last executing test programs:

3.6763716s ago: executing program 3 (id=1166):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000456000/0x3000)=nil, r3, 0x1000000, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]})
ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.002545891s ago: executing program 3 (id=1167):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wg1\x00', &(0x7f0000000040)=@ethtool_eee={0x45, 0x0, 0x401, 0x3, 0x5, 0x5, 0x16, 0x33, [0x40, 0xca3]}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000001380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x27}, @void, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008040}, 0x1)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000380)={&(0x7f0000001600)=""/4090, 0x201000, 0x1800, 0x3}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.996894213s ago: executing program 3 (id=1169):
r0 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r0, 0x2)
shutdown(r0, 0x2)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x50000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
open(&(0x7f0000000000)='./file0\x00', 0x108843, 0x98)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000040)=""/217, 0xd9}, {&(0x7f0000000140)=""/167, 0xa7}, {&(0x7f0000000200)=""/1, 0x1}], 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0xc9f, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2.862147232s ago: executing program 1 (id=1171):
r0 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r0, 0x2)
shutdown(r0, 0x2)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x50000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
open(&(0x7f0000000000)='./file0\x00', 0x108843, 0x98)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000040)=""/217, 0xd9}, {&(0x7f0000000140)=""/167, 0xa7}, {&(0x7f0000000200)=""/1, 0x1}], 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0xc9f, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
close_range(r5, 0xffffffffffffffff, 0x0)

2.638399231s ago: executing program 3 (id=1173):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x6}}, &(0x7f0000000700)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x17, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x3)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
r4 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000180)={0x1, 0x4}, 0x8)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
dup(r7)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

2.571380299s ago: executing program 2 (id=1174):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x4}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[], 0xf8}}, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000300)=0x8, 0x4)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi2\x00', 0x161500, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000180)={@private1, <r3=>0x0}, &(0x7f00000004c0)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="180000000043000000000097f2d4f46c"], &(0x7f0000001700)='syzkaller\x00', 0xfff, 0x0, 0x0, 0x41000, 0x0, '\x00', r3}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x120, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x14c0348, 0x40, 0x1, 0xfffffff1, 0x0, 0x0, 0x0, 0x80, 0x7fffffff}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
ioctl$TIOCMBIC(r6, 0x5417, &(0x7f00000001c0)=0xffff0000)

2.571081153s ago: executing program 0 (id=1175):
setreuid(0xee01, 0xee01)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = socket$inet(0x2, 0x800, 0x9)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000080)=0x7, 0x4)
bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0xd0, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
ioctl$EXT4_IOC_MIGRATE(r3, 0xff04)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0), 0x200000000000013e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x3, &(0x7f0000002380)=ANY=[@ANYBLOB="1800"/11], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000080)='proc\x00', 0x4001, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f000001aa40)=""/102400, 0x19000)
ioctl$SIOCAX25ADDUID(0xffffffffffffffff, 0x89e1, 0x0)
r6 = gettid()
timer_create(0x3, &(0x7f0000000180)={0x0, 0x21, 0x4, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK/file0\x00'}, 0x6e)
listen(r7, 0x0)
accept4$unix(r7, 0x0, 0x0, 0x80800)
recvmmsg(r0, &(0x7f000000a1c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8020, 0x0)

2.558794567s ago: executing program 1 (id=1176):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='oom_adj\x00')
exit(0xfffffffffffffff7)
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/3, 0x3}], 0x1, 0x1, 0x0)

2.453167117s ago: executing program 0 (id=1177):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x408c0}, 0x4000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0x0)
openat$cgroup(r5, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, 0x0, 0x7, 0x101, 0x0, 0x0, {0x5, 0x0, 0x8}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x850)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe000000}, {}, {}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffe00}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0xc5}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r8 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000001ac0)=@urb_type_control={0x2, {0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, 0x0, 0xfffffffa, 0x400, 0x0})
openat(r5, &(0x7f0000000000)='./file0\x00', 0x82001, 0x59)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800000000030000000b00000008000300", @ANYRES32=r3, @ANYBLOB="20005080090001007ee5d52ffd0000000800030005ac0f00050002"], 0x3c}}, 0x20000010)

2.452796558s ago: executing program 0 (id=1178):
r0 = socket(0x28, 0x5, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0)
munlock(&(0x7f00002de000/0x8000)=nil, 0x8000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x3, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x5, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x200000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x4}, 0x10)
write(r1, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000fe01000000000000", 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1a, 0xb, &(0x7f0000000840)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r6, &(0x7f0000006f80)={0x23, 0x0, 0x8}, 0x10)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="300000002000010000000000000000000200000000000000000000001400110076657468305f6d6163767461700000009b0bc89274c0b206ee2370d3366f6dbd1721e2a28b4ef7f14306fd7930691580142b18edbe3f5d78c85c027362fc7cf5d8861fed860539bc5baaac1c0b3daa152f3891f190cd7695c9201ce7cc8be77e555879a6c694aba6050fd166928e93bba39b432552922651ba66d0d8614b44dd165dab3f02718fe5e532cc3d846a7370d4943d6997ed151935b38458acfefbe9e8d6ff04733440"], 0x30}}, 0x48850)
r7 = openat$cdrom(0xffffff9c, &(0x7f00000013c0), 0x4, 0x0)
accept4(r6, &(0x7f0000000300)=@xdp, &(0x7f00000001c0)=0x80, 0x800)
ioctl$CDROMREADTOCENTRY(r7, 0x5306, &(0x7f0000001400)={0xe, 0x7, 0x9, 0x1, @msf={0x5, 0x7, 0x8}, 0xc})

1.630580956s ago: executing program 2 (id=1179):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mknod$loop(0x0, 0x0, 0x1)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x2}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000800)="2e00000022008102e00f80ecdb03cb6d572d3075f9c68f1ecd404cb9020a4266017680d7f5e8afb36854274bf417", 0x2e}], 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
listen(r1, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000400)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, 0x0, 0x2, 0x2}}, 0x48)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
userfaultfd(0x80001)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x15, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$vhost_msg_v2(r0, &(0x7f0000000380)={0x2, 0x0, {&(0x7f0000000200)=""/201, 0xc9, 0x0, 0x1, 0x2}}, 0x48)

1.630086908s ago: executing program 1 (id=1180):
unlinkat(0xffffffffffffff9c, 0x0, 0x8cff)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newtfilter={0x3c, 0x2c, 0xd2b, 0x803, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x6, 0xc}, {}, {0x2, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x86dd}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x401e0d4}, 0x240440d4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000810, &(0x7f0000000340)=ANY=[@ANYBLOB="000000000000000000000000000028b3448e4f4cc675013f17f6e084ede005c4b42cc98a5e8f941e9b17b13860592af910b5510bade8a70cafd22d58711d5077671df45237141e2e88b0dc5eab1c4d3310e6789757d53650fb674dbc8579dd72d52ecd7052cd94a39a0f4c91dcc93337bf2e9644c5e5398aa66c8c0a4aeff8b0e247f8186b6f9216e3004583f914a0fc3cbd66b5b829ffad16add9caa9520ae08204b8434225ab8fd8939cb9d7aa12aafe4fcaa792fc4d7ce0637ce2c0956f"])
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
io_uring_setup(0x3453, &(0x7f0000000080))
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x4)
write$binfmt_misc(r5, &(0x7f0000000100), 0xfef0)
splice(r4, 0x0, r6, 0x0, 0x80000001, 0x0)

1.629766499s ago: executing program 3 (id=1181):
r0 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r0, 0x2)
shutdown(r0, 0x2)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x50000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
open(&(0x7f0000000000)='./file0\x00', 0x108843, 0x98)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000040)=""/217, 0xd9}, {&(0x7f0000000140)=""/167, 0xa7}, {&(0x7f0000000200)=""/1, 0x1}], 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0xc9f, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.629353488s ago: executing program 2 (id=1182):
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x8000, 0x0)
ioctl$CDROMPLAYMSF(r0, 0x5303, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001280)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x8, 0x40010, r1, 0x4a913000)
r3 = syz_usbip_server_init(0x1)
write$usbip_server(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="00000003"], 0x35)

1.511858118s ago: executing program 1 (id=1183):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sndtimer(0xffffff9c, &(0x7f00000000c0), 0xa402)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000180)={{0x2, 0x2, 0x1, 0x3, 0x5}})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x4c}}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0))
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r2, 0xc01064b3, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)=ANY=[], 0x14)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r5, 0x0, 0x1, &(0x7f0000000000)=0x2, 0x4)
setsockopt$WPAN_SECURITY(r5, 0x0, 0x1, &(0x7f0000000080), 0x4)
sendmsg$802154_dgram(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001880)={0x0}}, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000000)=0x1000)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r4, 0x0) (fail_nth: 2)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f00000000c0)=0x5)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xc989, 0x0, 0x1, 0x274}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})

1.001318237s ago: executing program 0 (id=1184):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404000c}, 0x40000)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x2})
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280), 0x8})
ioctl$VIDIOC_REQBUFS(r0, 0xc0585609, &(0x7f0000000280)={0x0, 0xa})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), &(0x7f0000000000)=@v2={0x3, 0x2, 0xfe, 0xe79f, 0x2, 'JE'}, 0xb, 0x1)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x9, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x0, 0x202, 0x2, 0xc})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)

785.981272ms ago: executing program 2 (id=1185):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800000000030000000b00000008000300", @ANYRES32=r2, @ANYBLOB="20005080090001007ee5d52ffd0000000800030005ac0f00050002"], 0x3c}}, 0x20000010)

781.80874ms ago: executing program 2 (id=1186):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newvlan={0x28, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0x4, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x34000}}}]}, 0x28}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x8)
ioctl$SNDRV_PCM_IOCTL_DELAY(r4, 0x80044121, &(0x7f0000000080))
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt(r5, 0x111, 0x3, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000026c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0xfffffffffffffd2f}}, 0x78}, 0x1, 0x0, 0x0, 0x4000}, 0x884)

651.418153ms ago: executing program 3 (id=1187):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x4}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[], 0xf8}}, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000300)=0x8, 0x4)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi2\x00', 0x161500, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000180)={@private1, <r3=>0x0}, &(0x7f00000004c0)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="180000000043000000000097f2d4f46c"], &(0x7f0000001700)='syzkaller\x00', 0xfff, 0x0, 0x0, 0x41000, 0x0, '\x00', r3}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x120, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x14c0348, 0x40, 0x1, 0xfffffff1, 0x0, 0x0, 0x0, 0x80, 0x7fffffff}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
ioctl$TIOCMBIC(r6, 0x5417, &(0x7f00000001c0)=0xffff0000)

651.250438ms ago: executing program 2 (id=1188):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109"], 0x0)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r2=>0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)

636.813229ms ago: executing program 1 (id=1189):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME'], 0x86)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
dup3(r2, r1, 0x0) (fail_nth: 3)

560.646354ms ago: executing program 1 (id=1190):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x7, 0x2600, 0x200, &(0x7f0000000d80)="1ae19327aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a730900000000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c536689a4a62f872f9ca3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d228186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f91ffffffffd51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6ece06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a2a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0600000000000000a1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe021c773a6664b66ae04aa62c564d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000004000000000f800"})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)

134.711936ms ago: executing program 0 (id=1191):
unlinkat(0xffffffffffffff9c, 0x0, 0x8cff)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newtfilter={0x3c, 0x2c, 0xd2b, 0x803, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x6, 0xc}, {}, {0x2, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x86dd}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x401e0d4}, 0x240440d4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000810, &(0x7f0000000340)=ANY=[@ANYBLOB="000000000000000000000000000028b3448e4f4cc675013f17f6e084ede005c4b42cc98a5e8f941e9b17b13860592af910b5510bade8a70cafd22d58711d5077671df45237141e2e88b0dc5eab1c4d3310e6789757d53650fb674dbc8579dd72d52ecd7052cd94a39a0f4c91dcc93337bf2e9644c5e5398aa66c8c0a4aeff8b0e247f8186b6f9216e3004583f914a0fc3cbd66b5b829ffad16add9caa9520ae08204b8434225ab8fd8939cb9d7aa12aafe4fcaa792fc4d7ce0637ce2c0956f"])
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
io_uring_setup(0x3453, &(0x7f0000000080))
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x4)
write$binfmt_misc(r5, &(0x7f0000000100), 0xfef0)
splice(r4, 0x0, r6, 0x0, 0x80000001, 0x0)

0s ago: executing program 0 (id=1192):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000180)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000140)={'a', ' *:* ', 'm\x00'}, 0xfdef)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x2a020480)
pselect6(0x40, &(0x7f0000000040)={0xc, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=1193):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000540)={'c6xdigio\x00', [0x109, 0x80008000, 0x86c, 0xa, 0x0, 0x0, 0x1, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x1, 0x1138fce9, 0x6, 0xffffffa7, 0x2000001, 0xfffffffd, 0x65c, 0x3ff, 0x10004, 0x800, 0xe2df, 0x9, 0x6, 0x4, 0x3, 0x7, 0x5, 0x5]})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7ff}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x20002880) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x40}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x0)

kernel console output (not intermixed with test programs):

1: attempt power cycle
[  202.185442][ T8572] vhci_hcd: connection reset by peer
[  202.189929][ T1259] vhci_hcd: stop threads
[  202.191372][ T1259] vhci_hcd: release socket
[  202.192932][ T1259] vhci_hcd: disconnect device
[  202.286317][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.697'.
[  202.291400][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.697'.
[  202.466211][ T1327] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  202.486774][ T1327] usb 6-1: device descriptor read/8, error -71
[  202.706504][   T54] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  202.726701][ T1327] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  202.749953][ T1327] usb 6-1: device descriptor read/8, error -71
[  202.856649][   T54] usb 5-1: Using ep0 maxpacket: 32
[  202.858747][ T1327] usb usb6-port1: unable to enumerate USB device
[  202.860725][   T54] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  202.865545][   T54] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  202.873594][   T54] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  202.877620][   T54] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  202.881099][   T54] usb 5-1: Product: syz
[  202.883019][   T54] usb 5-1: Manufacturer: syz
[  202.885045][   T54] usb 5-1: SerialNumber: syz
[  202.890831][   T54] usb 5-1: config 0 descriptor??
[  202.894006][   T54] hub 5-1:0.0: bad descriptor, ignoring hub
[  202.896993][   T54] hub 5-1:0.0: probe with driver hub failed with error -5
[  203.338664][ T1327] usb 5-1: USB disconnect, device number 13
[  203.662019][ T8605] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  204.033378][ T8612] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  204.035624][ T8612] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  204.045254][ T8612] vhci_hcd vhci_hcd.0: Device attached
[  204.057500][ T8615] fuse: Bad value for 'fd'
[  204.080629][ T8615] netlink: 'syz.0.705': attribute type 12 has an invalid length.
[  205.050650][ T8613] vhci_hcd: connection closed
[  205.050794][   T12] vhci_hcd: stop threads
[  205.055232][   T12] vhci_hcd: release socket
[  205.059884][   T12] vhci_hcd: disconnect device
[  205.822249][ T8643] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  207.054687][  T843] usb 42-1: device descriptor read/8, error -110
[  207.252499][   T59] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  207.304143][ T8660] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  207.593644][  T843] usb usb42-port1: attempt power cycle
[  207.679675][   T59] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  208.164018][  T843] usb usb42-port1: unable to enumerate USB device
[  208.235551][   T59] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  208.253858][   T59] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  208.259109][   T59] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 255, setting to 64
[  208.264154][   T59] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  208.272329][   T59] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  208.276528][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.277103][ T8672] sp0: Synchronizing with TNC
[  208.279962][   T59] usb 6-1: Product: syz
[  208.283396][   T59] usb 6-1: Manufacturer: syz
[  208.284237][ T8672] sp0: Found TNC
[  208.286472][   T59] usb 6-1: SerialNumber: syz
[  208.290066][   T59] usb 6-1: config 0 descriptor??
[  208.293267][ T8656] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  208.298799][   T59] input: KB Gear Tablet as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input13
[  208.311098][    C3] kbtab 6-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[  208.315769][ T8672] netlink: 32 bytes leftover after parsing attributes in process `syz.0.723'.
[  208.474301][ T8673] [U] è`
[  208.497697][ T8656] FAULT_INJECTION: forcing a failure.
[  208.497697][ T8656] name failslab, interval 1, probability 0, space 0, times 0
[  208.507067][ T8656] CPU: 2 UID: 0 PID: 8656 Comm: syz.1.718 Not tainted syzkaller #0 PREEMPT(full) 
[  208.507086][ T8656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.507094][ T8656] Call Trace:
[  208.507098][ T8656]  <TASK>
[  208.507102][ T8656]  dump_stack_lvl+0x16c/0x1f0
[  208.507120][ T8656]  should_fail_ex+0x512/0x640
[  208.507135][ T8656]  ? kmem_cache_alloc_noprof+0x62/0x720
[  208.507148][ T8656]  should_failslab+0xc2/0x120
[  208.507164][ T8656]  kmem_cache_alloc_noprof+0x75/0x720
[  208.507175][ T8656]  ? stack_depot_save_flags+0x29/0x9b0
[  208.507188][ T8656]  ? alloc_empty_file+0x55/0x1e0
[  208.507202][ T8656]  ? alloc_empty_file+0x55/0x1e0
[  208.507211][ T8656]  ? kasan_save_track+0x14/0x30
[  208.507224][ T8656]  alloc_empty_file+0x55/0x1e0
[  208.507235][ T8656]  path_openat+0xde/0x3140
[  208.507249][ T8656]  ? __do_fast_syscall_32+0xe8/0x680
[  208.507264][ T8656]  ? do_fast_syscall_32+0x32/0x80
[  208.507279][ T8656]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.507296][ T8656]  ? __pfx_path_openat+0x10/0x10
[  208.507316][ T8656]  do_filp_open+0x20b/0x470
[  208.507330][ T8656]  ? __lock_acquire+0x433/0x22f0
[  208.507343][ T8656]  ? __pfx_do_filp_open+0x10/0x10
[  208.507367][ T8656]  ? _raw_spin_unlock+0x28/0x50
[  208.507407][ T8656]  ? alloc_fd+0x471/0x7d0
[  208.507425][ T8656]  do_sys_openat2+0x11f/0x280
[  208.507442][ T8656]  ? __pfx_do_sys_openat2+0x10/0x10
[  208.507455][ T8656]  ? __fget_files+0x20e/0x3c0
[  208.507471][ T8656]  __ia32_compat_sys_openat+0x16d/0x210
[  208.507484][ T8656]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  208.507496][ T8656]  ? ksys_write+0x1ac/0x250
[  208.507515][ T8656]  __do_fast_syscall_32+0xe8/0x680
[  208.507531][ T8656]  do_fast_syscall_32+0x32/0x80
[  208.507546][ T8656]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.507559][ T8656] RIP: 0023:0xf704d579
[  208.507568][ T8656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.507578][ T8656] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  208.507589][ T8656] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080001400
[  208.507596][ T8656] RDX: 0000000000000101 RSI: 0000000000000000 RDI: 0000000000000000
[  208.507602][ T8656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.507608][ T8656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  208.507614][ T8656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.507628][ T8656]  </TASK>
[  208.508166][  T843] usb 6-1: USB disconnect, device number 17
[  209.264909][  T843] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  209.425120][  T843] usb 7-1: Using ep0 maxpacket: 32
[  209.450383][  T843] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  209.531264][  T843] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  209.576964][  T843] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  209.583995][  T843] usb 7-1: Product: syz
[  209.595648][  T843] usb 7-1: Manufacturer: syz
[  209.601457][  T843] usb 7-1: SerialNumber: syz
[  209.631470][  T843] usb 7-1: config 0 descriptor??
[  209.637115][ T8689] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  209.857119][ T8689] FAULT_INJECTION: forcing a failure.
[  209.857119][ T8689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.862889][ T8689] CPU: 3 UID: 0 PID: 8689 Comm: syz.2.730 Not tainted syzkaller #0 PREEMPT(full) 
[  209.862914][ T8689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.862925][ T8689] Call Trace:
[  209.862931][ T8689]  <TASK>
[  209.862939][ T8689]  dump_stack_lvl+0x16c/0x1f0
[  209.862966][ T8689]  should_fail_ex+0x512/0x640
[  209.862991][ T8689]  _copy_from_user+0x2e/0xd0
[  209.863012][ T8689]  kstrtouint_from_user+0xd6/0x1d0
[  209.863038][ T8689]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  209.863074][ T8689]  proc_fail_nth_write+0x83/0x220
[  209.863091][ T8689]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.863113][ T8689]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.863128][ T8689]  vfs_write+0x2a0/0x11d0
[  209.863151][ T8689]  ? __pfx___mutex_lock+0x10/0x10
[  209.863176][ T8689]  ? __pfx_vfs_write+0x10/0x10
[  209.863195][ T8689]  ? find_held_lock+0x2b/0x80
[  209.863226][ T8689]  ? __fget_files+0x20e/0x3c0
[  209.863255][ T8689]  ksys_write+0x12a/0x250
[  209.863276][ T8689]  ? __pfx_ksys_write+0x10/0x10
[  209.863304][ T8689]  __do_fast_syscall_32+0xe8/0x680
[  209.863328][ T8689]  do_fast_syscall_32+0x32/0x80
[  209.863350][ T8689]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.863405][ T8689] RIP: 0023:0xf700d579
[  209.863419][ T8689] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.863435][ T8689] RSP: 002b:00000000f53fd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  209.863452][ T8689] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f53fd620
[  209.863463][ T8689] RDX: 0000000000000001 RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  209.863473][ T8689] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  209.863482][ T8689] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.863492][ T8689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.863515][ T8689]  </TASK>
[  209.958749][   T49] usb 7-1: USB disconnect, device number 19
[  210.176201][ T5950] Bluetooth: hci3: command 0x040f tx timeout
[  210.296087][ T8728] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  210.686914][ T8732] Context (ID=0x10) not attached to queue pair (handle=0x0:0x2)
[  211.606336][ T8360] libceph: connect (1)[c::]:6789 error -101
[  211.610524][ T8360] libceph: mon0 (1)[c::]:6789 connect error
[  211.660345][ T8743] ceph: No mds server is up or the cluster is laggy
[  211.904077][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  211.904090][   T40] audit: type=1326 audit(1764793048.882:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8733 comm="syz.2.746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7fc00000
[  211.916711][ T8752] fuse: Bad value for 'fd'
[  211.990864][ T8755] FAULT_INJECTION: forcing a failure.
[  211.990864][ T8755] name fail_futex, interval 1, probability 0, space 0, times 0
[  211.995618][ T8755] CPU: 0 UID: 0 PID: 8755 Comm: syz.2.751 Not tainted syzkaller #0 PREEMPT(full) 
[  211.995654][ T8755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.995664][ T8755] Call Trace:
[  211.995672][ T8755]  <TASK>
[  211.995680][ T8755]  dump_stack_lvl+0x16c/0x1f0
[  211.995705][ T8755]  should_fail_ex+0x512/0x640
[  211.995729][ T8755]  get_futex_key+0x1085/0x15f0
[  211.995751][ T8755]  ? __pfx_get_futex_key+0x10/0x10
[  211.995769][ T8755]  ? get_futex_key+0x5dd/0x15f0
[  211.995791][ T8755]  futex_wait_setup+0x9d/0x570
[  211.995820][ T8755]  futex_wait_requeue_pi+0x241/0x830
[  211.995845][ T8755]  ? __pfx_futex_wait_requeue_pi+0x10/0x10
[  211.995892][ T8755]  ? __pfx_futex_wake_mark+0x10/0x10
[  211.995918][ T8755]  ? __smp_call_single_queue+0x161/0x2f0
[  211.995935][ T8755]  ? __pfx___smp_call_single_queue+0x10/0x10
[  211.995950][ T8755]  ? do_raw_spin_lock+0x12c/0x2b0
[  211.995976][ T8755]  do_futex+0x2ae/0x350
[  211.995995][ T8755]  ? __pfx_do_futex+0x10/0x10
[  211.996012][ T8755]  ? do_raw_spin_unlock+0x172/0x230
[  211.996032][ T8755]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  211.996052][ T8755]  ? try_to_wake_up+0x160/0x1860
[  211.996076][ T8755]  __ia32_sys_futex_time32+0x1d9/0x460
[  211.996100][ T8755]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  211.996120][ T8755]  ? __pfx_sched_clock_cpu+0x10/0x10
[  211.996137][ T8755]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  211.996154][ T8755]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  211.996175][ T8755]  __do_fast_syscall_32+0xe8/0x680
[  211.996200][ T8755]  do_fast_syscall_32+0x32/0x80
[  211.996221][ T8755]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.996242][ T8755] RIP: 0023:0xf700d579
[  211.996255][ T8755] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.996271][ T8755] RSP: 002b:00000000f53dc55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[  211.996288][ T8755] RAX: ffffffffffffffda RBX: 000000008000cffc RCX: 000000000000000b
[  211.996298][ T8755] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000080048000
[  211.996308][ T8755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.996318][ T8755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  211.996327][ T8755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.996347][ T8755]  </TASK>
[  212.258739][ T5950] Bluetooth: hci3: command 0x040f tx timeout
[  213.086267][   T40] audit: type=1326 audit(1764793050.061:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.2.753" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7fc00000
[  213.149721][ T8766] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  213.152197][   T40] audit: type=1326 audit(1764793050.130:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.2.753" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf700d579 code=0x7fc00000
[  213.163104][   T40] audit: type=1326 audit(1764793050.140:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.2.753" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf700d5a7 code=0x7fc00000
[  213.517004][ T8772] vivid-001: =================  START STATUS  =================
[  213.521364][ T8772] vivid-001: Radio HW Seek Mode: Bounded
[  213.525548][ T8772] vivid-001: Radio Programmable HW Seek: false
[  213.528597][ T8772] vivid-001: RDS Rx I/O Mode: Block I/O
[  213.535712][ T8772] vivid-001: Generate RBDS Instead of RDS: false
[  213.539188][ T8772] vivid-001: RDS Reception: true
[  213.541473][ T8772] vivid-001: RDS Program Type: 0 inactive
[  213.545531][ T8772] vivid-001: RDS PS Name:  inactive
[  213.548036][ T8772] vivid-001: RDS Radio Text:  inactive
[  213.552916][ T8772] vivid-001: RDS Traffic Announcement: false inactive
[  213.556273][ T8772] vivid-001: RDS Traffic Program: false inactive
[  213.559455][ T8772] vivid-001: RDS Music: false inactive
[  213.562730][ T8772] vivid-001: ==================  END STATUS  ==================
[  213.802777][   T40] audit: type=1326 audit(1764793050.780:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.2.753" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x7fc00000
[  213.851115][ T6079] usb 5-1: new high-speed USB device number 14 using dummy_hcd

[  213.928969][ T8776] sp0: Synchronizing with TNC
è[  214.042736][ T6079] usb 5-1: Using ep0 maxpacket: 32
[  214.062063][ T6079] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  214.077907][ T6079] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  214.082193][ T6079] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  214.085115][ T6079] usb 5-1: Product: syz
[  214.086499][ T6079] usb 5-1: Manufacturer: syz
[  214.088059][ T6079] usb 5-1: SerialNumber: syz
[  214.091114][ T6079] usb 5-1: config 0 descriptor??
[  214.093606][ T8772] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  214.124328][ T8783] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  214.166423][ T5946] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  214.298521][ T8790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.764'.
[  214.310135][ T8360] usb 5-1: USB disconnect, device number 14
[  214.314454][ T8790] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  214.323461][ T8790] team0: Device ipvlan2 is already an upper device of the team interface
[  214.922090][ T8777] comedi comedi0: reset error (fatal)
[  215.472396][ T8816] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  216.151287][ T8820] netlink: 'syz.3.774': attribute type 5 has an invalid length.
[  216.428878][ T8832] FAULT_INJECTION: forcing a failure.
[  216.428878][ T8832] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  216.434350][ T8832] CPU: 3 UID: 0 PID: 8832 Comm: syz.3.777 Not tainted syzkaller #0 PREEMPT(full) 
[  216.434374][ T8832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.434384][ T8832] Call Trace:
[  216.434407][ T8832]  <TASK>
[  216.434414][ T8832]  dump_stack_lvl+0x16c/0x1f0
[  216.434436][ T8832]  should_fail_ex+0x512/0x640
[  216.434453][ T8832]  should_fail_alloc_page+0xe7/0x130
[  216.434470][ T8832]  prepare_alloc_pages+0x3c2/0x610
[  216.434488][ T8832]  __alloc_frozen_pages_noprof+0x18b/0x2440
[  216.434504][ T8832]  ? find_held_lock+0x2b/0x80
[  216.434520][ T8832]  ? is_bpf_text_address+0x8a/0x1a0
[  216.434534][ T8832]  ? bpf_ksym_find+0x124/0x1c0
[  216.434545][ T8832]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  216.434558][ T8832]  ? kernel_text_address+0x8d/0x100
[  216.434570][ T8832]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  216.434582][ T8832]  ? __kernel_text_address+0xd/0x40
[  216.434599][ T8832]  ? unwind_get_return_address+0x59/0xa0
[  216.434619][ T8832]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  216.434637][ T8832]  ? policy_nodemask+0xea/0x4e0
[  216.434653][ T8832]  alloc_pages_mpol+0x1fb/0x550
[  216.434669][ T8832]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  216.434683][ T8832]  ? kasan_save_stack+0x42/0x60
[  216.434696][ T8832]  ? kasan_save_track+0x14/0x30
[  216.434708][ T8832]  ? __kasan_kmalloc+0xaa/0xb0
[  216.434720][ T8832]  ? __get_vm_area_node+0x101/0x330
[  216.434736][ T8832]  ? __vmalloc_node_range_noprof+0x271/0x1480
[  216.434754][ T8832]  alloc_pages_noprof+0x12d/0x180
[  216.434770][ T8832]  get_free_pages_noprof+0x10/0xb0
[  216.434783][ T8832]  kasan_populate_vmalloc+0x9f/0x2d0
[  216.434796][ T8832]  ? alloc_vmap_area+0x894/0x29a0
[  216.434813][ T8832]  alloc_vmap_area+0x93d/0x29a0
[  216.434832][ T8832]  ? __pfx_alloc_vmap_area+0x10/0x10
[  216.434850][ T8832]  __get_vm_area_node+0x1ca/0x330
[  216.434868][ T8832]  __vmalloc_node_range_noprof+0x271/0x1480
[  216.434884][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.434897][ T8832]  ? __pfx___might_resched+0x10/0x10
[  216.434916][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.434995][ T8832]  ? trace_mm_page_alloc+0x11b/0x180
[  216.435016][ T8832]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  216.435034][ T8832]  ? is_bpf_text_address+0x8a/0x1a0
[  216.435051][ T8832]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  216.435064][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.435077][ T8832]  __vmalloc_node_noprof+0xad/0xf0
[  216.435093][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.435107][ T8832]  bpf_prog_alloc_no_stats+0x58/0x600
[  216.435121][ T8832]  ? security_capable+0x7e/0x260
[  216.435135][ T8832]  bpf_prog_alloc+0x3b/0x230
[  216.435147][ T8832]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  216.435165][ T8832]  bpf_prog_load+0x1d71/0x2a40
[  216.435185][ T8832]  ? __pfx_bpf_prog_load+0x10/0x10
[  216.435204][ T8832]  ? find_held_lock+0x2b/0x80
[  216.435232][ T8832]  __sys_bpf+0x3e72/0x4980
[  216.435264][ T8832]  ? __pfx___sys_bpf+0x10/0x10
[  216.435332][ T8832]  ? find_held_lock+0x2b/0x80
[  216.435362][ T8832]  ? find_held_lock+0x2b/0x80
[  216.435393][ T8832]  ? __mutex_unlock_slowpath+0x161/0x790
[  216.435434][ T8832]  ? fput+0x70/0xf0
[  216.435452][ T8832]  ? ksys_write+0x1ac/0x250
[  216.435473][ T8832]  ? __pfx_ksys_write+0x10/0x10
[  216.435502][ T8832]  __ia32_sys_bpf+0x76/0xe0
[  216.435516][ T8832]  ? lockdep_hardirqs_on+0x7c/0x110
[  216.435532][ T8832]  __do_fast_syscall_32+0xe8/0x680
[  216.435549][ T8832]  do_fast_syscall_32+0x32/0x80
[  216.435565][ T8832]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.435579][ T8832] RIP: 0023:0xf7f05579
[  216.435589][ T8832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.435599][ T8832] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  216.435611][ T8832] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  216.435618][ T8832] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  216.435625][ T8832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.435631][ T8832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.435638][ T8832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.435652][ T8832]  </TASK>
[  216.435821][ T8832] syz.3.777: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[  216.559521][ T8835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.778'.
[  216.565605][ T8832] ,cpuset=
[  216.574685][ T8836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.778'.
[  216.600443][ T8832] /,mems_allowed=0-1
[  216.601859][ T8832] CPU: 3 UID: 0 PID: 8832 Comm: syz.3.777 Not tainted syzkaller #0 PREEMPT(full) 
[  216.601874][ T8832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.601881][ T8832] Call Trace:
[  216.601885][ T8832]  <TASK>
[  216.601890][ T8832]  dump_stack_lvl+0x16c/0x1f0
[  216.601909][ T8832]  warn_alloc+0x248/0x3a0
[  216.601922][ T8832]  ? __pfx_warn_alloc+0x10/0x10
[  216.601934][ T8832]  ? __get_vm_area_node+0x2cd/0x330
[  216.601952][ T8832]  ? __get_vm_area_node+0x2cd/0x330
[  216.601966][ T8832]  ? __get_vm_area_node+0x208/0x330
[  216.601984][ T8832]  __vmalloc_node_range_noprof+0xaf5/0x1480
[  216.602000][ T8832]  ? __pfx___might_resched+0x10/0x10
[  216.602021][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.602035][ T8832]  ? trace_mm_page_alloc+0x11b/0x180
[  216.602051][ T8832]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  216.602068][ T8832]  ? is_bpf_text_address+0x8a/0x1a0
[  216.602083][ T8832]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  216.602096][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.602109][ T8832]  __vmalloc_node_noprof+0xad/0xf0
[  216.602124][ T8832]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  216.602139][ T8832]  bpf_prog_alloc_no_stats+0x58/0x600
[  216.602152][ T8832]  ? security_capable+0x7e/0x260
[  216.602165][ T8832]  bpf_prog_alloc+0x3b/0x230
[  216.602177][ T8832]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  216.602195][ T8832]  bpf_prog_load+0x1d71/0x2a40
[  216.602214][ T8832]  ? __pfx_bpf_prog_load+0x10/0x10
[  216.602232][ T8832]  ? find_held_lock+0x2b/0x80
[  216.602259][ T8832]  __sys_bpf+0x3e72/0x4980
[  216.602278][ T8832]  ? __pfx___sys_bpf+0x10/0x10
[  216.602294][ T8832]  ? find_held_lock+0x2b/0x80
[  216.602311][ T8832]  ? find_held_lock+0x2b/0x80
[  216.602334][ T8832]  ? __mutex_unlock_slowpath+0x161/0x790
[  216.602357][ T8832]  ? fput+0x70/0xf0
[  216.602367][ T8832]  ? ksys_write+0x1ac/0x250
[  216.602381][ T8832]  ? __pfx_ksys_write+0x10/0x10
[  216.602397][ T8832]  __ia32_sys_bpf+0x76/0xe0
[  216.602407][ T8832]  ? lockdep_hardirqs_on+0x7c/0x110
[  216.602421][ T8832]  __do_fast_syscall_32+0xe8/0x680
[  216.602438][ T8832]  do_fast_syscall_32+0x32/0x80
[  216.602453][ T8832]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.602467][ T8832] RIP: 0023:0xf7f05579
[  216.602476][ T8832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.602486][ T8832] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  216.602496][ T8832] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  216.602503][ T8832] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  216.602510][ T8832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.602516][ T8832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.602522][ T8832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.602535][ T8832]  </TASK>
[  216.602539][ T8832] Mem-Info:
[  216.701191][ T8832] active_anon:11599 inactive_anon:10 isolated_anon:0
[  216.701191][ T8832]  active_file:17573 inactive_file:34899 isolated_file:0
[  216.701191][ T8832]  unevictable:1770 dirty:522 writeback:0
[  216.701191][ T8832]  slab_reclaimable:10262 slab_unreclaimable:55343
[  216.701191][ T8832]  mapped:24966 shmem:5084 pagetables:1032
[  216.701191][ T8832]  sec_pagetables:312 bounce:0
[  216.701191][ T8832]  kernel_misc_reclaimable:0
[  216.701191][ T8832]  free:33481 free_pcp:13700 free_cma:0
[  216.716749][ T8832] Node 0 active_anon:92kB inactive_anon:40kB active_file:8kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:72kB dirty:36kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8720kB pagetables:1460kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  216.741471][ T8832] Node 1 active_anon:46204kB inactive_anon:0kB active_file:70284kB inactive_file:139396kB unevictable:3544kB isolated(anon):0kB isolated(file):0kB mapped:99068kB dirty:2052kB writeback:0kB shmem:16796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4596kB pagetables:2668kB sec_pagetables:96kB all_unreclaimable? no Balloon:0kB
[  216.752147][ T8832] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:592kB local_pcp:120kB free_cma:0kB
[  216.761938][ T8832] lowmem_reserve[]: 0 291 291 291 291
[  216.764309][ T8832] Node 0 DMA32 free:16536kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:0KB free_highatomic:0KB active_anon:88kB inactive_anon:40kB active_file:8kB inactive_file:200kB unevictable:3536kB writepending:36kB zspages:0kB present:1032196kB managed:298544kB mlocked:0kB bounce:0kB free_pcp:12556kB local_pcp:1956kB free_cma:0kB
[  216.778601][ T8832] lowmem_reserve[]: 0 0 0 0 0
[  216.781408][ T8832] Node 1 DMA32 free:111024kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:46204kB inactive_anon:0kB active_file:70284kB inactive_file:139396kB unevictable:3544kB writepending:2052kB zspages:2212kB present:1048432kB managed:948220kB mlocked:8kB bounce:0kB free_pcp:41412kB local_pcp:5276kB free_cma:0kB
[  216.826178][ T8832] lowmem_reserve[]: 0 0 0 0 0
[  216.828002][ T8832] Node 0 DMA: 31*4kB (UM) 22*8kB (UM) 3*16kB (U) 0*32kB 3*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2076kB
[  216.832927][ T8832] Node 0 DMA32: 152*4kB (UME) 17*8kB (UM) 5*16kB (UM) 75*32kB (UME) 18*64kB (UE) 15*128kB (UM) 12*256kB (UM) 6*512kB (M) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 16536kB
[  216.857236][ T8832] Node 1 DMA32: 1253*4kB (UME) 522*8kB (UM) 629*16kB (UME) 405*32kB (ME) 145*64kB (UM) 53*128kB (UM) 40*256kB (UME) 20*512kB (UME) 3*1024kB (ME) 3*2048kB (M) 8*4096kB (UM) = 110740kB
[  216.874832][ T8832] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  216.878084][ T8832] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  216.881138][ T8832] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  216.884341][ T8832] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=1 hugepages_size=2048kB
[  216.887707][ T8832] 57817 total pagecache pages
[  216.889719][ T8832] 265 pages in swap cache
[  216.891503][ T8832] Free swap  = 119892kB
[  216.892962][ T8832] Total swap = 124996kB
[  216.894492][ T8832] 524155 pages RAM
[  216.896038][ T8832] 0 pages HighMem/MovableOnly
[  216.897864][ T8832] 208624 pages reserved
[  216.899391][ T8832] 0 pages cma reserved
[  216.985218][  T843] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  217.155094][  T843] usb 5-1: Using ep0 maxpacket: 32
[  217.159238][  T843] usb 5-1: config 0 has an invalid descriptor of length 13, skipping remainder of the config
[  217.163794][  T843] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  217.172237][  T843] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  217.176463][  T843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.179959][  T843] usb 5-1: Product: syz
[  217.181810][  T843] usb 5-1: Manufacturer: syz
[  217.183876][  T843] usb 5-1: SerialNumber: syz
[  217.188252][  T843] usb 5-1: config 0 descriptor??
[  217.308352][ T6079] usb 7-1: new low-speed USB device number 20 using dummy_hcd
[  217.399895][ T8830] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.403873][ T8830] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.470154][ T6079] usb 7-1: Invalid ep0 maxpacket: 32
[  217.595733][ T6079] usb 7-1: new low-speed USB device number 21 using dummy_hcd
[  217.755715][ T6079] usb 7-1: Invalid ep0 maxpacket: 32
[  217.757917][ T6079] usb usb7-port1: attempt power cycle
[  218.116828][ T6079] usb 7-1: new low-speed USB device number 22 using dummy_hcd
[  218.146698][ T6079] usb 7-1: Invalid ep0 maxpacket: 32
[  218.186428][ T8360] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  218.276516][ T6079] usb 7-1: new low-speed USB device number 23 using dummy_hcd
[  218.297263][ T6079] usb 7-1: Invalid ep0 maxpacket: 32
[  218.300005][ T6079] usb usb7-port1: unable to enumerate USB device
[  218.316487][ T8360] usb 6-1: device descriptor read/64, error -71
[  218.556822][ T8360] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  218.686936][ T8360] usb 6-1: device descriptor read/64, error -71
[  218.797521][ T8360] usb usb6-port1: attempt power cycle
`è[  219.137597][ T8360] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  219.158063][ T8360] usb 6-1: device descriptor read/8, error -71
[  219.366566][  T843] usb 5-1: USB disconnect, device number 15
[  219.408553][ T8360] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  219.438816][ T8360] usb 6-1: device descriptor read/8, error -71
[  219.548623][ T8360] usb usb6-port1: unable to enumerate USB device
[  220.172775][ T8868] netlink: 'syz.2.791': attribute type 1 has an invalid length.
[  220.199801][ T8868] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  220.203236][ T8868] bond2: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  220.208448][ T8868] bond2: (slave vxcan3): making interface the new active one
[  220.211708][ T8868] bond2: (slave vxcan3): Enslaving as an active interface with an up link
[  220.292291][ T8872] netlink: 4 bytes leftover after parsing attributes in process `syz.2.791'.
[  220.300638][ T8872] bond2 (unregistering): (slave vxcan3): Releasing backup interface
[  220.310903][ T8872] bond2 (unregistering): Released all slaves
[  221.034909][ T8893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.800'.
[  221.363276][ T8912] netlink: 8 bytes leftover after parsing attributes in process `syz.1.805'.
[  222.471872][   T54] libceph: connect (1)[c::]:6789 error -101
[  222.474661][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  222.490442][ T8953] ceph: No mds server is up or the cluster is laggy
[  222.578408][ T8957] fuse: Bad value for 'fd'
[  222.587778][ T8957] 9pnet_fd: Insufficient options for proto=fd
[  223.184049][ T8979] netlink: 12 bytes leftover after parsing attributes in process `syz.0.826'.
[  223.372838][  T843] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  223.475529][   T54] libceph: connect (1)[c::]:6789 error -101
[  223.477995][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  223.503014][  T843] usb 7-1: device descriptor read/64, error -71
[  223.533951][ T8990] ceph: No mds server is up or the cluster is laggy
[  223.753349][  T843] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  223.893938][ T9007] netlink: 12 bytes leftover after parsing attributes in process `syz.1.836'.
[  223.903506][  T843] usb 7-1: device descriptor read/64, error -71
[  223.987957][ T9009] FAULT_INJECTION: forcing a failure.
[  223.987957][ T9009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.993666][ T9009] CPU: 1 UID: 0 PID: 9009 Comm: syz.1.837 Not tainted syzkaller #0 PREEMPT(full) 
[  223.993682][ T9009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.993690][ T9009] Call Trace:
[  223.993693][ T9009]  <TASK>
[  223.993698][ T9009]  dump_stack_lvl+0x16c/0x1f0
[  223.993719][ T9009]  should_fail_ex+0x512/0x640
[  223.993735][ T9009]  _copy_to_user+0x32/0xd0
[  223.993750][ T9009]  simple_read_from_buffer+0xcb/0x170
[  223.993766][ T9009]  proc_fail_nth_read+0x197/0x240
[  223.993784][ T9009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.993815][ T9009]  ? rw_verify_area+0xcf/0x6c0
[  223.993830][ T9009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.993847][ T9009]  vfs_read+0x1e4/0xcf0
[  223.993862][ T9009]  ? __pfx___mutex_lock+0x10/0x10
[  223.993878][ T9009]  ? __pfx_vfs_read+0x10/0x10
[  223.993891][ T9009]  ? find_held_lock+0x2b/0x80
[  223.993911][ T9009]  ? __fget_files+0x20e/0x3c0
[  223.993924][ T9009]  ? fd_install+0x1b0/0x570
[  223.993941][ T9009]  ksys_read+0x12a/0x250
[  223.993955][ T9009]  ? __pfx_ksys_read+0x10/0x10
[  223.993974][ T9009]  __do_fast_syscall_32+0xe8/0x680
[  223.993990][ T9009]  do_fast_syscall_32+0x32/0x80
[  223.994006][ T9009]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
`è[  223.994019][ T9009] RIP: 0023:0xf704d579
[  223.994028][ T9009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.994038][ T9009] RSP: 002b:00000000f543d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  223.994049][ T9009] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543d620
[  223.994056][ T9009] RDX: 000000000000000f RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  223.994063][ T9009] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  223.994069][ T9009] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  223.994075][ T9009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.994089][ T9009]  </TASK>
[  224.043702][  T843] usb usb7-port1: attempt power cycle
[  224.056392][ T8463] sp0: Synchronizing with TNC
è[  224.192795][ T9011] 8021q: adding VLAN 0 to HW filter on device bond4
[  224.207099][ T9011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.838'.
[  224.209938][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.838'.
[  224.236808][ T9011] netlink: 'syz.1.838': attribute type 10 has an invalid length.
[  224.243029][ T9011] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  224.445952][  T843] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  224.558170][  T843] usb 7-1: device descriptor read/8, error -71
[  224.628970][ T9029] netlink: 'syz.1.841': attribute type 23 has an invalid length.
[  224.632021][ T9029] netlink: 8 bytes leftover after parsing attributes in process `syz.1.841'.
[  224.732459][   T40] audit: type=1800 audit(1764793061.696:94): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.843" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  224.796881][  T843] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  224.825224][  T843] usb 7-1: device descriptor read/8, error -71
[  224.946044][  T843] usb usb7-port1: unable to enumerate USB device
[  225.168677][ T9063] FAULT_INJECTION: forcing a failure.
[  225.168677][ T9063] name failslab, interval 1, probability 0, space 0, times 0
[  225.173242][ T9063] CPU: 0 UID: 0 PID: 9063 Comm: syz.0.846 Not tainted syzkaller #0 PREEMPT(full) 
[  225.173257][ T9063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.173275][ T9063] Call Trace:
[  225.173290][ T9063]  <TASK>
[  225.173297][ T9063]  dump_stack_lvl+0x16c/0x1f0
[  225.173315][ T9063]  should_fail_ex+0x512/0x640
[  225.173330][ T9063]  ? kmem_cache_alloc_lru_noprof+0x66/0x720
[  225.173344][ T9063]  should_failslab+0xc2/0x120
[  225.173360][ T9063]  kmem_cache_alloc_lru_noprof+0x79/0x720
[  225.173373][ T9063]  ? __d_alloc+0x35/0xa80
[  225.173392][ T9063]  ? __d_alloc+0x35/0xa80
[  225.173406][ T9063]  __d_alloc+0x35/0xa80
[  225.173421][ T9063]  ? rcu_is_watching+0x12/0xc0
[  225.173439][ T9063]  d_alloc_pseudo+0x1c/0xc0
[  225.173451][ T9063]  alloc_file_pseudo+0xcf/0x230
[  225.173464][ T9063]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  225.173474][ T9063]  ? preempt_schedule_thunk+0x16/0x30
[  225.173499][ T9063]  __anon_inode_getfile+0xe8/0x280
[  225.173511][ T9063]  anon_inode_getfile_fmode+0x37/0xa0
[  225.173523][ T9063]  do_eventfd+0x154/0x370
[  225.173535][ T9063]  __ia32_sys_eventfd2+0x53/0x80
[  225.173549][ T9063]  __do_fast_syscall_32+0xe8/0x680
[  225.173567][ T9063]  do_fast_syscall_32+0x32/0x80
[  225.173582][ T9063]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.173595][ T9063] RIP: 0023:0xf7f87579
[  225.173604][ T9063] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  225.173615][ T9063] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000148
[  225.173625][ T9063] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000080801
[  225.173632][ T9063] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  225.173639][ T9063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  225.173645][ T9063] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  225.173651][ T9063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.173665][ T9063]  </TASK>
[  225.236000][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.516172][ T9072] wg2 speed is unknown, defaulting to 1000
[  225.632002][ T9072] lo speed is unknown, defaulting to 1000
[  225.869255][ T9076] netlink: 'syz.0.850': attribute type 13 has an invalid length.
[  226.259389][ T9092] binder: 9091:9092 unknown command 0
[  226.261351][ T9092] binder: 9091:9092 ioctl c0306201 80000080 returned -22
[  226.266919][ T9092] binder: 9091:9092 ioctl c0306201 800003c0 returned -14
[  226.305306][ T9095] netlink: 32 bytes leftover after parsing attributes in process `syz.2.857'.
[  226.313335][  T843] IPVS: starting estimator thread 0...
[  226.406785][ T9096] IPVS: using max 42 ests per chain, 100800 per kthread

syzkaller
syzkaller login: [  226.446512][ T9076] ip6gretap0: refused to change device tx_queue_len
[  226.449002][ T9076] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  226.462031][ T9090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.855'.
[  226.715855][ T9104] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)

getty: ttyS0: read error: Resource temporarily unavailable
[  227.003223][ T9107] sp0: Synchronizing with TNC
è[  228.174822][ T9119] input: syz0 as /devices/virtual/input/input14
[  228.433825][ T9123] netlink: 24 bytes leftover after parsing attributes in process `syz.1.863'.
[  228.539361][   T24] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  228.691611][   T24] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  228.696345][   T24] usb 7-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  228.700770][   T24] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  228.704979][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.919594][ T6079] usb 7-1: USB disconnect, device number 28
[  229.180850][ T9133] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  229.183108][ T9133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  229.195444][ T9133] vhci_hcd vhci_hcd.0: Device attached
[  229.298279][ T9140] netlink: 'syz.1.869': attribute type 58 has an invalid length.
[  229.301125][ T9140] netlink: 20 bytes leftover after parsing attributes in process `syz.1.869'.
[  229.360072][ T9140] loop6: detected capacity change from 0 to 2560
[  229.362929][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.365528][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.368095][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.370631][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.373096][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.375573][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.378017][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.380788][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.383143][ T9140] ldm_validate_partition_table(): Disk read failed.
[  229.385185][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.387625][ T9140] Buffer I/O error on dev loop6, logical block 0, async page read
[  229.390190][ T9140] Dev loop6: unable to read RDB block 0
[  229.392394][ T9140]  loop6: unable to read partition table
[  229.394183][ T9140] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  229.482044][   T24] usb 38-1: SetAddress Request (11) to port 0
[  229.484237][   T24] usb 38-1: new SuperSpeed USB device number 11 using vhci_hcd
[  229.500413][ T9144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'.
[  230.059782][ T9134] vhci_hcd: connection reset by peer
[  230.062610][ T1259] vhci_hcd: stop threads
[  230.064158][ T1259] vhci_hcd: release socket
[  230.065891][ T1259] vhci_hcd: disconnect device
[  230.147151][   T59] IPVS: starting estimator thread 0...
[  230.241395][ T9147] IPVS: using max 41 ests per chain, 98400 per kthread
[  230.559310][ T9152] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  230.562311][ T9152] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  230.566919][ T9152] vhci_hcd vhci_hcd.0: Device attached
[  230.586913][ T9155] loop6: detected capacity change from 0 to 524287999
[  230.610641][ T9155] ldm_validate_partition_table(): Disk read failed.
[  230.615868][ T9157] netlink: 28 bytes leftover after parsing attributes in process `syz.2.872'.
[  230.617524][ T9155] Dev loop6: unable to read RDB block 0
[  230.657987][ T9159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.875'.
[  230.663255][ T9159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.875'.
[  230.669827][ T9155]  loop6: unable to read partition table
[  230.674452][ T9155] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  230.710845][ T9162] binder: 9161:9162 unknown command 0
[  230.713524][ T9162] binder: 9161:9162 ioctl c0306201 80000080 returned -22
[  230.719805][ T9162] binder: 9161:9162 ioctl c0306201 800003c0 returned -14
[  230.842304][ T6079] usb 40-1: SetAddress Request (31) to port 0
[  230.849655][ T6079] usb 40-1: new SuperSpeed USB device number 31 using vhci_hcd
[  230.906068][ T9160] ldm_validate_partition_table(): Disk read failed.
[  230.928879][ T9160] Dev loop6: unable to read RDB block 0
[  230.948717][ T9160]  loop6: unable to read partition table
[  230.963640][ T9160] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  231.344394][ T9153] vhci_hcd: connection reset by peer
[  231.352435][   T75] vhci_hcd: stop threads
[  231.364316][   T75] vhci_hcd: release socket
[  231.369462][   T75] vhci_hcd: disconnect device
[  231.853652][   T59] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  232.015077][   T59] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  232.018600][   T59] usb 7-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  232.021539][   T59] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  232.024537][   T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
`è[  232.234307][   T59] usb 7-1: USB disconnect, device number 29
[  232.587785][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.884'.
[  232.592684][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.884'.
[  232.626002][ T9190] FAULT_INJECTION: forcing a failure.
[  232.626002][ T9190] name failslab, interval 1, probability 0, space 0, times 0
[  232.631418][ T9190] CPU: 3 UID: 0 PID: 9190 Comm: syz.0.885 Not tainted syzkaller #0 PREEMPT(full) 
[  232.631438][ T9190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.631447][ T9190] Call Trace:
[  232.631453][ T9190]  <TASK>
[  232.631459][ T9190]  dump_stack_lvl+0x16c/0x1f0
[  232.631480][ T9190]  should_fail_ex+0x512/0x640
[  232.631497][ T9190]  ? __kmalloc_noprof+0xca/0x870
[  232.631511][ T9190]  should_failslab+0xc2/0x120
[  232.631529][ T9190]  __kmalloc_noprof+0xdd/0x870
[  232.631540][ T9190]  ? common_file_perm+0x1b1/0x500
[  232.631557][ T9190]  ? qrtr_tun_write_iter+0xc1/0x1b0
[  232.631572][ T9190]  ? qrtr_tun_write_iter+0xc1/0x1b0
[  232.631584][ T9190]  qrtr_tun_write_iter+0xc1/0x1b0
[  232.631598][ T9190]  vfs_write+0x7d3/0x11d0
[  232.631616][ T9190]  ? __pfx_qrtr_tun_write_iter+0x10/0x10
[  232.631630][ T9190]  ? __pfx_vfs_write+0x10/0x10
[  232.631646][ T9190]  ? find_held_lock+0x2b/0x80
[  232.631674][ T9190]  ksys_write+0x12a/0x250
[  232.631690][ T9190]  ? __pfx_ksys_write+0x10/0x10
[  232.631711][ T9190]  __do_fast_syscall_32+0xe8/0x680
[  232.631731][ T9190]  do_fast_syscall_32+0x32/0x80
[  232.631748][ T9190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.631765][ T9190] RIP: 0023:0xf7f87579
[  232.631775][ T9190] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.631788][ T9190] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  232.631800][ T9190] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  232.631808][ T9190] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000000
[  232.631815][ T9190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.631822][ T9190] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.631830][ T9190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.631845][ T9190]  </TASK>
[  233.078616][   T54] libceph: connect (1)[c::]:6789 error -101
[  233.078707][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  233.145248][ T9213] ceph: No mds server is up or the cluster is laggy
[  233.205436][ T9223] netlink: 160 bytes leftover after parsing attributes in process `syz.1.895'.
[  233.213494][ T9224] loop2: detected capacity change from 0 to 7
[  233.220383][ T9224] Dev loop2: unable to read RDB block 7
[  233.220408][ T9224]  loop2: unable to read partition table
[  233.220535][ T9224] loop2: partition table beyond EOD, truncated
[  233.220547][ T9224] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  233.436968][ T9229] Cannot find del_set index 1 as target
[  234.537936][   T24] usb 38-1: device descriptor read/8, error -110
[  234.603630][ T9250] futex_wake_op: syz.1.902 tries to shift op by -1; fix this program
[  234.608223][   T40] audit: type=1326 audit(1764793071.563:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.615003][   T40] audit: type=1326 audit(1764793071.563:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.622311][   T40] audit: type=1326 audit(1764793071.583:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.629253][   T40] audit: type=1326 audit(1764793071.583:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.636041][   T40] audit: type=1326 audit(1764793071.583:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.642899][   T40] audit: type=1326 audit(1764793071.583:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9249 comm="syz.1.902" exe="/syz-executor" sig=0 arch=40000003 syscall=313 compat=1 ip=0xf704d579 code=0x7ffc0000
[  234.937756][   T24] usb usb38-port1: attempt power cycle
[  235.116220][   T54] libceph: connect (1)[c::]:6789 error -101
[  235.119892][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  235.134613][ T9269] kvm: pic: single mode not supported
[  235.167817][ T9270] ceph: No mds server is up or the cluster is laggy
[  235.248195][ T9276] fuse: Bad value for 'group_id'
[  235.249891][ T9276] fuse: Bad value for 'group_id'
[  235.499320][   T24] usb usb38-port1: unable to enumerate USB device
[  235.597104][ T9288] tipc: Started in network mode
[  235.598997][ T9288] tipc: Node identity 16d22e3d8d76, cluster identity 4711
[  235.601502][ T9288] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.604520][ T9288] syzkaller0: entered promiscuous mode
[  235.606968][ T9288] syzkaller0: entered allmulticast mode
[  235.620639][ T9288] netlink: 44 bytes leftover after parsing attributes in process `syz.0.912'.
[  235.626490][ T9287] tipc: Resetting bearer <eth:syzkaller0>
[  235.637263][ T9287] tipc: Disabling bearer <eth:syzkaller0>
[  235.796832][ T9293] FAULT_INJECTION: forcing a failure.
[  235.796832][ T9293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.802391][ T9293] CPU: 1 UID: 0 PID: 9293 Comm: syz.2.915 Not tainted syzkaller #0 PREEMPT(full) 
[  235.802409][ T9293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.802416][ T9293] Call Trace:
[  235.802420][ T9293]  <TASK>
[  235.802424][ T9293]  dump_stack_lvl+0x16c/0x1f0
[  235.802443][ T9293]  should_fail_ex+0x512/0x640
[  235.802460][ T9293]  _copy_from_user+0x2e/0xd0
[  235.802474][ T9293]  copy_group_source_from_sockptr+0x58e/0x610
[  235.802487][ T9293]  ? __pfx_copy_group_source_from_sockptr+0x10/0x10
[  235.802513][ T9293]  ? __lock_acquire+0x433/0x22f0
[  235.802529][ T9293]  do_mcast_group_source+0xd0/0x2e0
[  235.802540][ T9293]  ? __pfx_do_mcast_group_source+0x10/0x10
[  235.802551][ T9293]  ? register_lock_class+0x41/0x4b0
[  235.802578][ T9293]  ? __local_bh_enable_ip+0xa4/0x120
[  235.802594][ T9293]  ? lockdep_hardirqs_on+0x7c/0x110
[  235.802611][ T9293]  do_ip_setsockopt+0xec6/0x3790
[  235.802624][ T9293]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  235.802635][ T9293]  ? __pfx___might_resched+0x10/0x10
[  235.802654][ T9293]  ? aa_sk_perm+0x2f4/0xae0
[  235.802668][ T9293]  ? ksys_write+0x190/0x250
[  235.802684][ T9293]  ? __pfx_aa_sk_perm+0x10/0x10
[  235.802701][ T9293]  ip_setsockopt+0x59/0xf0
[  235.802713][ T9293]  udp_setsockopt+0x7d/0xd0
[  235.802730][ T9293]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  235.802748][ T9293]  do_sock_setsockopt+0xf3/0x1d0
[  235.802766][ T9293]  __sys_setsockopt+0x120/0x1a0
[  235.802781][ T9293]  __ia32_sys_setsockopt+0xbc/0x160
[  235.802793][ T9293]  ? __do_fast_syscall_32+0x9a/0x680
[  235.802808][ T9293]  ? lockdep_hardirqs_on+0x7c/0x110
[  235.802822][ T9293]  __do_fast_syscall_32+0xe8/0x680
[  235.802839][ T9293]  do_fast_syscall_32+0x32/0x80
[  235.802871][ T9293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.802886][ T9293] RIP: 0023:0xf700d579
[  235.802895][ T9293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.802906][ T9293] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  235.802917][ T9293] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  235.802924][ T9293] RDX: 000000000000002e RSI: 0000000080000a00 RDI: 0000000000000104
[  235.802930][ T9293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.802937][ T9293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.802943][ T9293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.802957][ T9293]  </TASK>
[  235.803637][ T9294] netlink: 96 bytes leftover after parsing attributes in process `syz.0.914'.
[  235.888489][ T6079] usb 40-1: device descriptor read/8, error -110
[  236.030444][ T9296] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  236.033346][ T9296] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  236.037438][ T9296] vhci_hcd vhci_hcd.0: Device attached
[  236.141297][ T9299] vhci_hcd: connection closed
[  236.141534][  T217] vhci_hcd: stop threads
[  236.145514][  T217] vhci_hcd: release socket
[  236.147436][  T217] vhci_hcd: disconnect device
[  236.311389][ T6079] usb usb40-port1: attempt power cycle
[  236.872862][ T6079] usb usb40-port1: unable to enumerate USB device
[  237.011987][ T9310] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  237.014805][ T9310] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  237.028454][ T9310] vhci_hcd vhci_hcd.0: Device attached
`è[  237.347427][ T9093] sp0: Synchronizing with TNC
è[  237.355326][   T24] usb 44-1: SetAddress Request (26) to port 0
[  237.357706][   T24] usb 44-1: new SuperSpeed USB device number 26 using vhci_hcd
[  237.657846][ T9312] vhci_hcd: connection reset by peer
[  237.660658][  T217] vhci_hcd: stop threads
[  237.662118][  T217] vhci_hcd: release socket
[  237.667014][  T217] vhci_hcd: disconnect device
[  238.068306][ T8360] libceph: connect (1)[c::]:6789 error -101
[  238.070382][ T8360] libceph: mon0 (1)[c::]:6789 connect error
[  238.122318][ T9333] ceph: No mds server is up or the cluster is laggy
[  238.191422][ T6079] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  238.351748][ T6079] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  238.361605][ T6079] usb 7-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  238.367510][ T6079] usb 7-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  238.381729][ T6079] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  238.385775][ T6079] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.398314][ T6079] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  238.409939][ T6079] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -2
[  238.452382][ T9342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.927'.
[  238.599834][ T6079] usb 7-1: USB disconnect, device number 30
[  238.734646][ T9345] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  238.812622][ T9347] pim6reg: entered allmulticast mode
[  238.818419][ T9347] pim6reg: left allmulticast mode

úÿÿÿÿ�þïÿÿÿÿÿÿýÿÿÿÿÿÿÿ@ÿÿ
 
 
/dev/fusefd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=00000000000000000000P)€Ì@sÿÿÿtrans=virtio,loose,fscache,nodevmap,posixacl,privport,version=9p2000.L,cache=loose,uid>00000000000000000000,mask=^MAY_WRITE,smackfstransmute=}:!/$.['(],/#(,smackfsdef=,fowner>00000000000000000000,obj_user=,smackfsroot=!)#]-%/(6°@,./file0/file0./file0fuse.

Õfile0ßÞƒùm
˜#„èÖ‰!œ¹f›ÛªyŸ‚êÉ&jAcaŽÔùAC¤àò|Düï9  ³€^Ô瀘ØhœÇyØfHÒ8fC2”�‡†l�%�ü
˜S«Ùí`¹Ÿ¦®-½$«m¼ëÛRF�ZÎ|Å£²†HüÚ7M[ >Q×,EäÝãéîšGÿäXº÷»IQ5¨J¡ð¨?¢«íV9��Úÿg–4a”Sõ3ò%ƒ¦à¤Ü	éÞFhM^
6â)Q7Ï:LÐ]>]<Až8¨¥Pà‚©ÅýÌ&»^ŽEžt{ï¼\k`¬èô··Œõ~[9„ðÍÝÆÅàTÓô¡–ûmªbœð°$_•º•�†ÜVøÍ:Äs}Ã¥ÿq—3&5
ôFŽ~ÍHÖ‰¸,Ò*åñ…ƒ¡´ÏÞ�ÓG©�ÜÞ@ÑÄ�›P™ûÌðžx"¾K,ãj+ÃÉîyJ¿þr¥PlO?h·GaÿÖb	"J;ñe]­µÈ¥�;ûFƒšÆ‚_]‰‘Rë:XÀ݂ДùMÒÈVfö„¨ô7»ÐækŸM6a¶zM!,O¼(xHËx95ÕÖ±M™¢ãߎŠ-]é›Îüªµ»\Ç=Ýf³yÁdŽ(¡€Ó®ÌT#W]K§ÛóÇÚ{‡ÝEKnüÓl‘ª¦1[؇#Ò!u/+ÀǬl\zÖtzô
¶Óž«{’´FƒÅ†8jÐ
Ï`û�›¬Unµº·1{]‰öM±Ù
�úmeÙ8bèQ¯¼0ýpþ_ã"F Er1…,¨NxÚOêyº5C3l‹Ç}0Š�%jìEÒŒf‘ÓùªÂ�í6Jeî䛩YœîèE4»aÐ-¦s/'×)b÷KYóR+øDÅ)†ÕY4䋆�·õ·S#‘DŒ®ï1](2
FؽxTNKù”áJQœ&Tÿ ´+ÛiÂb‰~(ì¥(ð™˜@°Ø%e—Ò|ü ×_@лÊuŸu”ÆJ¡áj„í/­Ü0:a"WqO‚:ü^¢AÔ‚ÓXWYb:øÉ|¦¨J 3³×1N ï{©²ˆ³b¢”É,‹—6‚œöZàJÊ–]q"’'E•êbÉ‘Ž‚yÉŸ](0ÆÅ‚ýtR3
„¹B�^ÁÕÍuÝÌmã2oÜpè‘K;
<0ÿÌúó0�–q°k
“¬ RÆó˜¦b�Ôj¬ûP¾ÇÔm
ãçDó¼Ã'Ã]Ä<økt=·�ò哱™##^ÖF)›q�á„§H“]ÿ”Pû³s³{ù¯\†Ì�ž"šƒ.Nò^Éq+>�bHYv€¢Ñr8`)âò¤€—ü ¡5í¬õݺŦ.‹±=ÑW&W¨!¨s’—÷.)#�Ýß>0Ëé¯1Aò'^ä®…ØnȈþšgQòR~•¸¾°UâvC•�¯î“ÍDñé/på÷%E:¶b‘�û±&•	ûÕéZìq�`ÖC†J½jÑÌM×ù37š`x¨l!XÛ€vç¶`6oÊ{FÐ�,Žg¦IKûL,gPçe“‰[^++Ç€“„<J€x&¼'P©kNÕ¸+I+²!UÉ dÑv<7&å.súÃôQyS®ìû±˜àÚzûêžê òVêíËša÷Ðê\Ô–�EË
HòȈÕÂ!|ðöšuw˜ƒµsR»ˆƒÌXH‘•ny%7OOÄ3z¡››öíÙ9Ò‰ûJkz¦Æm¢tâIÊOw�<‘šŽL8¯jÞ̇ÕHÖ`#ÿÿ$oN%V²þ�¬ëâuñÞo&[m…¥5"9kðâò±SĘä‹6Ño‹›ÕoE×õ¹9}9zm­hèh$Óá�â|�Âþ¹\ƺ†­GñáY½C‰ã«(t½'î¼VM«™s±?>‚ªb§à¡Q×=䌸ã+æ?ý0?Zn¦ð—ív?¿6Ä0‚EFÞy’#H5Lâ…¯	—¿<fæï”.$¸ñÌÝT/	Ïæ\ 	L_Òk¼8´^Ò˳�î)±
Kzi`	ᵸlDÀ¥a¢WÁTþ®±C>¢uínK"…þqîYBfQdú®Öiq kàþxc®½K¾•]ꢔ۠y1–8_MQAÉÖÄ°ú"²âÏ·R¬£UçZWlËŒË[dtŠ©�í»�¨±®¼g¾vçá—b-˜€BŸl¥\[;æºÎ‘‘åÅ�¿qõ”ËýM°éö’?Xÿ”d¦r
]O	Æ"ÃÎ?]:�ô±nž¯6ÃSq\ÓR`V¿ÐU]QÎ\@»Û|•Î®­­¸�)tÞP°†3H8dõêh.g‚† jo9jòš|³:5yâX5–6óÀÔÏ6�…•š
ÞÚ”ÓX$oºƒùgX?q=wƒ2<péL›ã1ø`Û9]½æúÎ[ý¶üï©Æ°icÚ¨@£õT¤XÀÅµàŸ‘õOc#E‰ÞÊô[¿ºïËÿJææ\¢jSađ¨U¡×F3‘ɶkélòL<2好ÈWöX&ƒÆ®7u¶*Ÿÿ�¥€ÊŠ*<mç�õr{¡ %çær:#¨|¦åL{8ÿdˆ#]!çîRX•=Ëùâ©bðÊOþ‡Y$,…ºä"+;rÄøi47›¢êÑÜÞ�bA¹”Ù\ˆ5Zõ©£
Îœ“:iBóA­"Ø%„j�ÔLâê©1&áZ×˺–"ï#×ëº4ÎÅï	±Îr�J—ã;ÒŸ=žÈ
OEÑÒ”†¬ÏÁ€ØIçbog‚u×Ǭ°,ÀæãK·fºkuíü©5.	ö“�ÀEÏÈBÿšÞŒ¦“À­Çz”nnW:ü[P–A9]ÚÜ-Y H4�Ô/Ïãɵ®E?P†»A»¤È£åãUK?’0%ÝrÎËô1—‹4¨T|q×19’Px�<aÓ°ÙF”Éý—ÌߢpûlGìˆa¡ÈÙ	î¬çaµ k¤n%x_ø†ww«²7ÆÉ€hy‘ñí
WÕ„’&q,ì4Áü	b9UÛMP�¶è@œóÃÇ�iôûÀ²%
mÍEiiÍ2åB•3¿o‹Ú„À_ @Þ‹S¿¸gnìKvÃßoF±ä72]ÚW~uö@wjéÒñ¯BºF-¬s Å™¿ï
¬Ö ÔÑykË�XQ�ošÙ£ g©MG%¹ˆDìÒæòŠIªD�¸yrü™Z—7™Tn¤1Cê,÷y©Ëèè‘)Û6I!d«%˜ì§æšicغ¨g)Û†ä ý–Ö�±Ü+3›W§@Jå·uêöØ]É4æ¿+KÕŽà´ßW¬ ÿ�´Z˜+W–Cˆ$Q¢çVÜvÛõ3è>H¿µÏ*x¨“xBauÁbÿªrx¤;™21�Á¸ËúƱ­#[‘ùËv#±U~÷¸v£Ãv'ª1êþÑAÌT‘Äö!¦kmƒzMxqœFQ “Ïeüéú¾[ÖÔ™ìëcSŽÎ<ñ�SU
#›ùxÀŒ‡Ÿ™THZN>[í¸K@|í…ÄßÄ×Zñ�Y’ŸÉ'Ä©�ÊäüÉþ¹ìU^ÐB0…S”ÕÌüŽÒdØø;åÞ»p)5Gð~MÄ(ñà
yŽlîâU‹oøÁuŸ�&žâ&3+™¬�ÑÉ ˆáùÎ1˜Àõ›ûuÄ䦗fíC¢œƒU-ãÎmΖúQ¶â0q¤éD"Ñ^._gÚ|¦Êæ¾×t>¿úËŠ�6y#!�¥èr÷bÃÇ6hðԘö¢k®iŒ÷�$ÂÛìÓ™¡�æ¸ÐhN’Ÿ.€ƒv^²Æw“¡­»‰ÓkX¿±—ÍÅóÈ”¬�ˆn�;	6ú½#<	Þ�«€™÷*tÙº\^M9yùä[qU‡·É7Çf�ÅÅüæ!¥:ŸÐ;
NæØÑ«¾.Õa‚
wñ*ÊÐuU@«mÑ`K|0¨e)•«€¸^‘�Þ”8¤c~°)$íKt^x,ÿ˜Q°;çœ*�5¿'e„×\Ý–¹É~sëq:·ÃÁœ,«D—)�Ë0RµÔP=çó1‹æøHT{OM¸,®á�€x¾(P6ªM‘ò�Áó–4>s¥þ‹µÌð£~Ñ÷zÍ¡¤¤�Ìü«�]yð÷ˆ¶Õéø"Š‹ÍÀinkõíÿ¼×éPœ‡ûá÷&¹;øÆØÓt(v>%`Älž‰Os…�ÂZ¼O6‘ëÍ
qàÔ‘]—¢8šíë²ëG\{E_Š¨Q“µÀô;CLÞ
aM&FÍn67óI¤4§WÁÅÖ˜E-™&xÜ¥å’ìÓÊü­„äé�KJÜR[�½hCBˆƒ:n¤ 8È¿µAÿr€'J4ÔÏ�Ÿ-ºágÊ®„qÄ•à´Q”­‘ÄQo!˱&ý]sL×r]õ³ûé)Uô©»;›�:îÿyÖí]¹-ïÐ`¢ÃìŒBÁxo–Å
rI°?Ç’vCf‰J52™Ð¾ùýj$l6£Wƹ…܃£z�›‹šÖCÞ©H`Ëçc»sÌ„"¶�M3"BÈ•@uûq¦g–86«Í´a˜U²jñ`df³SE£¿zâ�Ö®"Iñç¨FBxºáH`"¼ÇÃs�ÈÙ ï°áÏ ÚŽ÷¥àrùšGìÇ^ND(€7Q“ÛI»‚º4�†ÊG>Õ¶>@HÛMÄUçK?Ý.x˜Ê?L:Ô5ÍæêdPU:}Ï"�BW
¯ÅXYõyTçÕŒt†±à*Ál·™·v2Æk·ŽnRáÁsd$úMC?´È�Ò?*Õúã®$3�ˆ�›IjÙ{Ùöâ
…—ÑE*rÜô=»Ú�e…Àm!ûÿåþ{U÷›Ÿ4 +Ð\¦<|ë»�ÒO±‘°Lf]EMÒ‹…Ø!Î~a1‰–x^¨Ú¼H™±&q}ZXí6;�K9Ð/ŒÅãPûð£H­ìÑùâÊt›Øo^´Ž›FðPÞÖB”yF÷øŠš
Fƒ­„ÖN9S¼M�Ì3K—e5)Öh*‡¥úÈ
mFÖç/Â.X¾{�†³7.òb!«ÄHqq²W¬ÿå]Ç…^ž‡­—zg’²1Zž´FŒhd›`ÀÚ·
jÁ­cÍ€¶ì¨üˆ±ä&:ÌI’UÁkHz
øX_œ‰-ÈLAFå¥g|J,²KÞ^‰…J±äÈt’çk~oK½qØK«…Ép(Iç÷(wk”¨ûŒ| aïo 2¢�”›þG?â';‹[:Õ@ñ‡Ic}̼¦ö/
zfq|YlÞôòVh^Þ–{>æ‹Œ•Y®±×VL;�€k,èX8“§™·�~�¾­®0ÿÀ²¶8,ÅQ¤Ee �³QkãyïVj°g?تîìÜñŒ`é¤w¹á7WIŠDÿ“QÑòz¿Ÿ×hù$PFGÑ$wʆ¾bArÃ"mfë+$ŽË>]ܨ›(|WQì@üø�€,ô6Š†ó à4÷¦}KÅI^‡ìßà/xÉ¥š;ù»cd>Àdç´GnÄãh[ú;þžùìÁ-͉š¾<´hh
ÀÀ©Iª&¾Õ}õo+ÅNñš÷ü¼{iuô*Jg¬ù€µh¬²4/B$Ÿ|ãR|+	`dìÒPˆz”-&ö7áÄ–YÒF*hh°C‡£³™ã–¹þtÞ5a%úGТ'7¿6§›oÿ­éC�ÖÏÿK¾Óïï¶Iã/“]b0|º6šÈÂoãÔ…|æÒ@ìåäÑIðXqU¨5Ìï®/ñÛáR¨$™¡™møµF.áp²„2v»åÃôƒ‡dM•ð‡Å˜ãÔo¾'ö?§„½¢9Q!B@E¢ÅÛƼ6bÊs
†Ñ<øöþ'C"L§µ5Êö´p}®œúÓ×)
»º¶ d®n�š	Ÿuûä|žeMŽ;�ÀóÛÿè)æÅoz$VQ6�*…Y«VZ™‘Ʊث̔Ƴ;º1OnP`æWäd–šUÖÅü ÿ]žO@í¼,’~±í•ï%ôå¬Ë¤™“"º9I“ÝXuC:"ƒ\ýBýwýF€·þv}z¥Ã:ÍàJe½:f?ÍäÈŸ*ô˜ñ;ù«º¡Á&^Üi”«ÜÉ"pÀXÍ*�ëï¿ìžK©®\Þ!›“,à4¶Í_¾œû¬O~$ï—fOs
|Ã`<�ÍxÛ%ü4Ybž¯ ßÛ,~P*¦”8„z�%M[ïÄQÍ£`oÈ®bà®é(ùí!רӉžD^àdV=2÷¶»ZÑ—<õ(Ù³)ìg�\mß'Ò¦ÿ§2‹¹“@|Þ=aYýIþF’T¸L)Úê�ùÖ›ï
ŸQ¹¼á“ãxƒ[‚ê_`ÜÝtR·¨ ®|ÖÜ)׬jldq–3‹v‘F²£…Ò‚¿ªæfﯫ-‰¤V{”`Ì"×RøéªÊª·ÈHyõ5–bÕ]öWBtQÇEtÎ×3€|»TWA’9L=ê½ATÐåh�WÃ6ÚÉQùj5ŽœFj\Qó¦2á„õ^ÞôÜÉr–;ë•ß	Þß„‚`ËÁëýÇ@‚êºm,Q’ŒÓ|LŸ2»	”¥iGÏÙd0VÛ]¾¦
$�L“+ÈæE²ì.¹¼Nž/AV)24Ð^pË&¸£p° lukÚmïÁ^³†dSZOûqAhÞüm‚ô�[¨v…7êÕw<S½wœ¨™¢Ý1É…iÿQÂû¸7\;=ɸ(¿ÕP2Šß5�qèjIûŸ^ùàl…\¿ÇѦ,¢êe^Ù¦Ü{¸±†Vè’?Ç¡p*³iGד„Ö�Ã#éŒô	÷v¼+!š|Ížuj�Z£Qæê®�wŠ?–Í\fä×z5y…Un37Ø¥Ã�à×o@�¯éùšØ —k3BõT³t´º©§ò!$Ò¸'IDn0ÙyZËœ<:0Zm':Å(èéÉ\7§Žv_Ý¥Y‚–¼…¡OÀ•§‹FTîmü2˜tšcš¹ÈáU¯:wø¤	ÎE2¤’ïU
wMw×2³´Ê[ĤHŒå•|â°2®XRst��±žÜóæËš“ì$äk<G/›¯<¤l¸¹©ñŠÎ¾}ƒ½DsuO&€m¢ù[ž¤‹4$`¯rš±^Ÿ>Úgþìd_˜]K”‰ÏlîÁ±Ð¿FÇKå<~¡r–ùŵˮsd‘!<“µž½ìüÖF׸ln;^(�+¥†|“n{Ñ°å!‘ë†0ÿ‚̯²zY)Qdu¿tïñåâ«ß<“¼]É�Kè;%bGy5âú0Û~»nÀñ˜øÅëqÇ0³U¡Ý¦H«•¶<Rž
–ÎÈó†€"`‰’mƒ	yly™Mc¶{ûbökJP/0í¾Aè–è‹ÄZ
Ro½_.gs"ñìW@×V<Ò>èSÀ¸I˜ã�ß…VâŠS%s•n|ùÊ$\)Z=^:™êraÑ(“´5ÔÈòõÌàj0‘â¤)‰uÅ=u)·úô-+¬�¸Õ6iÏYÇ	Â^ž@µþ®ÔÃ}Þ‹„Ä–q#&ûjªèvk@·$€ó—ïaÑÑ)gmòGŽw�‰žÓBnÃ>ImÝ.Âq(øúî’‚ŽÚrÖ®è3
yˆêȶNÄز	�†LÅ,KæÐ0K‡Ù{ÿÝœf§@µ"0‰Ùóô«íÅ<v�«’ ¹€æÁ�_ º‰”̈†×½î!4BôVןδ�¿`
flŠÞ$Ñæ2‚QÏ{W¦(\e
˜Pó’±Âšì\�ĉ£��`ÕÞ7}L¸îV%·À,]PÒ¯3—o.*A o’)îõ‡ŽÙŸkç鈒Mºë„Uö'^†˜Ù?µ6âÈ9²ªi¼ìíÛùÅ?ŠÝºSÕ ÷¤ršB¬n·Wñ´­J
GTasæ/v!ë©áhÌëHà£
·¡¿qÕgBÕð4ò×%çêh Û±únïäî	8sÞ6m4ô$ '¢\[—œšÄ}Ñܶí‚Ä®à�Ì#Ï2š†Dø›\ðVƒ“K7WN›9³	òváZ @•Ÿß8Ê?Z±~EfhÐ`Dã¡?:
ohWžPÕ°O�{ÏÍ烖Ï0ð±ß÷m׫ZD²ëª÷;”\WP)®-Î rI‘æU
UÞÖ¤&r`Ÿ$9Ū´ˆ+/ú÷Úx{qÐ]QkÖŒo�y¶u9XEòNèSøwç,¶Æp/{‡uÊú»¼ô
Ÿ{Ìð!1ßÆjz÷ž’¢ÑËá².	çãì¹ÓÂEÂ*W¿à›×5ö6ÚÂHŠà­Çˆ^Üe]ªõ5áޖ̾xiÕ1Ø¿=µûÑ|w#2£øÏ.à .¹š6 ø×!˜ˆ¬»W	Úó²Žbèü.Â7½ñ…’§¯äØ9Ë^Ì1¿Oy~oW	&\ÂèÄY·ÚQj½lŒ[À¾-/PZe7bfV:ǵžó´âW
l°½”ÔjØa1|t<áÞ¿¢)Z˜ÍÞÔAM‡¡XFu»ßs¢,¬J�Emž`Ëý�;ÑÚÄ�ÛIú]ˆ
ÐûD´¯ì«Naú8¦gˆ
Ø9S¾{YÉß×ù7x:è óÇËï§Ò)£|õ#Rž›Òâ@b›d¯-@Gsé‘ zr,2!Î#ºí|¾@¤@Åh±"Ϻ�’þG�…­ËÞ¬·ml¿$‘êúéƒ'²xâg‚Ðnù°2Ž$lØÆ;“2)‰¼Ÿ˜žÿÆuÇš‡
À$uloZ~2º½ib]aHzç9”�·ÐúÞ}p­›W0
-Þw«¯ôö:…5‰ÔNú–ŽÓeaðD­Â'ük/�Lêщ üÊ›.l½åI†Rà³[  240.034377][ T9367] ntfs3(nullb0): Primary boot signature is not NTFS.
[  240.036861][ T9367] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00

syzkaller
syzkaller login: [  240.408556][ T9380] netlink: 12 bytes leftover after parsing attributes in process `syz.2.936'.
[  240.413791][ T9380] netlink: 12 bytes leftover after parsing attributes in process `syz.2.936'.
[  241.178598][   T59] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  241.204477][ T9391] kAFS: No cell specified
[  241.386969][   T59] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  241.390379][   T59] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  241.394029][   T59] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  241.407358][   T59] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  241.410268][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.420145][   T59] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  241.727930][ T9403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.943'.
[  241.736707][   T59] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[  241.742298][ T9398] netlink: 52 bytes leftover after parsing attributes in process `syz.2.943'.
[  241.746329][   T59] usb 5-1: USB disconnect, device number 16
[  241.750697][ T9398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.754005][ T9398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  241.950413][ T9405] netlink: 52 bytes leftover after parsing attributes in process `syz.2.944'.
[  241.999196][ T9407] netlink: 12 bytes leftover after parsing attributes in process `syz.2.945'.
[  242.003834][ T9407] netlink: 12 bytes leftover after parsing attributes in process `syz.2.945'.
[  242.041551][ T9409] binder: 9408:9409 ioctl c0306201 80000680 returned -14
[  242.456470][   T24] usb 44-1: device descriptor read/8, error -110
[  242.857783][   T24] usb usb44-port1: attempt power cycle
[  243.146450][ T9431] netlink: 64 bytes leftover after parsing attributes in process `syz.2.951'.
[  243.149914][ T9431] tipc: Invalid UDP bearer configuration
[  243.149938][ T9431] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  243.239839][ T9435] tmpfs: Bad value for 'mpol'
[  243.280145][ T9438] netlink: 12 bytes leftover after parsing attributes in process `syz.0.954'.
[  243.326507][ T9440] netlink: 'syz.3.953': attribute type 12 has an invalid length.
[  243.383392][ T9445] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  243.390806][ T9445] syz_tun: entered allmulticast mode
[  243.429051][   T24] usb usb44-port1: unable to enumerate USB device
[  243.580238][ T9457] binder: 9456:9457 ioctl 8048ae66 80000480 returned -22
[  243.584795][ T9457] binder: 9456:9457 ioctl c0306201 80000680 returned -14
[  244.029395][ T9432] syz_tun: left allmulticast mode
[  244.092208][ T9467] __nla_validate_parse: 1 callbacks suppressed
[  244.092221][ T9467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.963'.
[  244.098349][ T9467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.963'.
[  244.383100][   T24] tipc: Node number set to 1535080419
[  244.680827][ T9487] netlink: 4 bytes leftover after parsing attributes in process `syz.2.970'.
[  244.785403][ T9488] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  245.217154][ T9493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.972'.
[  245.221472][ T9493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.972'.
[  245.400638][ T9504] netlink: 6 bytes leftover after parsing attributes in process `syz.2.975'.
[  245.407274][ T9505] ntfs3(nullb0): Primary boot signature is not NTFS.
[  245.411285][ T9505] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  245.754011][   T49] libceph: connect (1)[c::]:6789 error -101
[  245.757038][   T49] libceph: mon0 (1)[c::]:6789 connect error
[  245.833996][ T9509] ceph: No mds server is up or the cluster is laggy
[  246.021083][   T49] libceph: connect (1)[c::]:6789 error -101
[  246.023184][   T49] libceph: mon0 (1)[c::]:6789 connect error
[  247.528334][ T9554] netlink: 64 bytes leftover after parsing attributes in process `syz.2.983'.
[  247.843941][ T9558] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  247.846880][ T9558] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  247.861086][ T9558] vhci_hcd vhci_hcd.0: Device attached
[  248.143577][   T24] usb 40-1: SetAddress Request (35) to port 0
[  248.145829][   T24] usb 40-1: new SuperSpeed USB device number 35 using vhci_hcd
[  248.477730][ T9559] vhci_hcd: connection reset by peer
[  248.482791][   T75] vhci_hcd: stop threads
[  248.490198][   T75] vhci_hcd: release socket
[  248.492133][   T75] vhci_hcd: disconnect device
[  248.526008][   T54] libceph: connect (1)[c::]:6789 error -101
[  248.528118][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  248.530911][   T54] libceph: connect (1)[c::]:6789 error -101
[  248.533875][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  248.621188][ T9577] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  248.623619][ T9577] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  248.638605][ T9577] vhci_hcd vhci_hcd.0: Device attached
[  248.656390][ T9574] ceph: No mds server is up or the cluster is laggy
[  248.944546][   T49] usb 38-1: SetAddress Request (15) to port 0
[  248.947384][   T49] usb 38-1: new SuperSpeed USB device number 15 using vhci_hcd
[  249.845462][ T9578] vhci_hcd: connection reset by peer
[  249.847520][ T7522] vhci_hcd: stop threads
[  249.849558][ T7522] vhci_hcd: release socket
[  249.851780][ T7522] vhci_hcd: disconnect device
[  250.066799][ T9592] netlink: 'syz.1.994': attribute type 10 has an invalid length.
[  250.071104][ T9592] batman_adv: batadv0: Adding interface: team0
[  250.073941][ T9592] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.085161][ T9592] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  250.735366][ T9590] FAULT_INJECTION: forcing a failure.
[  250.735366][ T9590] name failslab, interval 1, probability 0, space 0, times 0
[  250.739580][ T9590] CPU: 3 UID: 0 PID: 9590 Comm: syz.2.995 Not tainted syzkaller #0 PREEMPT(full) 
[  250.739595][ T9590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.739602][ T9590] Call Trace:
[  250.739606][ T9590]  <TASK>
[  250.739610][ T9590]  dump_stack_lvl+0x16c/0x1f0
[  250.739630][ T9590]  should_fail_ex+0x512/0x640
[  250.739645][ T9590]  ? kmem_cache_alloc_noprof+0x62/0x720
[  250.739658][ T9590]  should_failslab+0xc2/0x120
[  250.739674][ T9590]  kmem_cache_alloc_noprof+0x75/0x720
[  250.739686][ T9590]  ? taskstats_exit+0x654/0xbe0
[  250.739704][ T9590]  ? taskstats_exit+0x654/0xbe0
[  250.739718][ T9590]  ? acct_update_integrals+0x2ce/0x4a0
[  250.739733][ T9590]  taskstats_exit+0x654/0xbe0
[  250.739749][ T9590]  ? __pfx_taskstats_exit+0x10/0x10
[  250.739766][ T9590]  ? exit_signals+0x388/0xb00
[  250.739783][ T9590]  do_exit+0x5e4/0x2bd0
[  250.739796][ T9590]  ? __pfx_do_exit+0x10/0x10
[  250.739807][ T9590]  ? do_raw_spin_lock+0x12c/0x2b0
[  250.739820][ T9590]  ? find_held_lock+0x2b/0x80
[  250.739838][ T9590]  do_group_exit+0xd3/0x2a0
[  250.739850][ T9590]  get_signal+0x2671/0x26d0
[  250.739870][ T9590]  ? __pfx_get_signal+0x10/0x10
[  250.739888][ T9590]  arch_do_signal_or_restart+0x8f/0x7a0
[  250.739904][ T9590]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  250.739922][ T9590]  ? __ia32_sys_clock_nanosleep_time32+0x351/0x4f0
[  250.739943][ T9590]  exit_to_user_mode_loop+0x8c/0x540
[  250.739960][ T9590]  __do_fast_syscall_32+0x4a4/0x680
[  250.739976][ T9590]  do_fast_syscall_32+0x32/0x80
[  250.739992][ T9590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.740005][ T9590] RIP: 0023:0xf700d579
[  250.740014][ T9590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.740025][ T9590] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 000000000000010b
[  250.740035][ T9590] RAX: fffffffffffffdfc RBX: 0000000000000002 RCX: 0000000000000000
[  250.740042][ T9590] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  250.740048][ T9590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.740054][ T9590] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.740060][ T9590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.740074][ T9590]  </TASK>
[  250.855530][   T54] libceph: connect (1)[c::]:6789 error -101
[  250.864387][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  250.864697][ T9596] ceph: No mds server is up or the cluster is laggy
[  250.869724][   T54] libceph: connect (1)[c::]:6789 error -101
[  251.035074][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  251.053548][ T9609] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  251.153484][ T9624] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  251.157903][ T9625] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 1
[  251.161338][ T9626] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 2
[  251.165365][ T9627] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 3
[  252.063417][ T9633] FAULT_INJECTION: forcing a failure.
[  252.063417][ T9633] name failslab, interval 1, probability 0, space 0, times 0
[  252.067640][ T9633] CPU: 1 UID: 0 PID: 9633 Comm: syz.1.1005 Not tainted syzkaller #0 PREEMPT(full) 
[  252.067666][ T9633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.067674][ T9633] Call Trace:
[  252.067679][ T9633]  <TASK>
[  252.067685][ T9633]  dump_stack_lvl+0x16c/0x1f0
[  252.067703][ T9633]  should_fail_ex+0x512/0x640
[  252.067717][ T9633]  ? fs_reclaim_acquire+0xae/0x150
[  252.067734][ T9633]  should_failslab+0xc2/0x120
[  252.067750][ T9633]  __kmalloc_noprof+0xdd/0x870
[  252.067761][ T9633]  ? tomoyo_encode2+0x100/0x3e0
[  252.067780][ T9633]  ? tomoyo_encode2+0x100/0x3e0
[  252.067795][ T9633]  tomoyo_encode2+0x100/0x3e0
[  252.067812][ T9633]  tomoyo_encode+0x29/0x50
[  252.067828][ T9633]  tomoyo_realpath_from_path+0x18f/0x6e0
[  252.067848][ T9633]  tomoyo_path_number_perm+0x245/0x580
[  252.067862][ T9633]  ? tomoyo_path_number_perm+0x237/0x580
[  252.067877][ T9633]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  252.067896][ T9633]  ? finish_task_switch.isra.0+0x2e0/0xbc0
[  252.067921][ T9633]  ? find_held_lock+0x2b/0x80
[  252.067937][ T9633]  ? hook_file_ioctl_common+0x145/0x410
[  252.067955][ T9633]  ? __fget_files+0x20e/0x3c0
[  252.067969][ T9633]  ? __fput_deferred+0x440/0x480
[  252.067982][ T9633]  security_file_ioctl_compat+0x9b/0x240
[  252.067998][ T9633]  __ia32_compat_sys_ioctl+0xc3/0x370
[  252.068013][ T9633]  __do_fast_syscall_32+0xe8/0x680
[  252.068031][ T9633]  do_fast_syscall_32+0x32/0x80
[  252.068046][ T9633]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.068063][ T9633] RIP: 0023:0xf704d579
[  252.068072][ T9633] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  252.068095][ T9633] RSP: 002b:00000000f541c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  252.068106][ T9633] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000c0045005
[  252.068112][ T9633] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  252.068119][ T9633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  252.068125][ T9633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  252.068131][ T9633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  252.068145][ T9633]  </TASK>
[  252.203601][ T9633] ERROR: Out of memory at tomoyo_realpath_from_path.
[  253.083272][ T9672] 9pnet_fd: Insufficient options for proto=fd
[  253.086110][ T9671] 9pnet_fd: Insufficient options for proto=fd
[  253.093086][ T9672] netlink: 'syz.3.1017': attribute type 1 has an invalid length.
[  253.129866][ T9672] 8021q: adding VLAN 0 to HW filter on device bond2
[  253.190045][   T24] usb 40-1: device descriptor read/8, error -110
[  253.614276][   T24] usb usb40-port1: attempt power cycle
[  253.752319][ T9685] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  253.754623][ T9685] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  253.760290][ T9685] vhci_hcd vhci_hcd.0: Device attached
[  253.998268][ T9691] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  254.029281][   T49] usb 38-1: device descriptor read/8, error -110
[  254.050638][ T1327] usb 44-1: SetAddress Request (30) to port 0
[  254.052848][ T1327] usb 44-1: new SuperSpeed USB device number 30 using vhci_hcd
[  254.174350][   T24] usb usb40-port1: unable to enumerate USB device
[  254.441602][   T49] usb usb38-port1: attempt power cycle
[  255.003542][   T49] usb usb38-port1: unable to enumerate USB device
[  255.144276][ T9708] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  255.146683][ T9708] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  255.149412][ T9708] vhci_hcd vhci_hcd.0: Device attached
[  255.182651][ T9686] vhci_hcd: connection reset by peer
[  255.191282][ T9708] rdma_rxe: rxe_newlink: failed to add wg2
[  255.201337][ T1153] vhci_hcd: stop threads
[  255.201725][ T9710] vhci_hcd: connection closed
[  255.203344][ T1153] vhci_hcd: release socket
[  255.203554][ T1153] vhci_hcd: disconnect device
[  255.210751][ T1153] vhci_hcd: stop threads
[  255.212503][ T1153] vhci_hcd: release socket
[  255.214270][ T1153] vhci_hcd: disconnect device
[  255.490148][ T9717] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  255.493137][ T9717] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  255.498233][ T9717] vhci_hcd vhci_hcd.0: Device attached
[  255.782876][   T24] usb 42-1: SetAddress Request (26) to port 0
[  255.785564][   T24] usb 42-1: new SuperSpeed USB device number 26 using vhci_hcd
[  256.160311][ T9718] vhci_hcd: connection reset by peer
[  256.173661][ T1144] vhci_hcd: stop threads
[  256.175951][ T1144] vhci_hcd: release socket
[  256.186239][ T1144] vhci_hcd: disconnect device
[  256.426371][ T9729] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  256.429077][ T9729] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  256.432709][ T9729] vhci_hcd vhci_hcd.0: Device attached
[  256.498843][   T40] audit: type=1800 audit(1764793093.427:101): pid=9729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1031" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  256.625060][ T9737] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  256.628034][ T9737] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  256.631649][ T9737] vhci_hcd vhci_hcd.0: Device attached
[  256.714147][   T49] usb 38-1: SetAddress Request (19) to port 0
[  256.719390][   T49] usb 38-1: new SuperSpeed USB device number 19 using vhci_hcd
[  256.868760][ T9741] netlink: 'syz.1.1029': attribute type 10 has an invalid length.
[  256.996371][ T9732] vhci_hcd: connection reset by peer
[  256.999290][   T75] vhci_hcd: stop threads
[  257.001322][   T75] vhci_hcd: release socket
[  257.003487][   T75] vhci_hcd: disconnect device
[  257.082137][ T9738] vhci_hcd: connection closed
[  257.082366][   T75] vhci_hcd: stop threads
[  257.085729][   T75] vhci_hcd: release socket
[  257.087273][   T75] vhci_hcd: disconnect device
[  257.369611][ T9747] kvm: pic: level sensitive irq not supported
[  257.369949][ T9747] kvm: pic: non byte read
[  257.375195][ T9747] kvm: pic: level sensitive irq not supported
[  257.375495][ T9747] kvm: pic: non byte read
[  257.380260][ T9747] kvm: pic: level sensitive irq not supported
[  257.380516][ T9747] kvm: pic: non byte read
[  257.385631][ T9747] kvm: pic: level sensitive irq not supported
[  257.385880][ T9747] kvm: pic: non byte read
[  257.390473][ T9747] kvm: pic: level sensitive irq not supported
[  257.390718][ T9747] kvm: pic: non byte read
[  257.395883][ T9747] kvm: pic: level sensitive irq not supported
[  257.396132][ T9747] kvm: pic: non byte read
[  257.400988][ T9747] kvm: pic: level sensitive irq not supported
[  257.401237][ T9747] kvm: pic: non byte read
[  257.405806][ T9747] kvm: pic: level sensitive irq not supported
[  257.406054][ T9747] kvm: pic: non byte read
[  257.410595][ T9747] kvm: pic: level sensitive irq not supported
[  257.410855][ T9747] kvm: pic: non byte read
[  257.415481][ T9747] kvm: pic: level sensitive irq not supported
[  257.415732][ T9747] kvm: pic: non byte read
[  257.630435][ T9750] mkiss: ax0: crc mode is auto.
[  257.667540][ T9752] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  257.699300][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1036'.
[  257.707572][ T9752] mkiss: ax0: crc mode is auto.
[  257.713825][ T9750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1035'.
[  259.116771][ T1327] usb 44-1: device descriptor read/8, error -110
[  259.418539][ T9760] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  259.508732][ T1327] usb usb44-port1: attempt power cycle
[  260.089827][ T1327] usb usb44-port1: unable to enumerate USB device
[  260.383688][ T9793] mkiss: ax0: crc mode is auto.
[  260.562369][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  260.564519][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  260.811982][ T9806] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  260.817941][ T9806] overlay: Unknown parameter '/'
[  260.889675][   T24] usb 42-1: device descriptor read/8, error -110
[  261.280307][   T24] usb usb42-port1: attempt power cycle
[  261.779548][ T9794] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  261.840089][   T49] usb 38-1: device descriptor read/8, error -110
[  261.840826][   T24] usb usb42-port1: unable to enumerate USB device
[  261.896379][ T9811] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1052'.
[  262.018175][ T9813] warn_alloc: 2 callbacks suppressed
[  262.018188][ T9813] syz.2.1053: page allocation failure: order:2, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1
[  262.025952][ T9813] CPU: 3 UID: 0 PID: 9813 Comm: syz.2.1053 Not tainted syzkaller #0 PREEMPT(full) 
[  262.025974][ T9813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.025982][ T9813] Call Trace:
[  262.025987][ T9813]  <TASK>
[  262.025992][ T9813]  dump_stack_lvl+0x16c/0x1f0
[  262.026012][ T9813]  warn_alloc+0x248/0x3a0
[  262.026026][ T9813]  ? __pfx_warn_alloc+0x10/0x10
[  262.026038][ T9813]  ? __mutex_unlock_slowpath+0x161/0x790
[  262.026066][ T9813]  __alloc_frozen_pages_noprof+0xe9b/0x2440
[  262.026085][ T9813]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.026101][ T9813]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  262.026118][ T9813]  ? __kmalloc_noprof+0x32f/0x870
[  262.026127][ T9813]  ? comedi_isadma_alloc+0x10d/0x6e0
[  262.026144][ T9813]  ? pcl816_attach+0x901/0xb20
[  262.026158][ T9813]  ? comedi_device_attach+0x3b3/0x900
[  262.026170][ T9813]  ? do_devconfig_ioctl+0x1b1/0x710
[  262.026193][ T9813]  __alloc_pages_noprof+0xa/0x30
[  262.026204][ T9813]  __dma_direct_alloc_pages.constprop.0+0x4c5/0x950
[  262.026227][ T9813]  ? __pfx___dma_direct_alloc_pages.constprop.0+0x10/0x10
[  262.026248][ T9813]  ? dma_alloc_from_dev_coherent+0x2e4/0x570
[  262.026264][ T9813]  dma_direct_alloc+0x8f/0x580
[  262.026284][ T9813]  dma_alloc_attrs+0x185/0x2b0
[  262.026300][ T9813]  ? __pfx_dma_alloc_attrs+0x10/0x10
[  262.026315][ T9813]  ? dma_direct_supported+0xca/0x220
[  262.026328][ T9813]  comedi_isadma_alloc+0x3de/0x6e0
[  262.026348][ T9813]  ? __pfx_comedi_isadma_alloc+0x10/0x10
[  262.026366][ T9813]  ? request_threaded_irq+0x2c8/0x3e0
[  262.026380][ T9813]  pcl816_attach+0x901/0xb20
[  262.026396][ T9813]  comedi_device_attach+0x3b3/0x900
[  262.026412][ T9813]  do_devconfig_ioctl+0x1b1/0x710
[  262.026428][ T9813]  ? comedi_unlocked_ioctl+0x167/0x2ee0
[  262.026439][ T9813]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  262.026461][ T9813]  ? kasan_save_track+0x14/0x30
[  262.026474][ T9813]  ? __kasan_save_free_info+0x3b/0x60
[  262.026485][ T9813]  ? __kasan_slab_free+0x5f/0x80
[  262.026498][ T9813]  ? kfree+0x29e/0x710
[  262.026506][ T9813]  ? tomoyo_path_number_perm+0x470/0x580
[  262.026520][ T9813]  ? security_file_ioctl_compat+0x9b/0x240
[  262.026535][ T9813]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[  262.026547][ T9813]  ? __do_fast_syscall_32+0xe8/0x680
[  262.026565][ T9813]  comedi_unlocked_ioctl+0x165d/0x2ee0
[  262.026581][ T9813]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  262.026600][ T9813]  ? kasan_quarantine_put+0x10a/0x240
[  262.026613][ T9813]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.026629][ T9813]  ? find_held_lock+0x2b/0x80
[  262.026645][ T9813]  ? tomoyo_path_number_perm+0x295/0x580
[  262.026661][ T9813]  ? tomoyo_path_number_perm+0x18d/0x580
[  262.026676][ T9813]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  262.026693][ T9813]  comedi_compat_ioctl+0x1d0/0x960
[  262.026704][ T9813]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  262.026715][ T9813]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  262.026733][ T9813]  ? do_vfs_ioctl+0x128/0x14f0
[  262.026745][ T9813]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  262.026762][ T9813]  ? find_held_lock+0x2b/0x80
[  262.026776][ T9813]  ? hook_file_ioctl_common+0x145/0x410
[  262.026794][ T9813]  ? __fget_files+0x20e/0x3c0
[  262.026807][ T9813]  ? __ia32_compat_sys_openat+0x160/0x210
[  262.026822][ T9813]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  262.026834][ T9813]  __ia32_compat_sys_ioctl+0x242/0x370
[  262.026848][ T9813]  __do_fast_syscall_32+0xe8/0x680
[  262.026865][ T9813]  do_fast_syscall_32+0x32/0x80
[  262.026880][ T9813]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.026915][ T9813] RIP: 0023:0xf700d579
[  262.026925][ T9813] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.026935][ T9813] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  262.026946][ T9813] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000040946400
[  262.026953][ T9813] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  262.026964][ T9813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.026970][ T9813] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  262.026976][ T9813] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.026990][ T9813]  </TASK>
[  262.026994][ T9813] Mem-Info:
[  262.179797][ T9813] active_anon:14106 inactive_anon:2443 isolated_anon:0
[  262.179797][ T9813]  active_file:7271 inactive_file:24079 isolated_file:0
[  262.179797][ T9813]  unevictable:1769 dirty:534 writeback:0
[  262.179797][ T9813]  slab_reclaimable:7830 slab_unreclaimable:60066
[  262.179797][ T9813]  mapped:27393 shmem:10293 pagetables:1039
[  262.179797][ T9813]  sec_pagetables:317 bounce:0
[  262.179797][ T9813]  kernel_misc_reclaimable:0
[  262.179797][ T9813]  free:39298 free_pcp:7 free_cma:0
[  262.196942][ T9813] Node 0 active_anon:0kB inactive_anon:20kB active_file:0kB inactive_file:160kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8720kB pagetables:1460kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  262.226820][ T9813] Node 0 DMA free:2736kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB
[  262.238771][   T49] usb usb38-port1: attempt power cycle
[  262.240982][ T9813] lowmem_reserve[]: 0 291 291 291 291
[  262.243631][ T9813] Node 0 DMA: 48*4kB (U) 22*8kB (U) 6*16kB (U) 11*32kB (U) 6*64kB (U) 0*128kB 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2736kB
[  262.248485][ T9813] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.253802][ T9813] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  262.257390][ T9813] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.260796][ T9813] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  262.264899][ T9813] 39336 total pagecache pages
[  262.266697][ T9813] 271 pages in swap cache
[  262.268527][ T9813] Free swap  = 119816kB
[  262.269991][ T9813] Total swap = 124996kB
[  262.272322][ T9813] 524155 pages RAM
[  262.273590][ T9813] 0 pages HighMem/MovableOnly
[  262.275663][ T9813] 208624 pages reserved
[  262.277277][ T9813] 0 pages cma reserved
[  262.447583][ T9835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1061'.
[  262.473012][ T9835] 8021q: adding VLAN 0 to HW filter on device bond2
[  262.745467][ T9843] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  262.747679][ T9843] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  262.750659][ T9843] vhci_hcd vhci_hcd.0: Device attached
[  262.755485][ T9840] fuse: Bad value for 'group_id'
[  262.757369][ T9840] fuse: Bad value for 'group_id'
[  262.802791][   T49] usb usb38-port1: unable to enumerate USB device
[  262.939381][ T9848] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  262.941560][ T9848] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  262.945196][ T9848] vhci_hcd vhci_hcd.0: Device attached
[  263.031464][   T24] usb 42-1: SetAddress Request (30) to port 0
[  263.033749][   T24] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[  263.231681][ T1327] usb 38-1: SetAddress Request (23) to port 0
[  263.234038][ T1327] usb 38-1: new SuperSpeed USB device number 23 using vhci_hcd
[  263.370663][ T9844] vhci_hcd: connection reset by peer
[  263.373857][   T12] vhci_hcd: stop threads
[  263.375328][   T12] vhci_hcd: release socket
[  263.377577][   T12] vhci_hcd: disconnect device
[  264.831062][ T9849] vhci_hcd: connection reset by peer
[  264.833228][   T46] vhci_hcd: stop threads
[  264.835814][   T46] vhci_hcd: release socket
[  264.838120][   T46] vhci_hcd: disconnect device
[  264.856257][ T9856] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1065'.
[  264.915538][ T5950] Bluetooth: hci3: hardware error 0x40
[  266.190098][ T9894] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  266.192579][ T9894] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  266.195700][ T9894] vhci_hcd vhci_hcd.0: Device attached
[  266.475497][   T59] usb 44-1: SetAddress Request (34) to port 0
[  266.480713][   T59] usb 44-1: new SuperSpeed USB device number 34 using vhci_hcd
[  266.519452][ T9905] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  266.602768][ T9907] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1079'.
[  266.874811][ T9895] vhci_hcd: connection reset by peer
[  266.883423][ T1153] vhci_hcd: stop threads
[  266.887385][ T1153] vhci_hcd: release socket
[  266.892582][ T1153] vhci_hcd: disconnect device
[  266.966198][ T5950] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  267.514726][ T9929] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  268.087507][   T24] usb 42-1: device descriptor read/8, error -110
[  268.327697][ T1327] usb 38-1: device descriptor read/8, error -110
[  268.988963][   T24] usb usb42-port1: attempt power cycle
[  269.169170][ T1327] usb usb38-port1: attempt power cycle
[  269.254405][ T9946] bond3: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  269.261551][ T9946] bond3 (unregistering): Released all slaves
[  269.338954][   T49] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  269.510505][   T49] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  269.514213][   T49] usb 6-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  269.517494][   T49] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  269.529226][   T49] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.567767][   T24] usb usb42-port1: unable to enumerate USB device
[  269.751273][ T1327] usb usb38-port1: unable to enumerate USB device
[  269.819437][ T8360] usb 6-1: USB disconnect, device number 22
[  270.119349][ T9959] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  270.121587][ T9959] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  270.125027][ T9959] vhci_hcd vhci_hcd.0: Device attached
[  270.400669][ T9964] 9pnet_fd: Insufficient options for proto=fd
[  270.403542][   T24] usb 38-1: SetAddress Request (27) to port 0
[  270.408073][   T24] usb 38-1: new SuperSpeed USB device number 27 using vhci_hcd
[  270.559910][ T9971] FAULT_INJECTION: forcing a failure.
[  270.559910][ T9971] name failslab, interval 1, probability 0, space 0, times 0
[  270.563206][ T9962] vhci_hcd: connection reset by peer
[  270.566848][ T9971] CPU: 2 UID: 0 PID: 9971 Comm: syz.1.1099 Not tainted syzkaller #0 PREEMPT(full) 
[  270.566874][ T9971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.566885][ T9971] Call Trace:
[  270.566892][ T9971]  <TASK>
[  270.566899][ T9971]  dump_stack_lvl+0x16c/0x1f0
[  270.566930][ T9971]  should_fail_ex+0x512/0x640
[  270.566953][ T9971]  ? fs_reclaim_acquire+0xae/0x150
[  270.566982][ T9971]  should_failslab+0xc2/0x120
[  270.567009][ T9971]  __kmalloc_noprof+0xdd/0x870
[  270.567027][ T9971]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  270.567061][ T9971]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  270.567093][ T9971]  tomoyo_realpath_from_path+0xc2/0x6e0
[  270.567123][ T9971]  ? tomoyo_profile+0x47/0x60
[  270.567145][ T9971]  tomoyo_path_number_perm+0x245/0x580
[  270.567167][ T9971]  ? tomoyo_path_number_perm+0x237/0x580
[  270.567193][ T9971]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  270.567243][ T9971]  ? find_held_lock+0x2b/0x80
[  270.567271][ T9971]  ? hook_file_ioctl_common+0x145/0x410
[  270.567301][ T9971]  ? __fget_files+0x20e/0x3c0
[  270.567324][ T9971]  ? __fput_deferred+0x440/0x480
[  270.567346][ T9971]  security_file_ioctl_compat+0x9b/0x240
[  270.567373][ T9971]  __ia32_compat_sys_ioctl+0xc3/0x370
[  270.567399][ T9971]  __do_fast_syscall_32+0xe8/0x680
[  270.567428][ T9971]  do_fast_syscall_32+0x32/0x80
[  270.567452][ T9971]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.567476][ T9971] RIP: 0023:0xf704d579
[  270.567491][ T9971] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.567510][ T9971] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  270.567527][ T9971] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007b0
[  270.567540][ T9971] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  270.567550][ T9971] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.567562][ T9971] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.567573][ T9971] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.567598][ T9971]  </TASK>
[  270.567606][ T9971] ERROR: Out of memory at tomoyo_realpath_from_path.
[  270.571285][ T1144] vhci_hcd: stop threads
[  270.643817][ T1144] vhci_hcd: release socket
[  270.645417][ T1144] vhci_hcd: disconnect device
[  270.991368][ T9989] FAULT_INJECTION: forcing a failure.
[  270.991368][ T9989] name failslab, interval 1, probability 0, space 0, times 0
[  270.996952][ T9989] CPU: 2 UID: 0 PID: 9989 Comm: syz.3.1105 Not tainted syzkaller #0 PREEMPT(full) 
[  270.996976][ T9989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.996987][ T9989] Call Trace:
[  270.996995][ T9989]  <TASK>
[  270.997002][ T9989]  dump_stack_lvl+0x16c/0x1f0
[  270.997031][ T9989]  should_fail_ex+0x512/0x640
[  270.997052][ T9989]  ? __kmalloc_noprof+0xca/0x870
[  270.997071][ T9989]  should_failslab+0xc2/0x120
[  270.997095][ T9989]  __kmalloc_noprof+0xdd/0x870
[  270.997114][ T9989]  ? lsm_blob_alloc+0x68/0x90
[  270.997139][ T9989]  ? lsm_blob_alloc+0x68/0x90
[  270.997152][ T9989]  lsm_blob_alloc+0x68/0x90
[  270.997168][ T9989]  security_prepare_creds+0x30/0x270
[  270.997194][ T9989]  prepare_creds+0x501/0x740
[  270.997221][ T9989]  lookup_user_key+0x978/0x1300
[  270.997248][ T9989]  ? __pfx_lookup_user_key+0x10/0x10
[  270.997279][ T9989]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  270.997311][ T9989]  ? strncpy_from_user+0x203/0x2e0
[  270.997335][ T9989]  __do_sys_add_key+0x25b/0x470
[  270.997356][ T9989]  ? __pfx___do_sys_add_key+0x10/0x10
[  270.997374][ T9989]  ? ksys_write+0x1ac/0x250
[  270.997408][ T9989]  __do_fast_syscall_32+0xe8/0x680
[  270.997435][ T9989]  do_fast_syscall_32+0x32/0x80
[  270.997462][ T9989]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.997484][ T9989] RIP: 0023:0xf7f05579
[  270.997499][ T9989] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.997517][ T9989] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  270.997534][ T9989] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  270.997546][ T9989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000fffffffe
[  270.997558][ T9989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.997569][ T9989] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.997579][ T9989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.997603][ T9989]  </TASK>
[  271.164269][ T9991] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  271.166497][ T9991] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  271.170799][ T9991] vhci_hcd vhci_hcd.0: Device attached
[  271.182638][ T9995] vhci_hcd: connection closed
[  271.185779][ T7324] vhci_hcd: stop threads
[  271.188825][ T7324] vhci_hcd: release socket
[  271.190307][ T7324] vhci_hcd: disconnect device
[  271.432380][T10007] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1111'.
[  271.481566][T10018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1114'.
[  271.532257][   T59] usb 44-1: device descriptor read/8, error -110
[  271.572528][T10025] FAULT_INJECTION: forcing a failure.
[  271.572528][T10025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.578168][T10025] CPU: 1 UID: 0 PID: 10025 Comm: syz.0.1117 Not tainted syzkaller #0 PREEMPT(full) 
[  271.578205][T10025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.578217][T10025] Call Trace:
[  271.578222][T10025]  <TASK>
[  271.578230][T10025]  dump_stack_lvl+0x16c/0x1f0
[  271.578258][T10025]  should_fail_ex+0x512/0x640
[  271.578284][T10025]  _copy_from_user+0x2e/0xd0
[  271.578305][T10025]  get_compat_msghdr+0xa7/0x170
[  271.578328][T10025]  ? __pfx_get_compat_msghdr+0x10/0x10
[  271.578351][T10025]  ? __pfx__kstrtoull+0x10/0x10
[  271.578381][T10025]  ___sys_sendmsg+0x1ae/0x1d0
[  271.578405][T10025]  ? __pfx____sys_sendmsg+0x10/0x10
[  271.578424][T10025]  ? __lock_acquire+0x433/0x22f0
[  271.578472][T10025]  __sys_sendmmsg+0x2f9/0x420
[  271.578496][T10025]  ? __pfx___sys_sendmmsg+0x10/0x10
[  271.578515][T10025]  ? __schedule+0x10b9/0x6150
[  271.578555][T10025]  ? fput+0x70/0xf0
[  271.578573][T10025]  ? rcu_is_watching+0x12/0xc0
[  271.578603][T10025]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  271.578625][T10025]  ? lockdep_hardirqs_on+0x7c/0x110
[  271.578648][T10025]  __do_fast_syscall_32+0xe8/0x680
[  271.578672][T10025]  do_fast_syscall_32+0x32/0x80
[  271.578697][T10025]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  271.578719][T10025] RIP: 0023:0xf7f87579
[  271.578731][T10025] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  271.578748][T10025] RSP: 002b:00000000f545555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  271.578765][T10025] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  271.578777][T10025] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[  271.578786][T10025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.578795][T10025] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  271.578827][T10025] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  271.578856][T10025]  </TASK>
[  271.932568][T10028] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1118'.
[  271.942447][   T59] usb usb44-port1: attempt power cycle
[  272.515965][   T59] usb usb44-port1: unable to enumerate USB device
[  272.563699][T10051] macvlan0: entered promiscuous mode
[  272.565625][T10051] netlink: 'syz.0.1127': attribute type 1 has an invalid length.
[  272.568521][T10051] netlink: 'syz.0.1127': attribute type 2 has an invalid length.
[  272.782951][ T5998] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  272.936228][ T5998] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  272.942784][ T5998] usb 7-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  272.947699][ T5998] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  272.950988][ T5998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.961125][ T5998] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  272.973669][ T5998] usb 7-1: invalid MIDI out EP 0
[  272.998783][T10073] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  273.001662][T10073] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  273.012171][T10073] vhci_hcd vhci_hcd.0: Device attached
[  273.029642][ T5998] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -22
[  273.036013][T10073] netlink: 'syz.0.1131': attribute type 2 has an invalid length.
[  273.164880][ T5998] usb 7-1: USB disconnect, device number 31
[  273.674945][T10074] vhci_hcd: connection closed
[  273.675290][ T7324] vhci_hcd: stop threads
[  273.678467][ T7324] vhci_hcd: release socket
[  273.680417][ T7324] vhci_hcd: disconnect device
[  273.919461][T10086] IPVS: set_ctl: invalid protocol: 255 172.30.1.3:20000
[  274.472109][T10099] mkiss: ax0: crc mode is auto.
[  274.519035][T10101] FAULT_INJECTION: forcing a failure.
[  274.519035][T10101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.523755][T10101] CPU: 2 UID: 0 PID: 10101 Comm: syz.3.1145 Not tainted syzkaller #0 PREEMPT(full) 
[  274.523781][T10101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  274.523789][T10101] Call Trace:
[  274.523794][T10101]  <TASK>
[  274.523800][T10101]  dump_stack_lvl+0x16c/0x1f0
[  274.523827][T10101]  should_fail_ex+0x512/0x640
[  274.523851][T10101]  _copy_from_user+0x2e/0xd0
[  274.523876][T10101]  fbcon_set_con2fb_map_ioctl+0x79/0x220
[  274.523902][T10101]  ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10
[  274.523926][T10101]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  274.523954][T10101]  do_fb_ioctl+0x328/0x7e0
[  274.523976][T10101]  ? __pfx_do_fb_ioctl+0x10/0x10
[  274.523993][T10101]  ? find_held_lock+0x2b/0x80
[  274.524025][T10101]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  274.524043][T10101]  fb_compat_ioctl+0x55e/0x670
[  274.524058][T10101]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  274.524072][T10101]  ? hook_file_ioctl_common+0x145/0x410
[  274.524091][T10101]  ? __fget_files+0x20e/0x3c0
[  274.524104][T10101]  ? __fput_deferred+0x440/0x480
[  274.524118][T10101]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  274.524133][T10101]  __ia32_compat_sys_ioctl+0x242/0x370
[  274.524147][T10101]  __do_fast_syscall_32+0xe8/0x680
[  274.524165][T10101]  do_fast_syscall_32+0x32/0x80
[  274.524184][T10101]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.524198][T10101] RIP: 0023:0xf7f05579
[  274.524207][T10101] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  274.524218][T10101] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  274.524229][T10101] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004610
[  274.524236][T10101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.524242][T10101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.524248][T10101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  274.524254][T10101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.524267][T10101]  </TASK>
[  274.702536][T10113] FAULT_INJECTION: forcing a failure.
[  274.702536][T10113] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  274.709028][T10113] CPU: 0 UID: 0 PID: 10113 Comm: syz.0.1151 Not tainted syzkaller #0 PREEMPT(full) 
[  274.709044][T10113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  274.709051][T10113] Call Trace:
[  274.709055][T10113]  <TASK>
[  274.709060][T10113]  dump_stack_lvl+0x16c/0x1f0
[  274.709078][T10113]  should_fail_ex+0x512/0x640
[  274.709095][T10113]  should_fail_alloc_page+0xe7/0x130
[  274.709113][T10113]  prepare_alloc_pages+0x3c2/0x610
[  274.709131][T10113]  __alloc_frozen_pages_noprof+0x18b/0x2440
[  274.709147][T10113]  ? irqentry_exit+0x1dd/0x8c0
[  274.709161][T10113]  ? lockdep_hardirqs_on+0x7c/0x110
[  274.709175][T10113]  ? irqentry_exit+0x1dd/0x8c0
[  274.709189][T10113]  ? trace_irq_disable.constprop.0+0xd4/0x110
[  274.709207][T10113]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  274.709225][T10113]  ? _copy_from_iter+0x350/0x16c0
[  274.709239][T10113]  ? _copy_from_iter+0x161/0x16c0
[  274.709252][T10113]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  274.709270][T10113]  ? policy_nodemask+0xea/0x4e0
[  274.709286][T10113]  alloc_pages_mpol+0x1fb/0x550
[  274.709301][T10113]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  274.709320][T10113]  alloc_pages_noprof+0x12d/0x180
[  274.709336][T10113]  anon_pipe_write+0xecb/0x1990
[  274.709353][T10113]  ? __print_lock_name+0x71/0xe0
[  274.709372][T10113]  ? __pfx_anon_pipe_write+0x10/0x10
[  274.709401][T10113]  ? common_file_perm+0x1b1/0x500
[  274.709417][T10113]  ? bpf_lsm_file_permission+0x9/0x10
[  274.709429][T10113]  ? security_file_permission+0x71/0x210
[  274.709445][T10113]  ? rw_verify_area+0xcf/0x6c0
[  274.709459][T10113]  vfs_write+0x7d3/0x11d0
[  274.709473][T10113]  ? __pfx_anon_pipe_write+0x10/0x10
[  274.709490][T10113]  ? __pfx_vfs_write+0x10/0x10
[  274.709503][T10113]  ? find_held_lock+0x2b/0x80
[  274.709527][T10113]  ksys_write+0x1f8/0x250
[  274.709541][T10113]  ? __pfx_ksys_write+0x10/0x10
[  274.709559][T10113]  __do_fast_syscall_32+0xe8/0x680
[  274.709576][T10113]  do_fast_syscall_32+0x32/0x80
[  274.709591][T10113]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.709605][T10113] RIP: 0023:0xf7f87579
[  274.709613][T10113] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  274.709624][T10113] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  274.709634][T10113] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000640
[  274.709641][T10113] RDX: 00000000fffffc95 RSI: 0000000000000000 RDI: 0000000000000000
[  274.709647][T10113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.709654][T10113] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  274.709660][T10113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.709674][T10113]  </TASK>
[  274.963200][T10134] mkiss: ax0: crc mode is auto.
[  275.188695][T10140] wg2 speed is unknown, defaulting to 1000
[  275.245622][T10143] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1158'.
[  275.366848][T10144] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1158'.
[  275.396301][T10140] lo speed is unknown, defaulting to 1000
[  275.462995][   T24] usb 38-1: device descriptor read/8, error -110
[  275.473710][T10141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.877126][   T24] usb usb38-port1: attempt power cycle
[  275.946101][T10150] fuse: Bad value for 'fd'
[  276.457922][   T24] usb usb38-port1: unable to enumerate USB device
[  276.609906][T10168] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  276.820042][T10153] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  276.822380][T10153] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  276.825066][T10153] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  276.860856][T10170] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  276.863352][T10170] IPv6: NLM_F_CREATE should be set when creating new route
[  277.040089][T10179] 9pnet_virtio: no channels available for device syz
[  277.112147][T10182] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  277.424413][T10197] usb usb8: usbfs: process 10197 (syz.0.1177) did not claim interface 0 before use
[  277.648278][T10201] /dev/nullb0: Can't open blockdev
[  277.654212][T10201] fuse: Unknown parameter 'grou00000000000000000000'
[  277.720830][T10204] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  277.723769][T10204] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  277.727807][T10204] vhci_hcd vhci_hcd.0: Device attached
[  277.990557][   T24] usb 38-1: SetAddress Request (31) to port 0
[  277.993037][   T24] usb 38-1: new SuperSpeed USB device number 31 using vhci_hcd
[  278.099254][ T5950] Bluetooth: hci1: command 0x040f tx timeout
[  278.292166][T10214] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  278.294345][T10214] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  278.297287][T10214] vhci_hcd vhci_hcd.0: Device attached
[  278.298657][T10205] vhci_hcd: connection reset by peer
[  278.300958][T10215] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  278.304232][ T1153] vhci_hcd: stop threads
[  278.305732][ T1153] vhci_hcd: release socket
[  278.308709][ T1153] vhci_hcd: disconnect device
[  278.310718][ T1153] vhci_hcd: stop threads
[  278.312178][ T1153] vhci_hcd: release socket
[  278.314014][ T1153] vhci_hcd: disconnect device
[  278.901202][ T5950] Bluetooth: hci2: command 0x040f tx timeout
[  279.510969][   T49] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  279.607530][T10240] fuse: Unknown parameter 'grou00000000000000000000'
[  279.662509][   T49] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  279.667194][   T49] usb 7-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  279.672656][   T49] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  279.676473][   T49] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.685421][   T49] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  279.688739][   T49] usb 7-1: invalid MIDI out EP 0
[  279.708792][   T49] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -22
[  279.878065][T10244] mkiss: ax0: crc mode is auto.
[  279.888311][   T49] usb 7-1: USB disconnect, device number 32
[  279.952683][T10246] comedi comedi0: c6xdigio: I/O port conflict (0x109,3)
[  279.955108][T10246] ==================================================================
[  279.957826][T10246] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[  279.960540][T10246] Read of size 8 at addr ffff888049862230 by task syz.0.1193/10246
[  279.965452][T10246] 
[  279.967035][T10246] CPU: 0 UID: 0 PID: 10246 Comm: syz.0.1193 Not tainted syzkaller #0 PREEMPT(full) 
[  279.967061][T10246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.967073][T10246] Call Trace:
[  279.967080][T10246]  <TASK>
[  279.967089][T10246]  dump_stack_lvl+0x116/0x1f0
[  279.967120][T10246]  print_report+0xcd/0x630
[  279.967145][T10246]  ? __virt_addr_valid+0x81/0x610
[  279.967172][T10246]  ? __phys_addr+0xe8/0x180
[  279.967198][T10246]  ? sysfs_remove_file_ns+0x63/0x70
[  279.967227][T10246]  kasan_report+0xe0/0x110
[  279.967252][T10246]  ? sysfs_remove_file_ns+0x63/0x70
[  279.967282][T10246]  sysfs_remove_file_ns+0x63/0x70
[  279.967309][T10246]  driver_remove_file+0x4a/0x60
[  279.967330][T10246]  bus_remove_driver+0x224/0x2c0
[  279.967357][T10246]  driver_unregister+0x76/0xb0
[  279.967376][T10246]  comedi_device_detach_locked+0x12f/0xa50
[  279.967402][T10246]  comedi_device_detach+0x67/0xb0
[  279.967423][T10246]  comedi_device_attach+0x43d/0x900
[  279.967446][T10246]  do_devconfig_ioctl+0x1b1/0x710
[  279.967471][T10246]  ? comedi_unlocked_ioctl+0x167/0x2ee0
[  279.967489][T10246]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  279.967519][T10246]  ? kasan_save_track+0x14/0x30
[  279.967542][T10246]  ? __kasan_save_free_info+0x3b/0x60
[  279.967585][T10246]  ? __kasan_slab_free+0x5f/0x80
[  279.967609][T10246]  ? kfree+0x29e/0x710
[  279.967623][T10246]  ? tomoyo_path_number_perm+0x470/0x580
[  279.967646][T10246]  ? security_file_ioctl_compat+0x9b/0x240
[  279.967671][T10246]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[  279.967690][T10246]  ? __do_fast_syscall_32+0xe8/0x680
[  279.967719][T10246]  comedi_unlocked_ioctl+0x165d/0x2ee0
[  279.967747][T10246]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  279.967769][T10246]  ? kasan_quarantine_put+0x10a/0x240
[  279.967791][T10246]  ? lockdep_hardirqs_on+0x7c/0x110
[  279.967817][T10246]  ? find_held_lock+0x2b/0x80
[  279.967842][T10246]  ? tomoyo_path_number_perm+0x295/0x580
[  279.967867][T10246]  ? tomoyo_path_number_perm+0x18d/0x580
[  279.967890][T10246]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  279.967915][T10246]  comedi_compat_ioctl+0x1d0/0x960
[  279.967934][T10246]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  279.967951][T10246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  279.967976][T10246]  ? do_vfs_ioctl+0x128/0x14f0
[  279.967994][T10246]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  279.968019][T10246]  ? find_held_lock+0x2b/0x80
[  279.968043][T10246]  ? hook_file_ioctl_common+0x145/0x410
[  279.968069][T10246]  ? __fget_files+0x20e/0x3c0
[  279.968092][T10246]  ? __ia32_compat_sys_openat+0x160/0x210
[  279.968116][T10246]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  279.968136][T10246]  __ia32_compat_sys_ioctl+0x242/0x370
[  279.968159][T10246]  __do_fast_syscall_32+0xe8/0x680
[  279.968187][T10246]  do_fast_syscall_32+0x32/0x80
[  279.968213][T10246]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.968236][T10246] RIP: 0023:0xf7f87579
[  279.968251][T10246] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.968267][T10246] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  279.968285][T10246] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  279.968298][T10246] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[  279.968310][T10246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.968321][T10246] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  279.968333][T10246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.968351][T10246]  </TASK>
[  279.968358][T10246] 
[  280.108202][T10246] Allocated by task 49:
[  280.109930][T10246]  kasan_save_stack+0x33/0x60
[  280.111549][T10246]  kasan_save_track+0x14/0x30
[  280.113139][T10246]  __kasan_kmalloc+0xaa/0xb0
[  280.115287][T10246]  __kmalloc_noprof+0x32f/0x870
[  280.117513][T10246]  snd_midi_event_new+0xa1/0x210
[  280.119277][T10246]  snd_seq_midisynth_probe+0x736/0x15f0
[  280.121143][T10246]  really_probe+0x241/0xa90
[  280.122664][T10246]  __driver_probe_device+0x1de/0x440
[  280.124617][T10246]  driver_probe_device+0x4c/0x1b0
[  280.126885][T10246]  __device_attach_driver+0x1df/0x310
[  280.128949][T10246]  bus_for_each_drv+0x159/0x1e0
[  280.130589][T10246]  __device_attach+0x1e4/0x4b0
[  280.132212][T10246]  bus_probe_device+0x17f/0x1c0
[  280.134020][T10246]  device_add+0x1148/0x1950
[  280.136115][T10246]  snd_seq_device_dev_register+0x3d/0xf0
[  280.138175][T10246]  snd_device_register+0x156/0x1f0
[  280.139902][T10246]  snd_rawmidi_dev_register+0x972/0x1280
[  280.141773][T10246]  snd_device_register_all+0x10f/0x1b0
[  280.143745][T10246]  snd_card_register+0x106/0x7c0
[  280.145987][T10246]  try_to_register_card+0x1d6/0x3a0
[  280.147735][T10246]  usb_audio_probe+0x10f8/0x3e80
[  280.149616][T10246]  usb_probe_interface+0x303/0xa40
[  280.151950][T10246]  really_probe+0x241/0xa90
[  280.154017][T10246]  __driver_probe_device+0x1de/0x440
[  280.156428][T10246]  driver_probe_device+0x4c/0x1b0
[  280.158750][T10246]  __device_attach_driver+0x1df/0x310
[  280.161192][T10246]  bus_for_each_drv+0x159/0x1e0
[  280.163439][T10246]  __device_attach+0x1e4/0x4b0
[  280.165608][T10246]  bus_probe_device+0x17f/0x1c0
[  280.167838][T10246]  device_add+0x1148/0x1950
[  280.169583][T10246]  usb_set_configuration+0x1187/0x1e20
[  280.171457][T10246]  usb_generic_driver_probe+0xb1/0x110
[  280.173312][T10246]  usb_probe_device+0xef/0x3e0
[  280.175569][T10246]  really_probe+0x241/0xa90
[  280.177693][T10246]  __driver_probe_device+0x1de/0x440
[  280.180067][T10246]  driver_probe_device+0x4c/0x1b0
[  280.182320][T10246]  __device_attach_driver+0x1df/0x310
[  280.184725][T10246]  bus_for_each_drv+0x159/0x1e0
[  280.186687][T10246]  __device_attach+0x1e4/0x4b0
[  280.188503][T10246]  bus_probe_device+0x17f/0x1c0
[  280.190480][T10246]  device_add+0x1148/0x1950
[  280.192624][T10246]  usb_new_device+0xd07/0x1a60
[  280.192648][T10246]  hub_event+0x2f34/0x4fe0
[  280.192669][T10246]  process_one_work+0x9ba/0x1b20
[  280.198676][T10246]  worker_thread+0x6c8/0xf10
[  280.200812][T10246]  kthread+0x3c5/0x780
[  280.202663][T10246]  ret_from_fork+0x983/0xb10
[  280.204710][T10246]  ret_from_fork_asm+0x1a/0x30
[  280.206785][T10246] 
[  280.207862][T10246] Freed by task 49:
[  280.209560][T10246]  kasan_save_stack+0x33/0x60
[  280.211725][T10246]  kasan_save_track+0x14/0x30
[  280.213829][T10246]  __kasan_save_free_info+0x3b/0x60
[  280.216109][T10246]  __kasan_slab_free+0x5f/0x80
[  280.218168][T10246]  kfree+0x29e/0x710
[  280.219666][T10246]  snd_midi_event_free+0x3b/0x50
[  280.221326][T10246]  snd_seq_midisynth_remove+0x1d9/0x4e0
[  280.223157][T10246]  device_remove+0x125/0x170
[  280.225118][T10246]  device_release_driver_internal+0x44b/0x620
[  280.227696][T10246]  bus_remove_device+0x22f/0x420
[  280.229854][T10246]  device_del+0x396/0x9f0
[  280.231733][T10246]  snd_seq_device_dev_disconnect+0x38/0x50
[  280.234250][T10246]  snd_device_disconnect_all+0x111/0x220
[  280.236605][T10246]  snd_card_disconnect.part.0+0x3e1/0x8a0
[  280.239062][T10246]  snd_card_free+0x10e/0x190
[  280.241016][T10246]  usb_audio_probe+0x117c/0x3e80
[  280.243116][T10246]  usb_probe_interface+0x303/0xa40
[  280.245348][T10246]  really_probe+0x241/0xa90
[  280.247372][T10246]  __driver_probe_device+0x1de/0x440
[  280.249712][T10246]  driver_probe_device+0x4c/0x1b0
[  280.251857][T10246]  __device_attach_driver+0x1df/0x310
[  280.253734][T10246]  bus_for_each_drv+0x159/0x1e0
[  280.255403][T10246]  __device_attach+0x1e4/0x4b0
[  280.257056][T10246]  bus_probe_device+0x17f/0x1c0
[  280.258751][T10246]  device_add+0x1148/0x1950
[  280.260338][T10246]  usb_set_configuration+0x1187/0x1e20
[  280.262182][T10246]  usb_generic_driver_probe+0xb1/0x110
[  280.264083][T10246]  usb_probe_device+0xef/0x3e0
[  280.265806][T10246]  really_probe+0x241/0xa90
[  280.267416][T10246]  __driver_probe_device+0x1de/0x440
[  280.269197][T10246]  driver_probe_device+0x4c/0x1b0
[  280.270950][T10246]  __device_attach_driver+0x1df/0x310
[  280.272774][T10246]  bus_for_each_drv+0x159/0x1e0
[  280.274451][T10246]  __device_attach+0x1e4/0x4b0
[  280.276106][T10246]  bus_probe_device+0x17f/0x1c0
[  280.277717][T10246]  device_add+0x1148/0x1950
[  280.279300][T10246]  usb_new_device+0xd07/0x1a60
[  280.280920][T10246]  hub_event+0x2f34/0x4fe0
[  280.282416][T10246]  process_one_work+0x9ba/0x1b20
[  280.284144][T10246]  worker_thread+0x6c8/0xf10
[  280.285684][T10246]  kthread+0x3c5/0x780
[  280.287090][T10246]  ret_from_fork+0x983/0xb10
[  280.288599][T10246]  ret_from_fork_asm+0x1a/0x30
[  280.290207][T10246] 
[  280.291145][T10246] The buggy address belongs to the object at ffff888049862200
[  280.291145][T10246]  which belongs to the cache kmalloc-256 of size 256
[  280.296930][T10246] The buggy address is located 48 bytes inside of
[  280.296930][T10246]  freed 256-byte region [ffff888049862200, ffff888049862300)
[  280.302914][T10246] 
[  280.304021][T10246] The buggy address belongs to the physical page:
[  280.306895][T10246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49862
[  280.310784][T10246] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  280.314525][T10246] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  280.317907][T10246] page_type: f5(slab)
[  280.319677][T10246] raw: 04fff00000000040 ffff88801b442b40 ffffea0001370080 dead000000000002
[  280.323408][T10246] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  280.327167][T10246] head: 04fff00000000040 ffff88801b442b40 ffffea0001370080 dead000000000002
[  280.331103][T10246] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  280.334915][T10246] head: 04fff00000000001 ffffea0001261881 00000000ffffffff 00000000ffffffff
[  280.338684][T10246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  280.342520][T10246] page dumped because: kasan: bad access detected
[  280.345382][T10246] page_owner tracks the page as allocated
[  280.347930][T10246] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5951, tgid 5951 (syz-executor), ts 55730161932, free_ts 55407890510
[  280.356962][T10246]  post_alloc_hook+0x1af/0x220
[  280.359269][T10246]  get_page_from_freelist+0xd0b/0x31a0
[  280.361703][T10246]  __alloc_frozen_pages_noprof+0x25f/0x2440
[  280.364354][T10246]  alloc_pages_mpol+0x1fb/0x550
[  280.366479][T10246]  new_slab+0x24a/0x360
[  280.368201][T10246]  ___slab_alloc+0xee7/0x1cd0
[  280.370186][T10246]  __slab_alloc.constprop.0+0x63/0x110
[  280.372933][T10246]  __kmalloc_noprof+0x501/0x870
[  280.375026][T10246]  fib_create_info+0x53f/0x4680
[  280.377457][T10246]  fib_table_insert+0x177/0x1c40
[  280.379441][T10246]  fib_magic+0x4d4/0x5c0
[  280.381209][T10246]  fib_add_ifaddr+0x16d/0x580
[  280.383245][T10246]  fib_netdev_event+0x38a/0x710
[  280.385368][T10246]  notifier_call_chain+0xbc/0x3e0
[  280.387597][T10246]  call_netdevice_notifiers_info+0xbe/0x110
[  280.390175][T10246]  __dev_notify_flags+0x12c/0x2e0
[  280.392366][T10246] page last free pid 5940 tgid 5940 stack trace:
[  280.394950][T10246]  __free_frozen_pages+0x7df/0x1160
[  280.397106][T10246]  __put_partials+0x130/0x170
[  280.399146][T10246]  qlist_free_all+0x4d/0x120
[  280.401244][T10246]  kasan_quarantine_reduce+0x195/0x1e0
[  280.403696][T10246]  __kasan_slab_alloc+0x69/0x90
[  280.405906][T10246]  kmem_cache_alloc_node_noprof+0x28a/0x7b0
[  280.408578][T10246]  __alloc_skb+0x2b2/0x380
[  280.410606][T10246]  netlink_ack+0x15d/0xb80
[  280.412646][T10246]  netlink_rcv_skb+0x332/0x420
[  280.414843][T10246]  netlink_unicast+0x5aa/0x870
[  280.416996][T10246]  netlink_sendmsg+0x8c8/0xdd0
[  280.419164][T10246]  __sys_sendto+0x4a3/0x520
[  280.421225][T10246]  __ia32_compat_sys_socketcall+0x625/0x770
[  280.423880][T10246]  __do_fast_syscall_32+0xe8/0x680
[  280.426198][T10246]  do_fast_syscall_32+0x32/0x80
[  280.428399][T10246]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.431250][T10246] 
[  280.432348][T10246] Memory state around the buggy address:
[  280.434890][T10246]  ffff888049862100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.438431][T10246]  ffff888049862180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.441993][T10246] >ffff888049862200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  280.445544][T10246]                                      ^
[  280.448364][T10246]  ffff888049862280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  280.451951][T10246]  ffff888049862300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.455880][T10246] ==================================================================
[  280.461339][T10246] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  280.464638][T10246] CPU: 0 UID: 0 PID: 10246 Comm: syz.0.1193 Not tainted syzkaller #0 PREEMPT(full) 
[  280.468762][T10246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.473329][T10246] Call Trace:
[  280.474791][T10246]  <TASK>
[  280.476085][T10246]  dump_stack_lvl+0x3d/0x1f0
[  280.478083][T10246]  vpanic+0x640/0x6f0
[  280.479823][T10246]  panic+0xca/0xd0
[  280.481500][T10246]  ? __pfx_panic+0x10/0x10
[  280.483408][T10246]  ? sysfs_remove_file_ns+0x63/0x70
[  280.485721][T10246]  ? preempt_schedule_common+0x44/0xc0
[  280.488158][T10246]  ? preempt_schedule_thunk+0x16/0x30
[  280.490598][T10246]  ? check_panic_on_warn+0x1f/0xb0
[  280.492873][T10246]  check_panic_on_warn+0xab/0xb0
[  280.495096][T10246]  end_report+0x107/0x160
[  280.497029][T10246]  kasan_report+0xee/0x110
[  280.498894][T10246]  ? sysfs_remove_file_ns+0x63/0x70
[  280.501204][T10246]  sysfs_remove_file_ns+0x63/0x70
[  280.503499][T10246]  driver_remove_file+0x4a/0x60
[  280.505655][T10246]  bus_remove_driver+0x224/0x2c0
[  280.507766][T10246]  driver_unregister+0x76/0xb0
[  280.509951][T10246]  comedi_device_detach_locked+0x12f/0xa50
[  280.512607][T10246]  comedi_device_detach+0x67/0xb0
[  280.514920][T10246]  comedi_device_attach+0x43d/0x900
[  280.516721][T10246]  do_devconfig_ioctl+0x1b1/0x710
[  280.518404][T10246]  ? comedi_unlocked_ioctl+0x167/0x2ee0
[  280.520327][T10246]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  280.522211][T10246]  ? kasan_save_track+0x14/0x30
[  280.523916][T10246]  ? __kasan_save_free_info+0x3b/0x60
[  280.526029][T10246]  ? __kasan_slab_free+0x5f/0x80
[  280.527760][T10246]  ? kfree+0x29e/0x710
[  280.529133][T10246]  ? tomoyo_path_number_perm+0x470/0x580
[  280.531095][T10246]  ? security_file_ioctl_compat+0x9b/0x240
[  280.533058][T10246]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[  280.535492][T10246]  ? __do_fast_syscall_32+0xe8/0x680
[  280.537630][T10246]  comedi_unlocked_ioctl+0x165d/0x2ee0
[  280.539560][T10246]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  280.541572][T10246]  ? kasan_quarantine_put+0x10a/0x240
[  280.543455][T10246]  ? lockdep_hardirqs_on+0x7c/0x110
[  280.545316][T10246]  ? find_held_lock+0x2b/0x80
[  280.546974][T10246]  ? tomoyo_path_number_perm+0x295/0x580
[  280.548898][T10246]  ? tomoyo_path_number_perm+0x18d/0x580
[  280.550894][T10246]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  280.552957][T10246]  comedi_compat_ioctl+0x1d0/0x960
[  280.554874][T10246]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  280.556770][T10246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  280.558805][T10246]  ? do_vfs_ioctl+0x128/0x14f0
[  280.560493][T10246]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  280.562203][T10246]  ? find_held_lock+0x2b/0x80
[  280.563966][T10246]  ? hook_file_ioctl_common+0x145/0x410
[  280.566465][T10246]  ? __fget_files+0x20e/0x3c0
[  280.568645][T10246]  ? __ia32_compat_sys_openat+0x160/0x210
[  280.571234][T10246]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  280.573748][T10246]  __ia32_compat_sys_ioctl+0x242/0x370
[  280.576199][T10246]  __do_fast_syscall_32+0xe8/0x680
[  280.578467][T10246]  do_fast_syscall_32+0x32/0x80
[  280.580661][T10246]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.583477][T10246] RIP: 0023:0xf7f87579
[  280.585326][T10246] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.593865][T10246] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  280.597870][T10246] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  280.602100][T10246] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[  280.605733][T10246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  280.609320][T10246] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  280.612909][T10246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.616460][T10246]  </TASK>
[  280.618608][T10246] Kernel Offset: disabled
[  280.620591][T10246] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:10:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852779c5 RDI=ffffffff9ac310a0 RBP=ffffffff9ac31060 RSP=ffffc90027c47168
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3430383838666666
R12=0000000000000000 R13=0000000000000038 R14=ffffffff9ac31060 R15=ffffffff85277960
RIP=ffffffff852779ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979a3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080002000 CR3=000000007775e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffc900037fff48 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8d89fdde RDI=ffffffff8bd1d700 RBP=00000000f6ffd579 RSP=ffffc900037fff30
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff906604d7 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b5b75f2 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097aa3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f523e9085d0 CR3=000000004ef5d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7396ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffc90007700000 RBX=ffff8880233e0000 RCX=ffffffff86765262 RDX=00000000ffffffff
RSI=ffffffff8676526f RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90000538ea8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=00000000ffffffff
R12=0000000000000000 R13=ffff8880233e16b8 R14=ffff8880233e12d0 R15=0000000000000000
RIP=ffffffff8676529c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ba3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000030022ff8 CR3=0000000077750000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000003850af RBX=0000000000000003 RCX=ffffffff8b5be6f9 RDX=0000000000000000
RSI=ffffffff8d89fdde RDI=ffffffff8bd1d700 RBP=ffffed10037e0000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a672d R10=ffff88802b53396b R11=00000000ffffffff
R12=0000000000000003 R13=ffff88801bf00000 R14=ffffffff906604d0 R15=0000000000000000
RIP=ffffffff8b5bcdef RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ca3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7340bb4 CR3=0000000077750000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000