last executing test programs:

8.209050373s ago: executing program 0 (id=392):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_disconnect(r0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x100)
socket$tipc(0x1e, 0x5, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3}, &(0x7f0000000040), &(0x7f0000000080))
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0)
recvmsg$unix(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000880)=""/27, 0x1b}, {&(0x7f0000000500)=""/14, 0xe}], 0x2}, 0x0)
read$alg(r5, &(0x7f0000002840)=""/4089, 0xff9)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)

5.843660263s ago: executing program 3 (id=414):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x1}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000000)=0x88, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
readv(r3, &(0x7f0000000440)=[{&(0x7f0000000040)=""/82, 0x52}], 0x1)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x30, 0x0, 0x0, 0xee01}}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
fsync(r6)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x6, 0x0, 0x4})
close(r0)

5.028240401s ago: executing program 0 (id=417):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r3)
mmap$KVM_VCPU(&(0x7f0000ce8000/0x2000)=nil, 0x930, 0x0, 0x12, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x46201000, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

4.890216275s ago: executing program 0 (id=418):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bind$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000013000000350000000000ba00850000000700000095000000000000004cf12aa5cbd56806f81f06a9c0ff431553ca08030871e23089f5e0a141d524588f32cb447f90ee60b191e2c825cd4d580e7953f911aa1f7017230163cf09493497cbe593f90a847687a1ef1f83dd6c1023678a1086f790f9dce435558fe138d7362090db7457c14bc34e6bde0887c697add9a7ab69000000004f0a9c139e19b27de95dbfb3fe241454a04080bf668ce021879c820f9b80fe233888f0008000007027d4b33729d714e0e205db36aa52281c71e90bbd1615e3a833c63d330700f514c622ff99237bfb3557b4e44bdfdae050a0678a3d8407b0a45c623d8ef9baf37ac4effeac63a1606ff3c25ac788dbcc31bb76fbf87fc74300000000932d279b674f1f8719d07a6396b18b6e214bd29aef8d03483012c76199e301494d766a733d7117fc9107bc5b9267fbf8b0d2e2f4f6582b9510d30a5d3d3bd12bc338028e217e7d59efd3090be5bf2f9d1c42104df0da362f586aa2397bb7866d97163b2bdc3364b08dfcc0415c369736ea2897e6bb88e8fae37345fb21b69331e250886b7bf9efdcd5e998f7cfad443c3336c80ffc401c4f774942c7e5a56f0c3281afbf9b1f5e347508a7d2884a2b49b6039c221dabadcd313c01384dd93ff43a3ff43b69bb8659a89d857f3b15de7b06fd9fe93470ee07794c213f9c51a7ecaa2cdc70024c3aa400000000000000000000000000000000000000000000000085d16fbc2f7845935b8abf55ae4fc25c736170a4b9b78bacd235e49c0c773e783f48e36d61aebcaaeec26da752aba7eda57fbe0fbb9d771e1d5b2979ab12b6467ae7d8d746"], &(0x7f0000000140)='GPL\x00', 0x0, 0xfffffe1f, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000ac0)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x1a8000, 0xa, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x6000, 0x0, 0xc}, {0x0, 0x0, 0xf, 0x0, 0x6, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x9, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x10000, 0x1, 0x9, 0x0, 0xfd}, {0xf000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2, 0x3}, {0x0, 0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0xff}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x340030, 0x80000a, 0x0, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x8140aecc, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000000380)={0x0, 0x2, 0x0, 0x6})
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r10, 0xc0145b0e, &(0x7f0000000040))

3.6405732s ago: executing program 3 (id=419):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bind$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000013000000350000000000ba00850000000700000095000000000000004cf12aa5cbd56806f81f06a9c0ff431553ca08030871e23089f5e0a141d524588f32cb447f90ee60b191e2c825cd4d580e7953f911aa1f7017230163cf09493497cbe593f90a847687a1ef1f83dd6c1023678a1086f790f9dce435558fe138d7362090db7457c14bc34e6bde0887c697add9a7ab69000000004f0a9c139e19b27de95dbfb3fe241454a04080bf668ce021879c820f9b80fe233888f0008000007027d4b33729d714e0e205db36aa52281c71e90bbd1615e3a833c63d330700f514c622ff99237bfb3557b4e44bdfdae050a0678a3d8407b0a45c623d8ef9baf37ac4effeac63a1606ff3c25ac788dbcc31bb76fbf87fc74300000000932d279b674f1f8719d07a6396b18b6e214bd29aef8d03483012c76199e301494d766a733d7117fc9107bc5b9267fbf8b0d2e2f4f6582b9510d30a5d3d3bd12bc338028e217e7d59efd3090be5bf2f9d1c42104df0da362f586aa2397bb7866d97163b2bdc3364b08dfcc0415c369736ea2897e6bb88e8fae37345fb21b69331e250886b7bf9efdcd5e998f7cfad443c3336c80ffc401c4f774942c7e5a56f0c3281afbf9b1f5e347508a7d2884a2b49b6039c221dabadcd313c01384dd93ff43a3ff43b69bb8659a89d857f3b15de7b06fd9fe93470ee07794c213f9c51a7ecaa2cdc70024c3aa400000000000000000000000000000000000000000000000085d16fbc2f7845935b8abf55ae4fc25c736170a4b9b78bacd235e49c0c773e783f48e36d61aebcaaeec26da752aba7eda57fbe0fbb9d771e1d5b2979ab12b6467ae7d8d746"], &(0x7f0000000140)='GPL\x00', 0x0, 0xfffffe1f, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x1a8000, 0xa, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x6000, 0x0, 0xc}, {0x0, 0x0, 0xf, 0x0, 0x6, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x9, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x10000, 0x1, 0x9, 0x0, 0xfd}, {0xf000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2, 0x3}, {0x0, 0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0xff}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x340030, 0x80000a, 0x0, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x8140aecc, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000000380)={0x0, 0x2, 0x0, 0x6})
r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r9, 0xc0145b0e, &(0x7f0000000040))

3.634016573s ago: executing program 0 (id=424):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@empty, 0x0, 0x0, 0xfffd, 0x200, 0x2, 0x0, 0x0, 0x62}, {0x2000, 0x0, 0x0, 0x0, 0x0, 0x80400000000, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0xfffffffd, 0x0, 0x0, 0x0, 0x1}, {{@in6=@private2, 0xfffffffc, 0x3c}, 0x2, @in6=@loopback, 0x3505, 0x4, 0x0, 0x0, 0x7, 0x5}}, 0xe4)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000280000000000050000000000001321000000004e221cbdf390264d", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5010000090780000"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x17, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
close(r3)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x5b03, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000500)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000700)={0x0, 0xffffffffffffff9e, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000600)={r8, 0x0, 0x0, 0x0, 0x0, [<r9=>0x0]})
r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r10, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix={0x6, 0x8, 0x31435641, 0x9, 0x5, 0x98, 0x3, 0x6, 0x0, 0x6, 0x2, 0x74c3924ecb75b6cd}})
ioctl$DRM_IOCTL_MODE_ADDFB2(r3, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r9], [0x2b8]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000380)={r9})
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r2)
sendmsg$NL80211_CMD_RELOAD_REGDB(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)={0x14, r12, 0x300, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x48000)
sendmsg$NFT_BATCH(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xcc}}, 0x4800)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r1, r2, 0x12}, 0x10)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f00000002c0)={r0, r0, 0x685, 0xcf, &(0x7f00000000c0)="36d2d761d82d4704be1f8d6461c4bf96cbb693a211fabd9ced02b9f001ad2879d80e0c69ff47aeb57acfeb0ee37d17d26a776eb74f80a959cb37d9a8398acc1434e078ea595afdf74e8f1a5ba4eef4523bb7e2cb36ee5127415415b40f9bdd5396cb5b6491033e02179f1ead2fefa4e32bb54bd49f14fa38531e3f3db241ee6209188a0a89b4d08d2bca2724a8bd0b944dab0dca33e92030b54d9b633051a521c8194dc27ce51bc08228187bc699dda0ade36e0891afe2d90b284993f60b792145dd356d00e30d5f9a261f21ad1f52", 0x4, 0x1, 0x4, 0xf001, 0xdec2, 0x2, 0xffffffff, 'syz0\x00'})

3.504837626s ago: executing program 3 (id=427):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4}, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0xa0000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
socket$netlink(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000040)={0xd0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8081, 0x0)
truncate(&(0x7f0000000100)='./file0\x00', 0x2)
write$binfmt_elf64(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1e6)
getrlimit(0xf, &(0x7f0000000280))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

2.450168816s ago: executing program 1 (id=429):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0xfffffffd, 0x0, 0x34324152, 0x7, 0xa, [{0x2}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setscheduler(0x0, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x4)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
r4 = socket$kcm(0x2b, 0x1, 0x0)
r5 = socket(0x11, 0xa, 0x0)
getsockname$packet(r5, 0x0, &(0x7f00000001c0))
setsockopt$sock_attach_bpf(r4, 0x1, 0xd, &(0x7f0000000000), 0x3a)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e22, 0x1, @loopback, 0x9}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e23, @rand_addr=0x64010100}], 0x4c)
close(r4)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x9, 0x0, 0x2, 0x0, 0x40})
ioctl$TCFLSH(r3, 0x40204706, 0x20000000)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000040)="00000097c3199945e3eadae14708c82ec713c20000070002", 0x20)

2.170455778s ago: executing program 2 (id=430):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=@setlink={0x40, 0x13, 0x5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc00}, [@IFLA_IFNAME={0x14, 0x3, 'wlan1\x00'}, @IFLA_ADDRESS={0xa, 0x1, @link_local}]}, 0x40}}, 0x0) (fail_nth: 9)

2.095926084s ago: executing program 2 (id=431):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x16, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
mount$9p_fd(0xedc0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

2.095234821s ago: executing program 3 (id=432):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bind$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000013000000350000000000ba00850000000700000095000000000000004cf12aa5cbd56806f81f06a9c0ff431553ca08030871e23089f5e0a141d524588f32cb447f90ee60b191e2c825cd4d580e7953f911aa1f7017230163cf09493497cbe593f90a847687a1ef1f83dd6c1023678a1086f790f9dce435558fe138d7362090db7457c14bc34e6bde0887c697add9a7ab69000000004f0a9c139e19b27de95dbfb3fe241454a04080bf668ce021879c820f9b80fe233888f0008000007027d4b33729d714e0e205db36aa52281c71e90bbd1615e3a833c63d330700f514c622ff99237bfb3557b4e44bdfdae050a0678a3d8407b0a45c623d8ef9baf37ac4effeac63a1606ff3c25ac788dbcc31bb76fbf87fc74300000000932d279b674f1f8719d07a6396b18b6e214bd29aef8d03483012c76199e301494d766a733d7117fc9107bc5b9267fbf8b0d2e2f4f6582b9510d30a5d3d3bd12bc338028e217e7d59efd3090be5bf2f9d1c42104df0da362f586aa2397bb7866d97163b2bdc3364b08dfcc0415c369736ea2897e6bb88e8fae37345fb21b69331e250886b7bf9efdcd5e998f7cfad443c3336c80ffc401c4f774942c7e5a56f0c3281afbf9b1f5e347508a7d2884a2b49b6039c221dabadcd313c01384dd93ff43a3ff43b69bb8659a89d857f3b15de7b06fd9fe93470ee07794c213f9c51a7ecaa2cdc70024c3aa400000000000000000000000000000000000000000000000085d16fbc2f7845935b8abf55ae4fc25c736170a4b9b78bacd235e49c0c773e783f48e36d61aebcaaeec26da752aba7eda57fbe0fbb9d771e1d5b2979ab12b6467ae7d8d746"], &(0x7f0000000140)='GPL\x00', 0x0, 0xfffffe1f, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000ac0)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x1a8000, 0xa, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x6000, 0x0, 0xc}, {0x0, 0x0, 0xf, 0x0, 0x6, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x9, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x10000, 0x1, 0x9, 0x0, 0xfd}, {0xf000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2, 0x3}, {0x0, 0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0xff}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x340030, 0x80000a, 0x0, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x8140aecc, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000000380)={0x0, 0x2, 0x0, 0x6})
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r10, 0xc0145b0e, &(0x7f0000000040))

1.243099529s ago: executing program 2 (id=433):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x2, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xffd, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_open_dev$video4linux(&(0x7f0000000480), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r8, 0xc040564a, &(0x7f0000000000)={0x8, 0x0, 0x3017, 0x1, 0x7, 0x2, 0xc, 0x1})
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440))
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(r7, 0x0, 0x0)

1.238656683s ago: executing program 1 (id=434):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="5800000001010101000000000000000000000006080008400000000b34000f800800014000000000080002400000000d08000140000001000800014000000006082001400000007f08000240191196c90800074000000000cda34fce6d4cbe0a555d0479221f8e0936427b208b74d9cedf857db5d6e63690905cbb368c184cd5a7631abdce0f11a6cf089147fd0bfe14c22b46663ac765735279e72a3cf0fbf85f8515f7c39a7dcdf6bcb069a282"], 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x8080)
r3 = socket(0x10, 0x802, 0x0)
write(r3, &(0x7f0000000000)="fc0000004800071fab092504090007000aab60000a0000000008e293210001c0000000000000000000000000c0fe00ea05001ec28656aaa79bb94b46fe000000bc000200000300f12fbe780196370d1151ffd633d450000000e5d18064b1ed548d59c40a366c57c6a55e00008934d07302ade01720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70cce190a60aa47e988399ddef2fe082038f4f8b29d97f391064e763b6f380f5bd92c83170e5bba4a463a1e00d66ff5b22a95792e2891cfded815b6ccd243f295ed94e0ad91bd0734babc7c737d670133750800000000000000000000000000a6b567b4d5715587e6d8a1ad0a4f0108", 0xfc)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000080)={r5, 0x3, 0x3, @local}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000240)=0x1, 0x4)
ftruncate(r0, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f2fdd32382b9d53229b6d19d04b3461e6fbdbf7e44bb5c8945f07e63191e43c40c3372b9cb2e8453d54d5b127c3770c27d497f8bae8a00a8fc4c97fa81d88a317caa5657f596a825ae94ba0545c87758c6f4c077cc8665e0104e48e0ffe16a747d4a1efc5a76b1d45b09d2169995c5e5c5d473f452bcd7df769e2a28d4557abdc8ce959b1c8c49721bcf4efc90376f320b2c5d5f024a04b4435f49ce10dc4a0d127ad43b75a0c5b74d1ad596b90763c69649202169de1726d6b5590993406e55c"])

1.238325186s ago: executing program 1 (id=435):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0xfffffded)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0xfffd, 0xa, @mcast2, 0x405}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
stat(&(0x7f0000000000)='./file0\x00', 0x0)
dup(r1)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f00000004c0)={0x2, {0x3ff, 0x3, 0x7f80000, 0x101}, {0x6, 0xffff, 0x1, 0x10000}, {0x8, 0x4}})
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000f60900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080003400000000b0800024000000002140000001100010000000000000000000000000a"], 0xd8}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r4, 0x402c5342, &(0x7f0000000040)={0x0, 0x7a120, 0x60})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x1000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="2b00000003000000000000000000000001000000000000000a000000000000002f6465762f6675736500008df5984351d229b22441302cf6e37d8863264d5e67f9cb6e6f28001e68faa5124b43a8154ec0556e4b661ca68a1a182478e60fa7bb3c21d4"], 0x2b)

1.226077172s ago: executing program 1 (id=437):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket(0x10, 0x3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ce8000/0x2000)=nil, 0x930, 0x0, 0x12, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x46201000, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

1.225714768s ago: executing program 2 (id=438):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a32000000000500050000000000050004000000000014000780080008400000009008000640000600000d0003006c6973743a736574"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x28, 0x3, 0x6, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8010) (fail_nth: 5)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b409000000000000611110000000000085100000020000008500000008000000950000000000000095000000000000001dbe1ac61335a78d03e433e1280a0027a22fedde53bb23db721bdc917f1fdb7adf9dbaa948ecc4f98727e7308ab164ae44a267aaa44dba10bb0381f9776caa1b2c37b3df39b40132fd8374e55b138778245e740a86341d2cd41b9e4fd8cef49c1e138f2a118a47b61bd045ec307fa25e90a11da1068a4a77f0336e5b833996be36caaf2358adb8a28a423c3bb2b56eedc698bef1dd3717954373715908acc3c19ee3598d5e414ae779ed5ebf72403ec4d30edd5c881fa0819575b200be945ba62e1b7134a15e35ae2b467234706f099ec0a24113246a0df2f5238b3bcb9d27c559d8d44b3ff3c44c861cf145c0c3fc659a9deba6c572213dc2a3806ee0c4320c6aa305af90802b36efc82df3feeee6b2f67b0e7c524167e72f3e0ae3718e0fadccac62862265ee649937d1fc3686dddcc18394"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0x0, 0x0, 0x2, 0x11, 0x15be, 0x5, 0x801, 0x0, 0x8, 'syz1\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = getpgrp(0x0)
syz_pidfd_open(r7, 0x0)

1.225383229s ago: executing program 1 (id=439):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0xfffffffd, 0x0, 0x34324152, 0x7, 0xa, [{0x2}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setscheduler(0x0, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x4)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
r4 = socket$kcm(0x2b, 0x1, 0x0)
r5 = socket(0x11, 0xa, 0x0)
getsockname$packet(r5, 0x0, &(0x7f00000001c0))
setsockopt$sock_attach_bpf(r4, 0x1, 0xd, &(0x7f0000000000), 0x3a)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e22, 0x1, @loopback, 0x9}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e23, @rand_addr=0x64010100}], 0x4c)
close(r4)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x9, 0x0, 0x2, 0x0, 0x40})
ioctl$TCFLSH(r3, 0x40204706, 0x20000000)
bind$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000040)="00000097c3199945e3eadae14708c82ec713c20000070002", 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

879.616674ms ago: executing program 2 (id=440):
socket$pptp(0x18, 0x1, 0x2)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x80)
ioctl$CEC_RECEIVE(r2, 0xc0386106, &(0x7f0000000000)={0x0, 0x3f, 0x1, 0x0, 0x0, 0x9, '&\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe})
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="c021e578d174da839d0f598657003ce42de5ee7451", 0x15}, {0x0}], 0x2)

638.278245ms ago: executing program 3 (id=441):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xe, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}, @TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mlockall(0x5)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x4008840)

637.832262ms ago: executing program 3 (id=442):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=@newsa={0x100, 0x10, 0x7, 0x0, 0x0, {{@in=@local, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@remote, 0x0, 0x2b}, @in6=@mcast1, {0x0, 0xfffffffffffffffe}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x100}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @ioapic={0x6000, 0x5, 0x8, 0x0, 0x0, [{0xc, 0x80, 0x1}, {0x1, 0x0, 0x4, '\x00', 0x6}, {0x5, 0x6, 0x1d, '\x00', 0xfa}, {0x70, 0x2, 0xc6, '\x00', 0xf}, {0x14, 0x4, 0x7f}, {0x4, 0x4, 0x5, '\x00', 0x9}, {0x2, 0xf, 0xf, '\x00', 0x6}, {0x9, 0x9, 0xf3, '\x00', 0x5}, {0xff, 0x10, 0x40, '\x00', 0x8}, {0x3, 0x9, 0x0, '\x00', 0x6}, {0x6, 0xe, 0x7, '\x00', 0x9}, {0x9, 0x18, 0x9}, {0x10, 0x2, 0x0, '\x00', 0x5}, {0x27, 0x0, 0x7, '\x00', 0x1}, {0xa7, 0xfb, 0xe, '\x00', 0x6}, {0x1, 0xd, 0x0, '\x00', 0x7}, {0x9, 0x3, 0x2, '\x00', 0x10}, {0x0, 0x8, 0x7, '\x00', 0x6}, {0x0, 0xa4, 0x10, '\x00', 0xa5}, {0x64, 0x6, 0x1, '\x00', 0xa}, {0x7, 0x0, 0x1, '\x00', 0xca}, {0x5, 0x5, 0x1, '\x00', 0xb8}, {0x12, 0xfd, 0x0, '\x00', 0x2}, {0x64, 0x8, 0x2, '\x00', 0xa}]}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
prctl$PR_MCE_KILL(0x43, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
syz_open_pts(r5, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x300, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000034000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000008000a40000000042c000000030a01040000000000000000010000010c00024021000000000000010900010073797a"], 0xa8}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

560.134355ms ago: executing program 0 (id=443):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x4, 0x0, {0x2}})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (fail_nth: 6)
write$tun(r6, &(0x7f0000000240)={@void, @val={0x0, 0x0, 0x2}, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0x0, @mcast2, @local, {[], @param_prob={0x4, 0x0, 0x0, 0x3, {0x3, 0x6, "fefbd4", 0x2, 0x0, 0x1, @private1, @private1}}}}}}, 0x66)
socket$nl_route(0x10, 0x3, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r8, &(0x7f0000000280)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r8}}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r11}, 0xc)

130.032305ms ago: executing program 0 (id=444):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e00)=@newtaction={0x110, 0x30, 0x1, 0x0, 0x0, {}, [{0xfc, 0x1, [@m_bpf={0xb0, 0x10, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0xfffffff7, 0x8, 0x5, 0x2, 0x7}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x5c, 0x6, "35a183131e5c1336ed7b2d1684129d13f7ef8b0c28ab6d6a0371676240e4dfce64898570f6a435847733764dc2801779b2b0f324d67d3017b37f39b2cfb80db66537080d04745664dd5831d904380a0bec9a1c7065c6bf45"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a32000000000500050000000000050004000000000014000780080008400000009008000640000600000d0003006c6973743a736574"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001d40)=ANY=[@ANYBLOB="240001000306010488f6b92903af8faa6eecd1420000020073797a32000000001f98b2883612d8d612a3ea15397019dd4f79916abd870de890e8602c2e12febdc15cf87f350cb7cb0c8846e94953d1319433511b4869c59528e35c46fdbd59c6ebb619ce1d54e825f98ea9bd1742c22004d2acf18a07c9b5d179190203758e1c49495d78085b5f1ae7b0e9793270702e203c2a6040c71293d7dac007"], 0x7e}, 0x1, 0x0, 0x0, 0x4080}, 0x8010)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b409000000000000611110000000000085100000020000008500000008000000950000000000000095000000000000001dbe1ac61335a78d03e433e1280a0027a22fedde53bb23db721bdc917f1fdb7adf9dbaa948ecc4f98727e7308ab164ae44a267aaa44dba10bb0381f9776caa1b2c37b3df39b40132fd8374e55b138778245e740a86341d2cd41b9e4fd8cef49c1e138f2a118a47b61bd045ec307fa25e90a11da1068a4a77f0336e5b833996be36caaf2358adb8a28a423c3bb2b56eedc698bef1dd3717954373715908acc3c19ee3598d5e414ae779ed5ebf72403ec4d30edd5c881fa0819575b200be945ba62e1b7134a15e35ae2b467234706f099ec0a24113246a0df2f5238b3bcb9d27c559d8d44b3ff3c44c861cf145c0c3fc659a9deba6c572213dc2a3806ee0c4320c6aa305af90802b36efc82df3feeee6b2f67b0e7c524167e72f3e0ae3718e0fadccac62862265ee649937d1fc3686dddcc18394"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0x0, 0x0, 0x2, 0x11, 0x15be, 0x5, 0x801, 0x0, 0x8, 'syz1\x00'})
recvmmsg(r4, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f00000007c0)=""/193, 0xc1}, {&(0x7f00000008c0)=""/78, 0x4e}, {&(0x7f00000000c0)=""/38, 0x26}, {&(0x7f00000001c0)=""/27, 0x1b}, {&(0x7f0000000940)=""/158, 0x9e}, {&(0x7f0000000a00)=""/206, 0xce}, {&(0x7f0000001a40)=""/103, 0x67}, {&(0x7f0000000b80)=""/206, 0xce}, {&(0x7f0000000c80)=""/117, 0x75}], 0x9, &(0x7f0000000d80)=""/255, 0xff}, 0x7}, {{&(0x7f0000000e80)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000f00)=""/149, 0x95}, {&(0x7f0000000fc0)=""/121, 0x79}, {&(0x7f0000001040)=""/82, 0x52}, {&(0x7f00000010c0)=""/77, 0x4d}, {&(0x7f0000001140)=""/240, 0xf0}, {&(0x7f0000001240)=""/133, 0x85}], 0x6}, 0x9}, {{&(0x7f0000001300)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/62, 0x3e}, {&(0x7f0000001500)=""/121, 0x79}, {&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000001380)=""/103, 0x67}, {&(0x7f0000001400)=""/227, 0xe3}], 0x5, &(0x7f0000001600)=""/93, 0x5d}, 0xfffffff5}, {{&(0x7f0000001680)=@ieee802154={0x24, @long}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000001700)=""/239, 0xef}, {&(0x7f0000001800)=""/109, 0x6d}, {&(0x7f0000002dc0)=""/4104, 0x1008}, {&(0x7f00000019c0)=""/54, 0x36}, {&(0x7f00000018c0)=""/97, 0x61}, {&(0x7f0000001940)=""/67, 0x43}, {&(0x7f00000019c0)}, {&(0x7f0000001a00)=""/55, 0x37}, {&(0x7f0000001c40)=""/200, 0xc8}], 0x9, &(0x7f0000002c40)=""/130, 0x82}, 0x1ff}], 0x4, 0x2, &(0x7f0000002d80)={0x0, 0x989680})
socket$nl_netfilter(0x10, 0x3, 0xc)
getpgrp(0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_TIMEOUT(r8, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0x0, 0xffffff30}, 0xc)
mount_setattr(0xffffffffffffff9c, 0x0, 0x100, &(0x7f0000000100)={0x100001, 0x1, 0x0, {r7}}, 0x20)

59.437843ms ago: executing program 1 (id=445):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000040)={0x13, 0x1})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000080)="0fae370f782c260f001e8a140f43300f20d86635080000000f22d8f30f5d4c88ba4300ec660f3882420266b9a602000066b82f0787b666ba6fe0561e0f30660fe95200", 0x43}], 0x1, 0x40, &(0x7f0000000140)=[@cstype0={0x4, 0x7}, @flags={0x3, 0x20000}], 0x2)
r3 = memfd_create(&(0x7f0000000740)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c\xfa\xb4q\xbb\x7fN\xd1\r%;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\x12?\xc7zL\x01\r-\x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc\xbe\xb6\xa7w\x9d\xf1\xe5V\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca', 0x4)
ftruncate(r3, 0x0)
ftruncate(r3, 0x0)

0s ago: executing program 2 (id=446):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x16, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
inotify_init1(0x81800)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000004c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x4f}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x80000000}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
shutdown(r3, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100100, 0x0, 0xfffffffffffffd25)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

kernel console output (not intermixed with test programs):

ish_data_link+0x7c/0xb0
[   56.694458][ T6252]  nr_connect+0x8bc/0x11e0
[   56.695751][ T6252]  ? __pfx_nr_connect+0x10/0x10
[   56.697165][ T6252]  ? __pfx_aa_sk_perm+0x10/0x10
[   56.698567][ T6252]  ? lock_acquire+0x2f/0xb0
[   56.699914][ T6252]  ? __might_fault+0xe3/0x190
[   56.701389][ T6252]  ? __might_fault+0xe3/0x190
[   56.702733][ T6252]  ? __pfx_nr_connect+0x10/0x10
[   56.704029][ T6252]  __sys_connect_file+0x13e/0x1a0
[   56.705409][ T6252]  __sys_connect+0x14f/0x170
[   56.706686][ T6252]  ? __pfx___sys_connect+0x10/0x10
[   56.708129][ T6252]  __ia32_sys_connect+0x71/0xb0
[   56.709495][ T6252]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   56.711327][ T6252]  __do_fast_syscall_32+0x73/0x120
[   56.712770][ T6252]  do_fast_syscall_32+0x32/0x80
[   56.714187][ T6252]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   56.716005][ T6252] RIP: 0023:0xf7f08579
[   56.717192][ T6252] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   56.722691][ T6252] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[   56.725071][ T6252] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000300
[   56.727333][ T6252] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   56.729600][ T6252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   56.731864][ T6252] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   56.734120][ T6252] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   56.736369][ T6252]  </TASK>
[   57.191966][ T6277] FAULT_INJECTION: forcing a failure.
[   57.191966][ T6277] name fail_futex, interval 1, probability 0, space 0, times 1
[   57.196957][ T6277] CPU: 2 UID: 0 PID: 6277 Comm: syz.3.59 Not tainted 6.13.0-syzkaller #0
[   57.200431][ T6277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.204751][ T6277] Call Trace:
[   57.206132][ T6277]  <TASK>
[   57.207352][ T6277]  dump_stack_lvl+0x16c/0x1f0
[   57.209294][ T6277]  should_fail_ex+0x497/0x5b0
[   57.211212][ T6277]  get_futex_key+0xac1/0x1000
[   57.213121][ T6277]  ? __pfx_get_futex_key+0x10/0x10
[   57.215079][ T6277]  futex_wait_setup+0x72/0x290
[   57.216457][ T6277]  ? __pfx___lock_acquire+0x10/0x10
[   57.218181][ T6277]  __futex_wait+0x267/0x3c0
[   57.219653][ T6277]  ? __pfx___futex_wait+0x10/0x10
[   57.221410][ T6277]  ? __pfx_futex_wake_mark+0x10/0x10
[   57.223542][ T6277]  ? find_held_lock+0x2d/0x110
[   57.225454][ T6277]  futex_wait+0xe9/0x380
[   57.226680][ T6277]  ? __pfx_futex_wait+0x10/0x10
[   57.228056][ T6277]  ? ksys_write+0x191/0x250
[   57.229372][ T6277]  ? vfs_write+0x306/0x1150
[   57.230796][ T6277]  do_futex+0x22b/0x350
[   57.232029][ T6277]  ? __pfx_do_futex+0x10/0x10
[   57.233409][ T6277]  __ia32_sys_futex_time32+0x1da/0x460
[   57.235056][ T6277]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[   57.236793][ T6277]  ? ksys_write+0x1ba/0x250
[   57.238157][ T6277]  ? __pfx_ksys_write+0x10/0x10
[   57.239569][ T6277]  __do_fast_syscall_32+0x73/0x120
[   57.241105][ T6277]  do_fast_syscall_32+0x32/0x80
[   57.242545][ T6277]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   57.244377][ T6277] RIP: 0023:0xf70be579
[   57.245600][ T6277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   57.251069][ T6277] RSP: 002b:00000000f508f55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[   57.253467][ T6277] RAX: ffffffffffffffda RBX: 000000002000cffc RCX: 0000000000000000
[   57.255738][ T6277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   57.258004][ T6277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   57.260286][ T6277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   57.262554][ T6277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   57.264796][ T6277]  </TASK>
[   57.509599][   T63] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   57.659570][   T63] usb 5-1: Using ep0 maxpacket: 8
[   57.662369][   T63] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   57.665302][   T63] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   57.668205][   T63] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   57.685514][   T63] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   57.699622][   T63] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   57.702314][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.815142][ T6296] netlink: zone id is out of range
[   57.931901][ T6283] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   58.000533][   T63] usb 5-1: usb_control_msg returned -71
[   58.002304][   T63] usbtmc 5-1:16.0: can't read capabilities
[   58.006710][   T63] usb 5-1: USB disconnect, device number 3
[   58.250794][ T1172] wlan1: Trigger new scan to find an IBSS to join
[   58.591228][ T6313] =======================================================
[   58.591228][ T6313] WARNING: The mand mount option has been deprecated and
[   58.591228][ T6313]          and is ignored by this kernel. Remove the mand
[   58.591228][ T6313]          option from the mount to silence this warning.
[   58.591228][ T6313] =======================================================
[   58.608266][ T6313] MINIX-fs: blocksize too small for device
[   58.815564][ T6310] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[   59.070779][ T6323] autofs4:pid:6323:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e)
[   59.351920][ T6328] FAULT_INJECTION: forcing a failure.
[   59.351920][ T6328] name failslab, interval 1, probability 0, space 0, times 0
[   59.355703][ T6328] CPU: 2 UID: 0 PID: 6328 Comm: syz.0.71 Not tainted 6.13.0-syzkaller #0
[   59.358138][ T6328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.361226][ T6328] Call Trace:
[   59.362202][ T6328]  <TASK>
[   59.363067][ T6328]  dump_stack_lvl+0x16c/0x1f0
[   59.364435][ T6328]  should_fail_ex+0x497/0x5b0
[   59.365805][ T6328]  ? fs_reclaim_acquire+0xae/0x150
[   59.367296][ T6328]  should_failslab+0xc2/0x120
[   59.368661][ T6328]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   59.370340][ T6328]  ? __alloc_skb+0x2b3/0x380
[   59.371684][ T6328]  __alloc_skb+0x2b3/0x380
[   59.372948][ T6328]  ? __pfx___alloc_skb+0x10/0x10
[   59.374390][ T6328]  ? lock_acquire+0x2f/0xb0
[   59.375710][ T6328]  netlink_alloc_large_skb+0x69/0x130
[   59.377263][ T6328]  netlink_sendmsg+0x689/0xd70
[   59.378537][ T6328]  ? __pfx_netlink_sendmsg+0x10/0x10
[   59.379989][ T6328]  ____sys_sendmsg+0x9ae/0xb40
[   59.381380][ T6328]  ? __pfx_____sys_sendmsg+0x10/0x10
[   59.382898][ T6328]  ? get_compat_msghdr+0x11b/0x170
[   59.384374][ T6328]  ___sys_sendmsg+0x135/0x1e0
[   59.385749][ T6328]  ? __pfx____sys_sendmsg+0x10/0x10
[   59.387266][ T6328]  ? __pfx_lock_release+0x10/0x10
[   59.388718][ T6328]  ? trace_lock_acquire+0x14e/0x1f0
[   59.390226][ T6328]  ? __fget_files+0x206/0x3a0
[   59.391589][ T6328]  __sys_sendmsg+0x16e/0x220
[   59.392932][ T6328]  ? __pfx___sys_sendmsg+0x10/0x10
[   59.394425][ T6328]  __do_fast_syscall_32+0x73/0x120
[   59.395909][ T6328]  do_fast_syscall_32+0x32/0x80
[   59.397332][ T6328]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   59.399117][ T6328] RIP: 0023:0xf7f08579
[   59.400305][ T6328] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   59.405768][ T6328] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   59.408174][ T6328] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000200001c0
[   59.410441][ T6328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   59.412696][ T6328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   59.414983][ T6328] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   59.417258][ T6328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   59.419528][ T6328]  </TASK>
[   59.673032][   T39] audit: type=1326 audit(1737407894.326:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6318 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[   59.679029][   T39] audit: type=1326 audit(1737407894.326:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6318 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc1579 code=0x7fc00000
[   59.689985][   T39] audit: type=1326 audit(1737407894.326:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6318 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[   59.696042][   T39] audit: type=1326 audit(1737407894.326:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6318 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[   59.702999][   T39] audit: type=1326 audit(1737407894.326:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6318 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[   59.715111][ T6335] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   60.203610][ T6340] FAULT_INJECTION: forcing a failure.
[   60.203610][ T6340] name failslab, interval 1, probability 0, space 0, times 0
[   60.207255][ T6340] CPU: 3 UID: 0 PID: 6340 Comm: syz.3.76 Not tainted 6.13.0-syzkaller #0
[   60.209721][ T6340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   60.212758][ T6340] Call Trace:
[   60.213739][ T6340]  <TASK>
[   60.214595][ T6340]  dump_stack_lvl+0x16c/0x1f0
[   60.215967][ T6340]  should_fail_ex+0x497/0x5b0
[   60.217332][ T6340]  ? fs_reclaim_acquire+0xae/0x150
[   60.218809][ T6340]  should_failslab+0xc2/0x120
[   60.220141][ T6340]  __kmalloc_cache_noprof+0x68/0x420
[   60.221659][ T6340]  ? tcf_idr_create_from_flags+0x4f/0x70
[   60.223279][ T6340]  tcf_vlan_init+0x778/0x10f0
[   60.224645][ T6340]  ? __pfx_tcf_vlan_init+0x10/0x10
[   60.226200][ T6340]  ? tcf_action_init_1+0x2d4/0x6c0
[   60.228108][ T6340]  tcf_action_init_1+0x45f/0x6c0
[   60.230078][ T6340]  ? __pfx_tcf_action_init_1+0x10/0x10
[   60.231934][ T6340]  ? tc_action_load_ops+0x187/0x430
[   60.233469][ T6340]  ? __nla_parse+0x40/0x60
[   60.234773][ T6340]  tcf_action_init+0x42e/0x9c0
[   60.236192][ T6340]  ? __pfx_tcf_action_init+0x10/0x10
[   60.237835][ T6340]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   60.239610][   T57] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   60.241765][ T6340]  ? is_bpf_text_address+0x94/0x1a0
[   60.243275][ T6340]  ? kernel_text_address+0x8d/0x100
[   60.244792][ T6340]  ? stack_depot_save_flags+0x28/0x9e0
[   60.246387][ T6340]  tcf_action_add+0xfd/0x5d0
[   60.247739][ T6340]  ? __pfx_tcf_action_add+0x10/0x10
[   60.249279][ T6340]  ? __nla_parse+0x40/0x60
[   60.250581][ T6340]  tc_ctl_action+0x35d/0x470
[   60.251936][ T6340]  ? __pfx_tc_ctl_action+0x10/0x10
[   60.253422][ T6340]  ? rtnetlink_rcv_msg+0x35a/0xea0
[   60.254911][ T6340]  ? __pfx_tc_ctl_action+0x10/0x10
[   60.256408][ T6340]  rtnetlink_rcv_msg+0x3c7/0xea0
[   60.257852][ T6340]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   60.259430][ T6340]  ? __pfx___dev_queue_xmit+0x10/0x10
[   60.260999][ T6340]  netlink_rcv_skb+0x165/0x410
[   60.262385][ T6340]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   60.263961][ T6340]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   60.265497][ T6340]  ? netlink_deliver_tap+0x1ae/0xca0
[   60.267039][ T6340]  netlink_unicast+0x53c/0x7f0
[   60.268431][ T6340]  ? __pfx_netlink_unicast+0x10/0x10
[   60.269954][ T6340]  ? __phys_addr_symbol+0x30/0x80
[   60.271416][ T6340]  ? __check_object_size+0x488/0x710
[   60.272942][ T6340]  netlink_sendmsg+0x8b8/0xd70
[   60.274331][ T6340]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.275854][ T6340]  ____sys_sendmsg+0x9ae/0xb40
[   60.277250][ T6340]  ? __pfx_____sys_sendmsg+0x10/0x10
[   60.278680][ T6340]  ? get_compat_msghdr+0x11b/0x170
[   60.280084][ T6340]  ___sys_sendmsg+0x135/0x1e0
[   60.281402][ T6340]  ? __pfx____sys_sendmsg+0x10/0x10
[   60.282908][ T6340]  ? __pfx_lock_release+0x10/0x10
[   60.284341][ T6340]  ? trace_lock_acquire+0x14e/0x1f0
[   60.285850][ T6340]  ? __fget_files+0x206/0x3a0
[   60.287213][ T6340]  __sys_sendmsg+0x16e/0x220
[   60.288551][ T6340]  ? __pfx___sys_sendmsg+0x10/0x10
[   60.290039][ T6340]  __do_fast_syscall_32+0x73/0x120
[   60.291512][ T6340]  do_fast_syscall_32+0x32/0x80
[   60.292923][ T6340]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   60.294740][ T6340] RIP: 0023:0xf70be579
[   60.295920][ T6340] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   60.301397][ T6340] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   60.303776][ T6340] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200096c0
[   60.306055][ T6340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   60.308302][ T6340] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   60.310570][ T6340] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   60.312826][ T6340] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   60.315110][ T6340]  </TASK>
[   60.316109][    C3] vkms_vblank_simulate: vblank timer overrun
[   60.401416][ T6349] xt_connbytes: Forcing CT accounting to be enabled
[   60.409652][   T57] usb 5-1: Using ep0 maxpacket: 8
[   60.409787][ T6349] Cannot find del_set index 0 as target
[   60.412263][   T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   60.415583][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   60.418379][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   60.422238][   T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   60.426007][   T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   60.428616][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.441534][ T6354] capability: warning: `syz.1.82' uses deprecated v2 capabilities in a way that may be insecure
[   60.649270][ T6338] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   60.720752][   T57] usb 5-1: usb_control_msg returned -71
[   60.722623][   T57] usbtmc 5-1:16.0: can't read capabilities
[   60.730401][   T57] usb 5-1: USB disconnect, device number 4
[   61.291499][ T6373] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.727724][ T6396] FAULT_INJECTION: forcing a failure.
[   61.727724][ T6396] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   61.731729][ T6396] CPU: 2 UID: 0 PID: 6396 Comm: syz.2.91 Not tainted 6.13.0-syzkaller #0
[   61.734165][ T6396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   61.737291][ T6396] Call Trace:
[   61.738270][ T6396]  <TASK>
[   61.739141][ T6396]  dump_stack_lvl+0x16c/0x1f0
[   61.740546][ T6396]  should_fail_ex+0x497/0x5b0
[   61.741940][ T6396]  _copy_to_user+0x32/0xd0
[   61.743259][ T6396]  simple_read_from_buffer+0xd0/0x160
[   61.744825][ T6396]  proc_fail_nth_read+0x198/0x270
[   61.746313][ T6396]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   61.747944][ T6396]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   61.749744][ T6396]  vfs_read+0x1df/0xbe0
[   61.750963][ T6396]  ? __fget_files+0x1fc/0x3a0
[   61.752334][ T6396]  ? __pfx___mutex_lock+0x10/0x10
[   61.753820][ T6396]  ? __pfx_vfs_read+0x10/0x10
[   61.755199][ T6396]  ? __fget_files+0x206/0x3a0
[   61.756604][ T6396]  ksys_read+0x12b/0x250
[   61.757865][ T6396]  ? __pfx_ksys_read+0x10/0x10
[   61.759274][ T6396]  __do_fast_syscall_32+0x73/0x120
[   61.760770][ T6396]  do_fast_syscall_32+0x32/0x80
[   61.762197][ T6396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   61.764023][ T6396] RIP: 0023:0xf7f85579
[   61.765222][ T6396] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   61.770807][ T6396] RSP: 002b:00000000f5094590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   61.773207][ T6396] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000f5094620
[   61.775482][ T6396] RDX: 000000000000000f RSI: 00000000f7413ff4 RDI: 0000000000000000
[   61.777799][ T6396] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   61.780090][ T6396] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   61.782375][ T6396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   61.784664][ T6396]  </TASK>
[   61.945163][ T6398] capability: warning: `syz.2.92' uses 32-bit capabilities (legacy support in use)
[   62.235726][ T6402] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   62.239798][ T5946] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   62.261774][ T6404] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967292 (274877906688 ns) > initial count (1152256 ns). Using initial count to start timer.
[   62.376139][ T6416] FAULT_INJECTION: forcing a failure.
[   62.376139][ T6416] name failslab, interval 1, probability 0, space 0, times 0
[   62.382854][ T6416] CPU: 3 UID: 0 PID: 6416 Comm: syz.1.99 Not tainted 6.13.0-syzkaller #0
[   62.385300][ T6416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   62.389106][ T6416] Call Trace:
[   62.390101][ T6416]  <TASK>
[   62.390970][ T6416]  dump_stack_lvl+0x16c/0x1f0
[   62.392867][ T6416]  should_fail_ex+0x497/0x5b0
[   62.394585][ T6416]  ? fs_reclaim_acquire+0xae/0x150
[   62.396087][ T6416]  should_failslab+0xc2/0x120
[   62.397497][ T6416]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   62.399187][ T6416]  ? __alloc_skb+0x2b3/0x380
[   62.399667][ T5946] usb 7-1: Using ep0 maxpacket: 8
[   62.400542][ T6416]  __alloc_skb+0x2b3/0x380
[   62.400567][ T6416]  ? __pfx___alloc_skb+0x10/0x10
[   62.400582][ T6416]  ? ethnl_parse_header_dev_get+0x35e/0x9a0
[   62.400601][ T6416]  netlink_dump+0x699/0xd00
[   62.403405][ T5946] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   62.404813][ T6416]  ? __pfx_netlink_dump+0x10/0x10
[   62.406544][ T5946] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   62.408242][ T6416]  ? rcu_is_watching+0x12/0xc0
[   62.412550][ T5946] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   62.413097][ T6416]  ? ethnl_default_start+0x2dd/0x420
[   62.413129][ T6416]  ? kasan_save_track+0x14/0x30
[   62.415910][ T5946] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   62.417532][ T6416]  ? __pfx_ethnl_default_start+0x10/0x10
[   62.420704][ T5946] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   62.422460][ T6416]  ? genl_start+0x67d/0x960
[   62.423938][ T5946] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.428939][ T6416]  __netlink_dump_start+0x6d9/0x980
[   62.439095][ T6416]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[   62.441239][ T6416]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[   62.443780][ T6416]  ? __pfx_genl_get_cmd+0x10/0x10
[   62.445642][ T6416]  ? __pfx_genl_start+0x10/0x10
[   62.447382][ T6416]  ? __pfx_genl_dumpit+0x10/0x10
[   62.449410][ T6416]  ? __pfx_genl_done+0x10/0x10
[   62.451368][ T6416]  ? __radix_tree_lookup+0x21f/0x2c0
[   62.453314][ T6416]  genl_rcv_msg+0x470/0x800
[   62.454639][ T6416]  ? __pfx_genl_rcv_msg+0x10/0x10
[   62.456474][ T6416]  ? __pfx_ethnl_default_start+0x10/0x10
[   62.458759][ T6416]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[   62.461095][ T6416]  ? __pfx_ethnl_default_done+0x10/0x10
[   62.463161][ T6416]  ? __pfx___lock_acquire+0x10/0x10
[   62.465327][ T6416]  netlink_rcv_skb+0x165/0x410
[   62.467058][ T6416]  ? __pfx_genl_rcv_msg+0x10/0x10
[   62.468879][ T6416]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   62.470426][ T6416]  ? down_read+0xc9/0x330
[   62.471694][ T6416]  ? __pfx_down_read+0x10/0x10
[   62.473502][ T6416]  ? netlink_deliver_tap+0x1ae/0xca0
[   62.475598][ T6416]  genl_rcv+0x28/0x40
[   62.477257][ T6416]  netlink_unicast+0x53c/0x7f0
[   62.479232][ T6416]  ? __pfx_netlink_unicast+0x10/0x10
[   62.481391][ T6416]  ? __phys_addr_symbol+0x30/0x80
[   62.482969][ T6416]  ? __check_object_size+0x488/0x710
[   62.484498][ T6416]  netlink_sendmsg+0x8b8/0xd70
[   62.485906][ T6416]  ? __pfx_netlink_sendmsg+0x10/0x10
[   62.487904][ T6416]  ____sys_sendmsg+0x9ae/0xb40
[   62.489811][ T6416]  ? __pfx_____sys_sendmsg+0x10/0x10
[   62.491972][ T6416]  ? get_compat_msghdr+0x11b/0x170
[   62.494053][ T6416]  ___sys_sendmsg+0x135/0x1e0
[   62.495938][ T6416]  ? __pfx____sys_sendmsg+0x10/0x10
[   62.498042][ T6416]  ? __pfx_lock_release+0x10/0x10
[   62.500098][ T6416]  ? trace_lock_acquire+0x14e/0x1f0
[   62.502234][ T6416]  ? __fget_files+0x206/0x3a0
[   62.503853][ T6416]  __sys_sendmsg+0x16e/0x220
[   62.505213][ T6416]  ? __pfx___sys_sendmsg+0x10/0x10
[   62.506899][ T6416]  __do_fast_syscall_32+0x73/0x120
[   62.508987][ T6416]  do_fast_syscall_32+0x32/0x80
[   62.510451][ T6416]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   62.512735][ T6416] RIP: 0023:0xf7fc1579
[   62.514395][ T6416] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   62.521967][ T6416] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   62.524350][ T6416] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000580
[   62.526824][ T6416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   62.529758][ T6416] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   62.532133][ T6416] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   62.535253][ T6416] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   62.538427][ T6416]  </TASK>
[   62.539817][    C3] vkms_vblank_simulate: vblank timer overrun
[   62.646388][ T6400] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   62.723843][ T5946] usb 7-1: usb_control_msg returned -71
[   62.725460][ T5946] usbtmc 7-1:16.0: can't read capabilities
[   62.729767][ T5946] usb 7-1: USB disconnect, device number 3
[   63.219657][   T97] wlan1: Trigger new scan to find an IBSS to join
[   63.907708][ T6446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.107'.
[   63.913327][ T6446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.107'.
[   63.938138][ T6450] netlink: 4 bytes leftover after parsing attributes in process `syz.3.109'.
[   63.943871][ T6452] FAULT_INJECTION: forcing a failure.
[   63.943871][ T6452] name failslab, interval 1, probability 0, space 0, times 0
[   63.944247][ T6450] gretap0: entered promiscuous mode
[   63.947569][ T6452] CPU: 3 UID: 0 PID: 6452 Comm: syz.0.110 Not tainted 6.13.0-syzkaller #0
[   63.949340][ T6450] macvtap1: entered promiscuous mode
[   63.951591][ T6452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   63.951601][ T6452] Call Trace:
[   63.951606][ T6452]  <TASK>
[   63.951611][ T6452]  dump_stack_lvl+0x16c/0x1f0
[   63.951629][ T6452]  should_fail_ex+0x497/0x5b0
[   63.951643][ T6452]  ? fs_reclaim_acquire+0xae/0x150
[   63.953838][ T6450] macvtap1: entered allmulticast mode
[   63.956250][ T6452]  should_failslab+0xc2/0x120
[   63.957231][ T6450] gretap0: entered allmulticast mode
[   63.958081][ T6452]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   63.968360][ T6452]  ? __alloc_skb+0x2b3/0x380
[   63.969766][ T6452]  __alloc_skb+0x2b3/0x380
[   63.971138][ T6452]  ? __pfx___alloc_skb+0x10/0x10
[   63.972704][ T6452]  ? lock_acquire+0x2f/0xb0
[   63.974037][ T6452]  netlink_alloc_large_skb+0x69/0x130
[   63.975575][ T6452]  netlink_sendmsg+0x689/0xd70
[   63.976971][ T6452]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.978477][ T6452]  ____sys_sendmsg+0x9ae/0xb40
[   63.979861][ T6452]  ? __pfx_____sys_sendmsg+0x10/0x10
[   63.981883][ T6452]  ? get_compat_msghdr+0x11b/0x170
[   63.983614][ T6452]  ___sys_sendmsg+0x135/0x1e0
[   63.985625][ T6452]  ? __pfx____sys_sendmsg+0x10/0x10
[   63.987582][ T6452]  ? __pfx_lock_release+0x10/0x10
[   63.989439][ T6452]  ? trace_lock_acquire+0x14e/0x1f0
[   63.991261][ T6452]  ? __fget_files+0x206/0x3a0
[   63.992689][ T6452]  __sys_sendmsg+0x16e/0x220
[   63.994125][ T6452]  ? __pfx___sys_sendmsg+0x10/0x10
[   63.995599][ T6452]  __do_fast_syscall_32+0x73/0x120
[   63.997086][ T6452]  do_fast_syscall_32+0x32/0x80
[   63.998484][ T6452]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   63.999243][ T6454] vlan2: entered allmulticast mode
[   64.000297][ T6452] RIP: 0023:0xf7f08579
[   64.000309][ T6452] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   64.000318][ T6452] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   64.000329][ T6452] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000080
[   64.000336][ T6452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   64.000342][ T6452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   64.000348][ T6452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   64.000354][ T6452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   64.000365][ T6452]  </TASK>
[   64.000452][    C3] vkms_vblank_simulate: vblank timer overrun
[   64.002219][ T6454] hsr0: entered allmulticast mode
[   64.027689][ T6454] hsr_slave_0: entered allmulticast mode
[   64.029341][ T6454] hsr_slave_1: entered allmulticast mode
[   64.032260][ T6456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.112'.
[   64.037300][ T6456] gretap0: entered promiscuous mode
[   64.040615][ T6456] macvtap1: entered promiscuous mode
[   64.042942][ T6456] macvtap1: entered allmulticast mode
[   64.045754][ T6456] gretap0: entered allmulticast mode
[   64.100276][ T6464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.115'.
[   64.102837][ T6464] netlink: 32 bytes leftover after parsing attributes in process `syz.1.115'.
[   64.214121][   T74] wlan1: Creating new IBSS network, BSSID a6:92:1b:37:15:be
[   64.256390][   T39] audit: type=1326 audit(1737407898.916:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.0.122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   64.263112][   T39] audit: type=1326 audit(1737407898.916:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.0.122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   64.269173][   T39] audit: type=1326 audit(1737407898.916:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.0.122" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   64.275984][   T39] audit: type=1326 audit(1737407898.916:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.0.122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   64.289571][   T39] audit: type=1326 audit(1737407898.916:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.0.122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   64.409634][    T8] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   64.583458][    T8] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   64.586604][    T8] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   64.589403][    T8] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   64.599542][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.603779][ T6470] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   64.608036][    T8] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   64.815674][   T57] usb 7-1: USB disconnect, device number 4
[   65.291938][ T6508] FAULT_INJECTION: forcing a failure.
[   65.291938][ T6508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.295986][ T6508] CPU: 3 UID: 0 PID: 6508 Comm: syz.3.131 Not tainted 6.13.0-syzkaller #0
[   65.298408][ T6508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.301421][ T6508] Call Trace:
[   65.302384][ T6508]  <TASK>
[   65.303246][ T6508]  dump_stack_lvl+0x16c/0x1f0
[   65.304611][ T6508]  should_fail_ex+0x497/0x5b0
[   65.306000][ T6508]  _copy_from_user+0x2e/0xd0
[   65.307343][ T6508]  kstrtouint_from_user+0xd7/0x1c0
[   65.308817][ T6508]  ? __pfx_kstrtouint_from_user+0x10/0x10
[   65.310524][ T6508]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   65.312131][ T6508]  proc_fail_nth_write+0x84/0x250
[   65.313580][ T6508]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   65.315187][ T6508]  ? ksys_write+0x12b/0x250
[   65.316492][ T6508]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   65.318101][ T6508]  vfs_write+0x24c/0x1150
[   65.319339][ T6508]  ? __fget_files+0x1fc/0x3a0
[   65.320707][ T6508]  ? __pfx___mutex_lock+0x10/0x10
[   65.322159][ T6508]  ? __pfx_vfs_write+0x10/0x10
[   65.323541][ T6508]  ? __fget_files+0x206/0x3a0
[   65.324902][ T6508]  ksys_write+0x12b/0x250
[   65.326186][ T6508]  ? __pfx_ksys_write+0x10/0x10
[   65.327593][ T6508]  __do_fast_syscall_32+0x73/0x120
[   65.329099][ T6508]  do_fast_syscall_32+0x32/0x80
[   65.330500][ T6508]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   65.332301][ T6508] RIP: 0023:0xf70be579
[   65.333501][ T6508] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   65.339147][ T6508] RSP: 002b:00000000f508f590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[   65.341530][ T6508] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f508f620
[   65.343776][ T6508] RDX: 0000000000000001 RSI: 00000000f73f3ff4 RDI: 0000000000000000
[   65.346034][ T6508] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   65.348281][ T6508] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   65.350545][ T6508] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   65.352803][ T6508]  </TASK>
[   65.504874][ T6511] netlink: 40 bytes leftover after parsing attributes in process `syz.3.132'.
[   65.508934][ T6511] netlink: 40 bytes leftover after parsing attributes in process `syz.3.132'.
[   65.764091][ T6521] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[   65.766108][ T6521] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   65.769083][ T6521] vhci_hcd vhci_hcd.0: Device attached
[   66.244485][ T6533] FAULT_INJECTION: forcing a failure.
[   66.244485][ T6533] name failslab, interval 1, probability 0, space 0, times 0
[   66.248277][ T6533] CPU: 1 UID: 0 PID: 6533 Comm: syz.0.136 Not tainted 6.13.0-syzkaller #0
[   66.250720][ T6533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.253871][ T6533] Call Trace:
[   66.254838][ T6533]  <TASK>
[   66.255698][ T6533]  dump_stack_lvl+0x16c/0x1f0
[   66.257106][ T6533]  should_fail_ex+0x497/0x5b0
[   66.258477][ T6533]  ? fs_reclaim_acquire+0xae/0x150
[   66.259970][ T6533]  should_failslab+0xc2/0x120
[   66.261343][ T6533]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   66.262897][ T6533]  ? fput+0x3ad/0x440
[   66.264063][ T6533]  ? alloc_empty_file+0x73/0x1e0
[   66.265491][ T6533]  alloc_empty_file+0x73/0x1e0
[   66.266907][ T6533]  path_openat+0xe1/0x2d60
[   66.268181][ T6533]  ? __pfx_path_openat+0x10/0x10
[   66.269622][ T6533]  ? lockdep_hardirqs_on+0x7c/0x110
[   66.271127][ T6533]  do_filp_open+0x3c8/0x470
[   66.272450][ T6533]  ? __pfx_do_filp_open+0x10/0x10
[   66.273914][ T6533]  ? _raw_spin_unlock+0x3e/0x50
[   66.275312][ T6533]  ? alloc_fd+0x41f/0x760
[   66.276627][ T6533]  io_openat2+0x207/0x850
[   66.277896][ T6533]  ? __pfx_io_openat2+0x10/0x10
[   66.279298][ T6533]  io_issue_sqe+0x4c5/0x1360
[   66.280650][ T6533]  ? __io_openat_prep+0x31a/0x420
[   66.282076][ T6533]  io_submit_sqes+0x951/0x25f0
[   66.283465][ T6533]  __do_sys_io_uring_enter+0xd43/0x1620
[   66.285062][ T6533]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   66.286731][ T6533]  ? lockdep_hardirqs_on+0x7c/0x110
[   66.288216][ T6533]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   66.289942][ T6533]  ? rcu_preempt_deferred_qs_irqrestore+0x505/0xb80
[   66.291816][ T6533]  ? ksys_write+0x1ba/0x250
[   66.293130][ T6533]  ? __pfx_ksys_write+0x10/0x10
[   66.294525][ T6533]  __do_fast_syscall_32+0x73/0x120
[   66.295989][ T6533]  do_fast_syscall_32+0x32/0x80
[   66.297398][ T6533]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   66.299207][ T6533] RIP: 0023:0xf7f08579
[   66.300398][ T6533] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   66.305823][ T6533] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   66.308206][ T6533] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000003516
[   66.310451][ T6533] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[   66.312696][ T6533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   66.314954][ T6533] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   66.317226][ T6533] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   66.319495][ T6533]  </TASK>
[   66.698390][ T6523] vhci_hcd: connection closed
[   66.700062][ T1136] vhci_hcd: stop threads
[   66.703010][ T1136] vhci_hcd: release socket
[   66.705158][ T1136] vhci_hcd: disconnect device
[   67.094930][ T6548] FAULT_INJECTION: forcing a failure.
[   67.094930][ T6548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.098796][ T6548] CPU: 0 UID: 0 PID: 6548 Comm: syz.2.143 Not tainted 6.13.0-syzkaller #0
[   67.101265][ T6548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.104136][ T6548] Call Trace:
[   67.105092][ T6548]  <TASK>
[   67.105924][ T6548]  dump_stack_lvl+0x16c/0x1f0
[   67.107241][ T6548]  should_fail_ex+0x497/0x5b0
[   67.108538][ T6548]  _copy_from_user+0x2e/0xd0
[   67.109841][ T6548]  kvm_vm_ioctl_set_pmu_event_filter+0xc7/0xb00
[   67.111593][ T6548]  ? __pfx_mark_lock+0x10/0x10
[   67.112953][ T6548]  ? __pfx_kvm_vm_ioctl_set_pmu_event_filter+0x10/0x10
[   67.114861][ T6548]  ? hlock_class+0x4e/0x130
[   67.116158][ T6548]  ? lock_acquire+0x2f/0xb0
[   67.117430][ T6548]  ? __pfx_mark_lock+0x10/0x10
[   67.118796][ T6548]  kvm_arch_vm_ioctl+0xd1b/0x1ca0
[   67.120238][ T6548]  ? hlock_class+0x4e/0x130
[   67.121550][ T6548]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[   67.123083][ T6548]  ? mark_lock+0xb5/0xc60
[   67.124309][ T6548]  ? hlock_class+0x4e/0x130
[   67.125609][ T6548]  ? mark_lock+0xb5/0xc60
[   67.126820][ T6548]  ? hlock_class+0x4e/0x130
[   67.128112][ T6548]  ? __lock_acquire+0xcc5/0x3c40
[   67.129466][ T6548]  ? hlock_class+0x4e/0x130
[   67.130759][ T6548]  ? mark_lock+0xb5/0xc60
[   67.132003][ T6548]  ? __pfx_mark_lock+0x10/0x10
[   67.133388][ T6548]  ? hlock_class+0x4e/0x130
[   67.134679][ T6548]  ? __lock_acquire+0xcc5/0x3c40
[   67.136076][ T6548]  ? hlock_class+0x4e/0x130
[   67.137355][ T6548]  ? __lock_acquire+0xcc5/0x3c40
[   67.138749][ T6548]  ? hlock_class+0x4e/0x130
[   67.140044][ T6548]  ? __pfx___lock_acquire+0x10/0x10
[   67.141508][ T6548]  ? find_held_lock+0x2d/0x110
[   67.142886][ T6548]  ? find_held_lock+0x2d/0x110
[   67.144240][ T6548]  ? is_bpf_text_address+0x8a/0x1a0
[   67.145703][ T6548]  ? __pfx_lock_release+0x10/0x10
[   67.147128][ T6548]  ? trace_lock_acquire+0x14e/0x1f0
[   67.148581][ T6548]  ? lock_acquire+0x2f/0xb0
[   67.149860][ T6548]  ? is_bpf_text_address+0x30/0x1a0
[   67.151317][ T6548]  ? bpf_ksym_find+0x124/0x1c0
[   67.152656][ T6548]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   67.154379][ T6548]  ? is_bpf_text_address+0x94/0x1a0
[   67.155792][ T6548]  ? kernel_text_address+0x8d/0x100
[   67.157250][ T6548]  ? __kernel_text_address+0xd/0x40
[   67.158655][ T6548]  kvm_vm_ioctl+0x1a87/0x3df0
[   67.159974][ T6548]  ? stack_trace_save+0x95/0xd0
[   67.161349][ T6548]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   67.162699][ T6548]  ? __pfx_mark_lock+0x10/0x10
[   67.164070][ T6548]  ? stack_depot_save_flags+0x28/0x9e0
[   67.165627][ T6548]  ? kasan_save_stack+0x42/0x60
[   67.167053][ T6548]  ? kasan_save_stack+0x33/0x60
[   67.168419][ T6548]  ? kasan_save_track+0x14/0x30
[   67.169833][ T6548]  ? kasan_save_free_info+0x3b/0x60
[   67.171327][ T6548]  ? __kasan_slab_free+0x51/0x70
[   67.172756][ T6548]  ? kfree+0x14f/0x4b0
[   67.173945][ T6548]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   67.175543][ T6548]  ? security_file_ioctl_compat+0x9b/0x240
[   67.177241][ T6548]  ? __do_compat_sys_ioctl+0x4e/0x2c0
[   67.178781][ T6548]  ? __do_fast_syscall_32+0x73/0x120
[   67.180313][ T6548]  ? do_fast_syscall_32+0x32/0x80
[   67.181769][ T6548]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   67.183619][ T6548]  ? kvm_arch_vm_compat_ioctl+0x2d1/0x480
[   67.185255][ T6548]  ? hlock_class+0x4e/0x130
[   67.186572][ T6548]  ? mark_lock+0xb5/0xc60
[   67.187834][ T6548]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[   67.189572][ T6548]  ? __pfx_mark_lock+0x10/0x10
[   67.190958][ T6548]  ? find_held_lock+0x2d/0x110
[   67.192341][ T6548]  ? tomoyo_path_number_perm+0x298/0x5b0
[   67.193955][ T6548]  ? __pfx_lock_release+0x10/0x10
[   67.195394][ T6548]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   67.197033][ T6548]  ? tomoyo_path_number_perm+0x190/0x5b0
[   67.198647][ T6548]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   67.200376][ T6548]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   67.202065][ T6548]  ? do_vfs_ioctl+0x513/0x1950
[   67.203429][ T6548]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   67.204877][ T6548]  kvm_vm_compat_ioctl+0x399/0x440
[   67.206373][ T6548]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   67.207964][ T6548]  ? __pfx_lock_release+0x10/0x10
[   67.209406][ T6548]  ? trace_lock_acquire+0x14e/0x1f0
[   67.210911][ T6548]  ? __fget_files+0x206/0x3a0
[   67.212275][ T6548]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   67.213898][ T6548]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   67.215415][ T6548]  __do_fast_syscall_32+0x73/0x120
[   67.216845][ T6548]  do_fast_syscall_32+0x32/0x80
[   67.218244][ T6548]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   67.220055][ T6548] RIP: 0023:0xf7f85579
[   67.221233][ T6548] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   67.226666][ T6548] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   67.229052][ T6548] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020aeb2
[   67.231302][ T6548] RDX: 0000000020000300 RSI: 0000000000000000 RDI: 0000000000000000
[   67.233557][ T6548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   67.235794][ T6548] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   67.238083][ T6548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.240349][ T6548]  </TASK>
[   67.279616][  T832] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   67.429625][  T832] usb 5-1: Using ep0 maxpacket: 8
[   67.435407][  T832] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   67.439361][ T6558] Bluetooth: MGMT ver 1.23
[   67.442726][  T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   67.447223][  T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   67.454205][  T832] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   67.459486][  T832] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   67.462727][  T832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.475848][ T6556] netlink: 72 bytes leftover after parsing attributes in process `syz.2.144'.
[   67.678764][ T6545] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   67.731844][  T832] usb 5-1: usb_control_msg returned -71
[   67.733581][  T832] usbtmc 5-1:16.0: can't read capabilities
[   67.742695][  T832] usb 5-1: USB disconnect, device number 5
[   67.934153][ T6564] kvm: kvm [6563]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0xc1) = 0xff4a00000400
[   67.937259][ T6564] kvm: kvm [6563]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0xc2) = 0xff4a00000000
[   68.052102][ T6572] fuse: Unknown parameter '000000000000000000000040x0000000000000005'
[   68.059058][   T30] IPVS: starting estimator thread 0...
[   68.151551][ T6574] IPVS: using max 36 ests per chain, 86400 per kthread
[   69.122209][ T6588] veth0_vlan: left promiscuous mode
[   69.124705][ T6588] veth0_vlan: entered promiscuous mode
[   69.201441][ T5951] Bluetooth: Unexpected continuation frame (len 16)
[   69.209999][ T5951] Bluetooth: hci2: command 0x0406 tx timeout
[   69.217706][ T6596] Process accounting resumed
[   69.384609][ T5951] Bluetooth: Unexpected continuation frame (len 16)
[   69.390555][ T6603] FAULT_INJECTION: forcing a failure.
[   69.390555][ T6603] name failslab, interval 1, probability 0, space 0, times 0
[   69.394566][ T6603] CPU: 3 UID: 0 PID: 6603 Comm: syz.3.158 Not tainted 6.13.0-syzkaller #0
[   69.397001][ T6603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.400534][ T6603] Call Trace:
[   69.401516][ T6603]  <TASK>
[   69.402373][ T6603]  dump_stack_lvl+0x16c/0x1f0
[   69.403734][ T6603]  should_fail_ex+0x497/0x5b0
[   69.405091][ T6603]  ? fs_reclaim_acquire+0xae/0x150
[   69.406551][ T6603]  should_failslab+0xc2/0x120
[   69.407906][ T6603]  __kmalloc_noprof+0xce/0x4f0
[   69.409333][ T6603]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   69.410973][ T6603]  ? tomoyo_realpath_from_path+0xbf/0x710
[   69.412611][ T6603]  tomoyo_realpath_from_path+0xbf/0x710
[   69.414204][ T6603]  ? tomoyo_path_perm+0x262/0x480
[   69.415656][ T6603]  tomoyo_path_perm+0x276/0x480
[   69.417083][ T6603]  ? tomoyo_path_perm+0x262/0x480
[   69.418736][ T6603]  ? __pfx_tomoyo_path_perm+0x10/0x10
[   69.420940][ T6603]  ? putname+0x13c/0x180
[   69.422246][ T6603]  ? user_path_at+0x44/0x60
[   69.423556][ T6603]  ? __ia32_sys_umount+0x10a/0x1a0
[   69.425032][ T6603]  ? __do_fast_syscall_32+0x73/0x120
[   69.426591][ T6603]  ? __pfx_aa_get_newest_label+0x10/0x10
[   69.428252][ T6603]  tomoyo_sb_umount+0x8d/0xd0
[   69.429632][ T6603]  ? __pfx_tomoyo_sb_umount+0x10/0x10
[   69.431192][ T6603]  ? get_current_fs_domain+0x184/0x1f0
[   69.432772][ T6603]  security_sb_umount+0x8e/0x210
[   69.434208][ T6603]  path_umount+0x2dd/0x1100
[   69.435513][ T6603]  ? kmem_cache_free+0x152/0x4c0
[   69.436965][ T6603]  ? __pfx_path_umount+0x10/0x10
[   69.438530][ T6603]  ? putname+0x13c/0x180
[   69.440277][ T6603]  __ia32_sys_umount+0x16b/0x1a0
[   69.441955][ T6603]  ? __pfx___ia32_sys_umount+0x10/0x10
[   69.443511][ T6603]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   69.445390][ T6603]  __do_fast_syscall_32+0x73/0x120
[   69.446868][ T6603]  do_fast_syscall_32+0x32/0x80
[   69.448355][ T6603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.450422][ T6603] RIP: 0023:0xf70be579
[   69.451624][ T6603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.457061][ T6603] RSP: 002b:00000000f508f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000034
[   69.459989][ T6603] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 0000000000000000
[   69.462531][ T6603] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.464780][ T6603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.467024][ T6603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.469435][ T6603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.471830][ T6603]  </TASK>
[   69.476627][ T6603] ERROR: Out of memory at tomoyo_realpath_from_path.
[   69.480228][ T6603] Process accounting resumed
[   69.739580][   T30] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   69.889591][   T30] usb 5-1: Using ep0 maxpacket: 8
[   69.892711][   T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   69.895590][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   69.898467][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   69.902081][   T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   69.905856][   T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   69.908467][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.145083][ T6605] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   70.293659][   T30] usb 5-1: usb_control_msg returned -71
[   70.295817][   T30] usbtmc 5-1:16.0: can't read capabilities
[   70.310187][   T30] usb 5-1: USB disconnect, device number 6
[   70.822330][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[   70.824668][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[   71.536760][ T6702] netlink: 'syz.1.177': attribute type 1 has an invalid length.
[   71.539018][ T6702] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.177'.
[   72.737318][ T6731] netlink: 72 bytes leftover after parsing attributes in process `syz.3.183'.
[   72.740485][ T6731] netlink: 260 bytes leftover after parsing attributes in process `syz.3.183'.
[   72.745433][ T6727] FAULT_INJECTION: forcing a failure.
[   72.745433][ T6727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.749234][ T6727] CPU: 0 UID: 0 PID: 6727 Comm: syz.1.184 Not tainted 6.13.0-syzkaller #0
[   72.751699][ T6727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.754753][ T6727] Call Trace:
[   72.755718][ T6727]  <TASK>
[   72.756582][ T6727]  dump_stack_lvl+0x16c/0x1f0
[   72.757958][ T6727]  should_fail_ex+0x497/0x5b0
[   72.759323][ T6727]  _copy_to_user+0x32/0xd0
[   72.760665][ T6727]  simple_read_from_buffer+0xd0/0x160
[   72.762227][ T6727]  proc_fail_nth_read+0x198/0x270
[   72.763690][ T6727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   72.765303][ T6727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   72.766901][ T6727]  vfs_read+0x1df/0xbe0
[   72.768111][ T6727]  ? __fget_files+0x1fc/0x3a0
[   72.769530][ T6727]  ? __pfx___mutex_lock+0x10/0x10
[   72.771013][ T6727]  ? __pfx_vfs_read+0x10/0x10
[   72.772383][ T6727]  ? __fget_files+0x206/0x3a0
[   72.773755][ T6727]  ksys_read+0x12b/0x250
[   72.774990][ T6727]  ? __pfx_ksys_read+0x10/0x10
[   72.776381][ T6727]  __do_fast_syscall_32+0x73/0x120
[   72.777865][ T6727]  do_fast_syscall_32+0x32/0x80
[   72.779273][ T6727]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.781283][ T6727] RIP: 0023:0xf7fc1579
[   72.782565][ T6727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.788064][ T6727] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   72.790521][ T6727] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5116620
[   72.792962][ T6727] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[   72.795226][ T6727] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   72.797524][ T6727] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   72.799778][ T6727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.802071][ T6727]  </TASK>
[   72.901322][ T6741] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   74.402849][ T6778] syz.1.199 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   74.686889][ T6774] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   75.529607][ T5987] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   75.699592][ T5987] usb 7-1: Using ep0 maxpacket: 8
[   75.705368][ T5987] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   75.708290][ T5987] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   75.711930][ T5987] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   75.714865][ T5987] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   75.718834][ T5987] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   75.721809][ T5987] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.812051][   T39] kauditd_printk_skb: 26 callbacks suppressed
[   75.812062][   T39] audit: type=1326 audit(1737407910.476:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.820553][   T39] audit: type=1326 audit(1737407910.476:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.826590][   T39] audit: type=1326 audit(1737407910.476:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=118 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.832978][   T39] audit: type=1326 audit(1737407910.476:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.839070][   T39] audit: type=1326 audit(1737407910.476:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.845605][   T39] audit: type=1326 audit(1737407910.476:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.852327][   T39] audit: type=1326 audit(1737407910.476:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.858337][   T39] audit: type=1326 audit(1737407910.476:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.864929][   T39] audit: type=1326 audit(1737407910.476:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.871360][   T39] audit: type=1326 audit(1737407910.476:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6849 comm="syz.0.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08579 code=0x7ffc0000
[   75.936052][ T5987] usb 7-1: GET_CAPABILITIES returned 0
[   75.938895][ T5987] usbtmc 7-1:16.0: can't read capabilities
[   76.141215][   T30] usb 7-1: USB disconnect, device number 5
[   76.569038][ T6865] netlink: 'syz.3.212': attribute type 1 has an invalid length.
[   76.576113][ T6865] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   76.682908][ T6872] FAULT_INJECTION: forcing a failure.
[   76.682908][ T6872] name failslab, interval 1, probability 0, space 0, times 0
[   76.688921][ T6872] CPU: 3 UID: 0 PID: 6872 Comm: syz.2.214 Not tainted 6.13.0-syzkaller #0
[   76.691341][ T6872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.694337][ T6872] Call Trace:
[   76.695290][ T6872]  <TASK>
[   76.696159][ T6872]  dump_stack_lvl+0x16c/0x1f0
[   76.697492][ T6872]  should_fail_ex+0x497/0x5b0
[   76.698850][ T6872]  ? fs_reclaim_acquire+0xae/0x150
[   76.700348][ T6872]  should_failslab+0xc2/0x120
[   76.701744][ T6872]  __kmalloc_cache_noprof+0x68/0x420
[   76.703274][ T6872]  ? lockdep_init_map_type+0x16d/0x7d0
[   76.704831][ T6872]  ? __pfx_legacy_init_fs_context+0x10/0x10
[   76.706547][ T6872]  legacy_init_fs_context+0x42/0xe0
[   76.708052][ T6872]  alloc_fs_context+0x54a/0x9c0
[   76.709471][ T6872]  path_mount+0xbfb/0x1f00
[   76.710738][ T6872]  ? kmem_cache_free+0x152/0x4c0
[   76.712358][ T6872]  ? __pfx_path_mount+0x10/0x10
[   76.713781][ T6872]  ? putname+0x13c/0x180
[   76.715019][ T6872]  __ia32_sys_mount+0x292/0x310
[   76.716438][ T6872]  ? __pfx___ia32_sys_mount+0x10/0x10
[   76.717997][ T6872]  __do_fast_syscall_32+0x73/0x120
[   76.719469][ T6872]  do_fast_syscall_32+0x32/0x80
[   76.720830][ T6872]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.722602][ T6872] RIP: 0023:0xf7f85579
[   76.723739][ T6872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.729178][ T6872] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   76.731566][ T6872] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0
[   76.733822][ T6872] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000580
[   76.736073][ T6872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   76.738326][ T6872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   76.740587][ T6872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.742855][ T6872]  </TASK>
[   76.783880][ T6874] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   76.791429][   T97] Bluetooth: hci4: Frame reassembly failed (-84)
[   76.795922][   T97] Bluetooth: hci4: Frame reassembly failed (-84)
[   77.690602][ T6890] netlink: 12 bytes leftover after parsing attributes in process `syz.1.221'.
[   77.769635][ T5959] Bluetooth: hci3: command 0x0405 tx timeout
[   77.915734][ T6891] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   77.918638][ T6891] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   77.931543][ T6891] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   77.935648][ T6891] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   77.938493][ T6891] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   77.971337][ T6891] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   77.974960][ T6891] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   77.977185][ T6891] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   77.982986][ T6891] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   77.985359][ T6891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   77.989129][ T6891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   78.183056][ T6900] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   78.186279][ T6900] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   78.188184][ T6900] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   78.190799][ T6900] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   78.565559][   T30] libceph: connect (1)[c::]:6789 error -101
[   78.567857][   T30] libceph: mon0 (1)[c::]:6789 connect error
[   78.611093][ T6918] ceph: No mds server is up or the cluster is laggy
[   78.819646][ T5960] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   78.819932][ T5951] Bluetooth: hci4: command 0x1003 tx timeout
[   78.889406][ T6928] FAULT_INJECTION: forcing a failure.
[   78.889406][ T6928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.894124][ T6928] CPU: 3 UID: 0 PID: 6928 Comm: syz.2.229 Not tainted 6.13.0-syzkaller #0
[   78.896731][ T6928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.899833][ T6928] Call Trace:
[   78.900813][ T6928]  <TASK>
[   78.901634][ T6928]  dump_stack_lvl+0x16c/0x1f0
[   78.902906][ T6928]  should_fail_ex+0x497/0x5b0
[   78.904152][ T6928]  _copy_to_user+0x32/0xd0
[   78.905402][ T6928]  simple_read_from_buffer+0xd0/0x160
[   78.906882][ T6928]  proc_fail_nth_read+0x198/0x270
[   78.908249][ T6928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   78.909846][ T6928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   78.911452][ T6928]  vfs_read+0x1df/0xbe0
[   78.912655][ T6928]  ? __fget_files+0x1fc/0x3a0
[   78.914021][ T6928]  ? __pfx___mutex_lock+0x10/0x10
[   78.915466][ T6928]  ? __pfx_vfs_read+0x10/0x10
[   78.916826][ T6928]  ? __fget_files+0x206/0x3a0
[   78.918177][ T6928]  ksys_read+0x12b/0x250
[   78.919403][ T6928]  ? __pfx_ksys_read+0x10/0x10
[   78.920786][ T6928]  __do_fast_syscall_32+0x73/0x120
[   78.922275][ T6928]  do_fast_syscall_32+0x32/0x80
[   78.923680][ T6928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.925481][ T6928] RIP: 0023:0xf7f85579
[   78.926660][ T6928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.931987][ T6928] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   78.934320][ T6928] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50d6620
[   78.936399][ T6928] RDX: 000000000000000f RSI: 00000000f7413ff4 RDI: 0000000000000000
[   78.938584][ T6928] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   78.940920][ T6928] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   78.943169][ T6928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.945430][ T6928]  </TASK>
[   79.036268][ T5960] Bluetooth: hci3: ACL packet for unknown connection handle 200
[   79.385064][ T6935] FAULT_INJECTION: forcing a failure.
[   79.385064][ T6935] name failslab, interval 1, probability 0, space 0, times 0
[   79.388638][ T6935] CPU: 3 UID: 0 PID: 6935 Comm: syz.1.231 Not tainted 6.13.0-syzkaller #0
[   79.391045][ T6935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.394068][ T6935] Call Trace:
[   79.395016][ T6935]  <TASK>
[   79.395827][ T6935]  dump_stack_lvl+0x16c/0x1f0
[   79.397174][ T6935]  should_fail_ex+0x497/0x5b0
[   79.398501][ T6935]  ? fs_reclaim_acquire+0xae/0x150
[   79.399938][ T6935]  should_failslab+0xc2/0x120
[   79.401505][ T6935]  __kmalloc_cache_noprof+0x68/0x420
[   79.402978][ T6935]  ? lockdep_init_map_type+0x16d/0x7d0
[   79.404508][ T6935]  ? __pfx_legacy_init_fs_context+0x10/0x10
[   79.406325][ T6935]  legacy_init_fs_context+0x42/0xe0
[   79.408328][ T6935]  alloc_fs_context+0x54a/0x9c0
[   79.410140][ T6935]  path_mount+0xbfb/0x1f00
[   79.411946][ T6935]  ? kmem_cache_free+0x152/0x4c0
[   79.413920][ T6935]  ? __pfx_path_mount+0x10/0x10
[   79.415779][ T6935]  ? putname+0x13c/0x180
[   79.417414][ T6935]  __ia32_sys_mount+0x292/0x310
[   79.419755][ T6935]  ? __pfx___ia32_sys_mount+0x10/0x10
[   79.421968][ T6935]  __do_fast_syscall_32+0x73/0x120
[   79.423924][ T6935]  do_fast_syscall_32+0x32/0x80
[   79.425813][ T6935]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.428658][ T6935] RIP: 0023:0xf7fc1579
[   79.430083][ T6935] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.436555][ T6935] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   79.439258][ T6935] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0
[   79.442755][ T6935] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000580
[   79.445022][ T6935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.447353][ T6935] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.449678][ T6935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.452230][ T6935]  </TASK>
[   79.517545][ T6942] FAULT_INJECTION: forcing a failure.
[   79.517545][ T6942] name failslab, interval 1, probability 0, space 0, times 0
[   79.522622][ T6942] CPU: 3 UID: 0 PID: 6942 Comm: syz.0.234 Not tainted 6.13.0-syzkaller #0
[   79.525027][ T6942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.527985][ T6942] Call Trace:
[   79.529013][ T6942]  <TASK>
[   79.529918][ T6942]  dump_stack_lvl+0x16c/0x1f0
[   79.531322][ T6942]  should_fail_ex+0x497/0x5b0
[   79.532715][ T6942]  ? fs_reclaim_acquire+0xae/0x150
[   79.534516][ T6942]  should_failslab+0xc2/0x120
[   79.536443][ T6942]  __kmalloc_node_noprof+0xd1/0x520
[   79.538563][ T6942]  ? hsr_dev_setup+0xd6/0x310
[   79.540514][ T6942]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   79.542895][ T6942]  __kvmalloc_node_noprof+0xad/0x1a0
[   79.545030][ T6942]  alloc_netdev_mqs+0xab1/0x1320
[   79.546791][ T6942]  ? __pfx_hsr_dev_setup+0x10/0x10
[   79.548584][ T6942]  rtnl_create_link+0xbed/0xf10
[   79.550304][ T6942]  rtnl_newlink+0x14e6/0x1d70
[   79.551675][ T6942]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.553140][ T6942]  ? __pfx___lock_acquire+0x10/0x10
[   79.554642][ T6942]  ? kmem_cache_free+0x152/0x4c0
[   79.556087][ T6942]  ? aa_get_newest_label+0x376/0x680
[   79.557613][ T6942]  ? find_held_lock+0x2d/0x110
[   79.558966][ T6942]  ? find_held_lock+0x2d/0x110
[   79.560432][ T6942]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   79.562013][ T6942]  ? __pfx_lock_release+0x10/0x10
[   79.563711][ T6942]  ? trace_lock_acquire+0x14e/0x1f0
[   79.565816][ T6942]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.567891][ T6942]  rtnetlink_rcv_msg+0x95b/0xea0
[   79.569941][ T6942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.572146][ T6942]  ? __pfx___dev_queue_xmit+0x10/0x10
[   79.574006][ T6942]  netlink_rcv_skb+0x165/0x410
[   79.575424][ T6942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.576968][ T6942]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   79.578450][ T6942]  ? netlink_deliver_tap+0x1ae/0xca0
[   79.579959][ T6942]  netlink_unicast+0x53c/0x7f0
[   79.581387][ T6942]  ? __pfx_netlink_unicast+0x10/0x10
[   79.582848][ T6942]  ? __phys_addr_symbol+0x30/0x80
[   79.584233][ T6942]  ? __check_object_size+0x488/0x710
[   79.585780][ T6942]  netlink_sendmsg+0x8b8/0xd70
[   79.587596][ T6942]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.589578][ T6942]  ____sys_sendmsg+0x9ae/0xb40
[   79.591415][ T6942]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.592946][ T6942]  ? get_compat_msghdr+0x11b/0x170
[   79.594364][ T6942]  ___sys_sendmsg+0x135/0x1e0
[   79.595693][ T6942]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.597169][ T6942]  ? __pfx_lock_release+0x10/0x10
[   79.598573][ T6942]  ? trace_lock_acquire+0x14e/0x1f0
[   79.600095][ T6942]  ? __fget_files+0x206/0x3a0
[   79.601526][ T6942]  __sys_sendmsg+0x16e/0x220
[   79.602880][ T6942]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.604403][ T6942]  __do_fast_syscall_32+0x73/0x120
[   79.605867][ T6942]  do_fast_syscall_32+0x32/0x80
[   79.607251][ T6942]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.609038][ T6942] RIP: 0023:0xf7f08579
[   79.610176][ T6942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.615721][ T6942] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   79.618146][ T6942] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[   79.620538][ T6942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   79.623191][ T6942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.625458][ T6942] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.627752][ T6942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.630029][ T6942]  </TASK>
[   79.633741][ T6943] netlink: 28 bytes leftover after parsing attributes in process `syz.1.235'.
[   79.692046][ T6946] dvmrp0: entered allmulticast mode
[   79.768400][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.236'.
[   79.771603][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.236'.
[   79.774144][ T6947] netlink: 'syz.0.236': attribute type 1 has an invalid length.
[   79.776572][ T6946] netlink: 'syz.0.236': attribute type 1 has an invalid length.
[   79.968011][ T6956] syzkaller0: tun_chr_ioctl cmd 1074812117
[   80.170862][ T5960] Bluetooth: hci0: command 0x0c1a tx timeout
[   80.250931][ T5951] Bluetooth: hci2: command 0x0406 tx timeout
[   80.250962][ T5960] Bluetooth: hci3: command 0x0405 tx timeout
[   80.252730][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[   80.389604][   T30] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   80.649585][   T30] usb 8-1: Using ep0 maxpacket: 8
[   80.652906][   T30] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   80.656506][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   80.660204][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   80.663629][   T30] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   80.667418][   T30] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   80.674132][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.756108][ T6982] FAULT_INJECTION: forcing a failure.
[   80.756108][ T6982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.760314][ T6982] CPU: 1 UID: 0 PID: 6982 Comm: syz.1.243 Not tainted 6.13.0-syzkaller #0
[   80.762774][ T6982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.765875][ T6982] Call Trace:
[   80.766835][ T6982]  <TASK>
[   80.767700][ T6982]  dump_stack_lvl+0x16c/0x1f0
[   80.769371][ T6982]  should_fail_ex+0x497/0x5b0
[   80.770813][ T6982]  _copy_from_user+0x2e/0xd0
[   80.772102][ T6982]  get_compat_msghdr+0xa8/0x170
[   80.773511][ T6982]  ? __pfx_get_compat_msghdr+0x10/0x10
[   80.775151][ T6982]  ___sys_sendmsg+0x1b0/0x1e0
[   80.776572][ T6982]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.778102][ T6982]  ? __pfx_lock_release+0x10/0x10
[   80.779574][ T6982]  ? trace_lock_acquire+0x14e/0x1f0
[   80.781108][ T6982]  ? __fget_files+0x206/0x3a0
[   80.782540][ T6982]  __sys_sendmsg+0x16e/0x220
[   80.784122][ T6982]  ? __pfx___sys_sendmsg+0x10/0x10
[   80.785640][ T6982]  __do_fast_syscall_32+0x73/0x120
[   80.787158][ T6982]  do_fast_syscall_32+0x32/0x80
[   80.788607][ T6982]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   80.790524][ T6982] RIP: 0023:0xf7fc1579
[   80.791998][ T6982] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   80.798204][ T6982] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   80.800610][ T6982] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[   80.802886][ T6982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   80.805159][ T6982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   80.807507][ T6982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   80.810035][ T6982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   80.812942][ T6982]  </TASK>
[   80.814145][    C1] vkms_vblank_simulate: vblank timer overrun
[   80.918611][ T6964] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   80.994406][   T30] usb 8-1: usb_control_msg returned -71
[   80.996043][   T30] usbtmc 8-1:16.0: can't read capabilities
[   81.001747][   T30] usb 8-1: USB disconnect, device number 2
[   81.053251][    T9] cfg80211: failed to load regulatory.db
[   81.147914][ T7003] netlink: 36 bytes leftover after parsing attributes in process `syz.2.251'.
[   81.229362][ T7008] netlink: 4 bytes leftover after parsing attributes in process `syz.2.251'.
[   81.252687][ T7008] netlink: 'syz.2.251': attribute type 4 has an invalid length.
[   81.256171][ T7008] netlink: 17 bytes leftover after parsing attributes in process `syz.2.251'.
[   81.602616][ T7018] FAULT_INJECTION: forcing a failure.
[   81.602616][ T7018] name failslab, interval 1, probability 0, space 0, times 0
[   81.606756][ T7018] CPU: 2 UID: 0 PID: 7018 Comm: syz.3.257 Not tainted 6.13.0-syzkaller #0
[   81.609217][ T7018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.613003][ T7018] Call Trace:
[   81.613991][ T7018]  <TASK>
[   81.614855][ T7018]  dump_stack_lvl+0x16c/0x1f0
[   81.616448][ T7018]  should_fail_ex+0x497/0x5b0
[   81.618218][ T7018]  ? fs_reclaim_acquire+0xae/0x150
[   81.619977][ T7018]  should_failslab+0xc2/0x120
[   81.621719][ T7018]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   81.623821][ T7018]  ? __alloc_skb+0x2b3/0x380
[   81.625561][ T7018]  __alloc_skb+0x2b3/0x380
[   81.627312][ T7018]  ? __pfx___alloc_skb+0x10/0x10
[   81.629216][ T7018]  ? lock_acquire+0x2f/0xb0
[   81.630831][ T7018]  netlink_alloc_large_skb+0x69/0x130
[   81.632851][ T7018]  netlink_sendmsg+0x689/0xd70
[   81.634344][ T7018]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.636057][ T7018]  ____sys_sendmsg+0x9ae/0xb40
[   81.637950][ T7018]  ? __pfx_____sys_sendmsg+0x10/0x10
[   81.640020][ T7018]  ? get_compat_msghdr+0x11b/0x170
[   81.641969][ T7018]  ___sys_sendmsg+0x135/0x1e0
[   81.643749][ T7018]  ? __pfx____sys_sendmsg+0x10/0x10
[   81.645755][ T7018]  ? __pfx_lock_release+0x10/0x10
[   81.647727][ T7018]  ? trace_lock_acquire+0x14e/0x1f0
[   81.649672][ T7018]  ? __fget_files+0x206/0x3a0
[   81.651448][ T7018]  __sys_sendmsg+0x16e/0x220
[   81.653190][ T7018]  ? __pfx___sys_sendmsg+0x10/0x10
[   81.655108][ T7018]  __do_fast_syscall_32+0x73/0x120
[   81.657104][ T7018]  do_fast_syscall_32+0x32/0x80
[   81.658967][ T7018]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   81.661316][ T7018] RIP: 0023:0xf70be579
[   81.662728][ T7018] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   81.669322][ T7018] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   81.671597][ T7018] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[   81.673862][ T7018] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[   81.676125][ T7018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   81.678636][ T7018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   81.680927][ T7018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.683210][ T7018]  </TASK>
[   82.259673][ T5960] Bluetooth: hci0: command 0x0c1a tx timeout
[   82.331340][ T5960] Bluetooth: hci3: command 0x0405 tx timeout
[   82.332399][ T5959] Bluetooth: hci1: command 0x0c1a tx timeout
[   82.333145][ T5960] Bluetooth: hci2: command 0x0406 tx timeout
[   82.540853][ T7041] random: crng reseeded on system resumption
[   82.550046][  T832] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   82.710790][  T832] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   82.713949][  T832] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   82.721861][  T832] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   82.727178][  T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.742822][ T7036] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   82.746168][  T832] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   82.985596][ T7052] netlink: 8 bytes leftover after parsing attributes in process `syz.3.263'.
[   82.988264][ T7052] netlink: 32 bytes leftover after parsing attributes in process `syz.3.263'.
[   83.054877][ T7055] netlink: 20 bytes leftover after parsing attributes in process `syz.3.264'.
[   83.083216][ T7055] bond0: (slave wlan1): Releasing backup interface
[   83.402509][  T832] usb 7-1: USB disconnect, device number 6
[   83.488551][ T5951] Bluetooth: hci0: ACL packet for unknown connection handle 200
[   84.122321][ T7067] netlink: 12 bytes leftover after parsing attributes in process `syz.1.266'.
[   84.330651][ T5951] Bluetooth: hci0: command 0x0c1a tx timeout
[   84.347592][ T7077] tipc: Started in network mode
[   84.349572][ T7077] tipc: Node identity 10000, cluster identity 4711
[   84.351524][ T7077] tipc: Node number set to 65536
[   84.418178][ T5960] Bluetooth: hci3: command 0x0405 tx timeout
[   84.419678][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[   85.288924][   T30] libceph: connect (1)[c::]:6789 error -101
[   85.291485][   T30] libceph: mon0 (1)[c::]:6789 connect error
[   85.334421][ T7088] ceph: No mds server is up or the cluster is laggy
[   85.654585][  T833] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   85.799619][  T833] usb 5-1: Using ep0 maxpacket: 32
[   85.810370][  T833] usb 5-1: config 1 has an invalid interface number: 8 but max is 1
[   85.813323][  T833] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   85.816751][  T833] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   85.820668][  T833] usb 5-1: config 1 has an invalid interface number: 206 but max is 1
[   85.823025][  T833] usb 5-1: config 1 has no interface number 0
[   85.824779][  T833] usb 5-1: config 1 has no interface number 1
[   85.826632][  T833] usb 5-1: config 1 interface 8 altsetting 15 endpoint 0xE has invalid maxpacket 112, setting to 64
[   85.830429][  T833] usb 5-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   85.834476][  T833] usb 5-1: config 1 interface 8 altsetting 15 bulk endpoint 0x5 has invalid maxpacket 1024
[   85.838300][  T833] usb 5-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   85.842676][  T833] usb 5-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   85.845894][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   85.849470][  T833] usb 5-1: config 1 interface 8 altsetting 15 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[   85.853353][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   85.857448][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x2, skipping
[   85.861434][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x5, skipping
[   85.864519][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x2, skipping
[   85.867763][  T833] usb 5-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   85.871655][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x2, skipping
[   85.875930][  T833] usb 5-1: config 1 interface 206 altsetting 153 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   85.879944][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x4, skipping
[   85.882998][  T833] usb 5-1: config 1 interface 206 altsetting 153 endpoint 0xB has invalid maxpacket 512, setting to 64
[   85.886110][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x3, skipping
[   85.890307][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x4, skipping
[   85.894420][  T833] usb 5-1: config 1 interface 206 altsetting 153 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[   85.897809][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xB, skipping
[   85.901108][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xB, skipping
[   85.905696][  T833] usb 5-1: config 1 interface 206 altsetting 153 endpoint 0xC has invalid maxpacket 1024, setting to 64
[   85.910695][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xA, skipping
[   85.915597][  T833] usb 5-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xC, skipping
[   85.919038][  T833] usb 5-1: config 1 interface 8 has no altsetting 0
[   85.921046][  T833] usb 5-1: config 1 interface 206 has no altsetting 0
[   85.924463][  T833] usb 5-1: New USB device found, idVendor=413c, idProduct=81cc, bcdDevice=5d.86
[   85.927342][  T833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.930028][  T833] usb 5-1: Product: syz
[   85.931713][  T833] usb 5-1: SerialNumber: syz
[   85.936358][ T7098] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   86.111396][ T7115] netlink: 72 bytes leftover after parsing attributes in process `syz.1.279'.
[   86.173217][  T833] usb 5-1: USB disconnect, device number 7
[   86.596797][ T7119] rdma_rxe: rxe_newlink: failed to add bond0
[   86.606277][ T7119] (syz.2.280,7119,2):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   86.608754][ T7119] (syz.2.280,7119,2):ocfs2_fill_super:1178 ERROR: status = -22
[   86.961415][ T5960] Bluetooth: hci1: ACL packet for unknown connection handle 200
[   88.048802][ T7171] rdma_rxe: rxe_newlink: failed to add bond0
[   88.664500][ T7185] binder: 7184:7185 ioctl ae01 0 returned -22
[   88.776863][   T30] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   88.949646][   T30] usb 8-1: Using ep0 maxpacket: 32
[   88.953342][   T30] usb 8-1: config 1 has an invalid interface number: 8 but max is 1
[   88.956677][   T30] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   88.960335][   T30] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   88.963049][   T30] usb 8-1: config 1 has an invalid interface number: 206 but max is 1
[   88.965691][   T30] usb 8-1: config 1 has no interface number 0
[   88.968277][   T30] usb 8-1: config 1 has no interface number 1
[   88.970493][   T30] usb 8-1: config 1 interface 8 altsetting 15 endpoint 0xE has invalid maxpacket 112, setting to 64
[   88.974050][   T30] usb 8-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   88.977229][   T30] usb 8-1: config 1 interface 8 altsetting 15 bulk endpoint 0x5 has invalid maxpacket 1024
[   88.980431][   T30] usb 8-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   88.983516][   T30] usb 8-1: config 1 interface 8 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[   88.986742][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   88.990157][   T30] usb 8-1: config 1 interface 8 altsetting 15 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[   88.993615][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   88.996767][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x2, skipping
[   89.001281][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x5, skipping
[   89.004481][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0x2, skipping
[   89.007635][   T30] usb 8-1: config 1 interface 8 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[   89.010961][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x2, skipping
[   89.014238][   T30] usb 8-1: config 1 interface 206 altsetting 153 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   89.079668][  T834] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   89.230244][  T834] usb 7-1: Using ep0 maxpacket: 8
[   89.235620][  T834] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   89.238809][  T834] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   89.242469][  T834] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   89.245460][  T834] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   89.252337][  T834] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   89.255260][  T834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.360250][ T7199] FAULT_INJECTION: forcing a failure.
[   89.360250][ T7199] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.363988][ T7199] CPU: 3 UID: 0 PID: 7199 Comm: syz.1.299 Not tainted 6.13.0-syzkaller #0
[   89.366445][ T7199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.369421][ T7199] Call Trace:
[   89.370401][ T7199]  <TASK>
[   89.371264][ T7199]  dump_stack_lvl+0x16c/0x1f0
[   89.372640][ T7199]  should_fail_ex+0x497/0x5b0
[   89.374016][ T7199]  _copy_to_user+0x32/0xd0
[   89.375327][ T7199]  simple_read_from_buffer+0xd0/0x160
[   89.376910][ T7199]  proc_fail_nth_read+0x198/0x270
[   89.378383][ T7199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   89.379992][ T7199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   89.381604][ T7199]  vfs_read+0x1df/0xbe0
[   89.382817][ T7199]  ? __fget_files+0x1fc/0x3a0
[   89.384185][ T7199]  ? __pfx___mutex_lock+0x10/0x10
[   89.385661][ T7199]  ? __pfx_vfs_read+0x10/0x10
[   89.387033][ T7199]  ? __fget_files+0x206/0x3a0
[   89.388414][ T7199]  ksys_read+0x12b/0x250
[   89.389668][ T7199]  ? __pfx_ksys_read+0x10/0x10
[   89.391059][ T7199]  __do_fast_syscall_32+0x73/0x120
[   89.392551][ T7199]  do_fast_syscall_32+0x32/0x80
[   89.394003][ T7199]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   89.395852][ T7199] RIP: 0023:0xf7fc1579
[   89.397051][ T7199] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   89.402582][ T7199] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   89.405005][ T7199] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5116620
[   89.407277][ T7199] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[   89.409547][ T7199] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   89.411807][ T7199] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   89.414064][ T7199] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   89.416378][ T7199]  </TASK>
[   89.482964][ T7194] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   89.528781][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x4, skipping
[   89.531947][   T30] usb 8-1: config 1 interface 206 altsetting 153 endpoint 0xB has invalid maxpacket 512, setting to 64
[   89.535072][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x3, skipping
[   89.538138][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0x4, skipping
[   89.541518][   T30] usb 8-1: config 1 interface 206 altsetting 153 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[   89.544830][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xB, skipping
[   89.547973][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xB, skipping
[   89.551261][   T30] usb 8-1: config 1 interface 206 altsetting 153 endpoint 0xC has invalid maxpacket 1024, setting to 64
[   89.554393][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xA, skipping
[   89.557523][   T30] usb 8-1: config 1 interface 206 altsetting 153 has a duplicate endpoint with address 0xC, skipping
[   89.561175][  T834] usb 7-1: usb_control_msg returned -71
[   89.561531][   T30] usb 8-1: config 1 interface 8 has no altsetting 0
[   89.562827][  T834] usbtmc 7-1:16.0: can't read capabilities
[   89.564688][   T30] usb 8-1: config 1 interface 206 has no altsetting 0
[   89.566346][   T30] usb 8-1: New USB device found, idVendor=413c, idProduct=81cc, bcdDevice=5d.86
[   89.571173][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.573468][   T30] usb 8-1: Product: syz
[   89.574714][   T30] usb 8-1: SerialNumber: syz
[   89.576189][  T834] usb 7-1: USB disconnect, device number 7
[   89.583778][ T7179] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   89.801948][   T30] usb 8-1: USB disconnect, device number 3
[   90.553103][ T5960] Bluetooth: hci1: ACL packet for unknown connection handle 200
[   91.210403][   T74] wlan1: Trigger new scan to find an IBSS to join
[   91.660029][ T7241] Bluetooth: hci4: Frame reassembly failed (-84)
[   91.662812][   T69] Bluetooth: hci4: Frame reassembly failed (-84)
[   92.098175][ T7251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.312'.
[   92.117060][ T7242] syz.2.308 (7242): drop_caches: 2
[   92.412297][ T7263] netlink: 20 bytes leftover after parsing attributes in process `syz.1.314'.
[   92.427299][ T7263] bond0: (slave wlan1): Releasing backup interface
[   93.159866][ T7270] netlink: 'syz.3.315': attribute type 1 has an invalid length.
[   93.161760][ T7270] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.315'.
[   93.222725][ T7275] netdevsim netdevsim3: Direct firmware load for ,
[   93.222725][ T7275]  failed with error -2
[   93.226064][ T7275] netdevsim netdevsim3: Falling back to sysfs fallback for: ,
[   93.226064][ T7275] 
[   93.689669][ T5951] Bluetooth: hci4: command 0xfc11 tx timeout
[   93.689698][ T5960] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   93.786056][ T7295] netlink: 52 bytes leftover after parsing attributes in process `syz.0.323'.
[   94.073934][ T7300] trusted_key: encrypted_key: insufficient parameters specified
[   94.173172][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.325'.
[   94.194898][ T7305] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[   94.259683][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[   94.316250][ T7310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.326'.
[   94.319155][ T7310] netlink: 'syz.2.326': attribute type 25 has an invalid length.
[   94.327804][ T7310] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   94.330648][ T7310] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   94.333971][ T7310] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   94.336741][ T7310] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   94.479006][ T7312] netfs: Couldn't get user pages (rc=-14)
[   94.769611][   T30] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   94.800079][ T7315] netlink: 'syz.3.329': attribute type 1 has an invalid length.
[   94.802421][ T7315] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.329'.
[   95.071827][   T30] usb 6-1: config 0 has no interfaces?
[   95.074106][   T30] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   95.077710][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.082802][   T30] usb 6-1: config 0 descriptor??
[   95.171946][ T7322] binder: 7321:7322 ioctl 8903 20000140 returned -22
[   95.175022][ T7322] binder: 7321:7322 ioctl c0306201 20000680 returned -14
[   95.305497][ T7327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.333'.
[   95.308064][ T7327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.333'.
[   95.506072][ T1328] usb 6-1: USB disconnect, device number 3
[   96.170484][ T7343] netlink: 'syz.3.338': attribute type 1 has an invalid length.
[   96.173737][ T7343] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.338'.
[   96.430445][ T7353] lo: entered allmulticast mode
[   96.432156][ T7353] dvmrp0: left allmulticast mode
[   96.433697][ T7353] lo: left allmulticast mode
[   96.639604][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.700161][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.819265][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.858375][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.921634][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.845220][ T7375] netlink: 256 bytes leftover after parsing attributes in process `syz.0.346'.
[   97.874927][ T7377] 9pnet_fd: Insufficient options for proto=fd
[   97.934401][ T7382] netlink: 'syz.0.349': attribute type 1 has an invalid length.
[   97.936647][ T7382] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.349'.
[   98.053681][ T7392] vlan2: entered allmulticast mode
[   98.056036][ T7392] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[   98.061396][ T7392] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[   99.021036][ T7407] geneve2: entered promiscuous mode
[   99.022775][ T7407] geneve2: entered allmulticast mode
[   99.027791][ T7407] batman_adv: batadv0: Adding interface: geneve2
[   99.033124][ T7407] batman_adv: batadv0: Interface activated: geneve2
[   99.094490][ T7411] netlink: 'syz.3.359': attribute type 10 has an invalid length.
[   99.097492][ T7411] netlink: 40 bytes leftover after parsing attributes in process `syz.3.359'.
[   99.102805][ T7411] batman_adv: batadv0: Adding interface: vlan1
[   99.105402][ T7411] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.112294][ T7413] FAULT_INJECTION: forcing a failure.
[   99.112294][ T7413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.119006][ T7413] CPU: 0 UID: 0 PID: 7413 Comm: syz.1.360 Not tainted 6.13.0-syzkaller #0
[   99.121456][ T7413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.122608][ T7411] batman_adv: batadv0: Interface activated: vlan1
[   99.124485][ T7413] Call Trace:
[   99.124491][ T7413]  <TASK>
[   99.128910][ T7413]  dump_stack_lvl+0x16c/0x1f0
[   99.130272][ T7413]  should_fail_ex+0x497/0x5b0
[   99.131634][ T7413]  _copy_to_user+0x32/0xd0
[   99.132924][ T7413]  simple_read_from_buffer+0xd0/0x160
[   99.134458][ T7413]  proc_fail_nth_read+0x198/0x270
[   99.135908][ T7413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.137642][ T7413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.138596][ T7411] program syz.3.359 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   99.139356][ T7413]  vfs_read+0x1df/0xbe0
[   99.145407][ T7413]  ? __fget_files+0x1fc/0x3a0
[   99.145426][ T7413]  ? __pfx___mutex_lock+0x10/0x10
[   99.145440][ T7413]  ? __pfx_vfs_read+0x10/0x10
[   99.145455][ T7413]  ? __fget_files+0x206/0x3a0
[   99.145471][ T7413]  ksys_read+0x12b/0x250
[   99.153347][ T7413]  ? __pfx_ksys_read+0x10/0x10
[   99.153370][ T7413]  __do_fast_syscall_32+0x73/0x120
[   99.153386][ T7413]  do_fast_syscall_32+0x32/0x80
[   99.153399][ T7413]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.153416][ T7413] RIP: 0023:0xf7fc1579
[   99.153426][ T7413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   99.153436][ T7413] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   99.153448][ T7413] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5116620
[   99.153455][ T7413] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[   99.153461][ T7413] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   99.153467][ T7413] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   99.153474][ T7413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.153487][ T7413]  </TASK>
[   99.153553][    C0] vkms_vblank_simulate: vblank timer overrun
[   99.205428][ T7419] netlink: 'syz.1.362': attribute type 1 has an invalid length.
[   99.207909][ T7419] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.362'.
[   99.430295][ T1328] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   99.579619][ T1328] usb 5-1: Using ep0 maxpacket: 8
[   99.590527][ T1328] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   99.651946][ T1328] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   99.654808][ T1328] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   99.658319][ T1328] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   99.664248][ T1328] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   99.668131][ T1328] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.683591][ T7437] syz.3.366: attempt to access beyond end of device
[   99.683591][ T7437] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[   99.688661][ T7437] syz.3.366: attempt to access beyond end of device
[   99.688661][ T7437] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[   99.823620][ T7441] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0
[   99.889711][ T7417] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   99.939821][ T5951] Bluetooth: hci3: command 0x0405 tx timeout
[  100.000284][ T1328] usb 5-1: usb_control_msg returned -71
[  100.002015][ T1328] usbtmc 5-1:16.0: can't read capabilities
[  100.007691][ T1328] usb 5-1: USB disconnect, device number 8
[  100.848369][ T7463] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  100.882291][ T7463] UDF-fs: Scanning with blocksize 2048 failed
[  100.887411][ T7463] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  100.889704][ T7463] UDF-fs: Scanning with blocksize 4096 failed
[  101.000255][ T7469] netlink: 'syz.3.373': attribute type 1 has an invalid length.
[  101.003453][ T7469] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.373'.
[  101.303325][ T7482] netlink: 'syz.3.377': attribute type 1 has an invalid length.
[  101.305680][ T7482] netlink: 224 bytes leftover after parsing attributes in process `syz.3.377'.
[  101.513670][ T7491] FAULT_INJECTION: forcing a failure.
[  101.513670][ T7491] name failslab, interval 1, probability 0, space 0, times 0
[  101.517367][ T7491] CPU: 1 UID: 0 PID: 7491 Comm: syz.2.380 Not tainted 6.13.0-syzkaller #0
[  101.519802][ T7491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.522869][ T7491] Call Trace:
[  101.523843][ T7491]  <TASK>
[  101.524716][ T7491]  dump_stack_lvl+0x16c/0x1f0
[  101.526106][ T7491]  should_fail_ex+0x497/0x5b0
[  101.527477][ T7491]  ? fs_reclaim_acquire+0xae/0x150
[  101.528965][ T7491]  should_failslab+0xc2/0x120
[  101.530323][ T7491]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  101.532006][ T7491]  ? __alloc_skb+0x2b3/0x380
[  101.533361][ T7491]  ? bpf_lsm_capable+0x9/0x10
[  101.534726][ T7491]  __alloc_skb+0x2b3/0x380
[  101.536038][ T7491]  ? __pfx___alloc_skb+0x10/0x10
[  101.537486][ T7491]  ? genl_rcv_msg+0x540/0x800
[  101.538860][ T7491]  ? genl_rcv_msg+0x4bd/0x800
[  101.540240][ T7491]  netlink_ack+0x164/0xb20
[  101.541553][ T7491]  netlink_rcv_skb+0x327/0x410
[  101.542944][ T7491]  ? __pfx_genl_rcv_msg+0x10/0x10
[  101.544412][ T7491]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  101.545959][ T7491]  ? down_read+0xc9/0x330
[  101.547208][ T7491]  ? __pfx_down_read+0x10/0x10
[  101.548087][ T7477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.375'.
[  101.548608][ T7491]  ? netlink_deliver_tap+0x1ae/0xca0
[  101.548624][ T7491]  genl_rcv+0x28/0x40
[  101.548635][ T7491]  netlink_unicast+0x53c/0x7f0
[  101.548648][ T7491]  ? __pfx_netlink_unicast+0x10/0x10
[  101.557035][ T7491]  ? __phys_addr_symbol+0x30/0x80
[  101.558469][ T7491]  ? __check_object_size+0x488/0x710
[  101.560002][ T7491]  netlink_sendmsg+0x8b8/0xd70
[  101.561411][ T7491]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.562924][ T7491]  ____sys_sendmsg+0x9ae/0xb40
[  101.564289][ T7491]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.565818][ T7491]  ? get_compat_msghdr+0x11b/0x170
[  101.567305][ T7491]  ___sys_sendmsg+0x135/0x1e0
[  101.568681][ T7491]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.570192][ T7491]  ? __pfx_lock_release+0x10/0x10
[  101.571648][ T7491]  ? trace_lock_acquire+0x14e/0x1f0
[  101.573150][ T7491]  ? __fget_files+0x206/0x3a0
[  101.574514][ T7491]  __sys_sendmsg+0x16e/0x220
[  101.575873][ T7491]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.577378][ T7491]  __do_fast_syscall_32+0x73/0x120
[  101.578809][ T7491]  do_fast_syscall_32+0x32/0x80
[  101.580232][ T7491]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  101.582069][ T7491] RIP: 0023:0xf7f85579
[  101.583261][ T7491] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  101.588763][ T7491] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  101.591156][ T7491] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  101.593443][ T7491] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  101.595736][ T7491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  101.598006][ T7491] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  101.600290][ T7491] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  101.602632][ T7491]  </TASK>
[  101.674415][ T7502] netlink: 'syz.3.382': attribute type 1 has an invalid length.
[  101.676713][ T7502] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.382'.
[  101.702280][ T7505] FAULT_INJECTION: forcing a failure.
[  101.702280][ T7505] name failslab, interval 1, probability 0, space 0, times 0
[  101.706819][ T7505] CPU: 3 UID: 0 PID: 7505 Comm: syz.2.385 Not tainted 6.13.0-syzkaller #0
[  101.709275][ T7505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.712340][ T7505] Call Trace:
[  101.713324][ T7505]  <TASK>
[  101.714181][ T7505]  dump_stack_lvl+0x16c/0x1f0
[  101.715567][ T7505]  should_fail_ex+0x497/0x5b0
[  101.716952][ T7505]  ? fs_reclaim_acquire+0xae/0x150
[  101.718534][ T7505]  should_failslab+0xc2/0x120
[  101.719978][ T7505]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  101.721752][ T7505]  ? vma_merge_new_range+0x3f0/0xb70
[  101.723268][ T7505]  ? vm_area_alloc+0x1f/0x1c0
[  101.724638][ T7505]  vm_area_alloc+0x1f/0x1c0
[  101.725949][ T7505]  __mmap_region+0x1091/0x2760
[  101.727334][ T7505]  ? __pfx___mmap_region+0x10/0x10
[  101.728807][ T7505]  ? hlock_class+0x4e/0x130
[  101.730129][ T7505]  ? mark_lock+0xb5/0xc60
[  101.731435][ T7505]  ? mm_get_unmapped_area+0x95/0xe0
[  101.732965][ T7505]  ? cap_mmap_addr+0x53/0x320
[  101.734352][ T7505]  mmap_region+0x270/0x320
[  101.735705][ T7505]  do_mmap+0xa09/0x1050
[  101.736927][ T7505]  vm_mmap_pgoff+0x1ba/0x360
[  101.738270][ T7505]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  101.739765][ T7505]  ? __fget_files+0x206/0x3a0
[  101.741123][ T7505]  ksys_mmap_pgoff+0x32c/0x5c0
[  101.742490][ T7505]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  101.744095][ T7505]  __do_fast_syscall_32+0x73/0x120
[  101.745578][ T7505]  do_fast_syscall_32+0x32/0x80
[  101.746967][ T7505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  101.748764][ T7505] RIP: 0023:0xf7f85579
[  101.749932][ T7505] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  101.755341][ T7505] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  101.757696][ T7505] RAX: ffffffffffffffda RBX: 0000000020f9f000 RCX: 0000000000004000
[  101.759949][ T7505] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000000003
[  101.762187][ T7505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  101.764441][ T7505] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  101.766711][ T7505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  101.768953][ T7505]  </TASK>
[  101.784778][ T7507] usb usb8: usbfs: process 7507 (syz.0.379) did not claim interface 0 before use
[  101.788117][ T7507] netlink: 32 bytes leftover after parsing attributes in process `syz.0.379'.
[  101.891546][ T7521] FAULT_INJECTION: forcing a failure.
[  101.891546][ T7521] name failslab, interval 1, probability 0, space 0, times 0
[  101.895156][ T7521] CPU: 0 UID: 0 PID: 7521 Comm: syz.3.387 Not tainted 6.13.0-syzkaller #0
[  101.897582][ T7521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.900674][ T7521] Call Trace:
[  101.901655][ T7521]  <TASK>
[  101.902534][ T7521]  dump_stack_lvl+0x16c/0x1f0
[  101.904030][ T7521]  should_fail_ex+0x497/0x5b0
[  101.905441][ T7521]  should_failslab+0xc2/0x120
[  101.906864][ T7521]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  101.908418][ T7521]  ? skb_clone+0x190/0x3f0
[  101.909764][ T7521]  skb_clone+0x190/0x3f0
[  101.911003][ T7521]  netlink_deliver_tap+0xafd/0xca0
[  101.912491][ T7521]  netlink_dump+0x639/0xd00
[  101.913825][ T7521]  ? __pfx_netlink_dump+0x10/0x10
[  101.915298][ T7521]  ? __inet_diag_dump_start+0x42c/0x7f0
[  101.916945][ T7521]  __netlink_dump_start+0x6d9/0x980
[  101.918456][ T7521]  inet_diag_rcv_msg_compat+0x277/0x2d0
[  101.920077][ T7521]  ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10
[  101.921849][ T7521]  ? __pfx_inet_diag_dump_start_compat+0x10/0x10
[  101.923679][ T7521]  ? __pfx_inet_diag_dump_compat+0x10/0x10
[  101.925417][ T7521]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  101.927065][ T7521]  sock_diag_rcv_msg+0x36f/0x790
[  101.928513][ T7521]  netlink_rcv_skb+0x165/0x410
[  101.929911][ T7521]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  101.931490][ T7521]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  101.933039][ T7521]  ? netlink_deliver_tap+0x1ae/0xca0
[  101.934582][ T7521]  netlink_unicast+0x53c/0x7f0
[  101.935978][ T7521]  ? __pfx_netlink_unicast+0x10/0x10
[  101.937521][ T7521]  ? __phys_addr_symbol+0x30/0x80
[  101.938984][ T7521]  ? __check_object_size+0x488/0x710
[  101.940532][ T7521]  netlink_sendmsg+0x8b8/0xd70
[  101.941941][ T7521]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.943471][ T7521]  ____sys_sendmsg+0x9ae/0xb40
[  101.944869][ T7521]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.946343][ T7521]  ? get_compat_msghdr+0x11b/0x170
[  101.947839][ T7521]  ___sys_sendmsg+0x135/0x1e0
[  101.949243][ T7521]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.950902][ T7521]  ? __pfx_lock_release+0x10/0x10
[  101.952362][ T7521]  ? trace_lock_acquire+0x14e/0x1f0
[  101.953882][ T7521]  ? __fget_files+0x206/0x3a0
[  101.955246][ T7521]  __sys_sendmsg+0x16e/0x220
[  101.956610][ T7521]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.957970][ T7521]  __do_fast_syscall_32+0x73/0x120
[  101.959462][ T7521]  do_fast_syscall_32+0x32/0x80
[  101.960876][ T7521]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  101.962698][ T7521] RIP: 0023:0xf70be579
[  101.963953][ T7521] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  101.970378][ T7521] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  101.970397][ T7521] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0
[  101.970404][ T7521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  101.970411][ T7521] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  101.970417][ T7521] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  101.970424][ T7521] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  101.970437][ T7521]  </TASK>
[  101.985194][    C0] vkms_vblank_simulate: vblank timer overrun
[  102.866292][ T7549] binder: 7548:7549 ioctl c018620c 20000140 returned -22
[  102.989742][ T7556] netlink: 'syz.2.395': attribute type 1 has an invalid length.
[  102.991978][ T7556] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.395'.
[  103.109622][ T7172] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  103.225641][ T7567] netlink: 8 bytes leftover after parsing attributes in process `syz.3.398'.
[  103.269918][ T7564] FAULT_INJECTION: forcing a failure.
[  103.269918][ T7564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.273800][ T7564] CPU: 0 UID: 0 PID: 7564 Comm: syz.2.397 Not tainted 6.13.0-syzkaller #0
[  103.276223][ T7564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.277596][ T7172] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.279268][ T7564] Call Trace:
[  103.279275][ T7564]  <TASK>
[  103.279280][ T7564]  dump_stack_lvl+0x16c/0x1f0
[  103.279298][ T7564]  should_fail_ex+0x497/0x5b0
[  103.282505][ T7172] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  103.283349][ T7564]  _copy_from_user+0x2e/0xd0
[  103.284278][ T7172] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.285594][ T7564]  snd_seq_ioctl+0x1c0/0x3f0
[  103.285610][ T7564]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  103.285629][ T7564]  ? __fget_files+0x206/0x3a0
[  103.288786][ T7172] usb 5-1: config 0 descriptor??
[  103.289906][ T7564]  snd_seq_ioctl_compat+0xea/0x310
[  103.289920][ T7564]  ? __pfx_snd_seq_ioctl_compat+0x10/0x10
[  103.289931][ T7564]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  103.289943][ T7564]  __do_fast_syscall_32+0x73/0x120
[  103.289958][ T7564]  do_fast_syscall_32+0x32/0x80
[  103.307014][ T7564]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  103.308822][ T7564] RIP: 0023:0xf7f85579
[  103.309983][ T7564] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  103.315400][ T7564] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  103.317785][ T7564] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045304
[  103.320039][ T7564] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  103.322323][ T7564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  103.324545][ T7564] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  103.326802][ T7564] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  103.329038][ T7564]  </TASK>
[  103.330009][    C0] vkms_vblank_simulate: vblank timer overrun
[  103.495746][ T7172] usbhid 5-1:0.0: can't add hid device: -71
[  103.497619][ T7172] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  103.500526][ T7172] usb 5-1: USB disconnect, device number 9
[  104.053580][ T7567] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  104.065113][ T7567] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  104.098075][ T7567] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  104.103680][ T7567] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  104.115267][ T7567] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  104.120618][ T7567] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  104.298359][ T7589] netlink: 'syz.3.403': attribute type 1 has an invalid length.
[  104.302003][ T7589] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.403'.
[  104.398088][ T7593] netlink: 'syz.3.404': attribute type 1 has an invalid length.
[  104.400456][ T7593] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.404'.
[  104.524258][ T7599] netlink: 144 bytes leftover after parsing attributes in process `syz.3.405'.
[  104.526841][ T7599] netlink: 140 bytes leftover after parsing attributes in process `syz.3.405'.
[  104.581660][ T7601] FAULT_INJECTION: forcing a failure.
[  104.581660][ T7601] name failslab, interval 1, probability 0, space 0, times 0
[  104.585496][ T7601] CPU: 2 UID: 0 PID: 7601 Comm: syz.3.406 Not tainted 6.13.0-syzkaller #0
[  104.587935][ T7601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.591018][ T7601] Call Trace:
[  104.591992][ T7601]  <TASK>
[  104.592869][ T7601]  dump_stack_lvl+0x16c/0x1f0
[  104.594242][ T7601]  should_fail_ex+0x497/0x5b0
[  104.595607][ T7601]  ? fs_reclaim_acquire+0xae/0x150
[  104.597107][ T7601]  should_failslab+0xc2/0x120
[  104.598513][ T7601]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  104.600086][ T7601]  ? __pfx_mark_lock+0x10/0x10
[  104.601522][ T7601]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  104.603286][ T7601]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  104.605008][ T7601]  mmu_topup_memory_caches+0x22/0xd0
[  104.606588][ T7601]  kvm_mmu_load+0xda/0x21f0
[  104.607909][ T7601]  ? mark_held_locks+0x9f/0xe0
[  104.609308][ T7601]  ? kvm_apic_has_interrupt+0xb6/0x190
[  104.610877][ T7601]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  104.612605][ T7601]  ? kvm_guest_time_update+0x780/0xeb0
[  104.614180][ T7601]  ? clear_pending_if_disabled+0xa9/0x210
[  104.615825][ T7601]  ? __pfx_kvm_mmu_load+0x10/0x10
[  104.617293][ T7601]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  104.618979][ T7601]  ? kvm_check_and_inject_events+0x725/0x12e0
[  104.620766][ T7601]  vcpu_run+0x2e2e/0x4c00
[  104.622029][ T7601]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  104.623639][ T7601]  ? __pfx_vcpu_run+0x10/0x10
[  104.625014][ T7601]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  104.626646][ T7601]  ? rcu_is_watching+0x12/0xc0
[  104.628070][ T7601]  ? trace_lock_acquire+0x14e/0x1f0
[  104.629585][ T7601]  ? __local_bh_enable_ip+0xa4/0x120
[  104.631113][ T7601]  ? lockdep_hardirqs_on+0x7c/0x110
[  104.632627][ T7601]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  104.634271][ T7601]  ? lock_acquire+0x2f/0xb0
[  104.635627][ T7601]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  104.637289][ T7601]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  104.638886][ T7601]  kvm_vcpu_ioctl+0x6ce/0x1520
[  104.640285][ T7601]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  104.641928][ T7601]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.643427][ T7601]  ? tomoyo_path_number_perm+0x190/0x5b0
[  104.645062][ T7601]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  104.646804][ T7601]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.648521][ T7601]  ? do_vfs_ioctl+0x513/0x1950
[  104.649922][ T7601]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.651391][ T7601]  ? __pfx_lock_release+0x10/0x10
[  104.652858][ T7601]  ? trace_lock_acquire+0x14e/0x1f0
[  104.654370][ T7601]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  104.655891][ T7601]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  104.657576][ T7601]  ? __fget_files+0x206/0x3a0
[  104.658958][ T7601]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  104.660670][ T7601]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  104.662193][ T7601]  __do_fast_syscall_32+0x73/0x120
[  104.663687][ T7601]  do_fast_syscall_32+0x32/0x80
[  104.665112][ T7601]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.666961][ T7601] RIP: 0023:0xf70be579
[  104.668149][ T7601] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.673663][ T7601] RSP: 002b:00000000f50b055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  104.676055][ T7601] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  104.678369][ T7601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  104.680688][ T7601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.682980][ T7601] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.685222][ T7601] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.687532][ T7601]  </TASK>
[  104.940015][ T7611] ata1.00: non-matching transfer count (1530558389/0)
[  105.089034][ T7615] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  105.128678][ T7616] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  105.174500][ T7616] UDF-fs: Scanning with blocksize 2048 failed
[  105.177149][ T7620] netlink: 'syz.3.412': attribute type 1 has an invalid length.
[  105.183989][ T7620] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.412'.
[  105.194736][ T7616] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  105.205384][ T7616] UDF-fs: Scanning with blocksize 4096 failed
[  105.322540][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.414'.
[  105.326190][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.414'.
[  105.330516][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.414'.
[  105.861038][ T7634] Illegal XDP return value 4294967262 on prog  (id 102) dev N/A, expect packet loss!
[  106.110911][ T7640] trusted_key: encrypted_key: insufficient parameters specified
[  106.459690][ T7172] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  106.570841][    T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  106.619666][ T7172] usb 5-1: Using ep0 maxpacket: 8
[  106.623868][ T7172] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  106.626812][ T7172] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  106.629727][ T7172] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  106.632511][ T7172] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.636289][ T7172] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  106.638880][ T7172] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.719603][    T9] usb 8-1: Using ep0 maxpacket: 8
[  106.722411][    T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  106.725251][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  106.728181][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  106.731244][    T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.735028][    T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  106.738109][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.857712][ T7644] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  106.930773][ T7172] usb 5-1: usb_control_msg returned -71
[  106.932520][ T7172] usbtmc 5-1:16.0: can't read capabilities
[  106.935291][ T7172] usb 5-1: USB disconnect, device number 10
[  106.981414][ T7646] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  107.052981][    T9] usb 8-1: usb_control_msg returned -71
[  107.054810][    T9] usbtmc 8-1:16.0: can't read capabilities
[  107.057691][    T9] usb 8-1: USB disconnect, device number 4
[  107.719587][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  108.048909][    T9] usb 5-1: Using ep0 maxpacket: 8
[  108.076489][    T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  108.083909][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  108.093397][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  108.097688][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  108.102974][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  108.108057][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  108.112460][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.623872][    T9] usb 5-1: usb_control_msg returned -32
[  108.625646][    T9] usbtmc 5-1:16.0: can't read capabilities
[  108.891292][ T7694] FAULT_INJECTION: forcing a failure.
[  108.891292][ T7694] name failslab, interval 1, probability 0, space 0, times 0
[  108.894602][ T7694] CPU: 2 UID: 0 PID: 7694 Comm: syz.2.430 Not tainted 6.13.0-syzkaller #0
[  108.896777][ T7694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.899716][ T7694] Call Trace:
[  108.900873][ T7694]  <TASK>
[  108.901960][ T7694]  dump_stack_lvl+0x16c/0x1f0
[  108.903656][ T7694]  should_fail_ex+0x497/0x5b0
[  108.905076][ T7694]  should_failslab+0xc2/0x120
[  108.906303][ T7694]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  108.907688][ T7694]  ? skb_clone+0x190/0x3f0
[  108.908863][ T7694]  skb_clone+0x190/0x3f0
[  108.909964][ T7694]  netlink_deliver_tap+0xafd/0xca0
[  108.911319][ T7694]  netlink_unicast+0x6b4/0x7f0
[  108.912585][ T7694]  ? __pfx_netlink_unicast+0x10/0x10
[  108.913965][ T7694]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  108.915342][ T7694]  netlink_ack+0x6a5/0xb20
[  108.916587][ T7694]  netlink_rcv_skb+0x327/0x410
[  108.917840][ T7694]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  108.919258][ T7694]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  108.920940][ T7694]  ? netlink_deliver_tap+0x1ae/0xca0
[  108.922841][ T7694]  netlink_unicast+0x53c/0x7f0
[  108.924591][ T7694]  ? __pfx_netlink_unicast+0x10/0x10
[  108.926480][ T7694]  ? __phys_addr_symbol+0x30/0x80
[  108.928265][ T7694]  ? __check_object_size+0x488/0x710
[  108.930185][ T7694]  netlink_sendmsg+0x8b8/0xd70
[  108.931885][ T7694]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.933809][ T7694]  ____sys_sendmsg+0x9ae/0xb40
[  108.935527][ T7694]  ? __pfx_____sys_sendmsg+0x10/0x10
[  108.937432][ T7694]  ? get_compat_msghdr+0x11b/0x170
[  108.939124][ T7694]  ___sys_sendmsg+0x135/0x1e0
[  108.940868][ T7694]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.942395][ T7694]  ? __pfx_lock_release+0x10/0x10
[  108.943811][ T7694]  ? trace_lock_acquire+0x14e/0x1f0
[  108.945335][ T7694]  ? __fget_files+0x206/0x3a0
[  108.946760][ T7694]  __sys_sendmsg+0x16e/0x220
[  108.948025][ T7694]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.949490][ T7694]  __do_fast_syscall_32+0x73/0x120
[  108.951079][ T7694]  do_fast_syscall_32+0x32/0x80
[  108.952880][ T7694]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.955070][ T7694] RIP: 0023:0xf7f85579
[  108.956328][ T7694] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.962584][ T7694] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  108.965455][ T7694] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000c80
[  108.968039][ T7694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.970303][ T7694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.973170][ T7694] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.976023][ T7694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.978411][ T7694]  </TASK>
[  109.329670][ T7172] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  109.489631][ T7172] usb 8-1: Using ep0 maxpacket: 8
[  109.494191][ T7172] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  109.497288][ T7172] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  109.500583][ T7172] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  109.510126][ T7172] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  109.514497][ T7172] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  109.517970][ T7172] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.585537][ T7704] 9pnet: Found fid 0 not clunked
[  109.743098][ T7698] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  109.814141][ T7172] usb 8-1: usb_control_msg returned -71
[  109.816801][ T7172] usbtmc 8-1:16.0: can't read capabilities
[  109.822701][ T7172] usb 8-1: USB disconnect, device number 5
[  110.004944][ T7720] FAULT_INJECTION: forcing a failure.
[  110.004944][ T7720] name failslab, interval 1, probability 0, space 0, times 0
[  110.008857][ T7720] CPU: 1 UID: 0 PID: 7720 Comm: syz.2.438 Not tainted 6.13.0-syzkaller #0
[  110.011302][ T7720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.014570][ T7720] Call Trace:
[  110.015580][ T7720]  <TASK>
[  110.016444][ T7720]  dump_stack_lvl+0x16c/0x1f0
[  110.017843][ T7720]  should_fail_ex+0x497/0x5b0
[  110.019221][ T7720]  should_failslab+0xc2/0x120
[  110.020603][ T7720]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  110.022162][ T7720]  ? skb_clone+0x190/0x3f0
[  110.023480][ T7720]  skb_clone+0x190/0x3f0
[  110.024720][ T7720]  netlink_deliver_tap+0xafd/0xca0
[  110.026211][ T7720]  netlink_unicast+0x5e1/0x7f0
[  110.027601][ T7720]  ? __pfx_netlink_unicast+0x10/0x10
[  110.029129][ T7720]  ? __phys_addr_symbol+0x30/0x80
[  110.030589][ T7720]  ? __check_object_size+0x488/0x710
[  110.032112][ T7720]  netlink_sendmsg+0x8b8/0xd70
[  110.033501][ T7720]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.035024][ T7720]  ____sys_sendmsg+0x9ae/0xb40
[  110.036421][ T7720]  ? __pfx_____sys_sendmsg+0x10/0x10
[  110.037950][ T7720]  ? get_compat_msghdr+0x11b/0x170
[  110.039446][ T7720]  ___sys_sendmsg+0x135/0x1e0
[  110.040852][ T7720]  ? __pfx____sys_sendmsg+0x10/0x10
[  110.042376][ T7720]  ? __pfx_lock_release+0x10/0x10
[  110.043849][ T7720]  ? trace_lock_acquire+0x14e/0x1f0
[  110.045386][ T7720]  ? __fget_files+0x206/0x3a0
[  110.046789][ T7720]  __sys_sendmsg+0x16e/0x220
[  110.048138][ T7720]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.049645][ T7720]  __do_fast_syscall_32+0x73/0x120
[  110.051300][ T7720]  do_fast_syscall_32+0x32/0x80
[  110.052782][ T7720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.054600][ T7720] RIP: 0023:0xf7f85579
[  110.055797][ T7720] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.061287][ T7720] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  110.063654][ T7720] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000380
[  110.065936][ T7720] RDX: 0000000000008010 RSI: 0000000000000000 RDI: 0000000000000000
[  110.068202][ T7720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.070480][ T7720] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.072751][ T7720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.075055][ T7720]  </TASK>
[  110.476299][ T7172] usb 5-1: USB disconnect, device number 11
[  110.553911][ T7735] FAULT_INJECTION: forcing a failure.
[  110.553911][ T7735] name failslab, interval 1, probability 0, space 0, times 0
[  110.557536][ T7735] CPU: 2 UID: 0 PID: 7735 Comm: syz.0.443 Not tainted 6.13.0-syzkaller #0
[  110.559940][ T7735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.562999][ T7735] Call Trace:
[  110.563977][ T7735]  <TASK>
[  110.564843][ T7735]  dump_stack_lvl+0x16c/0x1f0
[  110.566223][ T7735]  should_fail_ex+0x497/0x5b0
[  110.567578][ T7735]  ? fs_reclaim_acquire+0xae/0x150
[  110.569059][ T7735]  should_failslab+0xc2/0x120
[  110.570431][ T7735]  __kmalloc_node_noprof+0xd1/0x520
[  110.571949][ T7735]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.573829][ T7735]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  110.575345][ T7735]  __kvmalloc_node_noprof+0xad/0x1a0
[  110.576933][ T7735]  pfifo_fast_init+0x125/0x3b0
[  110.578337][ T7735]  ? __pfx_pfifo_fast_init+0x10/0x10
[  110.579882][ T7735]  qdisc_create_dflt+0x101/0x430
[  110.581317][ T7735]  dev_activate+0x63a/0x12b0
[  110.582666][ T7735]  ? __pfx_dev_activate+0x10/0x10
[  110.584135][ T7735]  ? __local_bh_enable_ip+0xa4/0x120
[  110.585706][ T7735]  __dev_open+0x396/0x4e0
[  110.586968][ T7735]  ? __pfx___dev_open+0x10/0x10
[  110.588361][ T7735]  ? __local_bh_enable_ip+0xa4/0x120
[  110.589865][ T7735]  __dev_change_flags+0x561/0x720
[  110.591318][ T7735]  ? __pfx___dev_change_flags+0x10/0x10
[  110.592912][ T7735]  ? apparmor_capable+0x114/0x1d0
[  110.594380][ T7735]  dev_change_flags+0x8f/0x160
[  110.595793][ T7735]  devinet_ioctl+0x11d7/0x1f40
[  110.597188][ T7735]  ? __pfx_devinet_ioctl+0x10/0x10
[  110.598663][ T7735]  ? _copy_from_user+0x59/0xd0
[  110.600066][ T7735]  inet_ioctl+0x3aa/0x3f0
[  110.601321][ T7735]  ? __pfx_inet_ioctl+0x10/0x10
[  110.602740][ T7735]  packet_ioctl+0xb3/0x280
[  110.604040][ T7735]  sock_do_ioctl+0x116/0x280
[  110.605385][ T7735]  ? __pfx_sock_do_ioctl+0x10/0x10
[  110.606885][ T7735]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  110.608335][ T7735]  compat_sock_ioctl+0x318/0x7e0
[  110.609769][ T7735]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  110.611331][ T7735]  ? __fget_files+0x206/0x3a0
[  110.612692][ T7735]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  110.614264][ T7735]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  110.615787][ T7735]  __do_fast_syscall_32+0x73/0x120
[  110.617268][ T7735]  do_fast_syscall_32+0x32/0x80
[  110.618670][ T7735]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.620504][ T7735] RIP: 0023:0xf7f08579
[  110.621674][ T7735] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.627134][ T7735] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  110.629512][ T7735] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000008914
[  110.631755][ T7735] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  110.634013][ T7735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.636251][ T7735] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.638507][ T7735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.640864][ T7735]  </TASK>
[  110.748446][ T7735] syzkaller1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  111.132302][ T7751] ------------[ cut here ]------------
[  111.134084][ T7751] WARNING: CPU: 0 PID: 7751 at mm/page_alloc.c:4729 __alloc_pages_noprof+0xeff/0x25b0
[  111.136869][ T7751] Modules linked in:
[  111.138074][ T7751] CPU: 0 UID: 0 PID: 7751 Comm: syz.2.446 Not tainted 6.13.0-syzkaller #0
[  111.142725][ T7751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.146038][ T7751] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0
[  111.147806][ T7751] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 de b2 fe ff e9 69 f9 ff ff c6 05 f4 ad 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 df 9f 0c 00 8b 14 24 e9
[  111.153572][ T7751] RSP: 0018:ffffc9000fb378f8 EFLAGS: 00010246
[  111.155696][ T7751] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  111.157969][ T7751] RDX: 0000000000000000 RSI: 000000000000001a RDI: 0000000000040d40
[  111.160369][ T7751] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  111.162643][ T7751] R10: 000000200004c000 R11: 0000000000000001 R12: 000000000000001a
[  111.165040][ T7751] R13: 0000000000040d40 R14: 1ffff92001f66f33 R15: 0000000000000001
[  111.167501][ T7751] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f50b5b40
[  111.170090][ T7751] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  111.171987][ T7751] CR2: 000000000c382348 CR3: 000000006bc44000 CR4: 0000000000352ef0
[  111.174276][ T7751] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  111.176531][ T7751] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  111.178818][ T7751] Call Trace:
[  111.179920][ T7751]  <TASK>
[  111.180820][ T7751]  ? __warn+0xea/0x3c0
[  111.182027][ T7751]  ? __alloc_pages_noprof+0xeff/0x25b0
[  111.183630][ T7751]  ? report_bug+0x3c0/0x580
[  111.184955][ T7751]  ? handle_bug+0x54/0xa0
[  111.186216][ T7751]  ? exc_invalid_op+0x17/0x50
[  111.187570][ T7751]  ? asm_exc_invalid_op+0x1a/0x20
[  111.189042][ T7751]  ? __alloc_pages_noprof+0xeff/0x25b0
[  111.190684][ T7751]  ? mark_held_locks+0x9f/0xe0
[  111.192066][ T7751]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  111.193720][ T7751]  ? kasan_quarantine_put+0x10a/0x240
[  111.195255][ T7751]  ? lockdep_hardirqs_on+0x7c/0x110
[  111.196787][ T7751]  ? p9_client_clunk+0x12a/0x170
[  111.198250][ T7751]  ? p9_client_clunk+0x12f/0x170
[  111.199762][ T7751]  ___kmalloc_large_node+0x84/0x1b0
[  111.201301][ T7751]  __kmalloc_large_node_noprof+0x1c/0x70
[  111.202913][ T7751]  __kmalloc_noprof.cold+0xc/0x63
[  111.204364][ T7751]  ? lockdep_init_map_type+0x16d/0x7d0
[  111.205952][ T7751]  ? v9fs_cache_inode_get_cookie+0x290/0x3a0
[  111.207682][ T7751]  ? v9fs_fid_get_acl+0x7a/0x120
[  111.209116][ T7751]  v9fs_fid_get_acl+0x7a/0x120
[  111.210579][ T7751]  v9fs_get_acl+0xee/0x530
[  111.211873][ T7751]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  111.213473][ T7751]  v9fs_mount+0x4fe/0xa30
[  111.214748][ T7751]  ? __pfx_v9fs_mount+0x10/0x10
[  111.216047][ T7751]  ? __pfx_v9fs_mount+0x10/0x10
[  111.217462][ T7751]  legacy_get_tree+0x109/0x220
[  111.218832][ T7751]  vfs_get_tree+0x8f/0x380
[  111.220179][ T7751]  path_mount+0x6e1/0x1f00
[  111.221482][ T7751]  ? kmem_cache_free+0x152/0x4c0
[  111.222911][ T7751]  ? __pfx_path_mount+0x10/0x10
[  111.224322][ T7751]  ? putname+0x13c/0x180
[  111.225554][ T7751]  __ia32_sys_mount+0x292/0x310
[  111.226962][ T7751]  ? __pfx___ia32_sys_mount+0x10/0x10
[  111.228494][ T7751]  __do_fast_syscall_32+0x73/0x120
[  111.230051][ T7751]  do_fast_syscall_32+0x32/0x80
[  111.231513][ T7751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.233339][ T7751] RIP: 0023:0xf7f85579
[  111.234542][ T7751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.240100][ T7751] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  111.242618][ T7751] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0
[  111.245009][ T7751] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000580
[  111.247290][ T7751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.249626][ T7751] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  111.251937][ T7751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.254189][ T7751]  </TASK>
[  111.255215][ T7751] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  111.258306][ T7751] CPU: 0 UID: 0 PID: 7751 Comm: syz.2.446 Not tainted 6.13.0-syzkaller #0
[  111.261259][ T7751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.264311][ T7751] Call Trace:
[  111.265313][ T7751]  <TASK>
[  111.266188][ T7751]  dump_stack_lvl+0x3d/0x1f0
[  111.267526][ T7751]  panic+0x71d/0x800
[  111.268672][ T7751]  ? __pfx_panic+0x10/0x10
[  111.269965][ T7751]  ? show_trace_log_lvl+0x29d/0x3d0
[  111.271470][ T7751]  ? __alloc_pages_noprof+0xeff/0x25b0
[  111.273068][ T7751]  check_panic_on_warn+0xab/0xb0
[  111.274567][ T7751]  __warn+0xf6/0x3c0
[  111.275958][ T7751]  ? __alloc_pages_noprof+0xeff/0x25b0
[  111.277502][ T7751]  report_bug+0x3c0/0x580
[  111.278798][ T7751]  handle_bug+0x54/0xa0
[  111.280050][ T7751]  exc_invalid_op+0x17/0x50
[  111.281416][ T7751]  asm_exc_invalid_op+0x1a/0x20
[  111.282824][ T7751] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0
[  111.284587][ T7751] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 de b2 fe ff e9 69 f9 ff ff c6 05 f4 ad 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 df 9f 0c 00 8b 14 24 e9
[  111.290104][ T7751] RSP: 0018:ffffc9000fb378f8 EFLAGS: 00010246
[  111.291858][ T7751] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  111.294117][ T7751] RDX: 0000000000000000 RSI: 000000000000001a RDI: 0000000000040d40
[  111.296378][ T7751] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  111.298662][ T7751] R10: 000000200004c000 R11: 0000000000000001 R12: 000000000000001a
[  111.300920][ T7751] R13: 0000000000040d40 R14: 1ffff92001f66f33 R15: 0000000000000001
[  111.303189][ T7751]  ? mark_held_locks+0x9f/0xe0
[  111.304578][ T7751]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  111.306230][ T7751]  ? kasan_quarantine_put+0x10a/0x240
[  111.307770][ T7751]  ? lockdep_hardirqs_on+0x7c/0x110
[  111.309282][ T7751]  ? p9_client_clunk+0x12a/0x170
[  111.310710][ T7751]  ? p9_client_clunk+0x12f/0x170
[  111.312140][ T7751]  ___kmalloc_large_node+0x84/0x1b0
[  111.313623][ T7751]  __kmalloc_large_node_noprof+0x1c/0x70
[  111.315256][ T7751]  __kmalloc_noprof.cold+0xc/0x63
[  111.316728][ T7751]  ? lockdep_init_map_type+0x16d/0x7d0
[  111.318288][ T7751]  ? v9fs_cache_inode_get_cookie+0x290/0x3a0
[  111.320021][ T7751]  ? v9fs_fid_get_acl+0x7a/0x120
[  111.321422][ T7751]  v9fs_fid_get_acl+0x7a/0x120
[  111.322795][ T7751]  v9fs_get_acl+0xee/0x530
[  111.324092][ T7751]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  111.325704][ T7751]  v9fs_mount+0x4fe/0xa30
[  111.326945][ T7751]  ? __pfx_v9fs_mount+0x10/0x10
[  111.328348][ T7751]  ? __pfx_v9fs_mount+0x10/0x10
[  111.329719][ T7751]  legacy_get_tree+0x109/0x220
[  111.331117][ T7751]  vfs_get_tree+0x8f/0x380
[  111.332402][ T7751]  path_mount+0x6e1/0x1f00
[  111.333703][ T7751]  ? kmem_cache_free+0x152/0x4c0
[  111.335235][ T7751]  ? __pfx_path_mount+0x10/0x10
[  111.336705][ T7751]  ? putname+0x13c/0x180
[  111.337934][ T7751]  __ia32_sys_mount+0x292/0x310
[  111.339356][ T7751]  ? __pfx___ia32_sys_mount+0x10/0x10
[  111.340899][ T7751]  __do_fast_syscall_32+0x73/0x120
[  111.342336][ T7751]  do_fast_syscall_32+0x32/0x80
[  111.343693][ T7751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.345748][ T7751] RIP: 0023:0xf7f85579
[  111.346916][ T7751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.352335][ T7751] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  111.354704][ T7751] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0
[  111.356972][ T7751] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000580
[  111.359125][ T7751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.361324][ T7751] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  111.363453][ T7751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.365829][ T7751]  </TASK>
[  111.367312][ T7751] Kernel Offset: disabled
[  111.368596][ T7751] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:19:05  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85145450 RDI=ffffffff9a66e200 RBP=ffffffff9a66e1c0 RSP=ffffc9000fb37200
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cdc92 R15=dffffc0000000000
RIP=ffffffff85145477 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c382348 CR3=000000006bc44000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000007ffff RBX=ffffea0001a95d00 RCX=ffffc9000c803000 RDX=0000000000080000
RSI=ffffffff81e0a236 RDI=0000000000000007 RBP=0000000000000067 RSP=ffffc9000e8e7b38
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000002
R12=ffff88806b9f2808 R13=0000000000000000 R14=0000000000210008 R15=ffff888067beb4d8
RIP=ffffffff81994dd6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020018000 CR3=0000000066914000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000185c63 RBX=0000000000000002 RCX=ffffffff8b1a8899 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb19ac0 RBP=ffffed10039df000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801cef8000 R14=ffffffff901d29d0 R15=0000000000000000
RIP=ffffffff8b1a9c7f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055fb82591328 CR3=0000000022d52000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000004000008fd RBX=ffff88802374c880 RCX=0000000000000830 RDX=0000000000000004
RSI=00000000000000fd RDI=0000000000000004 RBP=0000000000000008 RSP=ffffc90020cff908
R8 =0000000000000000 R9 =fffffbfff203a53a R10=ffffffff901d29d7 R11=0000000000000000
R12=0000000000000003 R13=1ffff9200419ff22 R14=0000000000000002 R15=ffffc90020cff930
RIP=ffffffff8147a098 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020eb8000 CR3=0000000022d52000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000