67, 0xe, '\x00', [@calipso={0x7, 0x70, {0x3, 0x1a, 0x9, 0x8, [0x7, 0xf, 0x8, 0x1000, 0x6, 0xffffffff, 0x2, 0x6, 0x1000, 0x8000000000000001, 0x1, 0x100000000, 0x4]}}]}], @name_distributor={{0xd0, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x3, 0x0, 0x0, 0x9a2, 0x7, 0x3, 0x4e22, 0x4e22, 0x2}, [{0x200, 0x1000, 0x8001, 0x2, 0x4, 0x9, 0xa}, {0xf35c, 0x10000, 0x7ff, 0x1, 0xac2f, 0x7, 0x0, 0x7fff}, {0x1, 0x1000, 0x5, 0x80, 0x2, 0x1, 0x5, 0x1}, {0xffffffff, 0x8, 0x80, 0x3, 0x0, 0x100, 0x4, 0x3ff}, {0x5, 0x4, 0x8, 0x10000, 0x65e9, 0x0, 0xe, 0x4}, {0x2, 0x101, 0x8, 0xe8, 0x5a, 0x4, 0x8, 0x2}]}}}}}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000008500000011f70001850000000500000095000000000000006d55c9620a3cb9a0e6c7ea445e093a6a52db3569a89c3e24a45bb04f922d874dbe070b7c83047e3054f89f01796f9166d2f8cdcf7fec105a86ccb7a575368c185f1e5d24e7ceeb573cd06cfabdbd3b5fda3582d29eb3fcb0a0c8a5c9271c11160d23577c80565c68f62874a03e63ed"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

1.301046208s ago: executing program 3 (id=3065):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0xf, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)

1.270553728s ago: executing program 3 (id=3066):
r0 = add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)={0x2, 0x0, @a}, 0x48, 0xfffffffffffffffb)
keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f0000000140)='\x00', 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000000)={0x79, 0x0, 0x52f})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC(r3, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="08000000000000009000004000"])
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r4, &(0x7f00000004c0)={{0x6, @rose, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)

1.221984304s ago: executing program 0 (id=3067):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x6, 0x36, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d", @ANYRES64], 0xf8)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000001000)={0x10, 0x140d, 0xe3263c25d365e57d, 0x70bd2a, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x50)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @mcast2}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
bind$netlink(r2, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020080000900020073797a31000000000800044000000000090075c585010073797a3000000000080003400000000a140000001100010000000000000000000000000ad8439a3540fd8ff6dee6969812c288a5b5c74a65734059ad60708f139f7375b08950b3135e6e2a718a66f03097e413bc5b21d4aeae03372149f42b96c089245dfd5fd2f48c1a32a36663e4047838ee61338f66c6e2b7417542279746"], 0x64}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
unshare(0x2040400)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCSIFHWADDR(r4, 0x8931, &(0x7f0000000000)={'wlan0\x00'})
socket$inet6(0xa, 0x5, 0x0)

1.21521901s ago: executing program 1 (id=3068):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001300), 0x28200, 0x0)
r1 = dup(r0)
r2 = syz_io_uring_setup(0xc0f, &(0x7f00000000c0)={0x0, 0x6efd, 0x80, 0xffffffff, 0x1a}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x41}, {[@lsrr={0x83, 0x7, 0xd7, [@multicast2]}, @cipso={0x86, 0x6}]}}, {{0x4e20, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

1.087685924s ago: executing program 1 (id=3069):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xffffffff, 0x400, 0x7fff, 0x9, 0x4, 0x0, 0x0, 0x70d0db32, 0x8}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x4040010) (fail_nth: 2)

967.956733ms ago: executing program 3 (id=3070):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
io_uring_setup(0x5ef9, &(0x7f0000000000))
r1 = socket$inet6(0x10, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r2 = syz_open_dev$usbmon(&(0x7f0000000300), 0x0, 0x2100)
ioctl$MON_IOCQ_URB_LEN(r2, 0x9201)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0xfc}]}, 0x8)
sendmmsg$inet(r3, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f00000000c0)={"000600", 0x4, 0x6, 0x2, 0x0, 0x4, "0000000000f4ff00", '\x00\x00\a\x00', "0300", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", "ff81000000008000"]})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800000000fddbdf7700000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r9, @ANYBLOB="08001b00000000"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_io_uring_setup(0x7418, &(0x7f0000000240)={0x0, 0x4cfb, 0x80, 0x3, 0x135}, &(0x7f00000000c0)=<r11=>0x0, &(0x7f0000000080)=<r12=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r11, r12, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00'})
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00', 0x6, 0xfffffffffffffffe)

104.339046ms ago: executing program 3 (id=3071):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xffffffff, 0x400, 0x7fff, 0x9, 0x4, 0x0, 0x0, 0x70d0db32, 0x8}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x4040010)
openat$dlm_plock(0xffffff9c, &(0x7f0000000000), 0x10000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000580)='1\x00', 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x3)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d7"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1802"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r6}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x24, r7, 0x1, 0x0, 0x2000000, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r10}, 0x18)
dup(r9)

0s ago: executing program 1 (id=3072):
socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
socket(0x3, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_netdev_private(r0, 0x89f9, &(0x7f0000000680)="4fc31d1238d218f872c687caad0fe8dbe98d2ddaf1a00c8a8af1b653625132dc433cdd8ef0fb9d628a769d2b27ff4cec214a21ba22d5d52578fabb06d455ef63ea3e25f65fe5f4842f61c1370350f479c0e0fcc53d2312b56c1de60bf82ce953805e5b9effb028a0b1bd426c7a89159403f8b3f36d29990c5d4712ae0a991c7074093630e8a3a871f80142e5d2ed13cec2f743e47a67760ca6b0f66b4d7db037b0ab10ed9821b6f2a4abb94cb62860c956eed6509069e4ce7f39a7a2d67376530b3ae5977185193215cd6334c8b31098a2a9f2ea32c2a373975c70cc3289f0cd479b92f6a1f2c71990e767d4")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="5000000010000104000000000200000000000000", @ANYRES32=0x0, @ANYBLOB="00800000bcb5f31a140003006272696467655f736c6176655f3000001c001a801800028014000180080012000b00000008001d0002000000ff2595000549fde4c72f6005951be1449e1ff97ab6af52ed8e98221dc1125638d7f009da749bdfa8e8c292438c7b980ef99c3786b24bb6fc04b53a43ac9241f8459728268f5d71c78954394918fb6a0127d361daa663013a6347dc96bcd740974b9454dae89670ccb24c97a37e41d9d9573a5fcd144d51d3344e176626cacbfe8d0fe6e09e4963b72fe5dc325d82226cca80a190e0eb50a4d5380f2a4632e43b784156799db0a7f5737d32ff5ced3f9c8e9465"], 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x44)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505330, &(0x7f0000000040)={{}, {0x18}, 0x0, 0x7})
chdir(&(0x7f0000000100)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
syz_io_uring_setup(0x117, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0/../file0\x00')
sched_setattr(0x0, 0x0, 0x0)
fsetxattr$security_capability(r1, 0x0, 0x0, 0xfffffe04, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

17770]  should_fail_ex+0x512/0x640
[  791.288991][T17770]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  791.289016][T17770]  should_failslab+0xc2/0x120
[  791.289040][T17770]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  791.289062][T17770]  ? ptlock_alloc+0x1f/0x70
[  791.289085][T17770]  ptlock_alloc+0x1f/0x70
[  791.289102][T17770]  pte_alloc_one+0x82/0x3a0
[  791.289123][T17770]  __pte_alloc+0x6d/0x3c0
[  791.289153][T17770]  ? __pfx___pte_alloc+0x10/0x10
[  791.289176][T17770]  ? __lock_acquire+0x62e/0x1ce0
[  791.289207][T17770]  do_pte_missing+0x285a/0x3ba0
[  791.289237][T17770]  __handle_mm_fault+0x152a/0x2a50
[  791.289260][T17770]  ? mt_find+0x3ef/0xa30
[  791.289287][T17770]  ? __pfx___handle_mm_fault+0x10/0x10
[  791.289304][T17770]  ? __pfx_mt_find+0x10/0x10
[  791.289346][T17770]  ? find_vma+0xbf/0x140
[  791.289368][T17770]  ? __pfx_find_vma+0x10/0x10
[  791.289394][T17770]  handle_mm_fault+0x589/0xd10
[  791.289414][T17770]  ? __bpf_trace_exceptions+0x1/0x40
[  791.289443][T17770]  do_user_addr_fault+0x7a6/0x1370
[  791.289473][T17770]  ? rcu_is_watching+0x12/0xc0
[  791.289496][T17770]  exc_page_fault+0x5c/0xb0
[  791.289518][T17770]  asm_exc_page_fault+0x26/0x30
[  791.289536][T17770] RIP: 0010:rep_stos_alternative+0x40/0x80
[  791.289564][T17770] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  791.289580][T17770] RSP: 0018:ffffc900044c7cb8 EFLAGS: 00050246
[  791.289597][T17770] RAX: 0000000000000000 RBX: 000000007f800000 RCX: 0000000000000040
[  791.289607][T17770] RDX: ffff888023f32440 RSI: ffffffff856541b6 RDI: 0000000080800000
[  791.289619][T17770] RBP: 0000000000001000 R08: 6e3da4e5b782f7c8 R09: 0000000000000001
[  791.289629][T17770] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888023f32440
[  791.289640][T17770] R13: 00007ffffffff000 R14: ffffed10047e6488 R15: 00000000807ff040
[  791.289661][T17770]  ? read_zero+0xc6/0x250
[  791.289690][T17770]  read_zero+0xd6/0x250
[  791.289716][T17770]  ? __pfx_read_zero+0x10/0x10
[  791.289742][T17770]  vfs_read+0x1e4/0xcf0
[  791.289769][T17770]  ? __pfx_vfs_read+0x10/0x10
[  791.289787][T17770]  ? find_held_lock+0x2b/0x80
[  791.289806][T17770]  ? __fget_files+0x204/0x3c0
[  791.289831][T17770]  ? __fget_files+0x20e/0x3c0
[  791.289848][T17770]  ? handle_mm_fault+0x290/0xd10
[  791.289875][T17770]  ksys_read+0x12a/0x250
[  791.289894][T17770]  ? __pfx_ksys_read+0x10/0x10
[  791.289918][T17770]  ? rcu_is_watching+0x12/0xc0
[  791.289956][T17770]  __do_fast_syscall_32+0x7c/0x3a0
[  791.289983][T17770]  do_fast_syscall_32+0x32/0x80
[  791.290007][T17770]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  791.290028][T17770] RIP: 0023:0xf7f08579
[  791.290042][T17770] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  791.290058][T17770] RSP: 002b:00000000f540555c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  791.290074][T17770] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  791.290085][T17770] RDX: 00000000ffffff96 RSI: 0000000000000000 RDI: 0000000000000000
[  791.290095][T17770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  791.290106][T17770] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  791.290116][T17770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  791.290148][T17770]  </TASK>
[  792.387515][T17785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2651'.
[  792.425663][T17786] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  792.659897][T16596] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  792.809707][T16572] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  792.895981][T16391] Bluetooth: hci0: command 0x1003 tx timeout
[  792.899121][ T5977] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  793.046266][ T5979] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  793.049974][ T5977] Bluetooth: hci5: command 0x1003 tx timeout
[  793.397269][T17799] FAULT_INJECTION: forcing a failure.
[  793.397269][T17799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.401589][T17799] CPU: 3 UID: 0 PID: 17799 Comm: syz.3.2654 Not tainted syzkaller #0 PREEMPT(full) 
[  793.401614][T17799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  793.401625][T17799] Call Trace:
[  793.401633][T17799]  <TASK>
[  793.401642][T17799]  dump_stack_lvl+0x16c/0x1f0
[  793.401670][T17799]  should_fail_ex+0x512/0x640
[  793.401698][T17799]  _copy_from_user+0x2e/0xd0
[  793.401727][T17799]  kstrtouint_from_user+0xd6/0x1d0
[  793.401745][T17799]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  793.401757][T17799]  ? __lock_acquire+0xb97/0x1ce0
[  793.401774][T17799]  ? __bpf_trace_contention_end+0xc9/0x110
[  793.401793][T17799]  proc_fail_nth_write+0x83/0x220
[  793.401805][T17799]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  793.401821][T17799]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  793.401831][T17799]  vfs_write+0x29d/0x11d0
[  793.401848][T17799]  ? __pfx_vfs_write+0x10/0x10
[  793.401858][T17799]  ? find_held_lock+0x2b/0x80
[  793.401873][T17799]  ? __fget_files+0x20e/0x3c0
[  793.401890][T17799]  ksys_write+0x12a/0x250
[  793.401902][T17799]  ? __pfx_ksys_write+0x10/0x10
[  793.401915][T17799]  ? rcu_is_watching+0x12/0xc0
[  793.401929][T17799]  __do_fast_syscall_32+0x7c/0x3a0
[  793.401959][T17799]  do_fast_syscall_32+0x32/0x80
[  793.401974][T17799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  793.401987][T17799] RIP: 0023:0xf7f08579
[  793.401997][T17799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  793.402008][T17799] RSP: 002b:00000000f5405590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  793.402020][T17799] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5405620
[  793.402026][T17799] RDX: 0000000000000001 RSI: 00000000f7394ff4 RDI: 0000000000000000
[  793.402033][T17799] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  793.402039][T17799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  793.402045][T17799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  793.402060][T17799]  </TASK>
[  793.718527][T17804] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  794.063129][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  794.063146][   T40] audit: type=1326 audit(1755898487.816:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.075034][   T40] audit: type=1326 audit(1755898487.816:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.083987][   T40] audit: type=1326 audit(1755898487.816:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.093662][   T40] audit: type=1326 audit(1755898487.816:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.101632][   T40] audit: type=1326 audit(1755898487.816:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.109028][   T40] audit: type=1326 audit(1755898487.816:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.116286][   T40] audit: type=1326 audit(1755898487.836:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.124048][   T40] audit: type=1326 audit(1755898487.836:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.131669][   T40] audit: type=1326 audit(1755898487.836:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.138587][   T40] audit: type=1326 audit(1755898487.836:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.2660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  794.695525][ T5977] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  794.695562][ T5977] Bluetooth: hci2: adv larger than maximum supported
[  794.698264][ T5977] Bluetooth: hci2: Malformed LE Event: 0x0d
[  794.719803][T17821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2662'.
[  794.914991][ T6057] kernel write not supported for file /input/mouse0 (pid: 6057 comm: kworker/0:4)
[  795.384671][T17841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2668'.
[  795.786907][T17849] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  795.789358][T17849] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  795.793334][T17849] vhci_hcd vhci_hcd.0: Device attached
[  795.894437][T17849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2668'.
[  796.098966][ T6057] usb 40-1: SetAddress Request (2) to port 0
[  796.193170][T17860] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  796.291478][T17850] vhci_hcd: connection closed
[  796.291696][T16607] vhci_hcd: stop threads
[  796.294922][T16607] vhci_hcd: release socket
[  796.296844][T16607] vhci_hcd: disconnect device
[  796.356601][ T6057] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  796.386431][ T6057] usb 40-1: enqueue for inactive port 0
[  796.811298][ T6057] usb usb40-port1: attempt power cycle
[  796.950768][T17866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2673'.
[  797.099870][T17873] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  797.411224][T17877] 9pnet_fd: Insufficient options for proto=fd
[  797.851821][ T6057] usb usb40-port1: unable to enumerate USB device
[  798.166618][T16571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  798.567883][T16599] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  800.385969][  T840] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  800.547444][  T840] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  800.551138][  T840] usb 5-1: config 0 has no interface number 0
[  800.553684][  T840] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  800.576351][  T840] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  800.580877][  T840] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  800.585075][  T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.597670][  T840] usb 5-1: config 0 descriptor??
[  800.601018][T17902] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  800.614603][  T840] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  800.813111][T17907] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  801.179303][    C2] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  801.182314][ T6115] usb 5-1: USB disconnect, device number 9
[  801.212670][T17912] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  801.894878][T17927] FAULT_INJECTION: forcing a failure.
[  801.894878][T17927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  801.899285][T17929] 8021q: VLANs not supported on gre0
[  801.899463][T17927] CPU: 3 UID: 0 PID: 17927 Comm: syz.0.2687 Not tainted syzkaller #0 PREEMPT(full) 
[  801.899477][T17927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  801.899484][T17927] Call Trace:
[  801.899488][T17927]  <TASK>
[  801.899493][T17927]  dump_stack_lvl+0x16c/0x1f0
[  801.899511][T17927]  should_fail_ex+0x512/0x640
[  801.899529][T17927]  _copy_from_iter+0x29f/0x1720
[  801.899550][T17927]  ? __pfx__copy_from_iter+0x10/0x10
[  801.899566][T17927]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  801.899587][T17927]  copy_page_from_iter+0xde/0x180
[  801.899604][T17927]  tun_build_skb.constprop.0+0x2e8/0x1500
[  801.899622][T17927]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  801.899636][T17927]  ? __lock_acquire+0x62e/0x1ce0
[  801.899661][T17927]  tun_get_user+0x14ae/0x3ce0
[  801.899679][T17927]  ? __pfx_tun_get_user+0x10/0x10
[  801.899691][T17927]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  801.899712][T17927]  ? find_held_lock+0x2b/0x80
[  801.899723][T17927]  ? tun_get+0x191/0x370
[  801.899742][T17927]  tun_chr_write_iter+0xdc/0x210
[  801.899755][T17927]  vfs_write+0x7d0/0x11d0
[  801.899768][T17927]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  801.899780][T17927]  ? __pfx_vfs_write+0x10/0x10
[  801.899791][T17927]  ? find_held_lock+0x2b/0x80
[  801.899811][T17927]  ksys_write+0x12a/0x250
[  801.899823][T17927]  ? __pfx_ksys_write+0x10/0x10
[  801.899836][T17927]  ? rcu_is_watching+0x12/0xc0
[  801.899849][T17927]  __do_fast_syscall_32+0x7c/0x3a0
[  801.899865][T17927]  do_fast_syscall_32+0x32/0x80
[  801.899878][T17927]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  801.899892][T17927] RIP: 0023:0xf7fd4579
[  801.899901][T17927] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  801.899911][T17927] RSP: 002b:00000000f54f6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  801.899921][T17927] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000100
[  801.899928][T17927] RDX: 000000000000002a RSI: 00000000f7464ff4 RDI: 0000000000000000
[  801.899934][T17927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  801.899940][T17927] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  801.899947][T17927] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  801.899972][T17927]  </TASK>
[  801.938738][T17933] FAULT_INJECTION: forcing a failure.
[  801.938738][T17933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  801.985676][T17933] CPU: 3 UID: 0 PID: 17933 Comm: syz.0.2690 Not tainted syzkaller #0 PREEMPT(full) 
[  801.985693][T17933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  801.985700][T17933] Call Trace:
[  801.985705][T17933]  <TASK>
[  801.985711][T17933]  dump_stack_lvl+0x16c/0x1f0
[  801.985730][T17933]  should_fail_ex+0x512/0x640
[  801.985750][T17933]  _copy_from_user+0x2e/0xd0
[  801.985769][T17933]  move_addr_to_kernel+0x65/0x170
[  801.985784][T17933]  __get_compat_msghdr+0x3f1/0x4d0
[  801.985800][T17933]  get_compat_msghdr+0xd2/0x170
[  801.985840][T17933]  ? __pfx_get_compat_msghdr+0x10/0x10
[  801.985856][T17933]  ? __pfx__kstrtoull+0x10/0x10
[  801.985873][T17933]  ___sys_sendmsg+0x1ae/0x1d0
[  801.985889][T17933]  ? __pfx____sys_sendmsg+0x10/0x10
[  801.985926][T17933]  __sys_sendmmsg+0x2f9/0x420
[  801.985944][T17933]  ? __pfx___sys_sendmmsg+0x10/0x10
[  801.985965][T17933]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  801.985989][T17933]  ? fput+0x9b/0xd0
[  801.986006][T17933]  ? ksys_write+0x1ac/0x250
[  801.986018][T17933]  ? __pfx_ksys_write+0x10/0x10
[  801.986035][T17933]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  801.986050][T17933]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  801.986067][T17933]  __do_fast_syscall_32+0x7c/0x3a0
[  801.986084][T17933]  do_fast_syscall_32+0x32/0x80
[  801.986100][T17933]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  801.986114][T17933] RIP: 0023:0xf7fd4579
[  801.986123][T17933] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  801.986134][T17933] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  801.986146][T17933] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000f40
[  801.986153][T17933] RDX: 0000000000068000 RSI: 0000000000000000 RDI: 0000000000000000
[  801.986160][T17933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  801.986166][T17933] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  801.986172][T17933] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  801.986187][T17933]  </TASK>
[  802.441712][T17955] FAULT_INJECTION: forcing a failure.
[  802.441712][T17955] name failslab, interval 1, probability 0, space 0, times 0
[  802.445828][T17955] CPU: 3 UID: 0 PID: 17955 Comm: syz.1.2697 Not tainted syzkaller #0 PREEMPT(full) 
[  802.445844][T17955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  802.445850][T17955] Call Trace:
[  802.445854][T17955]  <TASK>
[  802.445859][T17955]  dump_stack_lvl+0x16c/0x1f0
[  802.445877][T17955]  should_fail_ex+0x512/0x640
[  802.445906][T17955]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  802.445921][T17955]  should_failslab+0xc2/0x120
[  802.445935][T17955]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  802.445948][T17955]  ? __alloc_skb+0x2b2/0x380
[  802.445964][T17955]  __alloc_skb+0x2b2/0x380
[  802.445976][T17955]  ? __pfx___alloc_skb+0x10/0x10
[  802.445991][T17955]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  802.446009][T17955]  netlink_alloc_large_skb+0x69/0x130
[  802.446024][T17955]  netlink_sendmsg+0x6a1/0xdd0
[  802.446045][T17955]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.446062][T17955]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  802.446077][T17955]  ____sys_sendmsg+0xa98/0xc70
[  802.446089][T17955]  ? __pfx_____sys_sendmsg+0x10/0x10
[  802.446098][T17955]  ? get_compat_msghdr+0x11a/0x170
[  802.446118][T17955]  ___sys_sendmsg+0x134/0x1d0
[  802.446133][T17955]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.446154][T17955]  ? find_held_lock+0x2b/0x80
[  802.446176][T17955]  __sys_sendmsg+0x16d/0x220
[  802.446190][T17955]  ? __pfx___sys_sendmsg+0x10/0x10
[  802.446210][T17955]  ? rcu_is_watching+0x12/0xc0
[  802.446224][T17955]  __do_fast_syscall_32+0x7c/0x3a0
[  802.446240][T17955]  do_fast_syscall_32+0x32/0x80
[  802.446253][T17955]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.446266][T17955] RIP: 0023:0xf7f17579
[  802.446275][T17955] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  802.446286][T17955] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  802.446296][T17955] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080006040
[  802.446303][T17955] RDX: 0000000020040054 RSI: 0000000000000000 RDI: 0000000000000000
[  802.446317][T17955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  802.446325][T17955] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  802.446338][T17955] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  802.446359][T17955]  </TASK>
[  802.523770][T17957] 9pnet_fd: Insufficient options for proto=fd
[  802.709079][T17960] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2698'.
[  803.050347][T17974] FAULT_INJECTION: forcing a failure.
[  803.050347][T17974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  803.055076][T17974] CPU: 0 UID: 0 PID: 17974 Comm: syz.3.2701 Not tainted syzkaller #0 PREEMPT(full) 
[  803.055091][T17974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  803.055097][T17974] Call Trace:
[  803.055102][T17974]  <TASK>
[  803.055107][T17974]  dump_stack_lvl+0x16c/0x1f0
[  803.055136][T17974]  should_fail_ex+0x512/0x640
[  803.055156][T17974]  _copy_to_user+0x32/0xd0
[  803.055168][T17974]  simple_read_from_buffer+0xcb/0x170
[  803.055181][T17974]  proc_fail_nth_read+0x197/0x240
[  803.055193][T17974]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  803.055206][T17974]  ? rw_verify_area+0xcf/0x6c0
[  803.055217][T17974]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  803.055231][T17974]  vfs_read+0x1e4/0xcf0
[  803.055246][T17974]  ? __pfx_vfs_read+0x10/0x10
[  803.055257][T17974]  ? find_held_lock+0x2b/0x80
[  803.055272][T17974]  ? __fget_files+0x20e/0x3c0
[  803.055289][T17974]  ksys_read+0x12a/0x250
[  803.055300][T17974]  ? __pfx_ksys_read+0x10/0x10
[  803.055314][T17974]  ? rcu_is_watching+0x12/0xc0
[  803.055327][T17974]  __do_fast_syscall_32+0x7c/0x3a0
[  803.055343][T17974]  do_fast_syscall_32+0x32/0x80
[  803.055357][T17974]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  803.055371][T17974] RIP: 0023:0xf7f08579
[  803.055379][T17974] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  803.055390][T17974] RSP: 002b:00000000f53e4590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  803.055400][T17974] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f53e4620
[  803.055407][T17974] RDX: 000000000000000f RSI: 00000000f7394ff4 RDI: 0000000000000000
[  803.055413][T17974] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  803.055419][T17974] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  803.055425][T17974] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  803.055440][T17974]  </TASK>
[  803.295152][T17984] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  803.694048][T16572] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  803.751745][T17989] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  805.053851][T16607] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  805.113899][T18004] FAULT_INJECTION: forcing a failure.
[  805.113899][T18004] name failslab, interval 1, probability 0, space 0, times 0
[  805.126107][T18004] CPU: 0 UID: 0 PID: 18004 Comm: syz.3.2710 Not tainted syzkaller #0 PREEMPT(full) 
[  805.126131][T18004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.126142][T18004] Call Trace:
[  805.126148][T18004]  <TASK>
[  805.126157][T18004]  dump_stack_lvl+0x16c/0x1f0
[  805.126186][T18004]  should_fail_ex+0x512/0x640
[  805.126212][T18004]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  805.126235][T18004]  should_failslab+0xc2/0x120
[  805.126259][T18004]  __kmalloc_cache_noprof+0x6a/0x3e0
[  805.126284][T18004]  ? __lock_acquire+0xb97/0x1ce0
[  805.126307][T18004]  ? _parse_integer_limit+0x17f/0x1d0
[  805.126326][T18004]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  805.126348][T18004]  tcp_sendmsg_fastopen+0x24d/0x750
[  805.126372][T18004]  tcp_sendmsg_locked+0x23ff/0x42a0
[  805.126399][T18004]  ? __lock_acquire+0xb97/0x1ce0
[  805.126433][T18004]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  805.126453][T18004]  ? do_raw_spin_lock+0x12c/0x2b0
[  805.126479][T18004]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  805.126511][T18004]  ? __local_bh_enable_ip+0xa4/0x120
[  805.126535][T18004]  tcp_sendmsg+0x2e/0x50
[  805.126550][T18004]  ? __pfx_tcp_sendmsg+0x10/0x10
[  805.126566][T18004]  inet6_sendmsg+0xb9/0x140
[  805.126594][T18004]  __sys_sendto+0x376/0x520
[  805.126616][T18004]  ? __pfx___sys_sendto+0x10/0x10
[  805.126662][T18004]  ? ksys_write+0x1ac/0x250
[  805.126684][T18004]  ? __pfx_ksys_write+0x10/0x10
[  805.126708][T18004]  __ia32_sys_sendto+0xdd/0x1b0
[  805.126750][T18004]  ? lockdep_hardirqs_on+0x7c/0x110
[  805.126772][T18004]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  805.126797][T18004]  __do_fast_syscall_32+0x7c/0x3a0
[  805.126824][T18004]  do_fast_syscall_32+0x32/0x80
[  805.126846][T18004]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  805.126865][T18004] RIP: 0023:0xf7f08579
[  805.126877][T18004] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  805.126889][T18004] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  805.126905][T18004] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  805.126916][T18004] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000080000040
[  805.126926][T18004] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  805.126936][T18004] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  805.126946][T18004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  805.126970][T18004]  </TASK>
[  805.359622][T18013] bridge_slave_0: left allmulticast mode
[  805.361467][T18013] bridge_slave_0: left promiscuous mode
[  805.363375][T18013] bridge0: port 1(bridge_slave_0) entered disabled state
[  805.369381][T18013] bridge_slave_1: left allmulticast mode
[  805.371240][T18013] bridge_slave_1: left promiscuous mode
[  805.373166][T18013] bridge0: port 2(bridge_slave_1) entered disabled state
[  805.382219][T18013] bond0: (slave bond_slave_0): Releasing backup interface
[  805.392259][T18013] bond0: (slave bond_slave_1): Releasing backup interface
[  805.398813][T18015] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  805.409111][T18013] team0: Port device team_slave_0 removed
[  805.524293][T18013] team0: Port device team_slave_1 removed
[  805.629534][T18013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  805.635351][T18013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  805.648174][T18013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  805.650900][T18013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  805.804841][T18026] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  806.627731][T18035] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2719'.
[  807.018854][T18040] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  807.020996][T18040] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  807.025575][T18040] vhci_hcd vhci_hcd.0: Device attached
[  807.111286][T18045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2719'.
[  807.296099][   T24] usb 42-1: SetAddress Request (2) to port 0
[  807.299142][   T24] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  807.336306][T18049] syzkaller1: entered promiscuous mode
[  807.338692][T18049] syzkaller1: entered allmulticast mode
[  807.752396][T18041] vhci_hcd: connection reset by peer
[  807.754633][T16596] vhci_hcd: stop threads
[  807.757457][T16596] vhci_hcd: release socket
[  807.759458][T16596] vhci_hcd: disconnect device
[  808.169455][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  808.348536][T18066] trusted_key: syz.2.2725 sent an empty control message without MSG_MORE.
[  809.446229][T16599] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  809.909821][T18095] FAULT_INJECTION: forcing a failure.
[  809.909821][T18095] name failslab, interval 1, probability 0, space 0, times 0
[  809.929794][T18095] CPU: 0 UID: 0 PID: 18095 Comm: syz.3.2733 Not tainted syzkaller #0 PREEMPT(full) 
[  809.929821][T18095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  809.929831][T18095] Call Trace:
[  809.929837][T18095]  <TASK>
[  809.929845][T18095]  dump_stack_lvl+0x16c/0x1f0
[  809.929873][T18095]  should_fail_ex+0x512/0x640
[  809.929903][T18095]  ? fs_reclaim_acquire+0xae/0x150
[  809.929927][T18095]  ? tomoyo_encode2+0x100/0x3e0
[  809.929950][T18095]  should_failslab+0xc2/0x120
[  809.929974][T18095]  __kmalloc_noprof+0xd2/0x510
[  809.929994][T18095]  ? d_absolute_path+0x136/0x1a0
[  809.930023][T18095]  tomoyo_encode2+0x100/0x3e0
[  809.930051][T18095]  tomoyo_encode+0x29/0x50
[  809.930075][T18095]  tomoyo_realpath_from_path+0x18f/0x6e0
[  809.930107][T18095]  tomoyo_path_number_perm+0x245/0x580
[  809.930127][T18095]  ? tomoyo_path_number_perm+0x237/0x580
[  809.930149][T18095]  ? finish_task_switch.isra.0+0x134/0xc10
[  809.930168][T18095]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  809.930188][T18095]  ? rcu_is_watching+0x12/0xc0
[  809.930235][T18095]  ? find_held_lock+0x2b/0x80
[  809.930252][T18095]  ? hook_file_ioctl_common+0x145/0x410
[  809.930282][T18095]  ? __fget_files+0x20e/0x3c0
[  809.930307][T18095]  security_file_ioctl_compat+0x9b/0x240
[  809.930346][T18095]  __ia32_compat_sys_ioctl+0xc3/0x370
[  809.930379][T18095]  __do_fast_syscall_32+0x7c/0x3a0
[  809.930405][T18095]  do_fast_syscall_32+0x32/0x80
[  809.930428][T18095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  809.930447][T18095] RIP: 0023:0xf7f08579
[  809.930461][T18095] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  809.930479][T18095] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  809.930495][T18095] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080045519
[  809.930506][T18095] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  809.930516][T18095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  809.930527][T18095] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  809.930537][T18095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  809.930562][T18095]  </TASK>
[  809.933009][T18095] ERROR: Out of memory at tomoyo_realpath_from_path.
[  810.651992][T18105] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  810.787302][T16572] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  811.360878][T18113] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  812.329659][   T24] usb 42-1: device descriptor read/8, error -110
[  812.594351][T18144] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  813.199404][T18146] FAULT_INJECTION: forcing a failure.
[  813.199404][T18146] name failslab, interval 1, probability 0, space 0, times 0
[  813.204664][T18146] CPU: 1 UID: 0 PID: 18146 Comm: syz.1.2741 Not tainted syzkaller #0 PREEMPT(full) 
[  813.204687][T18146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  813.204699][T18146] Call Trace:
[  813.204706][T18146]  <TASK>
[  813.204715][T18146]  dump_stack_lvl+0x16c/0x1f0
[  813.204743][T18146]  should_fail_ex+0x512/0x640
[  813.204768][T18146]  ? fs_reclaim_acquire+0xae/0x150
[  813.204796][T18146]  ? tomoyo_encode2+0x100/0x3e0
[  813.204820][T18146]  should_failslab+0xc2/0x120
[  813.204843][T18146]  __kmalloc_noprof+0xd2/0x510
[  813.204864][T18146]  ? d_absolute_path+0x136/0x1a0
[  813.204896][T18146]  tomoyo_encode2+0x100/0x3e0
[  813.204923][T18146]  tomoyo_encode+0x29/0x50
[  813.204947][T18146]  tomoyo_realpath_from_path+0x18f/0x6e0
[  813.204980][T18146]  tomoyo_path_number_perm+0x245/0x580
[  813.205001][T18146]  ? tomoyo_path_number_perm+0x237/0x580
[  813.205025][T18146]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  813.205078][T18146]  ? find_held_lock+0x2b/0x80
[  813.205097][T18146]  ? hook_file_ioctl_common+0x145/0x410
[  813.205128][T18146]  ? __fget_files+0x20e/0x3c0
[  813.205158][T18146]  security_file_ioctl_compat+0x9b/0x240
[  813.205184][T18146]  __ia32_compat_sys_ioctl+0xc3/0x370
[  813.205216][T18146]  __do_fast_syscall_32+0x7c/0x3a0
[  813.205243][T18146]  do_fast_syscall_32+0x32/0x80
[  813.205266][T18146]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  813.205288][T18146] RIP: 0023:0xf7f17579
[  813.205302][T18146] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  813.205318][T18146] RSP: 002b:00000000f541555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  813.205335][T18146] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000005408
[  813.205346][T18146] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  813.205357][T18146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  813.205366][T18146] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  813.205376][T18146] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  813.205403][T18146]  </TASK>
[  813.205423][T18146] ERROR: Out of memory at tomoyo_realpath_from_path.
[  813.406323][   T24] usb usb42-port1: attempt power cycle
[  813.475549][T18154] fuse: Unknown parameter 'ÿ00000000000000000003'
[  813.566883][T18157] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2748'.
[  813.977289][   T24] usb usb42-port1: unable to enumerate USB device
[  814.336820][T18169] FAULT_INJECTION: forcing a failure.
[  814.336820][T18169] name failslab, interval 1, probability 0, space 0, times 0
[  814.341705][T18169] CPU: 3 UID: 0 PID: 18169 Comm: syz.0.2751 Not tainted syzkaller #0 PREEMPT(full) 
[  814.341728][T18169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  814.341739][T18169] Call Trace:
[  814.341746][T18169]  <TASK>
[  814.341753][T18169]  dump_stack_lvl+0x16c/0x1f0
[  814.341779][T18169]  should_fail_ex+0x512/0x640
[  814.341801][T18169]  ? fs_reclaim_acquire+0xae/0x150
[  814.341827][T18169]  ? tomoyo_encode2+0x100/0x3e0
[  814.341848][T18169]  should_failslab+0xc2/0x120
[  814.341870][T18169]  __kmalloc_noprof+0xd2/0x510
[  814.341914][T18169]  tomoyo_encode2+0x100/0x3e0
[  814.341939][T18169]  tomoyo_encode+0x29/0x50
[  814.341960][T18169]  tomoyo_realpath_from_path+0x18f/0x6e0
[  814.341984][T18169]  ? tomoyo_profile+0x47/0x60
[  814.342002][T18169]  tomoyo_path_number_perm+0x245/0x580
[  814.342020][T18169]  ? tomoyo_path_number_perm+0x237/0x580
[  814.342041][T18169]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  814.342088][T18169]  ? find_held_lock+0x2b/0x80
[  814.342104][T18169]  ? hook_file_ioctl_common+0x145/0x410
[  814.342136][T18169]  ? __fget_files+0x20e/0x3c0
[  814.342159][T18169]  security_file_ioctl_compat+0x9b/0x240
[  814.342182][T18169]  __ia32_compat_sys_ioctl+0xc3/0x370
[  814.342211][T18169]  __do_fast_syscall_32+0x7c/0x3a0
[  814.342235][T18169]  do_fast_syscall_32+0x32/0x80
[  814.342257][T18169]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  814.342276][T18169] RIP: 0023:0xf7fd4579
[  814.342289][T18169] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  814.342303][T18169] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  814.342319][T18169] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541b
[  814.342330][T18169] RDX: 0000000080000640 RSI: 0000000000000000 RDI: 0000000000000000
[  814.342340][T18169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  814.342349][T18169] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  814.342359][T18169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  814.342383][T18169]  </TASK>
[  814.342415][T18169] ERROR: Out of memory at tomoyo_realpath_from_path.
[  814.540916][T16567] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  814.897378][T18180] 9pnet_fd: Insufficient options for proto=fd
[  816.279270][T18204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2758'.
[  816.282939][T18204] bridge_slave_1: left allmulticast mode
[  816.285242][T18204] bridge_slave_1: left promiscuous mode
[  816.288857][T18204] bridge0: port 2(bridge_slave_1) entered disabled state
[  816.422497][T18204] bridge_slave_0: left allmulticast mode
[  816.425037][T18204] bridge_slave_0: left promiscuous mode
[  816.428215][T18204] bridge0: port 1(bridge_slave_0) entered disabled state
[  816.486318][T16567] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  816.563411][T18208] input: syz0 as /devices/virtual/input/input12
[  817.018082][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  817.018114][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  817.021736][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  817.043501][T18219] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2764'.
[  817.160615][T18224] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  817.178280][ T6017] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  817.383744][ T6017] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  817.387063][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  817.391013][ T6017] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  817.412805][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  817.440542][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  817.461532][ T6017] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  817.471174][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  817.484922][ T6017] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  817.501299][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  817.521949][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  817.549172][ T6017] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  817.576375][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  817.604212][ T6017] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  817.621669][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  817.641782][ T6017] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  817.677668][ T6017] usb 6-1: string descriptor 0 read error: -22
[  817.685721][ T6017] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  817.704581][ T6017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.914797][ T6017] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  817.975570][T18229] bridge_slave_0: left allmulticast mode
[  817.977726][T18229] bridge_slave_0: left promiscuous mode
[  817.979945][T18229] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.001353][T18215] FAULT_INJECTION: forcing a failure.
[  818.001353][T18215] name failslab, interval 1, probability 0, space 0, times 0
[  818.012284][T18215] CPU: 3 UID: 0 PID: 18215 Comm: syz.1.2763 Not tainted syzkaller #0 PREEMPT(full) 
[  818.012309][T18215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  818.012320][T18215] Call Trace:
[  818.012327][T18215]  <TASK>
[  818.012334][T18215]  dump_stack_lvl+0x16c/0x1f0
[  818.012361][T18215]  should_fail_ex+0x512/0x640
[  818.012383][T18215]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  818.012403][T18215]  should_failslab+0xc2/0x120
[  818.012427][T18215]  __kmalloc_cache_noprof+0x6a/0x3e0
[  818.012445][T18215]  ? dummy_urb_enqueue+0xa3/0x920
[  818.012473][T18215]  dummy_urb_enqueue+0xa3/0x920
[  818.012491][T18215]  ? usb_hcd_map_urb_for_dma+0x359/0x1360
[  818.012517][T18215]  usb_hcd_submit_urb+0x25b/0x1c60
[  818.012544][T18215]  usb_submit_urb+0x890/0x1770
[  818.012568][T18215]  ? mark_held_locks+0x49/0x80
[  818.012589][T18215]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  818.012612][T18215]  adu_read+0x91c/0x1800
[  818.012642][T18215]  ? __pfx_adu_read+0x10/0x10
[  818.012665][T18215]  ? __pfx_default_wake_function+0x10/0x10
[  818.012683][T18215]  ? bpf_lsm_file_permission+0x9/0x10
[  818.012706][T18215]  ? security_file_permission+0x71/0x210
[  818.012729][T18215]  ? rw_verify_area+0xcf/0x6c0
[  818.012745][T18215]  ? __pfx_adu_read+0x10/0x10
[  818.012767][T18215]  vfs_read+0x1e4/0xcf0
[  818.012800][T18215]  ? __pfx_vfs_read+0x10/0x10
[  818.012816][T18215]  ? find_held_lock+0x2b/0x80
[  818.012833][T18215]  ? __fget_files+0x204/0x3c0
[  818.012856][T18215]  ? __fget_files+0x20e/0x3c0
[  818.012871][T18215]  ? __fget_files+0x140/0x3c0
[  818.012897][T18215]  ksys_pread64+0x161/0x1a0
[  818.012917][T18215]  ? __pfx_ksys_pread64+0x10/0x10
[  818.012938][T18215]  ? rcu_is_watching+0x12/0xc0
[  818.012958][T18215]  __do_fast_syscall_32+0x7c/0x3a0
[  818.012982][T18215]  do_fast_syscall_32+0x32/0x80
[  818.013002][T18215]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  818.013023][T18215] RIP: 0023:0xf7f17579
[  818.013036][T18215] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  818.013050][T18215] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4
[  818.013067][T18215] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  818.013077][T18215] RDX: 0000000000000088 RSI: 0000000000000400 RDI: 0000000000000000
[  818.013087][T18215] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  818.013096][T18215] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  818.013105][T18215] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  818.013129][T18215]  </TASK>
[  818.104096][    C3] vkms_vblank_simulate: vblank timer overrun
[  818.394431][T18229] bridge_slave_1: left allmulticast mode
[  818.434237][T18229] bridge_slave_1: left promiscuous mode
[  818.453968][T18229] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.510077][T18229] bond0: (slave bond_slave_0): Releasing backup interface
[  818.602027][T18229] bond0: (slave bond_slave_1): Releasing backup interface
[  818.884488][T18229] team0: Port device team_slave_0 removed
[  819.149636][T18229] team0: Port device team_slave_1 removed
[  819.172601][T18229] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  819.175113][T18229] batman_adv: batadv0: Removing interface: batadv_slave_0
[  819.214956][T18229] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  819.221250][T18229] batman_adv: batadv0: Removing interface: batadv_slave_1
[  819.627232][T16876] usb 6-1: USB disconnect, device number 7
[  819.696961][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  821.639382][T18274] FAULT_INJECTION: forcing a failure.
[  821.639382][T18274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  821.643456][T18274] CPU: 3 UID: 0 PID: 18274 Comm: syz.3.2776 Not tainted syzkaller #0 PREEMPT(full) 
[  821.643481][T18274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  821.643489][T18274] Call Trace:
[  821.643494][T18274]  <TASK>
[  821.643499][T18274]  dump_stack_lvl+0x16c/0x1f0
[  821.643517][T18274]  should_fail_ex+0x512/0x640
[  821.643535][T18274]  _copy_from_user+0x2e/0xd0
[  821.643552][T18274]  get_compat_msghdr+0xa7/0x170
[  821.643565][T18274]  ? __pfx_get_compat_msghdr+0x10/0x10
[  821.643580][T18274]  ? __pfx__kstrtoull+0x10/0x10
[  821.643595][T18274]  ___sys_sendmsg+0x1ae/0x1d0
[  821.643611][T18274]  ? __pfx____sys_sendmsg+0x10/0x10
[  821.643645][T18274]  __sys_sendmmsg+0x2f9/0x420
[  821.643661][T18274]  ? __pfx___sys_sendmmsg+0x10/0x10
[  821.643680][T18274]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  821.643701][T18274]  ? fput+0x9b/0xd0
[  821.643716][T18274]  ? ksys_write+0x1ac/0x250
[  821.643728][T18274]  ? __pfx_ksys_write+0x10/0x10
[  821.643743][T18274]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  821.643757][T18274]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  821.643772][T18274]  __do_fast_syscall_32+0x7c/0x3a0
[  821.643788][T18274]  do_fast_syscall_32+0x32/0x80
[  821.643802][T18274]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  821.643820][T18274] RIP: 0023:0xf7f08579
[  821.643828][T18274] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  821.643838][T18274] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  821.643849][T18274] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  821.643855][T18274] RDX: 0000000000000001 RSI: 00000000400c4804 RDI: 0000000000000000
[  821.643861][T18274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  821.643868][T18274] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  821.643877][T18274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  821.643898][T18274]  </TASK>
[  821.710439][ T5977] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  821.710457][ T5977] Bluetooth: hci3: adv larger than maximum supported
[  821.712698][ T5977] Bluetooth: hci3: Malformed LE Event: 0x0d
[  821.723381][T18275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2777'.
[  822.262083][T16567] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  822.364676][T18282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  823.096790][T16422] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  823.263955][T16422] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  823.280427][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  823.301895][T16422] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  823.331279][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  823.365127][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  823.406998][T16422] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  823.435061][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  823.507756][T16422] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  823.540919][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  823.560963][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  823.584389][T16422] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  823.599505][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  823.603767][T16422] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  823.611775][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  823.618904][T16422] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  825.090501][T18300] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  825.460556][T16607] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  825.957525][T16422] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  825.960909][T16422] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.965595][T18309] bridge_slave_0: left allmulticast mode
[  825.974057][T18309] bridge_slave_0: left promiscuous mode
[  825.977098][T18309] bridge0: port 1(bridge_slave_0) entered disabled state
[  826.034409][T16422] usb 5-1: can't set config #168, error -71
[  826.044423][T16422] usb 5-1: USB disconnect, device number 10
[  826.055201][T18309] bridge_slave_1: left allmulticast mode
[  826.058756][T18309] bridge_slave_1: left promiscuous mode
[  826.063001][T18309] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.071595][T18309] bond0: (slave bond_slave_0): Releasing backup interface
[  826.079697][T18309] bond0: (slave bond_slave_1): Releasing backup interface
[  826.095938][T18309] team0: Port device team_slave_0 removed
[  826.103856][T18309] team0: Port device team_slave_1 removed
[  826.108364][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  826.111094][T18309] batman_adv: batadv0: Removing interface: batadv_slave_0
[  826.115129][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  826.118965][T18309] batman_adv: batadv0: Removing interface: batadv_slave_1
[  826.948218][ T5977] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  828.037254][ T6118] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  828.344466][T18343] fuse: Unknown parameter 'rootmOde'
[  829.389324][T18346] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.2794'.
[  829.745797][T18361] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  829.874595][T18371] FAULT_INJECTION: forcing a failure.
[  829.874595][T18371] name failslab, interval 1, probability 0, space 0, times 0
[  829.881682][T18371] CPU: 0 UID: 0 PID: 18371 Comm: syz.2.2802 Not tainted syzkaller #0 PREEMPT(full) 
[  829.881709][T18371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  829.881718][T18371] Call Trace:
[  829.881725][T18371]  <TASK>
[  829.881747][T18371]  dump_stack_lvl+0x16c/0x1f0
[  829.881781][T18371]  should_fail_ex+0x512/0x640
[  829.881807][T18371]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  829.881830][T18371]  should_failslab+0xc2/0x120
[  829.881854][T18371]  __kmalloc_cache_noprof+0x6a/0x3e0
[  829.881873][T18371]  ? __lock_acquire+0xb97/0x1ce0
[  829.881895][T18371]  ? _parse_integer_limit+0x17f/0x1d0
[  829.881918][T18371]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  829.881941][T18371]  tcp_sendmsg_fastopen+0x24d/0x750
[  829.881966][T18371]  tcp_sendmsg_locked+0x23ff/0x42a0
[  829.882006][T18371]  ? __lock_acquire+0xb97/0x1ce0
[  829.882040][T18371]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  829.882061][T18371]  ? do_raw_spin_lock+0x12c/0x2b0
[  829.882088][T18371]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  829.882121][T18371]  ? __local_bh_enable_ip+0xa4/0x120
[  829.882148][T18371]  tcp_sendmsg+0x2e/0x50
[  829.882164][T18371]  ? __pfx_tcp_sendmsg+0x10/0x10
[  829.882182][T18371]  inet_sendmsg+0xb9/0x140
[  829.882202][T18371]  __sys_sendto+0x43c/0x520
[  829.882226][T18371]  ? __pfx___sys_sendto+0x10/0x10
[  829.882274][T18371]  ? ksys_write+0x1ac/0x250
[  829.882295][T18371]  ? __pfx_ksys_write+0x10/0x10
[  829.882321][T18371]  __ia32_sys_sendto+0xdd/0x1b0
[  829.882342][T18371]  ? lockdep_hardirqs_on+0x7c/0x110
[  829.882365][T18371]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  829.882390][T18371]  __do_fast_syscall_32+0x7c/0x3a0
[  829.882418][T18371]  do_fast_syscall_32+0x32/0x80
[  829.882443][T18371]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  829.882465][T18371] RIP: 0023:0xf7f03579
[  829.882480][T18371] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  829.882515][T18371] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  829.882535][T18371] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  829.882546][T18371] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000
[  829.882557][T18371] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  829.882568][T18371] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  829.882579][T18371] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  829.882605][T18371]  </TASK>
[  830.357006][T18379] fuse: Unknown parameter 'rootmOde'
[  830.512143][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  830.512446][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  830.515683][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  830.531584][T18383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2813'.
[  831.287323][  T101] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  831.724303][T18405] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  832.872961][T18417] fuse: Unknown parameter 'rootmOde'
[  833.789731][T16564] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  834.164047][T18440] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.2818'.
[  834.197175][T18440] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211'
[  834.465934][ T6115] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[  834.617755][ T6115] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  834.620730][ T6115] usb 7-1: config 0 has no interface number 0
[  834.623196][ T6115] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  834.651254][T18453] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  834.659701][ T6115] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  834.671084][ T6115] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  834.674707][ T6115] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.709139][ T6115] usb 7-1: config 0 descriptor??
[  834.713255][T18445] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  834.723555][ T6115] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  834.965085][T18462] FAULT_INJECTION: forcing a failure.
[  834.965085][T18462] name failslab, interval 1, probability 0, space 0, times 0
[  834.970231][T18462] CPU: 0 UID: 0 PID: 18462 Comm: syz.1.2829 Not tainted syzkaller #0 PREEMPT(full) 
[  834.970247][T18462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  834.970275][T18462] Call Trace:
[  834.970282][T18462]  <TASK>
[  834.970288][T18462]  dump_stack_lvl+0x16c/0x1f0
[  834.970309][T18462]  should_fail_ex+0x512/0x640
[  834.970325][T18462]  ? fs_reclaim_acquire+0xae/0x150
[  834.970343][T18462]  ? tomoyo_encode2+0x100/0x3e0
[  834.970359][T18462]  should_failslab+0xc2/0x120
[  834.970374][T18462]  __kmalloc_noprof+0xd2/0x510
[  834.970387][T18462]  ? d_absolute_path+0x136/0x1a0
[  834.970407][T18462]  tomoyo_encode2+0x100/0x3e0
[  834.970425][T18462]  tomoyo_encode+0x29/0x50
[  834.970439][T18462]  tomoyo_realpath_from_path+0x18f/0x6e0
[  834.970478][T18462]  tomoyo_path_number_perm+0x245/0x580
[  834.970492][T18462]  ? tomoyo_path_number_perm+0x237/0x580
[  834.970507][T18462]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  834.970539][T18462]  ? find_held_lock+0x2b/0x80
[  834.970550][T18462]  ? hook_file_ioctl_common+0x145/0x410
[  834.970569][T18462]  ? __fget_files+0x20e/0x3c0
[  834.970585][T18462]  security_file_ioctl_compat+0x9b/0x240
[  834.970601][T18462]  __ia32_compat_sys_ioctl+0xc3/0x370
[  834.970621][T18462]  __do_fast_syscall_32+0x7c/0x3a0
[  834.970638][T18462]  do_fast_syscall_32+0x32/0x80
[  834.970653][T18462]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  834.970667][T18462] RIP: 0023:0xf7f17579
[  834.970676][T18462] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  834.970687][T18462] RSP: 002b:00000000f53f455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  834.970698][T18462] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ab03
[  834.970705][T18462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  834.970711][T18462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  834.970718][T18462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  834.970724][T18462] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  834.970741][T18462]  </TASK>
[  834.970935][T18462] ERROR: Out of memory at tomoyo_realpath_from_path.
[  835.016321][T18461] block nbd1: shutting down sockets
[  835.204531][ T5979] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  835.204579][ T5979] Bluetooth: hci1: adv larger than maximum supported
[  835.207550][ T5979] Bluetooth: hci1: Malformed LE Event: 0x0d
[  835.381749][T18467] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2830'.
[  835.846025][ T5979] Bluetooth: hci2: command 0x0406 tx timeout
[  836.064064][T18470] netlink: 'syz.3.2832': attribute type 33 has an invalid length.
[  836.067036][T18470] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2832'.
[  836.407025][T18479] block nbd3: shutting down sockets
[  836.966678][T16564] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  836.993752][    C2] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[  836.998046][ T5985] usb 7-1: USB disconnect, device number 13
[  839.348193][T15359] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  839.535226][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  839.585707][T18542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2853'.
[  840.440546][ T5979] Bluetooth: hci1: command 0x0405 tx timeout
[  841.107064][T18553] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  841.136171][T18562] 9pnet_fd: Insufficient options for proto=fd
[  842.176147][T18585] 9pnet_fd: Insufficient options for proto=fd
[  842.479189][T18589] FAULT_INJECTION: forcing a failure.
[  842.479189][T18589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  842.485541][T18589] CPU: 3 UID: 0 PID: 18589 Comm: syz.0.2864 Not tainted syzkaller #0 PREEMPT(full) 
[  842.485565][T18589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  842.485575][T18589] Call Trace:
[  842.485581][T18589]  <TASK>
[  842.485588][T18589]  dump_stack_lvl+0x16c/0x1f0
[  842.485617][T18589]  should_fail_ex+0x512/0x640
[  842.485648][T18589]  _copy_from_user+0x2e/0xd0
[  842.485676][T18589]  move_addr_to_kernel+0x65/0x170
[  842.485695][T18589]  __get_compat_msghdr+0x3f1/0x4d0
[  842.485719][T18589]  get_compat_msghdr+0xd2/0x170
[  842.485741][T18589]  ? __pfx_get_compat_msghdr+0x10/0x10
[  842.485772][T18589]  ___sys_sendmsg+0x1ae/0x1d0
[  842.485798][T18589]  ? __pfx____sys_sendmsg+0x10/0x10
[  842.485854][T18589]  ? find_held_lock+0x2b/0x80
[  842.485891][T18589]  __sys_sendmsg+0x16d/0x220
[  842.485914][T18589]  ? __pfx___sys_sendmsg+0x10/0x10
[  842.485949][T18589]  ? rcu_is_watching+0x12/0xc0
[  842.485973][T18589]  __do_fast_syscall_32+0x7c/0x3a0
[  842.485998][T18589]  do_fast_syscall_32+0x32/0x80
[  842.486022][T18589]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  842.486043][T18589] RIP: 0023:0xf7fd4579
[  842.486057][T18589] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  842.486073][T18589] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  842.486088][T18589] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000700
[  842.486100][T18589] RDX: 0000000000000881 RSI: 0000000000000000 RDI: 0000000000000000
[  842.486111][T18589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  842.486120][T18589] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  842.486130][T18589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  842.486155][T18589]  </TASK>
[  842.726761][T16599] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  843.893090][T18622] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  844.020011][ T6115] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  844.866856][T18632] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2875'.
[  844.873984][T18632] FAULT_INJECTION: forcing a failure.
[  844.873984][T18632] name failslab, interval 1, probability 0, space 0, times 0
[  844.878147][T18632] CPU: 1 UID: 0 PID: 18632 Comm: syz.0.2875 Not tainted syzkaller #0 PREEMPT(full) 
[  844.878162][T18632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  844.878169][T18632] Call Trace:
[  844.878173][T18632]  <TASK>
[  844.878178][T18632]  dump_stack_lvl+0x16c/0x1f0
[  844.878196][T18632]  should_fail_ex+0x512/0x640
[  844.878211][T18632]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  844.878226][T18632]  should_failslab+0xc2/0x120
[  844.878240][T18632]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  844.878253][T18632]  ? __alloc_skb+0x2b2/0x380
[  844.878269][T18632]  __alloc_skb+0x2b2/0x380
[  844.878281][T18632]  ? __pfx___alloc_skb+0x10/0x10
[  844.878295][T18632]  ? __pfx___might_resched+0x10/0x10
[  844.878310][T18632]  netlink_alloc_large_skb+0x69/0x130
[  844.878326][T18632]  netlink_sendmsg+0x6a1/0xdd0
[  844.878343][T18632]  ? __pfx_netlink_sendmsg+0x10/0x10
[  844.878359][T18632]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  844.878401][T18632]  ____sys_sendmsg+0xa98/0xc70
[  844.878413][T18632]  ? __pfx_____sys_sendmsg+0x10/0x10
[  844.878422][T18632]  ? get_compat_msghdr+0x11a/0x170
[  844.878442][T18632]  ___sys_sendmsg+0x134/0x1d0
[  844.878458][T18632]  ? __pfx____sys_sendmsg+0x10/0x10
[  844.878478][T18632]  ? find_held_lock+0x2b/0x80
[  844.878499][T18632]  __sys_sendmsg+0x16d/0x220
[  844.878513][T18632]  ? __pfx___sys_sendmsg+0x10/0x10
[  844.878533][T18632]  ? rcu_is_watching+0x12/0xc0
[  844.878547][T18632]  __do_fast_syscall_32+0x7c/0x3a0
[  844.878573][T18632]  do_fast_syscall_32+0x32/0x80
[  844.878590][T18632]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  844.878603][T18632] RIP: 0023:0xf7fd4579
[  844.878612][T18632] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  844.878622][T18632] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  844.878635][T18632] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  844.878642][T18632] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  844.878648][T18632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  844.878654][T18632] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  844.878660][T18632] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  844.878675][T18632]  </TASK>
[  845.124785][T18646] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  845.296367][T16599] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  845.446940][T18648] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2881'.
[  845.725390][T18661] 9pnet_fd: Insufficient options for proto=fd
[  846.981533][T18682] veth0: entered promiscuous mode
[  846.983829][T18682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2889'.
[  847.076871][T18682] veth0 (unregistering): left promiscuous mode
[  847.122949][T18691] netlink: 'syz.2.2889': attribute type 15 has an invalid length.
[  847.806491][T18687] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  848.064609][ T5977] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  848.065015][ T5977] Bluetooth: hci2: adv larger than maximum supported
[  848.067389][ T5977] Bluetooth: hci2: Malformed LE Event: 0x0d
[  848.083670][T18713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2896'.
[  848.486379][ T6118] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  848.520504][T18722] 9pnet_fd: Insufficient options for proto=fd
[  849.459263][T15359] hid_parser_main: 28 callbacks suppressed
[  849.459286][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.464482][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.478895][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.481423][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.483774][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.486745][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.489266][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.491862][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.494595][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.497911][T15359] hid-generic 00A0:0008:0003.0006: unknown main item tag 0x0
[  849.505670][T15359] hid-generic 00A0:0008:0003.0006: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  849.988496][T18729] fido_id[18729]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  850.388120][T18745] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  850.406227][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  851.183176][T18751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2907'.
[  851.327120][ T5977] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  851.327330][ T5977] Bluetooth: hci3: adv larger than maximum supported
[  851.330092][ T5977] Bluetooth: hci3: Malformed LE Event: 0x0d
[  851.331343][T18767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2911'.
[  851.339920][T18768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2910'.
[  851.342840][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  851.342861][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  851.345513][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  853.132872][T18772] 9pnet_fd: Insufficient options for proto=fd
[  853.652275][   T40] kauditd_printk_skb: 73 callbacks suppressed
[  853.652286][   T40] audit: type=1326 audit(1755898547.406:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.662887][   T40] audit: type=1326 audit(1755898547.406:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.672251][   T40] audit: type=1326 audit(1755898547.406:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.679660][   T40] audit: type=1326 audit(1755898547.416:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.688201][   T40] audit: type=1326 audit(1755898547.416:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.695520][   T40] audit: type=1326 audit(1755898547.416:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.704422][   T40] audit: type=1326 audit(1755898547.416:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f08598 code=0x7ffc0000
[  853.713694][   T40] audit: type=1326 audit(1755898547.426:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.722833][   T40] audit: type=1326 audit(1755898547.426:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  853.731568][   T40] audit: type=1326 audit(1755898547.426:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18787 comm="syz.3.2917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  854.250447][T16596] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  854.493424][T18788] befs: (nullb0): No write support. Marking filesystem read-only
[  854.498870][T18788] befs: (nullb0): invalid magic header
[  855.022243][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  855.022361][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  855.027211][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  855.031600][T18802] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2921'.
[  856.139901][T18815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2924'.
[  856.168321][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  856.326583][ T5977] Bluetooth: hci3: command 0x0406 tx timeout
[  858.014722][ T5979] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  858.014752][ T5979] Bluetooth: hci3: adv larger than maximum supported
[  858.017840][ T5979] Bluetooth: hci3: Malformed LE Event: 0x0d
[  858.028152][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2927'.
[  858.539835][T18840] veth0: entered promiscuous mode
[  858.565151][T18840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2928'.
[  858.626693][T18841] netlink: 'syz.3.2928': attribute type 15 has an invalid length.
[  859.257031][T18840] veth0 (unregistering): left promiscuous mode
[  859.382586][  T101] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  860.031471][T18854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2930'.
[  860.545589][T18860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2939'.
[  861.933058][ T6118] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  862.245178][T18869] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  863.895756][T18891] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  864.144086][T18904] 9pnet_fd: Insufficient options for proto=fd
[  864.284060][T18910] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  864.292137][T18910] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  864.468043][T18917] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  865.154374][T16566] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  865.466741][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  865.466771][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  865.469675][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  865.472085][T18935] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2949'.
[  865.848335][T18945] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  865.854798][   T40] kauditd_printk_skb: 553 callbacks suppressed
[  865.854813][   T40] audit: type=1326 audit(1755898559.606:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.871009][   T40] audit: type=1326 audit(1755898559.606:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.881199][   T40] audit: type=1326 audit(1755898559.606:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.893164][   T40] audit: type=1326 audit(1755898559.606:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.903294][   T40] audit: type=1326 audit(1755898559.606:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.913381][   T40] audit: type=1326 audit(1755898559.606:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.920689][   T40] audit: type=1326 audit(1755898559.606:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.930124][   T40] audit: type=1326 audit(1755898559.606:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.941494][   T40] audit: type=1326 audit(1755898559.626:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.951814][   T40] audit: type=1326 audit(1755898559.626:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.1.2955" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  865.962813][T18947] 9pnet_fd: Insufficient options for proto=fd
[  866.044616][T18943] 9pnet_fd: Insufficient options for proto=fd
[  866.274678][T18955] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  866.433719][T18960] FAULT_INJECTION: forcing a failure.
[  866.433719][T18960] name failslab, interval 1, probability 0, space 0, times 0
[  866.438706][T18960] CPU: 1 UID: 0 PID: 18960 Comm: syz.3.2958 Not tainted syzkaller #0 PREEMPT(full) 
[  866.438730][T18960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  866.438742][T18960] Call Trace:
[  866.438749][T18960]  <TASK>
[  866.438756][T18960]  dump_stack_lvl+0x16c/0x1f0
[  866.438776][T18960]  should_fail_ex+0x512/0x640
[  866.438792][T18960]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  866.438808][T18960]  should_failslab+0xc2/0x120
[  866.438822][T18960]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  866.438834][T18960]  ? __alloc_skb+0x2b2/0x380
[  866.438851][T18960]  __alloc_skb+0x2b2/0x380
[  866.438863][T18960]  ? __pfx___alloc_skb+0x10/0x10
[  866.438878][T18960]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  866.438895][T18960]  netlink_alloc_large_skb+0x69/0x130
[  866.438912][T18960]  netlink_sendmsg+0x6a1/0xdd0
[  866.438929][T18960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  866.438945][T18960]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  866.438959][T18960]  ____sys_sendmsg+0xa98/0xc70
[  866.438971][T18960]  ? __pfx_____sys_sendmsg+0x10/0x10
[  866.438980][T18960]  ? get_compat_msghdr+0x11a/0x170
[  866.439000][T18960]  ___sys_sendmsg+0x134/0x1d0
[  866.439015][T18960]  ? __pfx____sys_sendmsg+0x10/0x10
[  866.439035][T18960]  ? find_held_lock+0x2b/0x80
[  866.439057][T18960]  __sys_sendmsg+0x16d/0x220
[  866.439071][T18960]  ? __pfx___sys_sendmsg+0x10/0x10
[  866.439091][T18960]  ? rcu_is_watching+0x12/0xc0
[  866.439105][T18960]  __do_fast_syscall_32+0x7c/0x3a0
[  866.439120][T18960]  do_fast_syscall_32+0x32/0x80
[  866.439134][T18960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  866.439147][T18960] RIP: 0023:0xf7f08579
[  866.439156][T18960] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  866.439166][T18960] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  866.439177][T18960] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800007c0
[  866.439184][T18960] RDX: 0000000000004080 RSI: 0000000000000000 RDI: 0000000000000000
[  866.439190][T18960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  866.439196][T18960] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  866.439202][T18960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  866.439217][T18960]  </TASK>
[  866.576132][ T5977] Bluetooth: hci1: command 0x0405 tx timeout
[  866.595793][T18963] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2960'.
[  866.722806][T18972] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2960'.
[  867.030266][T18972] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.118557][T18972] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.204547][T18972] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.291671][T18972] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.384753][  T101] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  867.398209][  T101] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  867.412970][  T101] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  867.423496][  T101] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  867.688205][T16607] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  867.736463][T18982] FAULT_INJECTION: forcing a failure.
[  867.736463][T18982] name failslab, interval 1, probability 0, space 0, times 0
[  867.740357][T18982] CPU: 1 UID: 0 PID: 18982 Comm: syz.1.2963 Not tainted syzkaller #0 PREEMPT(full) 
[  867.740373][T18982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  867.740380][T18982] Call Trace:
[  867.740384][T18982]  <TASK>
[  867.740389][T18982]  dump_stack_lvl+0x16c/0x1f0
[  867.740407][T18982]  should_fail_ex+0x512/0x640
[  867.740423][T18982]  ? fs_reclaim_acquire+0xae/0x150
[  867.740445][T18982]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  867.740460][T18982]  should_failslab+0xc2/0x120
[  867.740474][T18982]  __kmalloc_noprof+0xd2/0x510
[  867.740490][T18982]  tomoyo_realpath_from_path+0xc2/0x6e0
[  867.740507][T18982]  ? tomoyo_profile+0x47/0x60
[  867.740519][T18982]  tomoyo_path_number_perm+0x245/0x580
[  867.740531][T18982]  ? tomoyo_path_number_perm+0x237/0x580
[  867.740544][T18982]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  867.740573][T18982]  ? find_held_lock+0x2b/0x80
[  867.740585][T18982]  ? hook_file_ioctl_common+0x145/0x410
[  867.740603][T18982]  ? __fget_files+0x20e/0x3c0
[  867.740618][T18982]  security_file_ioctl_compat+0x9b/0x240
[  867.740634][T18982]  __ia32_compat_sys_ioctl+0xc3/0x370
[  867.740653][T18982]  __do_fast_syscall_32+0x7c/0x3a0
[  867.740669][T18982]  do_fast_syscall_32+0x32/0x80
[  867.740684][T18982]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  867.740697][T18982] RIP: 0023:0xf7f17579
[  867.740706][T18982] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  867.740716][T18982] RSP: 002b:00000000f53f455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  867.740727][T18982] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000004020aeb2
[  867.740733][T18982] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  867.740740][T18982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  867.740746][T18982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  867.740752][T18982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  867.740768][T18982]  </TASK>
[  867.740772][T18982] ERROR: Out of memory at tomoyo_realpath_from_path.
[  868.427186][T18991] 9pnet_fd: Insufficient options for proto=fd
[  868.443756][T18995] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  868.543614][T18995] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  868.588410][T18997] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  868.801423][T19005] FAULT_INJECTION: forcing a failure.
[  868.801423][T19005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  868.809478][T19005] CPU: 3 UID: 0 PID: 19005 Comm: syz.1.2972 Not tainted syzkaller #0 PREEMPT(full) 
[  868.809505][T19005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  868.809517][T19005] Call Trace:
[  868.809524][T19005]  <TASK>
[  868.809532][T19005]  dump_stack_lvl+0x16c/0x1f0
[  868.809560][T19005]  should_fail_ex+0x512/0x640
[  868.809590][T19005]  _copy_from_user+0x2e/0xd0
[  868.809619][T19005]  move_addr_to_kernel+0x65/0x170
[  868.809647][T19005]  __get_compat_msghdr+0x3f1/0x4d0
[  868.809673][T19005]  get_compat_msghdr+0xd2/0x170
[  868.809694][T19005]  ? __pfx_get_compat_msghdr+0x10/0x10
[  868.809729][T19005]  ___sys_sendmsg+0x1ae/0x1d0
[  868.809756][T19005]  ? __pfx____sys_sendmsg+0x10/0x10
[  868.809796][T19005]  ? find_held_lock+0x2b/0x80
[  868.809838][T19005]  __sys_sendmsg+0x16d/0x220
[  868.809862][T19005]  ? __pfx___sys_sendmsg+0x10/0x10
[  868.809902][T19005]  ? rcu_is_watching+0x12/0xc0
[  868.809926][T19005]  __do_fast_syscall_32+0x7c/0x3a0
[  868.809952][T19005]  do_fast_syscall_32+0x32/0x80
[  868.809977][T19005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  868.809999][T19005] RIP: 0023:0xf7f17579
[  868.810013][T19005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  868.810031][T19005] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  868.810049][T19005] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[  868.810059][T19005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  868.810070][T19005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  868.810081][T19005] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  868.810091][T19005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  868.810117][T19005]  </TASK>
[  869.410400][T18998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  869.424564][T19017] vlan4: entered allmulticast mode
[  869.427540][T19017] veth0_to_bond: entered allmulticast mode
[  869.533154][ T5979] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  869.533201][ T5979] Bluetooth: hci3: adv larger than maximum supported
[  869.542023][ T5979] Bluetooth: hci3: Malformed LE Event: 0x0d
[  869.543417][T19023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2977'.
[  869.608189][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  869.921431][ T5979] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  869.921679][ T5979] Bluetooth: hci2: adv larger than maximum supported
[  869.927587][ T5979] Bluetooth: hci2: Malformed LE Event: 0x0d
[  869.950942][T19028] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2978'.
[  870.895199][T16567] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  871.033817][T19034] 9pnet_fd: Insufficient options for proto=fd
[  872.402587][T19046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  872.852685][T16596] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  872.891013][T19056] FAULT_INJECTION: forcing a failure.
[  872.891013][T19056] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  872.898647][T19056] CPU: 1 UID: 0 PID: 19056 Comm: syz.3.2986 Not tainted syzkaller #0 PREEMPT(full) 
[  872.898665][T19056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  872.898672][T19056] Call Trace:
[  872.898676][T19056]  <TASK>
[  872.898681][T19056]  dump_stack_lvl+0x16c/0x1f0
[  872.898699][T19056]  should_fail_ex+0x512/0x640
[  872.898718][T19056]  should_fail_alloc_page+0xe7/0x130
[  872.898734][T19056]  prepare_alloc_pages+0x3c2/0x610
[  872.898753][T19056]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  872.898767][T19056]  ? copy_splice_read+0x1a8/0xc20
[  872.898778][T19056]  ? stack_trace_save+0x8e/0xc0
[  872.898791][T19056]  ? __pfx_stack_trace_save+0x10/0x10
[  872.898804][T19056]  ? stack_depot_save_flags+0x29/0x9c0
[  872.898819][T19056]  ? lockdep_hardirqs_on+0x7c/0x110
[  872.898834][T19056]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  872.898848][T19056]  ? kasan_save_stack+0x42/0x60
[  872.898860][T19056]  ? kasan_save_track+0x14/0x30
[  872.898871][T19056]  ? __kmalloc_noprof+0x223/0x510
[  872.898883][T19056]  ? copy_splice_read+0x1a8/0xc20
[  872.898892][T19056]  ? do_splice_read+0x282/0x370
[  872.898901][T19056]  ? splice_direct_to_actor+0x2a1/0xa30
[  872.898911][T19056]  ? do_splice_direct+0x174/0x240
[  872.898921][T19056]  ? do_sendfile+0xb06/0xe50
[  872.898932][T19056]  ? __ia32_compat_sys_sendfile+0x1e5/0x220
[  872.898958][T19056]  alloc_pages_bulk_noprof+0x71c/0x1410
[  872.898977][T19056]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  872.898994][T19056]  ? trace_kmalloc+0x2b/0xd0
[  872.899007][T19056]  ? __kmalloc_noprof+0x242/0x510
[  872.899023][T19056]  copy_splice_read+0x1e1/0xc20
[  872.899036][T19056]  ? __lock_acquire+0x62e/0x1ce0
[  872.899050][T19056]  ? __pfx_copy_splice_read+0x10/0x10
[  872.899063][T19056]  ? __pfx__kstrtoull+0x10/0x10
[  872.899079][T19056]  ? find_held_lock+0x2b/0x80
[  872.899091][T19056]  ? __pfx_copy_splice_read+0x10/0x10
[  872.899101][T19056]  do_splice_read+0x282/0x370
[  872.899114][T19056]  splice_direct_to_actor+0x2a1/0xa30
[  872.899126][T19056]  ? __pfx_direct_splice_actor+0x10/0x10
[  872.899140][T19056]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  872.899150][T19056]  ? get_pid_task+0xfc/0x250
[  872.899169][T19056]  do_splice_direct+0x174/0x240
[  872.899181][T19056]  ? __pfx_do_splice_direct+0x10/0x10
[  872.899192][T19056]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  872.899204][T19056]  ? bpf_lsm_file_permission+0x9/0x10
[  872.899219][T19056]  ? security_file_permission+0x71/0x210
[  872.899235][T19056]  ? rw_verify_area+0xcf/0x6c0
[  872.899247][T19056]  do_sendfile+0xb06/0xe50
[  872.899262][T19056]  ? __pfx_do_sendfile+0x10/0x10
[  872.899274][T19056]  ? __fget_files+0x20e/0x3c0
[  872.899296][T19056]  __ia32_compat_sys_sendfile+0x1e5/0x220
[  872.899310][T19056]  ? ksys_write+0x1ac/0x250
[  872.899322][T19056]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  872.899339][T19056]  ? rcu_is_watching+0x12/0xc0
[  872.899352][T19056]  __do_fast_syscall_32+0x7c/0x3a0
[  872.899368][T19056]  do_fast_syscall_32+0x32/0x80
[  872.899382][T19056]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  872.899396][T19056] RIP: 0023:0xf7f08579
[  872.899405][T19056] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  872.899415][T19056] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  872.899426][T19056] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000005
[  872.899433][T19056] RDX: 0000000000000000 RSI: 0000000000000401 RDI: 0000000000000000
[  872.899439][T19056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  872.899446][T19056] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  872.899452][T19056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  872.899474][T19056]  </TASK>
[  873.024194][T19058] FAULT_INJECTION: forcing a failure.
[  873.024194][T19058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  873.029341][T19058] CPU: 1 UID: 0 PID: 19058 Comm: syz.0.2987 Not tainted syzkaller #0 PREEMPT(full) 
[  873.029357][T19058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  873.029363][T19058] Call Trace:
[  873.029367][T19058]  <TASK>
[  873.029372][T19058]  dump_stack_lvl+0x16c/0x1f0
[  873.029389][T19058]  should_fail_ex+0x512/0x640
[  873.029406][T19058]  _copy_from_user+0x2e/0xd0
[  873.029424][T19058]  move_addr_to_kernel+0x65/0x170
[  873.029436][T19058]  __get_compat_msghdr+0x3f1/0x4d0
[  873.029450][T19058]  get_compat_msghdr+0xd2/0x170
[  873.029462][T19058]  ? __pfx_get_compat_msghdr+0x10/0x10
[  873.029496][T19058]  ___sys_sendmsg+0x1ae/0x1d0
[  873.029517][T19058]  ? __pfx____sys_sendmsg+0x10/0x10
[  873.029547][T19058]  ? find_held_lock+0x2b/0x80
[  873.029574][T19058]  __sys_sendmsg+0x16d/0x220
[  873.029588][T19058]  ? __pfx___sys_sendmsg+0x10/0x10
[  873.029609][T19058]  ? rcu_is_watching+0x12/0xc0
[  873.029622][T19058]  __do_fast_syscall_32+0x7c/0x3a0
[  873.029638][T19058]  do_fast_syscall_32+0x32/0x80
[  873.029652][T19058]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  873.029665][T19058] RIP: 0023:0xf7fd4579
[  873.029673][T19058] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  873.029684][T19058] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  873.029694][T19058] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  873.029701][T19058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  873.029707][T19058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  873.029713][T19058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  873.029719][T19058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  873.029734][T19058]  </TASK>
[  874.064595][T19081] FAULT_INJECTION: forcing a failure.
[  874.064595][T19081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  874.071512][T19081] CPU: 0 UID: 0 PID: 19081 Comm: syz.3.2995 Not tainted syzkaller #0 PREEMPT(full) 
[  874.071529][T19081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  874.071549][T19081] Call Trace:
[  874.071554][T19081]  <TASK>
[  874.071560][T19081]  dump_stack_lvl+0x16c/0x1f0
[  874.071580][T19081]  should_fail_ex+0x512/0x640
[  874.071598][T19081]  _copy_from_user+0x2e/0xd0
[  874.071616][T19081]  get_compat_msghdr+0xa7/0x170
[  874.071631][T19081]  ? __pfx_get_compat_msghdr+0x10/0x10
[  874.071647][T19081]  ? __pfx__kstrtoull+0x10/0x10
[  874.071664][T19081]  ___sys_sendmsg+0x1ae/0x1d0
[  874.071681][T19081]  ? __pfx____sys_sendmsg+0x10/0x10
[  874.071711][T19081]  ? __pfx___might_resched+0x10/0x10
[  874.071728][T19081]  __sys_sendmmsg+0x2f9/0x420
[  874.071744][T19081]  ? __pfx___sys_sendmmsg+0x10/0x10
[  874.071765][T19081]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  874.071787][T19081]  ? fput+0x9b/0xd0
[  874.071803][T19081]  ? ksys_write+0x1ac/0x250
[  874.071815][T19081]  ? __pfx_ksys_write+0x10/0x10
[  874.071831][T19081]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  874.071845][T19081]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  874.071861][T19081]  __do_fast_syscall_32+0x7c/0x3a0
[  874.071878][T19081]  do_fast_syscall_32+0x32/0x80
[  874.071892][T19081]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  874.071919][T19081] RIP: 0023:0xf7f08579
[  874.071929][T19081] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  874.071939][T19081] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  874.071951][T19081] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080006900
[  874.071958][T19081] RDX: 0000000000000002 RSI: 0000000004004804 RDI: 0000000000000000
[  874.071964][T19081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  874.071971][T19081] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  874.071977][T19081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  874.071993][T19081]  </TASK>
[  874.208461][T19088] FAULT_INJECTION: forcing a failure.
[  874.208461][T19088] name failslab, interval 1, probability 0, space 0, times 0
[  874.212248][T19088] CPU: 0 UID: 0 PID: 19088 Comm: syz.1.2999 Not tainted syzkaller #0 PREEMPT(full) 
[  874.212262][T19088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  874.212269][T19088] Call Trace:
[  874.212273][T19088]  <TASK>
[  874.212277][T19088]  dump_stack_lvl+0x16c/0x1f0
[  874.212299][T19088]  should_fail_ex+0x512/0x640
[  874.212315][T19088]  ? fs_reclaim_acquire+0xae/0x150
[  874.212333][T19088]  ? tomoyo_encode2+0x100/0x3e0
[  874.212347][T19088]  should_failslab+0xc2/0x120
[  874.212362][T19088]  __kmalloc_noprof+0xd2/0x510
[  874.212379][T19088]  tomoyo_encode2+0x100/0x3e0
[  874.212395][T19088]  tomoyo_encode+0x29/0x50
[  874.212409][T19088]  tomoyo_realpath_from_path+0x18f/0x6e0
[  874.212425][T19088]  ? tomoyo_profile+0x47/0x60
[  874.212436][T19088]  tomoyo_path_number_perm+0x245/0x580
[  874.212461][T19088]  ? tomoyo_path_number_perm+0x237/0x580
[  874.212476][T19088]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  874.212506][T19088]  ? find_held_lock+0x2b/0x80
[  874.212517][T19088]  ? hook_file_ioctl_common+0x145/0x410
[  874.212535][T19088]  ? __fget_files+0x20e/0x3c0
[  874.212550][T19088]  security_file_ioctl_compat+0x9b/0x240
[  874.212565][T19088]  __ia32_compat_sys_ioctl+0xc3/0x370
[  874.212584][T19088]  __do_fast_syscall_32+0x7c/0x3a0
[  874.212599][T19088]  do_fast_syscall_32+0x32/0x80
[  874.212613][T19088]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  874.212626][T19088] RIP: 0023:0xf7f17579
[  874.212634][T19088] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  874.212645][T19088] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  874.212655][T19088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008916
[  874.212662][T19088] RDX: 0000000080000240 RSI: 0000000000000000 RDI: 0000000000000000
[  874.212668][T19088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  874.212674][T19088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  874.212680][T19088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  874.212695][T19088]  </TASK>
[  874.212718][T19088] ERROR: Out of memory at tomoyo_realpath_from_path.
[  874.467302][T19105] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3004'.
[  874.616744][T19117] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3004'.
[  874.639506][T19122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3008'.
[  874.693157][T19117] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.833827][T19117] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.852789][T19131] FAULT_INJECTION: forcing a failure.
[  874.852789][T19131] name failslab, interval 1, probability 0, space 0, times 0
[  874.857508][T19131] CPU: 2 UID: 0 PID: 19131 Comm: syz.3.3011 Not tainted syzkaller #0 PREEMPT(full) 
[  874.857546][T19131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  874.857556][T19131] Call Trace:
[  874.857562][T19131]  <TASK>
[  874.857567][T19131]  dump_stack_lvl+0x16c/0x1f0
[  874.857585][T19131]  should_fail_ex+0x512/0x640
[  874.857606][T19131]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  874.857623][T19131]  should_failslab+0xc2/0x120
[  874.857637][T19131]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  874.857650][T19131]  ? __alloc_skb+0x2b2/0x380
[  874.857667][T19131]  __alloc_skb+0x2b2/0x380
[  874.857679][T19131]  ? __pfx___alloc_skb+0x10/0x10
[  874.857693][T19131]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  874.857711][T19131]  netlink_alloc_large_skb+0x69/0x130
[  874.857727][T19131]  netlink_sendmsg+0x6a1/0xdd0
[  874.857744][T19131]  ? __pfx_netlink_sendmsg+0x10/0x10
[  874.857760][T19131]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  874.857775][T19131]  ____sys_sendmsg+0xa98/0xc70
[  874.857787][T19131]  ? __pfx_____sys_sendmsg+0x10/0x10
[  874.857798][T19131]  ? get_compat_msghdr+0x11a/0x170
[  874.857818][T19131]  ___sys_sendmsg+0x134/0x1d0
[  874.857833][T19131]  ? __pfx____sys_sendmsg+0x10/0x10
[  874.857854][T19131]  ? find_held_lock+0x2b/0x80
[  874.857875][T19131]  __sys_sendmsg+0x16d/0x220
[  874.857889][T19131]  ? __pfx___sys_sendmsg+0x10/0x10
[  874.857910][T19131]  ? rcu_is_watching+0x12/0xc0
[  874.857923][T19131]  __do_fast_syscall_32+0x7c/0x3a0
[  874.857939][T19131]  do_fast_syscall_32+0x32/0x80
[  874.857953][T19131]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  874.857966][T19131] RIP: 0023:0xf7f08579
[  874.857975][T19131] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  874.857985][T19131] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  874.857996][T19131] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000540
[  874.858003][T19131] RDX: 0000000000044000 RSI: 0000000000000000 RDI: 0000000000000000
[  874.858009][T19131] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  874.858015][T19131] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  874.858021][T19131] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  874.858036][T19131]  </TASK>
[  875.053608][T19117] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  875.094935][T19134] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  875.178964][T19117] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  875.306703][  T101] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  875.410012][   T40] kauditd_printk_skb: 782 callbacks suppressed
[  875.410025][   T40] audit: type=1326 audit(1755898569.106:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.513179][   T40] audit: type=1326 audit(1755898569.106:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.534658][   T40] audit: type=1326 audit(1755898569.116:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.535462][  T101] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  875.552308][   T40] audit: type=1326 audit(1755898569.116:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.587528][   T40] audit: type=1326 audit(1755898569.116:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.621558][T16596] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  875.625122][   T40] audit: type=1326 audit(1755898569.116:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.634124][   T40] audit: type=1326 audit(1755898569.116:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.640862][   T40] audit: type=1326 audit(1755898569.116:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.648249][   T40] audit: type=1326 audit(1755898569.116:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.657010][   T40] audit: type=1326 audit(1755898569.116:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19140 comm="syz.3.3014" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf7f08579 code=0x7ffc0000
[  875.736808][  T101] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  876.007161][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  876.041074][ T6061] usb 7-1: new low-speed USB device number 14 using dummy_hcd
[  876.090014][T19165] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  876.236942][T19177] fuse: Bad value for 'group_id'
[  876.239183][T19177] fuse: Bad value for 'group_id'
[  876.248065][ T6061] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  876.251309][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  876.256045][ T6061] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  876.260969][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  876.266451][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  876.273159][ T6061] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  876.279915][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  876.285172][ T6061] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  876.289700][T19180] FAULT_INJECTION: forcing a failure.
[  876.289700][T19180] name failslab, interval 1, probability 0, space 0, times 0
[  876.297747][T19180] CPU: 1 UID: 0 PID: 19180 Comm: syz.3.3026 Not tainted syzkaller #0 PREEMPT(full) 
[  876.297770][T19180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  876.297782][T19180] Call Trace:
[  876.297789][T19180]  <TASK>
[  876.297797][T19180]  dump_stack_lvl+0x16c/0x1f0
[  876.297825][T19180]  should_fail_ex+0x512/0x640
[  876.297849][T19180]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  876.297873][T19180]  should_failslab+0xc2/0x120
[  876.297894][T19180]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  876.297916][T19180]  ? __alloc_skb+0x2b2/0x380
[  876.297940][T19180]  __alloc_skb+0x2b2/0x380
[  876.297960][T19180]  ? __pfx___alloc_skb+0x10/0x10
[  876.297985][T19180]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  876.298016][T19180]  netlink_alloc_large_skb+0x69/0x130
[  876.298042][T19180]  netlink_sendmsg+0x6a1/0xdd0
[  876.298071][T19180]  ? __pfx_netlink_sendmsg+0x10/0x10
[  876.298125][T19180]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  876.298150][T19180]  ____sys_sendmsg+0xa98/0xc70
[  876.298166][T19180]  ? tree_mod_log_free_eb+0x120/0x140
[  876.298190][T19180]  ? __pfx_____sys_sendmsg+0x10/0x10
[  876.298206][T19180]  ? get_compat_msghdr+0x11a/0x170
[  876.298241][T19180]  ___sys_sendmsg+0x134/0x1d0
[  876.298266][T19180]  ? __pfx____sys_sendmsg+0x10/0x10
[  876.298303][T19180]  ? find_held_lock+0x2b/0x80
[  876.298345][T19180]  __sys_sendmsg+0x16d/0x220
[  876.298369][T19180]  ? __pfx___sys_sendmsg+0x10/0x10
[  876.298406][T19180]  ? rcu_is_watching+0x12/0xc0
[  876.298428][T19180]  __do_fast_syscall_32+0x7c/0x3a0
[  876.298455][T19180]  do_fast_syscall_32+0x32/0x80
[  876.298478][T19180]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  876.298500][T19180] RIP: 0023:0xf7f08579
[  876.298514][T19180] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  876.298531][T19180] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  876.298547][T19180] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001200
[  876.298558][T19180] RDX: 0000000004000810 RSI: 0000000000000000 RDI: 0000000000000000
[  876.298568][T19180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  876.298577][T19180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  876.298587][T19180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  876.298613][T19180]  </TASK>
[  876.304828][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  876.406345][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  876.414395][ T6061] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  876.417100][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  876.420723][ T6061] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  876.424385][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  876.429877][ T6061] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  876.553420][ T6061] usb 7-1: string descriptor 0 read error: -22
[  876.555514][ T6061] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  876.558412][ T6061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.587188][ T6061] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  876.781199][T19159] FAULT_INJECTION: forcing a failure.
[  876.781199][T19159] name failslab, interval 1, probability 0, space 0, times 0
[  876.787450][T19159] CPU: 3 UID: 0 PID: 19159 Comm: syz.2.3018 Not tainted syzkaller #0 PREEMPT(full) 
[  876.787466][T19159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  876.787473][T19159] Call Trace:
[  876.787477][T19159]  <TASK>
[  876.787482][T19159]  dump_stack_lvl+0x16c/0x1f0
[  876.787501][T19159]  should_fail_ex+0x512/0x640
[  876.787515][T19159]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  876.787529][T19159]  should_failslab+0xc2/0x120
[  876.787543][T19159]  __kmalloc_cache_noprof+0x6a/0x3e0
[  876.787554][T19159]  ? dummy_urb_enqueue+0xa3/0x920
[  876.787571][T19159]  dummy_urb_enqueue+0xa3/0x920
[  876.787583][T19159]  ? usb_hcd_map_urb_for_dma+0x359/0x1360
[  876.787599][T19159]  usb_hcd_submit_urb+0x25b/0x1c60
[  876.787612][T19159]  ? find_held_lock+0x2b/0x80
[  876.787625][T19159]  usb_submit_urb+0x890/0x1770
[  876.787644][T19159]  adu_write+0x7fe/0xee0
[  876.787664][T19159]  ? __pfx_adu_write+0x10/0x10
[  876.787679][T19159]  ? __pfx_default_wake_function+0x10/0x10
[  876.787691][T19159]  ? bpf_lsm_file_permission+0x9/0x10
[  876.787706][T19159]  ? security_file_permission+0x71/0x210
[  876.787722][T19159]  ? rw_verify_area+0xcf/0x6c0
[  876.787740][T19159]  ? __pfx_adu_write+0x10/0x10
[  876.787755][T19159]  vfs_write+0x29d/0x11d0
[  876.787771][T19159]  ? __pfx_vfs_write+0x10/0x10
[  876.787781][T19159]  ? find_held_lock+0x2b/0x80
[  876.787792][T19159]  ? __fget_files+0x204/0x3c0
[  876.787806][T19159]  ? __fget_files+0x20e/0x3c0
[  876.787822][T19159]  ksys_write+0x12a/0x250
[  876.787834][T19159]  ? __pfx_ksys_write+0x10/0x10
[  876.787847][T19159]  ? rcu_is_watching+0x12/0xc0
[  876.787860][T19159]  __do_fast_syscall_32+0x7c/0x3a0
[  876.787876][T19159]  do_fast_syscall_32+0x32/0x80
[  876.787890][T19159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  876.787903][T19159] RIP: 0023:0xf7f03579
[  876.787912][T19159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  876.787922][T19159] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  876.787932][T19159] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000380
[  876.787939][T19159] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000
[  876.787945][T19159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  876.787951][T19159] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  876.787957][T19159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  876.787972][T19159]  </TASK>
[  876.787981][T19159] usb 7-1: Couldn't submit interrupt_out_urb -12
[  876.900657][ T6057] usb 7-1: USB disconnect, device number 14
[  877.120671][T19194] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3031'.
[  877.320648][T19209] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3031'.
[  877.391521][T19207] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  877.443653][T19201] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  877.777456][T19202] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.860023][T19202] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.977524][T19202] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.021195][T19220] wg2: entered allmulticast mode
[  878.405027][ T5979] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  878.405252][ T5979] Bluetooth: hci2: adv larger than maximum supported
[  878.409223][ T5979] Bluetooth: hci2: Malformed LE Event: 0x0d
[  878.431914][T19226] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3036'.
[  878.584992][T16585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  878.741117][T19232] FAULT_INJECTION: forcing a failure.
[  878.741117][T19232] name failslab, interval 1, probability 0, space 0, times 0
[  878.745413][T19232] CPU: 2 UID: 0 PID: 19232 Comm: syz.0.3038 Not tainted syzkaller #0 PREEMPT(full) 
[  878.745428][T19232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  878.745435][T19232] Call Trace:
[  878.745440][T19232]  <TASK>
[  878.745445][T19232]  dump_stack_lvl+0x16c/0x1f0
[  878.745464][T19232]  should_fail_ex+0x512/0x640
[  878.745480][T19232]  ? fs_reclaim_acquire+0xae/0x150
[  878.745502][T19232]  ? tomoyo_encode2+0x100/0x3e0
[  878.745517][T19232]  should_failslab+0xc2/0x120
[  878.745533][T19232]  __kmalloc_noprof+0xd2/0x510
[  878.745551][T19232]  tomoyo_encode2+0x100/0x3e0
[  878.745568][T19232]  tomoyo_encode+0x29/0x50
[  878.745583][T19232]  tomoyo_realpath_from_path+0x18f/0x6e0
[  878.745600][T19232]  ? tomoyo_profile+0x47/0x60
[  878.745612][T19232]  tomoyo_path_number_perm+0x245/0x580
[  878.745625][T19232]  ? tomoyo_path_number_perm+0x237/0x580
[  878.745640][T19232]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  878.745670][T19232]  ? find_held_lock+0x2b/0x80
[  878.745682][T19232]  ? hook_file_ioctl_common+0x145/0x410
[  878.745700][T19232]  ? __fget_files+0x20e/0x3c0
[  878.745716][T19232]  security_file_ioctl_compat+0x9b/0x240
[  878.745732][T19232]  __ia32_compat_sys_ioctl+0xc3/0x370
[  878.745752][T19232]  __do_fast_syscall_32+0x7c/0x3a0
[  878.745769][T19232]  do_fast_syscall_32+0x32/0x80
[  878.745784][T19232]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  878.745798][T19232] RIP: 0023:0xf7fd4579
[  878.745807][T19232] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  878.745831][T19232] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  878.745843][T19232] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008931
[  878.745850][T19232] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  878.745857][T19232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  878.745863][T19232] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  878.745870][T19232] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  878.745886][T19232]  </TASK>
[  878.817007][T19232] ERROR: Out of memory at tomoyo_realpath_from_path.
[  878.854225][T19234] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  878.858654][T19234] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  879.332587][T19243] fuse: Bad value for 'group_id'
[  879.334893][T19243] fuse: Bad value for 'group_id'
[  879.351820][T19202] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  879.451430][  T101] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  879.454971][  T101] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  879.481005][  T101] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  879.484407][  T101] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  879.663111][T19253] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  879.815945][ T6057] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  879.997909][ T6057] usb 7-1: config 1 has too many interfaces: 252, using maximum allowed: 32
[  880.001786][ T6057] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  880.005238][ T6057] usb 7-1: config 1 has 0 interfaces, different from the descriptor's value: 252
[  880.008415][ T6057] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  880.011377][ T6057] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  880.228863][T16753] usb 7-1: USB disconnect, device number 15
[  880.374657][T19263] FAULT_INJECTION: forcing a failure.
[  880.374657][T19263] name failslab, interval 1, probability 0, space 0, times 0
[  880.379871][T19263] CPU: 1 UID: 0 PID: 19263 Comm: syz.1.3048 Not tainted syzkaller #0 PREEMPT(full) 
[  880.379892][T19263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  880.379903][T19263] Call Trace:
[  880.379908][T19263]  <TASK>
[  880.379915][T19263]  dump_stack_lvl+0x16c/0x1f0
[  880.379939][T19263]  should_fail_ex+0x512/0x640
[  880.379960][T19263]  ? fs_reclaim_acquire+0xae/0x150
[  880.379987][T19263]  ? tomoyo_encode2+0x100/0x3e0
[  880.380006][T19263]  should_failslab+0xc2/0x120
[  880.380056][T19263]  __kmalloc_noprof+0xd2/0x510
[  880.380078][T19263]  ? d_absolute_path+0x136/0x1a0
[  880.380108][T19263]  tomoyo_encode2+0x100/0x3e0
[  880.380137][T19263]  tomoyo_encode+0x29/0x50
[  880.380159][T19263]  tomoyo_realpath_from_path+0x18f/0x6e0
[  880.380187][T19263]  tomoyo_path_number_perm+0x245/0x580
[  880.380207][T19263]  ? tomoyo_path_number_perm+0x237/0x580
[  880.380227][T19263]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  880.380276][T19263]  ? find_held_lock+0x2b/0x80
[  880.380293][T19263]  ? hook_file_ioctl_common+0x145/0x410
[  880.380322][T19263]  ? __fget_files+0x20e/0x3c0
[  880.380350][T19263]  security_file_ioctl_compat+0x9b/0x240
[  880.380371][T19263]  __ia32_compat_sys_ioctl+0xc3/0x370
[  880.380397][T19263]  __do_fast_syscall_32+0x7c/0x3a0
[  880.380420][T19263]  do_fast_syscall_32+0x32/0x80
[  880.380446][T19263]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  880.380467][T19263] RIP: 0023:0xf7f17579
[  880.380481][T19263] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  880.380496][T19263] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  880.380513][T19263] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008561c
[  880.380522][T19263] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  880.380530][T19263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  880.380539][T19263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  880.380550][T19263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  880.380572][T19263]  </TASK>
[  880.380636][T19263] ERROR: Out of memory at tomoyo_realpath_from_path.
[  880.483875][T19265] FAULT_INJECTION: forcing a failure.
[  880.483875][T19265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  880.491015][T19265] CPU: 3 UID: 0 PID: 19265 Comm: syz.0.3049 Not tainted syzkaller #0 PREEMPT(full) 
[  880.491034][T19265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  880.491041][T19265] Call Trace:
[  880.491046][T19265]  <TASK>
[  880.491051][T19265]  dump_stack_lvl+0x16c/0x1f0
[  880.491069][T19265]  should_fail_ex+0x512/0x640
[  880.491088][T19265]  _copy_from_user+0x2e/0xd0
[  880.491105][T19265]  kstrtouint_from_user+0xd6/0x1d0
[  880.491118][T19265]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  880.491131][T19265]  ? __lock_acquire+0xb97/0x1ce0
[  880.491153][T19265]  proc_fail_nth_write+0x83/0x220
[  880.491165][T19265]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  880.491181][T19265]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  880.491191][T19265]  vfs_write+0x29d/0x11d0
[  880.491208][T19265]  ? __pfx_vfs_write+0x10/0x10
[  880.491218][T19265]  ? find_held_lock+0x2b/0x80
[  880.491233][T19265]  ? __fget_files+0x20e/0x3c0
[  880.491250][T19265]  ksys_write+0x12a/0x250
[  880.491267][T19265]  ? __pfx_ksys_write+0x10/0x10
[  880.491281][T19265]  ? rcu_is_watching+0x12/0xc0
[  880.491294][T19265]  __do_fast_syscall_32+0x7c/0x3a0
[  880.491310][T19265]  do_fast_syscall_32+0x32/0x80
[  880.491324][T19265]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  880.491337][T19265] RIP: 0023:0xf7fd4579
[  880.491346][T19265] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  880.491357][T19265] RSP: 002b:00000000f54f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  880.491367][T19265] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54f6620
[  880.491374][T19265] RDX: 0000000000000001 RSI: 00000000f7464ff4 RDI: 0000000000000000
[  880.491380][T19265] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  880.491386][T19265] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  880.491393][T19265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  880.491407][T19265]  </TASK>
[  880.819164][T19286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3056'.
[  881.107158][T19297] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  881.138581][T19298] ªªªªª»: renamed from hsr0 (while UP)
[  881.209044][T19298] netlink: 201660 bytes leftover after parsing attributes in process `syz.3.3059'.
[  881.768522][  T101] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  882.215998][ T5977] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  882.216029][ T5977] Bluetooth: hci1: adv larger than maximum supported
[  882.218299][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0d
[  882.228821][T19327] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'.
[  882.282186][T16876] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  882.486010][T16876] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[  882.488651][T16876] usb 7-1: config 0 has no interface number 0
[  882.489836][T19334] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  882.491549][T16876] usb 7-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  882.538605][T16876] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  882.552731][T19337] FAULT_INJECTION: forcing a failure.
[  882.552731][T19337] name failslab, interval 1, probability 0, space 0, times 0
[  882.573286][T16876] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  882.589794][T19337] CPU: 2 UID: 0 PID: 19337 Comm: syz.1.3069 Not tainted syzkaller #0 PREEMPT(full) 
[  882.589825][T19337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  882.589833][T19337] Call Trace:
[  882.589838][T19337]  <TASK>
[  882.589843][T19337]  dump_stack_lvl+0x16c/0x1f0
[  882.589862][T19337]  should_fail_ex+0x512/0x640
[  882.589877][T19337]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  882.589893][T19337]  should_failslab+0xc2/0x120
[  882.589908][T19337]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  882.589921][T19337]  ? __alloc_skb+0x2b2/0x380
[  882.589939][T19337]  __alloc_skb+0x2b2/0x380
[  882.589952][T19337]  ? __pfx___alloc_skb+0x10/0x10
[  882.589967][T19337]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  882.589986][T19337]  netlink_alloc_large_skb+0x69/0x130
[  882.590002][T19337]  netlink_sendmsg+0x6a1/0xdd0
[  882.590035][T19337]  ? __pfx_netlink_sendmsg+0x10/0x10
[  882.590054][T19337]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  882.590070][T19337]  ____sys_sendmsg+0xa98/0xc70
[  882.590080][T19337]  ? btrfs_load_block_group_zone_info+0x39a0/0x5160
[  882.590097][T19337]  ? __pfx_____sys_sendmsg+0x10/0x10
[  882.590106][T19337]  ? get_compat_msghdr+0x11a/0x170
[  882.590128][T19337]  ___sys_sendmsg+0x134/0x1d0
[  882.590143][T19337]  ? __pfx____sys_sendmsg+0x10/0x10
[  882.590168][T19337]  ? find_held_lock+0x2b/0x80
[  882.590200][T19337]  __sys_sendmsg+0x16d/0x220
[  882.590220][T19337]  ? __pfx___sys_sendmsg+0x10/0x10
[  882.590254][T19337]  ? rcu_is_watching+0x12/0xc0
[  882.590276][T19337]  __do_fast_syscall_32+0x7c/0x3a0
[  882.590293][T19337]  do_fast_syscall_32+0x32/0x80
[  882.590307][T19337]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  882.590321][T19337] RIP: 0023:0xf7f17579
[  882.590331][T19337] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  882.590342][T19337] RSP: 002b:00000000f541555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  882.590353][T19337] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  882.590360][T19337] RDX: 0000000004040010 RSI: 0000000000000000 RDI: 0000000000000000
[  882.590367][T19337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  882.590373][T19337] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  882.590380][T19337] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  882.590396][T19337]  </TASK>
[  882.679109][    C2] vkms_vblank_simulate: vblank timer overrun
[  882.905575][T16876] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  882.957017][T16876] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  882.985354][T16876] usb 7-1: Product: syz
[  883.007087][T16876] usb 7-1: SerialNumber: syz
[  883.076377][T16876] usb 7-1: config 0 descriptor??
[  883.214425][T16876] cm109 7-1:0.8: invalid payload size 0, expected 4
[  883.315091][T16876] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input14
[  883.344311][T16876] ------------[ cut here ]------------
[  883.345373][T16876] URB ffff88802938fa00 submitted while active
[  883.349193][T16876] WARNING: CPU: 2 PID: 16876 at drivers/usb/core/urb.c:379 usb_submit_urb+0x1519/0x1770
[  883.359324][T16876] Modules linked in:
[  883.359380][T16876] CPU: 2 UID: 0 PID: 16876 Comm: kworker/2:4 Not tainted syzkaller #0 PREEMPT(full) 
[  883.359405][T16876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  883.359421][T16876] Workqueue: usb_hub_wq hub_event
[  883.359453][T16876] RIP: 0010:usb_submit_urb+0x1519/0x1770
[  883.359481][T16876] Code: fd eb cb bb fe ff ff ff e9 96 f3 ff ff e8 cf dd 7c fa c6 05 c2 af 55 09 01 90 48 c7 c7 60 06 74 8c 48 89 de e8 58 d6 3b fa 90 <0f> 0b 90 90 e9 ac fe ff ff bb f8 ff ff ff e9 66 f3 ff ff 48 89 ef
[  883.359502][T16876] RSP: 0018:ffffc900031d6e98 EFLAGS: 00010286
[  883.359519][T16876] RAX: 0000000000000000 RBX: ffff88802938fa00 RCX: ffffffff817a02c8
[  883.359533][T16876] RDX: ffff888027512440 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  883.359545][T16876] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  883.359556][T16876] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880710950a0
[  883.359567][T16876] R13: ffff888071095010 R14: ffff88807109509f R15: ffff888071095050
[  883.359580][T16876] FS:  0000000000000000(0000) GS:ffff8880976c3000(0000) knlGS:0000000000000000
[  883.359615][T16876] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  883.359631][T16876] CR2: 000055a4dfeae008 CR3: 0000000070817000 CR4: 0000000000352ef0
[  883.359645][T16876] Call Trace:
[  883.359653][T16876]  <TASK>
[  883.359665][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.359699][T16876]  cm109_input_open+0x27a/0x490
[  883.359722][T16876]  ? __pfx_cm109_input_open+0x10/0x10
[  883.359741][T16876]  input_open_device+0x249/0x3d0
[  883.359765][T16876]  kbd_connect+0x103/0x160
[  883.359793][T16876]  input_attach_handler.isra.0+0x173/0x250
[  883.359828][T16876]  input_register_device+0xab9/0x1180
[  883.359855][T16876]  cm109_usb_probe+0x122f/0x17c0
[  883.359887][T16876]  usb_probe_interface+0x300/0xa40
[  883.359913][T16876]  ? __pfx_usb_probe_interface+0x10/0x10
[  883.359936][T16876]  really_probe+0x23e/0xa90
[  883.359967][T16876]  __driver_probe_device+0x1de/0x440
[  883.359997][T16876]  driver_probe_device+0x4c/0x1b0
[  883.360025][T16876]  __device_attach_driver+0x1df/0x310
[  883.360053][T16876]  ? __pfx___device_attach_driver+0x10/0x10
[  883.360078][T16876]  bus_for_each_drv+0x156/0x1e0
[  883.360103][T16876]  ? __pfx_bus_for_each_drv+0x10/0x10
[  883.360129][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.360156][T16876]  __device_attach+0x1e4/0x4b0
[  883.360184][T16876]  ? __pfx___device_attach+0x10/0x10
[  883.360211][T16876]  ? do_raw_spin_unlock+0x172/0x230
[  883.360248][T16876]  bus_probe_device+0x17f/0x1c0
[  883.360282][T16876]  device_add+0x1148/0x1aa0
[  883.360305][T16876]  ? __pfx_device_add+0x10/0x10
[  883.360322][T16876]  ? preempt_schedule_thunk+0x16/0x30
[  883.360361][T16876]  usb_set_configuration+0x1187/0x1e20
[  883.360410][T16876]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  883.360434][T16876]  usb_generic_driver_probe+0xb1/0x110
[  883.360460][T16876]  usb_probe_device+0xef/0x3e0
[  883.360486][T16876]  ? __pfx_usb_probe_device+0x10/0x10
[  883.360514][T16876]  really_probe+0x23e/0xa90
[  883.360543][T16876]  __driver_probe_device+0x1de/0x440
[  883.360568][T16876]  ? usb_driver_applicable+0x1c7/0x220
[  883.360592][T16876]  driver_probe_device+0x4c/0x1b0
[  883.360620][T16876]  __device_attach_driver+0x1df/0x310
[  883.360649][T16876]  ? __pfx___device_attach_driver+0x10/0x10
[  883.360674][T16876]  bus_for_each_drv+0x156/0x1e0
[  883.360697][T16876]  ? __pfx_bus_for_each_drv+0x10/0x10
[  883.360722][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.360749][T16876]  __device_attach+0x1e4/0x4b0
[  883.360776][T16876]  ? __pfx___device_attach+0x10/0x10
[  883.360812][T16876]  bus_probe_device+0x17f/0x1c0
[  883.360841][T16876]  device_add+0x1148/0x1aa0
[  883.360862][T16876]  ? __pfx_device_add+0x10/0x10
[  883.360881][T16876]  ? add_device_randomness+0xb7/0xf0
[  883.360912][T16876]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  883.360939][T16876]  usb_new_device+0xd07/0x1a60
[  883.517417][T19360] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  883.519386][T16876]  ? do_raw_spin_lock+0x12c/0x2b0
[  883.565981][T16876]  ? __pfx_usb_new_device+0x10/0x10
[  883.566047][T16876]  ? mark_held_locks+0x49/0x80
[  883.566079][T16876]  hub_event+0x2f34/0x4fe0
[  883.566140][T16876]  ? __pfx_hub_event+0x10/0x10
[  883.566166][T16876]  ? free_object_list.isra.0+0x110/0x2a0
[  883.566202][T16876]  ? rcu_is_watching+0x12/0xc0
[  883.566229][T16876]  process_one_work+0x9cf/0x1b70
[  883.566268][T16876]  ? __pfx_hcd_resume_work+0x10/0x10
[  883.566288][T16876]  ? __pfx_process_one_work+0x10/0x10
[  883.566326][T16876]  ? assign_work+0x1a0/0x250
[  883.566359][T16876]  worker_thread+0x6c8/0xf10
[  883.566386][T16876]  ? __kthread_parkme+0x19e/0x250
[  883.566412][T16876]  ? __pfx_worker_thread+0x10/0x10
[  883.566431][T16876]  kthread+0x3c5/0x780
[  883.566459][T16876]  ? __pfx_kthread+0x10/0x10
[  883.566488][T16876]  ? rcu_is_watching+0x12/0xc0
[  883.566514][T16876]  ? __pfx_kthread+0x10/0x10
[  883.566542][T16876]  ret_from_fork+0x5d4/0x6f0
[  883.566570][T16876]  ? __pfx_kthread+0x10/0x10
[  883.566598][T16876]  ret_from_fork_asm+0x1a/0x30
[  883.566636][T16876]  </TASK>
[  883.566649][T16876] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  883.566662][T16876] CPU: 2 UID: 0 PID: 16876 Comm: kworker/2:4 Not tainted syzkaller #0 PREEMPT(full) 
[  883.566685][T16876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  883.566697][T16876] Workqueue: usb_hub_wq hub_event
[  883.566724][T16876] Call Trace:
[  883.566731][T16876]  <TASK>
[  883.566739][T16876]  dump_stack_lvl+0x3d/0x1f0
[  883.566764][T16876]  vpanic+0x6e8/0x7a0
[  883.566791][T16876]  ? __pfx_vpanic+0x10/0x10
[  883.566823][T16876]  ? usb_submit_urb+0x1519/0x1770
[  883.566846][T16876]  panic+0xca/0xd0
[  883.566870][T16876]  ? __pfx_panic+0x10/0x10
[  883.566902][T16876]  ? check_panic_on_warn+0x1f/0xb0
[  883.566931][T16876]  check_panic_on_warn+0xab/0xb0
[  883.566957][T16876]  __warn+0xf6/0x3c0
[  883.566982][T16876]  ? usb_submit_urb+0x1519/0x1770
[  883.567006][T16876]  report_bug+0x3c3/0x580
[  883.567028][T16876]  ? usb_submit_urb+0x1519/0x1770
[  883.567054][T16876]  handle_bug+0x184/0x210
[  883.567080][T16876]  exc_invalid_op+0x17/0x50
[  883.567104][T16876]  asm_exc_invalid_op+0x1a/0x20
[  883.567122][T16876] RIP: 0010:usb_submit_urb+0x1519/0x1770
[  883.567146][T16876] Code: fd eb cb bb fe ff ff ff e9 96 f3 ff ff e8 cf dd 7c fa c6 05 c2 af 55 09 01 90 48 c7 c7 60 06 74 8c 48 89 de e8 58 d6 3b fa 90 <0f> 0b 90 90 e9 ac fe ff ff bb f8 ff ff ff e9 66 f3 ff ff 48 89 ef
[  883.567165][T16876] RSP: 0018:ffffc900031d6e98 EFLAGS: 00010286
[  883.567182][T16876] RAX: 0000000000000000 RBX: ffff88802938fa00 RCX: ffffffff817a02c8
[  883.567194][T16876] RDX: ffff888027512440 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  883.567206][T16876] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  883.567217][T16876] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880710950a0
[  883.567229][T16876] R13: ffff888071095010 R14: ffff88807109509f R15: ffff888071095050
[  883.567250][T16876]  ? __warn_printk+0x198/0x350
[  883.567273][T16876]  ? __warn_printk+0x1a5/0x350
[  883.567303][T16876]  ? usb_submit_urb+0x1518/0x1770
[  883.567327][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.567357][T16876]  cm109_input_open+0x27a/0x490
[  883.567378][T16876]  ? __pfx_cm109_input_open+0x10/0x10
[  883.567396][T16876]  input_open_device+0x249/0x3d0
[  883.567419][T16876]  kbd_connect+0x103/0x160
[  883.567445][T16876]  input_attach_handler.isra.0+0x173/0x250
[  883.567477][T16876]  input_register_device+0xab9/0x1180
[  883.567502][T16876]  cm109_usb_probe+0x122f/0x17c0
[  883.567538][T16876]  usb_probe_interface+0x300/0xa40
[  883.567562][T16876]  ? __pfx_usb_probe_interface+0x10/0x10
[  883.567584][T16876]  really_probe+0x23e/0xa90
[  883.567614][T16876]  __driver_probe_device+0x1de/0x440
[  883.567642][T16876]  driver_probe_device+0x4c/0x1b0
[  883.567669][T16876]  __device_attach_driver+0x1df/0x310
[  883.567696][T16876]  ? __pfx___device_attach_driver+0x10/0x10
[  883.567720][T16876]  bus_for_each_drv+0x156/0x1e0
[  883.567742][T16876]  ? __pfx_bus_for_each_drv+0x10/0x10
[  883.567766][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.567792][T16876]  __device_attach+0x1e4/0x4b0
[  883.567818][T16876]  ? __pfx___device_attach+0x10/0x10
[  883.567843][T16876]  ? do_raw_spin_unlock+0x172/0x230
[  883.567878][T16876]  bus_probe_device+0x17f/0x1c0
[  883.567904][T16876]  device_add+0x1148/0x1aa0
[  883.567926][T16876]  ? __pfx_device_add+0x10/0x10
[  883.567942][T16876]  ? preempt_schedule_thunk+0x16/0x30
[  883.567978][T16876]  usb_set_configuration+0x1187/0x1e20
[  883.568022][T16876]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  883.568047][T16876]  usb_generic_driver_probe+0xb1/0x110
[  883.568068][T16876]  usb_probe_device+0xef/0x3e0
[  883.568090][T16876]  ? __pfx_usb_probe_device+0x10/0x10
[  883.568116][T16876]  really_probe+0x23e/0xa90
[  883.568145][T16876]  __driver_probe_device+0x1de/0x440
[  883.568168][T16876]  ? usb_driver_applicable+0x1c7/0x220
[  883.568190][T16876]  driver_probe_device+0x4c/0x1b0
[  883.568216][T16876]  __device_attach_driver+0x1df/0x310
[  883.568243][T16876]  ? __pfx___device_attach_driver+0x10/0x10
[  883.568266][T16876]  bus_for_each_drv+0x156/0x1e0
[  883.568287][T16876]  ? __pfx_bus_for_each_drv+0x10/0x10
[  883.568311][T16876]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  883.568337][T16876]  __device_attach+0x1e4/0x4b0
[  883.568363][T16876]  ? __pfx___device_attach+0x10/0x10
[  883.568398][T16876]  bus_probe_device+0x17f/0x1c0
[  883.568423][T16876]  device_add+0x1148/0x1aa0
[  883.568444][T16876]  ? __pfx_device_add+0x10/0x10
[  883.568462][T16876]  ? add_device_randomness+0xb7/0xf0
[  883.568491][T16876]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  883.568523][T16876]  usb_new_device+0xd07/0x1a60
[  883.568555][T16876]  ? do_raw_spin_lock+0x12c/0x2b0
[  883.568582][T16876]  ? __pfx_usb_new_device+0x10/0x10
[  883.568627][T16876]  ? mark_held_locks+0x49/0x80
[  883.568655][T16876]  hub_event+0x2f34/0x4fe0
[  883.568712][T16876]  ? __pfx_hub_event+0x10/0x10
[  883.568736][T16876]  ? free_object_list.isra.0+0x110/0x2a0
[  883.568769][T16876]  ? rcu_is_watching+0x12/0xc0
[  883.568793][T16876]  process_one_work+0x9cf/0x1b70
[  883.568830][T16876]  ? __pfx_hcd_resume_work+0x10/0x10
[  883.568850][T16876]  ? __pfx_process_one_work+0x10/0x10
[  883.568886][T16876]  ? assign_work+0x1a0/0x250
[  883.568916][T16876]  worker_thread+0x6c8/0xf10
[  883.568943][T16876]  ? __kthread_parkme+0x19e/0x250
[  883.568970][T16876]  ? __pfx_worker_thread+0x10/0x10
[  883.568987][T16876]  kthread+0x3c5/0x780
[  883.569014][T16876]  ? __pfx_kthread+0x10/0x10
[  883.569043][T16876]  ? rcu_is_watching+0x12/0xc0
[  883.569061][T16876]  ? __pfx_kthread+0x10/0x10
[  883.569088][T16876]  ret_from_fork+0x5d4/0x6f0
[  883.569115][T16876]  ? __pfx_kthread+0x10/0x10
[  883.569141][T16876]  ret_from_fork_asm+0x1a/0x30
[  883.569177][T16876]  </TASK>
[  883.569823][T16876] Kernel Offset: disabled

VM DIAGNOSIS:
21:36:17  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000000 RBX=0000000000000000 RCX=ffffc900032f8001 RDX=0000000000000000
RSI=ffffffff8df3fab9 RDI=ffffffff8c162d00 RBP=0000000000000001 RSP=ffffc900032f7680
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=00000000000115c4
R12=ffffffff816ab8a4 R13=0000000000000202 R14=ffff888077c90000 R15=ffffc900032f779c
RIP=ffffffff8b90a3ad RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5426578 CR3=0000000070817000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88804fc70008 RCX=ffffffff822c30c8 RDX=ffff88802149a440
RSI=ffffffff822c30d5 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90003b075c0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=ffffea0001b85e80 R15=1ffff92000760ebb
RIP=ffffffff81bb0898 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7ef55c0 CR3=0000000072177000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000022f 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=000000000000001c RCX=ffffffff819a6682 RDX=ffff888027512440
RSI=ffffffff819a6670 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900031d6ac0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=1ffff9200063ad5a R13=0000000000000200 R14=ffff88802adca440 R15=ffffc900031d6b88
RIP=ffffffff819a6672 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055a4dfeae008 CR3=0000000070817000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b53ada8 RCX=ffffffff8b8b9fcc RDX=ffff88802356c880
RSI=ffffffff8b8b950c RDI=ffff88802b53ada8 RBP=ffff88802b53ada8 RSP=ffffc90003e47840
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffff88802b53ad18
R12=ffff88802b53ada8 R13=dffffc0000000000 R14=ffff888022c6cdb0 R15=ffff888022c6cd98
RIP=ffffffff81bb08f6 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080008000 CR3=000000004bf3b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000