last executing test programs:

9m25.24840011s ago: executing program 2 (id=417):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = epoll_create1(0x0)
fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000800000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xa800, 0x0)
ioctl$RTC_WKALM_RD(r3, 0x80287010, 0x0)

9m24.950513632s ago: executing program 2 (id=420):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000109b44a78da6a1d0500cd9800000000", @ANYRES32, @ANYBLOB="fdffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
r3 = dup(r0)
r4 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r5, &(0x7f0000009b40)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b7ed4f7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a7890814529440000004e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053b63972d2e9a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8046d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, &(0x7f0000007a80)={&(0x7f0000006400)={0x50, 0x0, 0x4, {0x7, 0x29, 0x100001, 0x24ff871999e0dde7, 0x1, 0x1, 0xd, 0x8, 0x0, 0x0, 0x8, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f0000004140)="0d9ec529eb18ec94a35378619cb10ff8c913f67139447b7ee0cca809e36c363ba1d3975a7446b70c6bdd99e2cff540eda7589ea89efeb498df568916036f0848ede5f089bf502b483c67c0432c34b98b1bc085a99e2981103397e0b0eed2ec64c1075798b56a42ea532091f5326c97622a47c53fbf42e71c3ed4b954c559424b49a13598c6c63ef65b62384b038b3e6e98ebecd178289831eaecd986a01c751e8cca7a57c009f2b5310fe9dd8a63b91c4b5b13d1c44d2b874b32ae3e961b9e96a511ffaa3ed20248dfb470460d305e44ffcd287b355380319fd31f7538c6d00de06ddb8f72b3a59c4699c94d7379e1e190c6dd7786e12096f9e963a038b6b4375535047135ecc07b16035ceeb27ed09d77f52b6eae27a03071e060b05bf347b9ba44a984e5db346d230ae9c5324ecfd4e7725bc5019a9f4d20237c820359d73b82f9c668ae71f6b85d5350140a16f988bb2b8010effb52636e0b728be1b1ed37c1b8868ec67edd52951dbf65b479aa25e92667a98c755d88995e6303a48a64317bd4b201fc6dea59381abfb5e0fb1035bbd32a97a6324b08f404fe3991879a0c6362032864031737941d9cc534697da61a43c8723ecd1062906b65c504d86383cdf9631f228372b13aee64f8ea8db00dffc37fa092ab5daeb7431dab37091c44f91c9202df60876a6e06ceee3e6a095406fe5cc1f83de1a4adf36fbef5a94a622132cc85e56fb53a9cff67bc69a24d8c259ccfe19b1925061f0cad95d6b4158c1394b8acfa9a8f52a566c6cb4e0b14dd30c85b309289a5f395e01d981735f6fce6ab30994643d70b2f322b7a233a339e621ea2eb00a0082a175c231b330a58062680546c28db8ff5b7e66c0e3df0a9b74ab72abfd241fcbe1e3d27a2d1eab44cf88180dcef4482c866324133f9e4780b891a7c5000b005cab0c131c225e944fd1aab5de9e8d17b8770b4472b6e4a13b6cce90ba152e5144acf74cd8a9821ce3eae72dc7ddc81b76482226098329c3a8ecb923822610aa0b086f44329522dd8f9ae355b4666d1a10911ef8e21377578b42fe6ee0b2a77917157488d6e0bb388951f80551dcaebf212b396d1f922aec595bd340390d310f6006c4b3efdd80838f39d25470db39d6205ba8f52bac634f8145a3c10ed007acc2f25c5dbfe911f18f44a0c57cee33725eb8c5f2d9112f91787c2c323b67b67d9d1f593d26430d77189d4678fd8d7c11c1f2d744ad59a03a8cffc52ee0293c90b00d61897c80184aa63fcf43c109b06af20c808035af0a0bf9cbe544681768f92a2ebe3b4458dd020fb0550822bc2f769631e00d63bd91e7100299bbc4ce53a35e993e24028dc5c81d46f5377d21f2f38a9688ed981044346b865161b68f3390a50c2e625052396cdb6637e9434904c63d8ca45aa2325626293cdd9cd0179b1d995be10281fa8d281db16320f520e42af268ff30dc2d8885aa3d9e7f294eadb4d827d195cd5d18632928f2153261345c231efd143288b881638b61dc5dab8114c1948d83b8ac4e278f131ec3eef4e87e43a36f4b41a699a741ef3a7cd4f0bc5dbd2dffb1d223a5c5b38b98e49092631a176d15c4f3c077d639726a3482bf2fdc73c2bdb09208aaf90bc64b5fee89d231bb1679de3e5d31662db2c5824ce9941f94500e5a11b8fe79da548efed8cc44e9bc1d5175dd77fc16f8219a83b83ccca2181bf411b0945312598817e08e5277530eccffff17d198613cc8c991349141ced56e79031ab6cb98f3f39e5f20bac76017083041a1ee99ca257d0e0cf95e59617139afb08cf0c6a607d3f2ac2b5d3f4394a4a063c9769bb884ec522d46138228c7e9b5c7ea5e3a6c70815b565ce15a13fd0a5deb28e710c15fe25c744b430b4f6482532fb96566381c56e12632cab5acb5e08d6f973003c96a7d81ff76966e0f93c83c462bfcef230939e48c4983bfed78f68b0f540d1fff2196cbd1f1c1a1c310ec10f5a2745407000bc6db1fcc8540282cc7e96cf5582c4eaf874a2fe6369534176429b7505eb0aade883260806be2d86a42e76b315a76e5f686ca669f49e1f9054a77b8eaff14a43e9a9801244e8e94ff50a17b60dee0122ea70819bae3375070466c7f202c4ea0fc0c9aaae50c43cb65febea224c2b554e937f67689b3e18ed543749a7ef0997a7a7530b918c4ef935137137e1ee7e6a8919fb76a8f008ddcc2d8b2e18f3eb90f7a13cf4f49170ccf50c75de82e92a5e2d1f311e59071ff202b6cae4d6243fc3787cb9fbd401938cc18dcf5620f8b8f74e9e3b13dcde85ef896f31f5a2458118addae77206ab1506882f91873b4828950a7b91ddae74888155a9c486c7c60492813ac0e33362dc4e21e00538e5b05b78271d82486a0d156d4a5a07085bb1cd74f5d63763f18648a489352b5d05107909fe54b5d332cde2900c82c150b11071e028eeb275cc9a9614f1eda4e4830b128870e732d473100c24152aff2aa1659daa65d7e9591ebfcae5dca4e84c9a0965a01668e59843ef4a093d9b01067a0ae9d09e3d810c2cb63600ee05b10fc8685e8cb150e2d6d75baecfb8762f7a7d131417eb0721e19e1d21f5adcc1e09489f06b81d91b48608107fc7b3853e214a3c786a9812113ccbcf09907506d0e9cd72c79793584b4fe06a18a627bd969f628a5936367961f1e7d117d03a8fabc85f5ecdd0ddcfae49aa293893a2e5ae376be11031abc0e05ff250b35926345b52f8d3dc02b7497f7513e759247353db9b8e493120e73981aef4c4d9747621537a089848754c14cda1cad18084274e98ea2bf7400ca846184e0e31a571f9bd770222b1038a4ce60dcf8fe9cca4d60048cc29c37c1345de992e9dc7128ef093c1ce80232a88a3da7ae8bc87120c5b1f405d5186141288998fed9e021cd0ad6b12b51c217849390be3ea00cbd6c755958140bfb9b2a2765ad1f51ac045fdc5c28ee5886b1436015b88bd90d19328f91394110b0d891678e63b63d6cc4d35279f6f616d7692c6fe177a79d80ae8f7e4ad5078d8d7096f3ee664dcdb2f634eba98f4788de1f5e34f32ef09e2f0aee4fdc5bec4bc4aeec5721ac3a2da1bf52da017c3312095403d50dcde39671242b610f11832773796557f71455376a7741ab242a9fc94464180bf224d5e8c79b462e3a816f6c08ab0f5503386d34ddfd808b4b8d5d333548d4b873923c6c297b2fa1abe433ec9264385c50dca40316c37ed85db382e7c853ba331c727043cb3345de9f89b1c804e98205eda3d6b6e042c9c41877d456dcb8f12663e6dc1ba809229536fbcc4c58d01a137eb80af8596dfc7b5fa7a044cd141238aa82e440526e55a28c4ed2f4b26157a0eebb4a77c5ab66fcce2602e1a70aea07e5e7e7e5321d58ad128a5ea6b574730037f24a7300e0ad6fc96bd18e03763bbbf21bd3c388aff1cc5ea13728ba2f8e1eb70148d2603e55bb01cce0763c2020b5627a0ccb35ae3a9b3df380e6d9800d9506219a90971a3b8bde1dae6a43fce2aaecbc026be8f4e9bd749e10c87ed7d78f92014342fa449eef28e7175548e5a8ec4fe7d31fc86737aee63ef40b54485380b6898161676f0d82f76113b12a529fbce4482dd278a90aa416077c677aea623ddb3761bc81527ab7e3d73a3b4c8c3e4352c7c083cee8953ebd972a83caed837587e8d7cf360f28ce6ca71de75c9174e8744ba1098513bb6c7fdc6a3c7c8e5870223d6cc0b18b5d6edea926d5376aeb85488d3712e8f67128f0d3fb2b42f82363a0d4c1c806ff283f6e4ddc10ce4a0803be66a247207d6606c7dd67cd293dada159016d7fd7e88c4df53d09bdd9fd9fa3c732da45fb92bdf6f442eda15edd97bf1928a7699008f0b482240a684ff5efef0cadbf1b4f16888650d59b2bdaeae0d1112a79c5522dd0933ccc16fed7cd0ccabe929f625de8947b3b1532dc04253cca988a1584df2b31492b19410d6f681d614eaa20029592c00c948a98973a9fba87f1397f8859ba543edeb5c0b0db92f65462a1103947d780b539433332d65bd1418bc00c9e815f73e0cc0aca5fcc9f95f707c455013a55a0c4a29093b05b94edc5b5284ec7ccf3ec091002b4229036c174e2927127f40769ece890612bbeb960d9392f442765a2ca8990c52ad7d4441e975a7cf079d139945f2b2a8a34f0e85d76cbc96efbb52cf8b5ae681234e14b6648244d41cfee2d9b189cd831cc2f31ae7e5f11aaaff1629f8c2cf73494ac38e58da7010dd986f8b6134ee0dabfdcb30617d15720cffbec7651f22253aea21696d2ece4fe026543ea2f3473e4c12e65dbb3cbf764ffa0b3a396382b9b7f0c24eaaf3495554b2319b66f3cabf01a8d6cfd1382d94ab71cd11eae2a42e4dc841d4a9732c395688d3377c8ccff7e3f88a3129855a5f41a7de6b6a9ac40a87c288f4821295edfc4f5b8fe5a1fc0162e9820205c809935cc6047e8a835c651be02fb41c21de30ac770d7a7f2108c6a3f1cf2649cac444f028a6ebf4db422cbbdb7fd0cb39109a3130ffae17810bb58f5c557c99670224c2678fa07f1064911e6c665c0d1c26cd2f40f7089789208a48eb339bb8885910e035b4b8c69b1c3ad79270ac6e70b963493a6628b90501822878cdfac866268d914d8af2814612b0198f9e4c6b48e739e414d61f34e2f69ff7cdc4fc7ffe45a64c5faf191ef6c4e31cecebe09a2f6a63d60926ebaa7e925ccea5c93e403c7ec0ee55423ce4893471440006d4c09c141e489dda5577f73b57ecfc764ee5bc1bc88f7866dc6a494e3ee560c956dc12ae51842030251f1cedf2caca15549d0bb4ee3bef03702197350cd7586b5916ef6a0abcb5f30548d22ce5d8c4dbd82030b8d7b5481c51676b7d14d35c20346c74dcc7d96ea0b13f890f755a219993e88739da8246283ebbd82eb1b15956b5ec16ad523768c19ceba9199f97d7bb43b85fa11349ff7fb89a97b463b34c584ae9e2af6c8f20ab528750a22ff6c2297e400065fbd9a4660ec2c658afff6db9b67070352d2aa5e6cfe534eeb5ff271575b828dfd7f537e3627a1a6419ed0c84297fc3d362a52f3860a2eb7ae0a50f06d3c68c4a1463ec331ead7af2dba792332218b04d5b585de1a471d296df6e10316852d50f211e07643f749a1d75410e66e47db40bfcefe4b708d0b2879a50ccbd85939b89fe4b905a6a89a2d5a4e28d18c048e66108a06d8b6a64ec5737b5ae283d914484167c8ac7dde7ec007aad1999854c4d6a0e5f887f99de3662610d5e8d49bac7d41d6fb7d90b4b04939638e2151ba67e75362aded50edfb7d9919b345b5b7df6a909193ce64b20470e3480c68bd764968f4d8a5779ffd9a35e58558272a214ae26a094360b9f2ec97c5e0a7693f4b7509b962cd8537e90ce7be70b54e9531e7295f894b94566df49c50c2265842392dff50e17ed3f7beb9ba4ad0520a73db1d8d3b39759e7fffcbf26517316bc74437fef944fc915ec24affc1a53748cfc883e3ddea9e25063ea8383b06f0d5c9db13a0ff335f52699226b391543060ae5e2c25b585b9efdd5ff9495a4873cac58b5feff5f08717b04e81bfea349accc58fcc6a6505de3aa6ff4985d9c38bb83e8daa663ccb356df3ed52343ed7723687e416816f987c565eae22c7548c1d6b56a5b6819583da0ddf92739f65e604e37b3275a6cb1252d4ef7a515c4b1e9068d714be80066bf0d422f1e4d2ce6f95c9eac081d6e4596a6a8e16a57b732b575b7de16f176ff0e34e84b293d3fd77fa30a7b7cf12a1edd54170e56bf7f2d40620ad56acbc5cc615556300ff9e95ce3dda93c8333f23f0d97a5da12a0fe58f95d6b911f614563d343ac6e4f9fee1d149c94fc75a97ac839b6d8d7b27c5efb870d2bfc6dbe6b688490b23597d83982d7858215c59011042b1957a0b386842621c72f89a9b524008794ffa0c179753ab48d0f73e5ff13624b3b90287edaf6a5367dcfe4094a21ffad3e881b428b77ccac6924d5bde9c781d4189654d8f29885fbde07e6334c6406dd3ece359c6ac7c6147f5c4906e56764e9980a669bfdddd9eb780e7f9988630d1eb098b3e4fd4c795f11441fb6d0ff7cf086eb291b1ec8d90092e1eaf9722ccdcd15408617cdb8c49043bf71a6ea0ee6b7e840344fbcd377b995bfb1faf22754fcb363f6c630501b619bbd87cc13d5df0948a176771d2d69236eb50dd313817d9687967e7d71f854db6bff803f4501d999dfe3da37ccfdf894a7914c4c113fa7a18c3468a52d646a5070614a6f02b7ff21c9f6927f5de55be85ba815f4bb9e29f26a94423c58338947c804e0627d69bc5a6e93fc5fe8cae851700253f2d494622c6127b4d77bf54a1ac27957234628cbe2fea1729ec53be7d90806d510ccddfd76fab1b9bf1207db8b05c3eaa88fa4c0a5db13cec9310f4e02c1d8114705446fd6649df3829aa12786b8d10b4540d8c1f1c8208c4b41998435e3fa1ec5199cb2d3d0c5c04c5e0b3ffd69112252106bb39333ff23b38d167a9b45ad1bdabf434c8695e2676d461b34c5f048e70b67a44d824baa090c8be13a22ef0d0970cc7a94ed4b77bfc3a40427c6c11abd2b415817243f6801d535a3adc9924a1671b645100e822a0c1876a37d9c9e230e3d762f1cfbb89a8b28255ba4cc5b46cb1635cf185578fa068b68bac93991982b48e7faacc09745a7e33bb12de6b25a2342a7e03cff06dde29b4d05de84e56c78fc6d9dcd180438da3136767d5846bfe7168faeac5b9434394bd747126c5c1ecc6621d10817ce9b6540433828a3bb8f6da0cd8f2b54a47cd5473f6bc3dc1234bd115a6890aa678d1bce7840d7a4559cda556740860079e46217c20e45ee59b8b7078d9b70cb6a249eb2e5e4071d044f456fb61649f261689b8d7a532afaf88eb30041242ce491fb7e654a1f06add370e2706f75c2fe1afe8e065804414c660ec4d96f496b1ad87592de8b7d04baa7ab142f580f262c64c57fce8ef933f18904f001809cfdf94eb679c9eced5d125b4f1d0064ca2ccf5eaf61bb7841bd408ae213deeb15d860f7ee7224b9d2dd38ee9f6c3fca6590335715c218db8f8c98e6339a6944817a1ce2e115ae984699861631b9893c143f594d6dde0895a0c7edb9912fe9cd8fd0765227b3963033306d15711387044bc373ac10d7be73cd80f1a79cf1ea0989ea9ae8a0dbbd1227bc33df652792a6bd95f1d21c6497c4c35b9a1eadc0217e322285a2eb832753aae74ef42fc983e58a126b7c23e4b0bac16f0de1eff7d41477bb25052f32cc9cc956ebd209d6b945b1fa9182857e180672a6be7edeb5234830668b1ea749d0a0dd3a244684d4dd76221c3bdf98c2f1eacb7a6dcccafd249b0ba2592c88790de40895799ea4dfb045cc2392dbb623bfe420b24e5a425b84a4b24d787a68bbec9db363ac4e9453df597f0224d8b7b21629e1989e53accbae97e189cf9b59ebf8bb89591fe3fda450af548ffc46eff98b5216e238a9246e2fb95810f8f4d89504633a6d223484a765b9e6e5497159b31c51fa6cc10641bafa81b10c5ab853f3136fa1b4334bcbde99cb4689f077ca3c29c2f1aca2a05762943073d5992aac4d9b0d411ba25905c34fd02b8eb7b9db375a6f6516446cc195eb55eda1e007e26328e9e2642a9c4e90c56440cc60a1db77713860a56820901b3022d55c621e9d54f759dd17fc5b59331c63cf30e07081bf0cdee6cc94ddfe8c6179e7ed86607d4ba7d5f1e97fbc1139b43ae5fd04c1c715f4600f028d0852a421d472b1b48e591b6edfebcd86be3db2caf967b06776096e14f0deffc9bb126ec329c49ada996b963e942d9c404967dc23bdbd0eee951b2879f2ef7ae224d4ff25edac4ddeb2c0b8e579af283e87c625d3fae5286fa855930e45207af7054763937a9247dc38e37e6dee2e325b617280846012e463707b6ccfa2fc399a66e534221a45626cd18c79d46f5c77c2d359e19ea870cd230709b5e33cd52fd43388ef91dea0a1e0df6c72688d9fd32bb67f489a3618604ef1dfa0d7f569d40cc68e39994e4edab4007c988998f59485ce4723c1eeb7c72f7e833418bab47735a91c7ab24e8555d2ccf3a812b6c634c0c3a68271ec8b536aaa442e056945feca6fb4e54d2cf60a0334f494b2bdb6fbd597de0ce9d2cf03333a0c7121e086aa4c657360fbfb60f3ce0fc0d90ff12b03464e8ff0e5e546ff79735c5c800a0f9b680a478c772f60173a760e280d8287681986038444f2103e2894d5809d062cfe8380e34bca86475da3d7634131c2a8cdc98c5927bc137db61f94eaf9a74f87cc85072c201766eae17fbd5b732859fb1b1c980b36e377aa41a95bca18ccea529420e742899af7b968c1fb9c0d181da9f86358dbeea877c3e9123a9289c362fa61d96c707ac94b427318a1e5f21078aa9d1fd7a52704e0d73e527f3ca65b7b459734dd30db5335c450f1dbcc1e4259d657d13b6d6b4adddc3d0eae034d1878cd0aa1825991d75f8e6b5b4c0d6d17e8ce709b19ff794a8ef856abdfac65cd13631f1b66b20f2ebf2f3122d18e03cbfff88206a5998fc3cb2b40634fcecdb8f5bdbfe044dbf169ccd2cd60f7bf033272f38f587943fcc75d2d65d9028c02891c8415706c2b2459b7a3c5cc82b0446088d3b3bcc033ad453136afd4ac4678320fc17288dbfa1c5180ad57508a2a298ed4ebc716ede34fded574d9779be5d56517d4dd40f197312390c488f46914b0927b13901ce70c1684801f2811168fab533998a1fdabbb6e683abfa021f6b80077f19455c34cecf5dbdb2fa6e3930eb5940cb14504050cc74249424310dff81116b8f2076b8ebece84c302e758fa90af5a1888aa8a5a2bff4aeb7ebd1c7a216bdbb84bf9c021caf3c8efbfdc5d3aede46381bcda372a5398c89868ad57287736fec2a7e8ed638974fde5875eafa506a6bd7f772d2b221f4bde4920fe0c56f8e0847e2a7e8387c64ddef4203d77a526c46d7871befe0c5f9128bd67319acd963fc040185aac4e7815f728bbd7ffd8f3d125e63320182f202fa9a52505be9585556a5d1308c118ccdf01978027cbace7ab339d6f53d15e795b7f3fedae4f86c3f257ed80ee634375dc2333ceed1ccaeab1b6be7a9611ff33d79dccdec2007558c06dfc06612d56d37882e5f1de340cf05f4fffbe1a5def6d045bc5bdaf633f07360f9028cedd103bf03fec8beb9fdbf8c5fc684d12efae1859c53e2cc3e2f508a9cd0410ec036648d3760dd591f7ae04e4cdd61a2566319c943f0b63d87e422dfe5c0d1edcb2dc515778a0d7bb2c93ced3b1435adbc51d3fdca9c13679397bc4490093d64869998d6a28bb862ead0fa411585289cc00dc199eac6c607b8a84123dad3be80dd8fd86aa202113131046336352235f34c05f5ea6d5265adda98edbbfd11d6839c5b1bfe4fad4e688558d633d4a281df44d9c0a35abd464e01f8ab01a1e272cc8cd155a40b8aca4c6b1dc894c0fdc02f15a8f67ce94c7f99b6fcc0e4a3a8a71365645ad7809d47bb26f46ed8bd02f6e8f3d277224f82f3d41695f367e343ac6d507413f4bdacf9e344a49156c4de36d68c075415f8004748055b38b8a4110f869fafcc59cdae5663eda72a05be365a50e98bfd4b00e35aef687afae7bd6622cdd725326776f6fb1476c8cf8c20a0e5223e2bea494a1bbe4e79b25a5e48ba34bc66a84ecc4a0aba98e74ca2b1f61893e61a29498d855a778a2a9ce7b7fcaa44b4aedcbd0e28d6c49bdb6776975bf69161f372b964e4288ce6a3b877c3126f90c4c9749d45b8c5c840983b035993e484a945be5fc9d2d1bd3f3de4e6de7bc74a7a07b13e9e82acc11db85454f1d928fe52ad42ca783fd20dd3e94471b498c2736af40d2a45ff74f9ef874639e33306daa8a667674571e2ed93a48f49b57e9e3382fa8090774bc795609ee510b6a1ca48d9833819cbe8ac77eeebb0e3b6c59ced2d1ab355264934ff1914a3f654249bba60a692dd36368b8a866b333320e57e9c7d3646c375696ff14e303780ffd7b957d89ccdf57823d2d1e158773c2075233dd2f331eafe3802da683c293eaa24cd8b63a7582ddb202cd6f8c837c74f823727641c7eb680fe51ce7f250adb34956e4cab17b8a5f10edf144c700e376c682dd46c8fc89830fee1a44fafe0a5a2e7581d5d16ad6267d1dc2d5be8547f9352d1591b42de94f2559b44a80038360c6394541a77d95b196558a479b609882fc597b9cbe285ad7c7a41133ed85c8ab6e6dec5bf70f9e787985512d48865022705098a6703b255a6f2b05b62fc7ab32e67f06d785ccb33fb348205a76939e6c2991486c5aae8ec1556b2f8e30ca445a4a495cbf2c6013042b8cea615e58899fccbbf1fc4f17a6dc37e46b17ada0be033dc67904fbd7903086d3417e423af64338426a84ca0c2a3252db62695f9cdf10ebc09b9da5747d30e7f4adfb374e1d2bb24542b0373b1fb897690b49fe24d8575ec9800f019c9c76459421c11f002989ac82c13c04a202cf7f9f38b053f9a680d4d5012887a11d25cad201df20a4eee6d2c0474055579ac729c7514a88b1675bbf6b773448c6c1a5ccd157f44f7e032a6b848f2e734d773f029e48fd13c90d41666f9bd4e9bea91950737b6e7502f9d2677938f240e3f905d6095bb0f8bbe961b99b2d025538c3888bfff8957e3592ee5b26a75399b59c697f59fcdfbbe3bcffb8777340875611bf75486d2378e68de771800bfffe0572fb36ca855ec5fc8cb90c76455773c36ec40b101fb30c48f8a8e775f5220e024b4da9dddc2fcf4da413e7c5db9e0567cbb5fad0c91d779a0939debd9247d3f7d8107fd986f73a9c9067e6594fabde0b9e887040cfbe7d31332f41259de57b38f33275597725392efea51f290b8e1b5c243ffd9eb4c0231600f9b4b204344736849d527156c4720a463bbe88fbbdc333099d949853d5c6fda98bcd35ad3f1fb1d5a7d00541a8a202c8590e35360bb9d25d6431476649e1898f901fad37975d6dce9833956e7a78d0306f533d4aa3c9676017c7abc7e1f8f2f117774a4f5beba55d1c3cd580fb18defccc349cce24e94a4cf1f4c6f45d783ee0167a55369c9b5e1eb6d0a836f3eb2354fad3cd771a9d777ff84c63120baee86ddc52b3e6817dce339ac9c240e75f3e2f77afbffbc1d54eb5936d045370ce3b77365c5320892dc7bc36e488019461d2e552969de9f25bd8de049d693be450c43c5d22d7569fc384e8d56ddb577c5f3c3471f5ba2998bc0c697a06b6d8ba5f2f7236e78aaed69b468e761a5f07145c0326ebb94f50aaa8c5666c92006d8d139036f981003933f8e2eba106a0e251fa9f5407544e44aedbbb271a3bf1c660a9cb8c74dbd0713aaebba2dd046af8b9428709646521d6bf387a92996b35748e1e67b602309b7da0fb642e89de19f550925f4db082ef7e9821ac4b2aee93c9cf791c086751c4cb4172608a4f903dc40727858046851529205b45786e294c17abf5e5f6bc730cbfb8fd977c5501a8140ac7984a267880b53cb94157be9ac157be1cf12d8a9e5612947772b734ed6ae30e548a3b2faecf94a7e03f86317f52ac797aefb957d2a29de8f8ced414ce22c800e0dc7e49d3672fca633248f3e68c00", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x1000001, {0x8, 0x3d, 0x0, {0x4, 0x7fffffffffffffff, 0x0, 0x400, 0xd, 0xfffffffffffffffd, 0x9ec, 0x35741061, 0x10004, 0xa593e9c1ca988eda, 0x3, 0xee01, 0x0, 0x10, 0xe}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f000000db40)="e1c8b131b14aa736394325bbc4ca7d984748e8a47cfc756dd14ae81eb7b452641cf963869ff8ab277ab82973028be089fdc652cf3571d53fdae6ba330aaf7c37032c4250c0bc9808df2f53d8f969ee137389fbe2887f9afbae5292d6a60797c1555509ff21a8cbd71ed08426285a28b42ab772185c6ec40695b204fb7cb95091613da064d62a3e76d97f7f2cafdae286b558dac9e248150ee7bea22ce0cb0e076d93eaa459b18c033f063bebe73997a90bf1b0b3fb66f7316c24ed95dc2aebfa7e337098ec2461af5bfec8e8dd245ba41f6eb4ec7d3326938c9d8bb28840bb222a5f32450291234ec80c5f1cdc3f10193b43d0c9bd75219650e43ebea3696ecd9bbb7f1a6b0f6b3b913c49d27b62a8077777f3318f4d9c19150f6638992ffa58be4681af9e6d142551bc67e359b2acede658a805f0e988fe180d5ac53968aee8f9d2c3caa6abec57fe4dcad2a9490c11adeaf0d1d41c6c449370229f7b647d7d722994f6ef23de19fd8881aa9673555641646a5b7183c626a4ce3ff3d4c86a281e8c06853b8819e7b74c94025661b728b315696e221a53af9ed12c3f42dcd15c69c88685d18324836bf7d9606685beaf2f0cdfb816946950356d3f2a39d5c4ff5ccae8c65ead344b66bded8fc10e4f982590f939b47bde8e5364e570ff4ec3ec1adb3eb1dfefd6a6316a1f319adbfd5c97492ef6a3b4ebc3aab34cb3ff3adec97b3ad042c1548011ee0150364f7e5dda0a993e8fcac90885ca7f2d6371bd0f950bf864ca826046dca1a982a69f71753b00d43865205d17bbc17702f3039d13c87d7beb2c5ecae1edfe94e091b5116808f40654654b60123afb4fd5f47c8099eed95f1ca21c7b53a588b82be769f8fdc5c55bce11f26591af64e6a7385ee9d7724fa4eb0a531dab40dfce42417fb45167ef705b3bf711c8f4ce727f9eb1d398bb54f665292bbb2333dff1a925a830ef45e565aa0e046b7ed2d6fecd8068fe471405390b0161e26c8821b99468846189eeb7cfe2443523b4cafe6ab86a4911a0b1d5c6f5d064f2f1b70ed390954be1d47845f4a520f9f5febd64d496fffda9e36af081ed88a82fb82bc9e59f34ec96e3eabb2cedcba8b985ed35dc962c603a78dc0d7b322bb32b79638492680a87cc622e04c0e4e1fea9f4d3792d5c0ae75b949f9b32193af744abe0c82093de3313b74f0c4e44a8a17f6132d23c5284fa24df04c37420c074b79ba3774521505724871066cd91abf0b99569b4eef0c4176351bc0b470a6c7e078ae36bcbc900eb0bd7bdcaf8aadcf4dc1bc34e39947ba92d9d4a3ab23a02e6e368c742984429e7bde546a545c739469700b6a30191248a26ae626e7a5b9a32e2857c5b57a864f3bd5488796f947c852709115660ad6830ef8aa77bbe541ecd4f0a6c16926c0fcb013a54c63e3417eab8a28f883a12d3711c3e3e41cb7976a41e7869b53e34fd84bb581277d03a031c1180ed990910d809b0963fb4a3f34c79dd04ecaa236c573bb0d39d6c07b4e6a691baccc76a0367584ab97c094272c4d1d54f253e985ef6e6e5b72be8c928bcefe308569314d4931811dd328adc9006fc229150332273a10257feea9d0203eb897c3c6523a4a8920e66ba9308ca98140b3795361236958f368c9f519043ad2bc996c24b5a6dbfcd9effd35439b52408a7d5c919582fcb498c123591518f188662f91e6416178cc0a981acbea6c2e8e4b4993d886ecee9fa1d87eb73be3d8b4effc392e9630390074ecb2fa42d6479e7993067e8df98a12c1d81577918d6f94b2f9543d8de96311de364bc8e4a2c6860d20deb81813160bb04616224a3ebda7ee223f14f6783be9cfccccf5d4b82d19be6889aa2a72d719539939f4d0e97e8286f2da70356638eb569dc62a86361d718d99849c89f58ff4e492dc3fe71af636cb9cf92b4f9d5985b9fca50a8add651d1eca80fd13c3348c029fbfb985e78a839c0820fc62cc94fd3dc7a340c65cf2db71602e0c1f78baf2f5f7094bf54edab96bdff0a0e636f417deaca2b3a84aa7ea47075768b6cee4cf2e0554ee0a37e5ec68808079c56aab3c56d6b16f905724f8d3efe9c95a93868e4e53191128c376dd89d4902f1775e93005e6e44f7bbc8a90a558aa7fdb42c037b132589fa9dd8406dc3b5f4b62273144b5abacc912c53d8e02f985c867122bf19dbc8ab62d41265aef8d2c48e831256eae2b2c3d19eff860c60679f4da610e8b25a505448cce0ff56c2ef99f0025496a184c33a1a0b63b6b5777a99be96c27259b6a33028e79879c2d07c27d103b22b716a876b04caeb25088a323848f22ed21d16f8ddc778e7da6ee36d96a8db4c0b5271c03bb03b51c42116c56fbaea98218b84af18a0131ab6d449d1cfa82bfbf2077a18ed9e02c6b17c6b0d2549a7c2662862a2f61404ad666e8878cc0a9f40816404bd87d9bc34855be91a583bbfc94bb51d6c55b4fb095dd8097b64c03952ca764aa0c59adc254c790f328015280ceeca8cfdc0d43a68f473a118d5026b73f9a17ae67ac3afc2e1e7438dcf4ce5edbda15e904c1e2044da3bd94dfd739dfee3699a87875124bcf61948355b325d6c0d7372ce26810e2a4d85cff35102503718367e89f582ad46c799872ad77989a480b323db3d53f105afe64bbb537754c7e056be72327a544ff94cd0bcfda903646e2fd2cdab0ff0a469072b7b81a0cbb1cbcfe9e65529494a82c0f67d0f3dd54ce145e5110d4a48247a344ebdc8c51d784e8b67e6587c02ea33906c929a6f002a493c353e175e4e66326a4bfec11e1e401d06f3b24aa3ea557e5317974a083de801ab5fff56e651646d46def9e085050e9d27305178bb8428c074dbea3c5b4ce8822ae7df5f198787bc0a791a41e4846a89d994b838447eb90d64e918a342f0b766daf6c9c61d420e886aef4b2a26f698b22b0c758952906fd2183976e2a7ab06e2c99a2c991389919594634a27d291f16c6be1b6c5e14ab734a20f77f0052f54b32b5c0783925aedb48b4e7be0faed9eefdb6ef06c6aa6cae5de7fa841c49a14e1bb1e69d4078dbafef11f944b81bc594e50e2969e4a0f76b0ca6fcbc927b1b364251f3e2f220949a045b0906e11926cee6509202c19adffdaf1afe87b5f8890d2052f970f3f157bac040c94639d222c9bb4c3a143e24a736ebc9d8447b44cf15d34fed079c38bc5c361c0ad3f2555493a726b9bb092381686830b4db3ca1d269921d749f28bd53afd0945aa9267563ff0fc43d47e62df390428179e64e9a6ea92ec7c8acd3cf1e52895ddb5224383721c6a987ea28352c86972844886e9ef424ed0976229845cee48db949d361cf9767c2d6a5fc67539d50ba5c6e3604fdf80bbf969a28aff4a3f2bd5bbe5795c7929f52e12d6cb33543bd5f7191ec7c6e7aa3f4e6bba0e8caf8105bf2c7c1bdfc27e7d7b42a5bbf9c384d446267ac7a9edcaccc11e0818ac745cfc80bdc0cd195fc9eae2af15c1dd68d0e2276f880af8b6131f124046731d1f5ce525ac025fcf2668e690776112648f0ec87cc00a3d6601905c6e816fb03386b37b99381e25126618c0471b53f9c30d0e85badecfea1571368e208479e5f9b6b24ad541d412d1436bb201082fc5f47608ca699bdf1a9392a07b253b5a32ccc811a45027d9bc8229c4f1859ec72eb8926f383f2c27be602b841d7c6aef65f3e8bf0e476b65cd8bf88d6a7f210f1dadad1c6223c5d0f983057ba0630cca784efdf6df84c008c8e4ba685a50b1a2e609b957a414ed5e286914e004ecf7d9f40d41dda5c5424344be5f9ad54cc3f40d9ffc81993f350e24c7e5a54717a8dcb9448b591837914e4d589a5936ae77e3e96364a9ff0bf7aec6fd6d12f546ea33a71bca1c5c30a35082f796a6ee8d02adb01ae8053b65ceeec7fae4072404fa4c68a01e8dffe7110b8bfac050e03f041fb9bfa9377eea640246d6c6ca3ddf854b76030cae53364b4ce17c81609c9840b09393f890a4f9bdbc339b611570e199176fda70220cd7fdff7d3cbf2e543ec67e3c7c4036ce41d56e8d097387f8ef56178ab97d56d1f9ec6c4c14aa66f789171a819d0a6f4319941f2febb292af41c8139bf3e8aa26a8ce583750c2f578e3378b2c5887021ef72224f16ecf4c54d6da7fdfd7eee1ed81ca10a2abdc304a9d6b9a5d46d5ab50290dc92d3300ad6a6dafed79698d445c2ddd6c2b1d3d61d2b1776e52f21a96fede1bf19e2cd95653a05102e333a28f7fbaf1710a40266340071cb666fc57a014754e6a1669a2d6f45948103a5f9beec467e1eacd8a78618366aab5452c24f2d42662d8b478c48d11ff471ccc2d1ca5b83cab321ba5a0b0adedf54628ded4eed6c2be5544978fa172dddeb4ceb2f0deb651fc1d8c5a0348a6e842ac7bfee9389fcce13b667fcc1c9cd5ad77b2c330bcd0075ffa81f32233ce144350db98c70311afc8d782be4a39867b02fd133750544484eea7f073566493b7718e0811fbb314c288e8ebcaf03d1bb33e6a58f46a2c5246d0dfa61b33c0d2f39e0837714727201aa88971cd30f9acb48cd18e4506e3f2bb8edb5525c16b2d8b7dcd9b2785f06722fed7f03099ddc5df7bf0bd50e9f91abee7e3d6589533a60542370c9c8b46a46d191adb1f202b5037e111c3a8dafc6557b9932875037822b74e55af36e0352efa7605b1b22fc0792b4363f9d0853c2a6575af304fd2fb3c89e2317f30d71bb1b0ea713089b795f698209d62f3fb301f7913404ddb3d7e2f748a8fcfb6b72b43843fc3187061284da035ab4c998ce820b0d86c3626d0ad5ba1f567375cfbafa63509a5d148be5f13535fb953e7461a395cfca953041ee7d1c62c95900cc7f54e024022425288c7462ccee0687834088a11c20525abf8457ce1327be7982b386d28b45ee919a22bb0280b28c1b5c718200c87f59d1c342782c4cf0d6f98b549fd87dabec608b770acf59f18c083d2ac98367b3628b22611c1fd6aa849455207f03de3d852a6a4ea098084210ffa7e78c86f7ebbc5b74f6ac8bcd23e5898532b267320e6c629236de5d2a5c8be3d7a3d630b67a123ee140172f19a95561367841b455713dc09a5259b8d8bc66522c056d6a321f5b157edf79d134e879ab99310a66ee329a9f0b131d77785c4ef6ba47b93256f0c4d90d2e58ef7557bd8708c610f82898de5fbb3e2aca3bec1945302b4eb5167254b71f96b4c089a879827d61cddf8b24141e3a590c4b07bfa4880ea7d464a20cd7c469b2eb088d84adf51b1d4d56b4d2885f1c7941b2a58e53f1855fb40cd2236520b4d7040f378e6c189b9d8c8e9e309b3e855baa385c1e344bfedf9cdec2ecb321d6d4b281e83a82abc37e66f201f660019f041c50068c39cb371a54dc11c89f3856777dda789bc9356229f9370f8ef89f6b1fb1e548d60845e7c46e6b54e760c889450f9629f40f0442de26062e357d2bcccd9e1eee157e53f0d824302292d6b723c4b2bddc49763f06864c3f0bdfc15d1823d2f7e25112f74b6f9675f010c9fad68d4e926cc34fad0a1d276092b20be7c514b10d25b4f4c5eadb6c78432b9ddb7f6ef6b8fd43ef26c6fb465d6c397af0206f0036ca5fc7b9357f696f038ff1d7e62d4054f404ab0ffac2d02850e383ede6ee8cfe63425e46c3ad184aed8834e559e2336109190413ac8fb314973f37e106b60c4a0adccce08a4f235c493370ed1d02681cf1b51ef0cb43bfc0e0e711dbae5b377f7ffec205ec5c1f831264411f95e6c23f87b4f5cc8ebdecd021f06a396b1179fe9d04b715a6f43ab1a65950bbd1e33bfee62fcf839a87acdc174147ec4f84146997b60c4c2f1c518db980b09f8cd8ed64c962a9c3847febf26db7bd40f5c46ccafffd392e16931d341ac83b4643b4bfa01bc7daa839fdd6c8846c836c31b4ea68eef8b71750e04deddab4e0fd37ec33cab67b163b3e2c8fc1e970ec382dd917df7553960b2c2465886cc74ef9cf9a30351f43fb60ea3fd647a1ae2f0ceb03a4c8a142fb5557b3f5371925bc910c3fde025610c9570cd4a530d3bbd7f02374bc6f4d226e344efb44d986fbe65777bb7685f2845f3a42481eae706d41bb46294d7fcca63d1da8afb861cdb8ab7b9e9953b5041df3ed1329a2d4559ab36d98e79967cddba68b1c32cacef387111f006f10b18cf92d42a33372d8f24197e6178c1b980d1a6bce6337566fc8da631eb0f215fca41a61cfba860e638429924f93a938e3f0f33dd0edd95bfdcafcf013b873aee566c922ab580fda1cc31367965605a9f876240dc27ca8692bafe5250cb1415b146cedfd09f576f67c1347d0adcac5fb11e024df1703525cb254c038000ce086f418fb82ac91786361583e14671da2921296323b46c070b5d6687b98f58a3996019bf0f005728f1487e9251d81a5bd4cf3b74ae6a422694cf85c7197475f2a3da9b32c49253f8548a11301ec16b677f240e5ba3d94b9bbb7223e723537e8968e417477a637e088c8094551a6926a1b87c7075254b79a3b74805c9a801d5fdc48a280c1ff530adf47520e3b7817c50ca92b9e49d9a791d69fcc0c732ea4e88f991d4d2c1b371212f84756daa61169e87185fb76205e1bda1910c7d539283665d8b098f6bfbc9edaa97dfe25365b2532724bfa2dded99f82c1707623df497991f4902845b7984a1974807cf7d16490d5aae2da693a1c164704affcd3e75d86b83ac47489f85386ff54ca6a12013dd479bb86e15229a94faebc8e299384682bcd42adea70da7544a7393a32fbd7caba749284fa431840f5c06cff4cca12456dd987f37edd8624d0b22b367948b9b52076f9a2fd49277559950db578620bbbb0f6bd1184e12b17c4900358c05d7f203b8d5f2f947fdd0debd5bfe12f01e2a2c2382dede7c0b9619c4f6c584c249ab3820c3b85c4eef63e4e4fb8de5de482ffd34b929bafed842bffa08510295e3e64de35ff65b38a49b3d6ca84c600024644aacdad7593ef634387ceae6ebb8b32d20fdfdd968c4f71cbff5999ad050f3436ca45e3ff352770821d026bc3b20e09e6c5952a01aa84041acfa0894d5ad0168256a6d25f0d3c38e4a214ba88d98f237b06cf9c2bb7a26ad62cd2ed1fc75a25b9a1836f124003fd71a919cb7fa18139da6dd5c5c8c1e833571dbdd2e92f5808991c0588ff72e75d0dc7ec3c80371d77ed0b68fb68284de499772d648ff6a158c6a5b76b129e7fe5c8fdbcf665f39cc9195e43194343c037fb887a666bc469530959d18eeb2084854f8d006d99063c8398600f3be528ce74ebcae937c8d9d37be9edbfa5fea21e1425b396f0cbe039fb4967c59c8855dd723dd7a6c2b3826e86270b5c8773ed69b22a3c9ec3da17a694a0503294a4d7f8a6fd7efc5f0b093b9882ae48725e687b928c9b46bb97e88d270933736182491ecf0268acde6846e0b2f2666eb2773db5cb163dc7e7d01800f1807ac83ccdd52d8a44cebb35826e02a769e0df703512675f09a0d650db34fdb55aec13cf69402edd9d047a8a31a370dab37c6265ee0e79807d70923e4fe0f0cc996ec6e85368acf36354cc9c29541e7b0e95463d6ff220917b88dbf7ce91f7df2d30613e5c64c8192567ba4b200977f4f4e6a0f0f3b42e457c92c1b4a967ac340d7dfc56893e38d57b0fe9ffaa632871f171e802aab2bee3459df61fa1118398ac60d762a337d9836dcac14c792debe5bc4024e7216980e546ddeaff9311019ec1a45a8c1bf3ba779e0fec8ff2dc0a4956e88e107c75916a433ceb549b3f93ff2a9ee9de474d5eb9e0dc4425198c7b7d0a44c61f016fcd4abea2edbcf7b68555812865c475f1776991d0b28de7e26e45ac5e284dc0ad386102137d29e10d90e4b739ce760c7494335e634a8365ea69247f90d0130480b0a0eaaf604e4c4fbd679058967410720294502df9df992ff78323403115f58f9191a5880f5565b8879971ce3161e5126d06ce5e65ebbf28c7b170b09f837e506239c24f2339ecb1335262caac69c2ebf775633a65bad4016035400306fbc9708b36ad573c7a36b7db158d6a6d402ae897486a73027616426a4a4e53cbfa01232d92812ac1273015f70543ff59682af1917c7dc13446b3fc740ae8933345aca07909f4ae6d85963f6fa2a9661463493aea7d252c74b43e7eab8ddcea44d8705561846d77cd10054387c4d4dfe15e64dee20b226575a13f664cac50edbfe9b1efa3a1a630a49ca58e771ea5dee2cd15c95435e00e6278232ca62382ffac1cde881710de952ee27be3017257e302525c134fb309977dd8852cf2afddff0b1da1c63d28c21805d9f79a11880deb7cfefb1309e65050bd91b3786fe18a413e66845c7166a794bf4110acee12ad847ff8c39d3dff4e4cc964dd6d8bf6cec5309a684c6c74e60568b59bd4ce099406fb5a646673fe9b79e365de5522e9aac397dd325b8a02c1366ac1181e21978aaf82286ec94c530a3b75e120b80aebebe4e05d2c59471e1f4f75edbe50208188e4e9bc73e585f409ee9e17e8bea151149168cf16082e201b2b4c15c5c20747eeb44ce81059e8cf4f3ec4464df139340509b712b7f5c428d90d5508b240f50e40ab69cbdd6c5741a182b0a768afd7cdf723ff5f42a7239772cb630da7c71bc0b27ccde36a3d3207ed12ba386ee7600bb72df213c2296e0e55f744758f1a8283d843c3810f293fdf0984a5edbc55dfbdd626394dac23841bf9cd7aaeaf545d171b48c74aeb288fcfd9f228152b89d15db38d977489744e28aebe8b15a48ad52c4f6539411c7ad0cc92efd4f1d59367e149c52ce0e9f6081976aacf492e55eea4a7dc357cffaf524851371219f9dfcf92482a230088d0f30e923d6552a2640a7db6984ea33923ceaa4874fa49ef1e9560848fe0a32d0f2c234b4658d4cfc3c43ecb81d193a7bd4098931da16268301c459bbaae4e0b3dfc69fa1056045c35067d336e71d204596231ea1d5418f5365bed9183f1167c56664be00f1846d6c84281341b87489a3d2458b3e77f917c5354e8aaf7454e48cbc1af7fba32cf8bf6ac44dba88c66f2b4348063db9883dbdbb6d361882d7560b2cad60fbe114b7c2364759cb8f35f16f059641a6c45adcb4577d016c76595c302395e6508d494083cfc3930c5dff397d92757b01c871042a72aa32b5a72eb07599392e498c9dc9bf71b65dcc6c41803f3dc586a243c82b18e3768f5e642c9c9610609ed007832c6d7f27d26b822e6adc6c0415b6b9232c03e5ad932e732a6efa598b4afb12a962ead1829678fea551990fdb79d3ebc2729f2ad7f02536f13ef21c011cf0deec97089c796e52de31d074790f6956ff186bc6720e26213bb9e2b4b6771816ffb027925b7d4d27b30650bf24a703a8e26f10578296712acdaad40c85d3f84000d455383ab43acf7ef55a8219b10de33f070c0c52ab14e92bb345cb6dd1d8dc8d45ac4d0da078edb53fae1c7f46c68c05579fb53f15ba99c1836064a87dc2f7d69ed64d7163a4ce4bacfd3050a26711f41438b6848b36732d9a21cf5e78d4f0482162ac52b02e6fedb820447289d178a8686226bb4f18c1614603b880fd625d4d2dbe71ea552b1bd212de25930effc0525a3bc9835b5face3cac5aebef6effd67146cd955aaa3e7c285f11b0722ba484b30029869e61fe9470c44b21ba64526c87da8d08a7555b37d06eb3417a2148e127d899402c1fb1082e6bee0a5623240ac2a3fac6d4e78aa0c6f4b1f9f5bff67ba9ea110e864c64c32e6d74281595c68352f6c4d9b6f4f8f440725a9150f05d256265757fc9470e4b35ea93948b852134485cb5c7425e1fb064cf8dcef8c72ae1d1d98110be6b8b7ff1c0415803d47b71172c423dd5356720e4b2632a934bb3af1ed640c9cfc1319232f39b94b489e0a3dedd3a27ad245be399cc5651764b58d7986de1e1989c8b04744c34cf1d384b28c602a986e141aa7f652b6094ec2a326b729e216eeecc1a1752f4202ba795e8d0a93de0a8d1767bdac1c4757233af8b76e6b3edf84885f4a1573fa8b55356c46e514ef744ec7b38b2ac74c8178a14988eff4968b4719d3b9e01a9dfc94b5731c113feb09bbd52d7e3fecc22be5ba18ec64d82d2559017cecd57a6aa5abe95612101d8873927fdcc4f18480e61dfb2c472ba7cf96258b94868082fa41aa3100e3beed2ff3d06be64e1684d32248b20e512caf4b3d6b9a471db5e901af5407a2725e44aff38f580e6cbe4fdb29bd84e6292721ca47ba4f7d241de257ac06a275bb0e46259fc0d6cb910f7db1526a582cde1249f9254e8fbb71717f683336f04143d326d3ebbe92767df0f5604293b8608a0a2b156aae29aedc2b57b75e8611ba79c58e77547993ba0d4e726093a4218b53a1424a6395c38a9457ceeba5d0f82b40d9d018918fb2f74d0236b76d1527ad14ae483babc3668814d22e80cc7fdafe96b6ad6580e07334a6ccbe3f300a9476c5774c096e641a821048049b8121d4b88001d0b283cffce83f71c79671c76532a14313b5f259b26824d135379b8d6221f4c4d378590c7a3f128c6cb712e3bec01261488132b5cc7c6934d46579857bf2ba7c6c5bb98be345538d0109a00a536f5d100054985755a5415295915d8219ec1b58936f65b60adec12c428c6dbc0b75cbe2669d223330bb7ff0b9b6fa0bbc6c7063dda66e4b2f8ac2bd6a5b57c0a99f5f616b37ded277497599f50be180db6f71fccf4ff3bd059bbc27528a6193424cab672a9a13508daddd3c882cabdb422cc94074e5c435db81c4311d33030a8686a4c7b7ef311a58633e91c682a9419ad93a74d9e1aac0de0e7f678937ce8f2201b6c099c3546ca214aad60fc1faaa6921805855579685ccd72e2d905cbfbb1a8c27ec40b0360b2e47fdb26b52eba733ab17b6338703b90c3e93eb1db7af3cd7eb11e85a5fc072df331f2d29684bc756dbd1514c523d07e24abb55f7ff4a349e685793aa91b5ba08cf1acdf7a6b48960667f7a9973e717341a96c6d37caf59ae6018c3272a94f04b905f442683369ebcef33b9125a6e8e1a7fd104c4dbffac1a0e991faf1b1109924d3facbe19b05f621bfda3115fc737e1e307c5751ec86567059792c6160a423b29b99f7ffe900308fe5bf28cc95bea1c1fbc5beedb960407213e12399a3353f14df343995069f44cca59ca9aa3aec491d55434f2081661a124e46689448fd36eba3ad61ee8bee0499bc74437ed3de727af631c36a2661c35bcc2c3a2b9ed5910602efc18362db7e65b66f704d140e8037c493369d9671254485a60f2de4b6a422110c16bea36893b6ea2be4edb3f34a68600de6d5a73df3e1c521e5abbb75789f293c0f178211fec1e6a28452e60b2a24741e164696e19bb02a993308ccd998058ecccfd6e0a117ba325ec3c81370e2f5e1dcbfb3967f55fcf507c3b450f3b0a84b3a56a3d617b9fd58a057b68a7f44ee6da40b55e2303cec02cfef8a9b71ddc23369d56d3a1e152835e2b012bcd1520fc55fb2becbb9c78d4e1c190affd8ca59c0f7511e8e6527077841bb9a8e563deb40a5d9ff0101293ab2cc5027976250d066f493fd389f1d11220b3b57c02956f2ae28c607f7b012cf402f1df4b3ecb9505eceb48e17da948fefd", 0x2000, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x10001, {0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003}, &(0x7f0000000080)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000240)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x2410}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
readv(r9, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0xe)

9m23.604338128s ago: executing program 2 (id=424):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x441, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = getpgrp(0x0)
syz_pidfd_open(r1, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x4c000, &(0x7f0000000340)=ANY=[@ANYRESOCT=r0, @ANYBLOB="8542e82fd002e0f9daaf8bf3f43a0b5961248af1b2d37d31bc78288748638bfc4e5263f0bfc16a3cb7522982504ffb939def21e238336579cfd55c6b6c65fe99af8e8dd2f163228d47ae31a6db77583240999b902260f24b5815daa6982e1ae1fcbccc2c793da2721b2b50d54041a19ed2b384dacff100164e773d8680e9f88fa4a6c0f9c26790c9c4d044c536c18769d1f11c67d8a800c60a8903369ef8158d61b6b7710cd403da812ee85c130e04ee6d5150870326"])
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r4 = dup(0xffffffffffffffff)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYRES64=r3], 0xf8}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r5)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000800010000000000140004800500030007000000050003000100000008000200010000000800020001000000a00008801c00078008008500020000000800060000000000080005"], 0xe0}}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
openat$userio(0xffffffffffffff9c, 0x0, 0x22242, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
iopl(0x3)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r9=>0x0)
fcntl$lock(r2, 0x6, &(0x7f0000000040)={0x2, 0x0, 0x8, 0x62})
mprotect(&(0x7f00001e8000/0x4000)=nil, 0x4000, 0x1)
timer_settime(r9, 0x1, 0x0, 0x0)
mmap(&(0x7f00000e4000/0x3000)=nil, 0x3000, 0x1000000, 0xa0010, r0, 0xec776000)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x1, 0x1c0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f00000008c0)={<r11=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r8, 0x40182103, &(0x7f0000000100)={r11, 0x1, r10, 0x7, 0x80000})
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000100)={0xf0f014, 0x6})
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')

9m20.663907712s ago: executing program 2 (id=433):
r0 = socket(0x2a, 0x5, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0xf5ffffff, 0x1}}, 0x3c)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000008000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000afa100000000000007010000f8ffffffbffbf7d5c100000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
getsockopt(r0, 0x200000000114, 0x271c, &(0x7f0000000580)=""/102393, &(0x7f00000001c0)=0x18ff9)
connect$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
openat$cgroup_root(0xffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r5, &(0x7f0000002300)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000001200)={0x50, 0x0, r6, {0x7, 0x27, 0x0, 0x500000}}, 0x50)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="73797300000005005f6964"], 0x0, 0x17)
bind$tipc(0xffffffffffffffff, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x3}}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000240))

9m19.604431611s ago: executing program 2 (id=439):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/kcm\x00')
listen(r0, 0x4)
sendmmsg$inet6(r0, &(0x7f0000005780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a'], 0x48)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
pwritev(r1, &(0x7f00000007c0)=[{&(0x7f0000000040)='b', 0x1}], 0x100000000000020e, 0x1, 0x1f5)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=<r2=>0x0)
capset(&(0x7f00000000c0)={0x19980330, r2}, &(0x7f0000000100)={0xc6b80000, 0x2, 0x3, 0xfffffffa, 0x9, 0x1})
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x2, &(0x7f0000000040)=@ethernet={0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x80)

9m19.26049981s ago: executing program 2 (id=441):
socket$nl_netfilter(0x10, 0x3, 0xc)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045011, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x7fffffff, 0x9, 0x31363553, 0x0, 0xa, [{0x4, 0x5}, {0x6, 0x7f36}, {0x8, 0x2070}, {0x3, 0xf}, {0xa, 0xff}, {0x6, 0x589}, {0x8, 0x1}, {0x10041, 0x8}], 0x14, 0x8, 0x2, 0x2, 0x5}})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000003c0)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016fef8a9cedaf6bec340dee49474360d34cb800", 0x0, 0x48)
r4 = dup(0xffffffffffffffff)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r4, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(0xffffffffffffffff, 0x47f5, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYRESOCT], 0x0, 0xb3}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000802000000000000000000000400000000ecff0c313314b91475041b537169af0e2902934f91cfa81510a59cd35d00b7788c814235992a0f8d270cb7d2f4cc2586e4c27d315fa8e45b9929dbfaaaffaf8609f6e1213a430bcf7e34c464b3c46ab6dedeb43f56b3781e24874ea9c1b97b4e5a6fed269326cb763bdf266e5e352110cfecec4f17863f63d2f15c1742d4353d3a29b335b84870be6d8e0d1e9390590c3fa50de7dfcd29b5481926e664d1432107a9f30f054a5fce15ecd4de3ab1d82b4aff334a50a5"], 0x0, 0x26}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x344, 0x0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x478, 0xffffffff, 0xffffffff, 0x478, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0xa4, 0xc4, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xff, 0xffffffff, 0xff000000], 'netpci0\x00', 'ipvlan0\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x198, 0x1b8, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x3, 0x1, 0x1, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

9m3.635715565s ago: executing program 32 (id=441):
socket$nl_netfilter(0x10, 0x3, 0xc)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045011, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x7fffffff, 0x9, 0x31363553, 0x0, 0xa, [{0x4, 0x5}, {0x6, 0x7f36}, {0x8, 0x2070}, {0x3, 0xf}, {0xa, 0xff}, {0x6, 0x589}, {0x8, 0x1}, {0x10041, 0x8}], 0x14, 0x8, 0x2, 0x2, 0x5}})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000003c0)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016fef8a9cedaf6bec340dee49474360d34cb800", 0x0, 0x48)
r4 = dup(0xffffffffffffffff)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r4, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(0xffffffffffffffff, 0x47f5, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYRESOCT], 0x0, 0xb3}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000802000000000000000000000400000000ecff0c313314b91475041b537169af0e2902934f91cfa81510a59cd35d00b7788c814235992a0f8d270cb7d2f4cc2586e4c27d315fa8e45b9929dbfaaaffaf8609f6e1213a430bcf7e34c464b3c46ab6dedeb43f56b3781e24874ea9c1b97b4e5a6fed269326cb763bdf266e5e352110cfecec4f17863f63d2f15c1742d4353d3a29b335b84870be6d8e0d1e9390590c3fa50de7dfcd29b5481926e664d1432107a9f30f054a5fce15ecd4de3ab1d82b4aff334a50a5"], 0x0, 0x26}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x344, 0x0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x478, 0xffffffff, 0xffffffff, 0x478, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0xa4, 0xc4, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xff, 0xffffffff, 0xff000000], 'netpci0\x00', 'ipvlan0\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x198, 0x1b8, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x3, 0x1, 0x1, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

6.873817549s ago: executing program 0 (id=2822):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x450, 0x0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x478, 0xffffffff, 0xffffffff, 0x478, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xff, 0xffffffff, 0xff000000], 'netpci0\x00', 'ipvlan0\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x298, 0x2b8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x3, 0x1, 0x1, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x3000000)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x2012, r3, 0x0)

6.504394487s ago: executing program 1 (id=2825):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000780)='GPL\x00', 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r5, 0x0}, 0x20)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @remote}], 0x10)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000180)={'team0\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000004c0)={0x0, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x8, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000153800000000000006000000185800000f00000000000000000000009500000000000000539d62f53a50dcfdd81939d77c8f49bc9aefd49521c978f89a836cce993a45c469d5a86a05d40970c7132ab7c09c090b784530b06ad35fab528eac4aefbecc46f258b77e83d6f137004b3b05a9358e7381fc2bd62a2afc5de3df34c3715e00f01b0b9eb02ef27d3ba933fb0ea9581bc98d44cc06bb270f2319dfe96147ca20f96d5f096126a095628ab299df52d5b284354528abce6997cc1a"], &(0x7f0000000140)='GPL\x00', 0x3, 0x56, &(0x7f0000000280)=""/86, 0x41000, 0x42, '\x00', r6, @cgroup_skb=0x1, r7, 0x8, &(0x7f0000000340)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x8, 0x5, 0x1c}, 0x10, r8, r1, 0x6, &(0x7f0000000500)=[r1], &(0x7f0000000540)=[{0x4, 0x1, 0x10, 0xb}, {0x2, 0x1, 0x3, 0x6}, {0x5, 0x1, 0x5, 0x5}, {0x3, 0x3, 0x4, 0x3}, {0x1, 0x1, 0x4}, {0x0, 0x3, 0x8, 0x7}], 0x10, 0x8}, 0x94)
r9 = dup(r0)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x44, 0x8, 0x1b}, 0x9c)

6.033486018s ago: executing program 0 (id=2826):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0xa880)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$drirender128(0xffffff9c, &(0x7f0000000000), 0x121002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
connect$unix(r0, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
clock_settime(0xfffffffb, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="e874f6733916ea3dad0d586c93a2ff"])
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x4004480d, &(0x7f0000000980))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="818f017c1c28daba506b4b4178eb8aa75a7197bfc20da7fa78f23c17f1019ded544ab4fd47310dcdd4a67cf92fb52f9346f879e421ef999a415f8c003cf3cea4ee44b0faf72421ad1ae841e2fa73710e304a7d2b53749cba6f6506c5f94d4c56c7df0eaf2e35a7d2fb6a3e8f82ed95bd056bda5600894f32a2ffb432085d2a762e0010385a125e8a", @ANYRES16=r2, @ANYBLOB="00012cbd7000fcdb36fa70df250500000008000500090000001800018034000200765a7468746f5f62617461647600050002002000000005000600040000083612eb4bd6d55624f60a873b45b3e774ce05110093beba", @ANYRES64=r1, @ANYRES16, @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x20040814}, 0x4004004)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @netfilter, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.702647951s ago: executing program 3 (id=2829):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
lseek(r5, 0x2004, 0x0)
close(r2)

5.233739919s ago: executing program 4 (id=2831):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
syz_emit_ethernet(0x8e, &(0x7f0000000380)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x58, 0x2c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[@hopopts={0x3a}], @pkt_toobig={0x2, 0x0, 0x0, 0x4, {0x8, 0x6, "cd85b5", 0x7, 0x84, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, [], "aad25a7f302d4579b298392ccf95e1e48f10658b1a1c7edc1ffd13d9ccbf356d"}}}}}}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, 0xffffffffffffffff, 0x0)
ioperm(0x284, 0x7f, 0xe3)
ioperm(0x7fffffff, 0x1, 0x8)
socket$netlink(0x10, 0x3, 0xc)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = add_key$keyring(0x0, &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000002900), &(0x7f0000002940)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f00000028c0)='asymmetric\x00', &(0x7f0000002980)=@keyring={'key_or_keyring:', r7})
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r8, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r8, &(0x7f0000000480)=[{&(0x7f00000029c0)=""/4083, 0xff3}, {&(0x7f0000000200)=""/43, 0x2b}, {0x0}, {&(0x7f0000000380)=""/163, 0xa3}], 0x4)

4.663378628s ago: executing program 3 (id=2832):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)

4.563997705s ago: executing program 3 (id=2833):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
read(r0, &(0x7f00000003c0)=""/163, 0xa3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="adcd1a9a1fc36e9600080ff99e25bd86700e5a7507a1da16e41b0cd665279d95", 0x20)
rseq(&(0x7f0000000000)={0x0, 0x0, 0x0, 0xa}, 0x20, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv2(r2, 0x0, 0x0, 0x101, 0x9, 0x3)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
socket$inet_udp(0x2, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_POLL_ADD={0x6, 0x1a, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, {0x3010}, 0x1})
r6 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="ad56b6c5820fae9d6dcd3292ea54c7be", 0x20)
sendto$inet6(r6, &(0x7f0000000080)="255b2a20f709b4a43a1307c620044218fe1f90c892edda55948fc95472faf24df297a8e4228b32dcc11a0a004c287b035078ffffffffffeffffdfc5955de", 0xfffffffffffffd0b, 0x800, 0x0, 0x0)
r7 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg(r7, &(0x7f0000002100)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003340)=[{0xc, 0x117, 0x10}], 0xc}}], 0x2, 0x4040894)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000200)=0x1b)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCPKT(r8, 0x5420, &(0x7f0000000000)=0x392)

4.56361093s ago: executing program 1 (id=2834):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_emit_ethernet(0x2a, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x62, 0x2, @TCA_SFB_PARMS={0x28}}}]}, 0x58}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0xffe, 0x3, 0x1000, 0x3a, 0x0, 0x0, 0x7}, 0x75)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socket$kcm(0x29, 0x2, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r5, 0x0, 0x0, 0x3, 0x1)
recvfrom(0xffffffffffffffff, &(0x7f0000000080)=""/181, 0xb5, 0x40000022, &(0x7f00000003c0)=@generic={0x9, "283a8ad9017b490f36e44c23cb4c903bb4b6f0a52c07bbbc262ff450c6131120f212b577e7931fc9195260ac9bb1ae535144768703165cf957523e221855c7df2bce2345866c8c5f57c5c098734ea1f3033f5af4049eea6809b978644e25d40a85264a18113fc1790f174494943051db171de0ecfdd32a1f05826afd5236"}, 0x80)
r6 = dup2(r4, r4)
read$FUSE(r6, &(0x7f00000063c0)={0x2020}, 0x2020)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)

4.56300847s ago: executing program 0 (id=2835):
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0245720, 0x0)
socket(0x1f, 0x80000, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@bridge_delvlan={0x18, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x18}, 0x1, 0x0, 0x0, 0x40000050}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f00000000c0)=0x2, 0x4)
chdir(0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000240)='./bus\x00', 0x300081, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
copy_file_range(r6, &(0x7f00000001c0)=0xffffffffffffff7f, r5, 0x0, 0x81, 0x10000000000000)
setfsgid(0x0)
r7 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000180)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x1, 0x40}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x4, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x1, 0x4, 0x0, 0x1}, 0x20)
r8 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
epoll_create(0x7)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'ipvlan1\x00'})
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r9)
write$vga_arbiter(r8, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r8, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
r10 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r10, 0x40085112, &(0x7f0000000000)=@e={0xff, 0xa, 0xb, 0x2, @SEQ_CONTROLLER, 0x2, 0x7, 0x8b})
sendmsg$nl_route(r5, &(0x7f0000000040)={0xffffffffffffffff, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=@ipv4_getroute={0x1c, 0x1a, 0x400, 0x70bd2d, 0x25dfdbfc, {0x2, 0x80, 0x10, 0x5, 0xfe, 0x1, 0xfd, 0x8, 0x500}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

4.447493153s ago: executing program 4 (id=2836):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x20001, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="020000000100"], 0x50)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1a004e0078768000", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x28)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200))

3.438134083s ago: executing program 3 (id=2837):
r0 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f0000000340)={0x2, "d1369cf58e4c2521380d10ba3c69fdd96fab93d12c03a89341659a2aea99cef5", 0x3, 0xe0b, 0xba2, 0x80, 0x2})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x54})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
request_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000100)='\\\\@}\x01\x00\x00@\xf5\xe2\xdbE\xc0P\x02\xe0\xf2\xaa\xe6\x00\x00\x00\x00\x00\x00\x00\xd0\xa1B\x80\xd3\xcc\x06D\a\x00\x00\x00\x00\x00\x00\x04)\'\x03t\xcd\xe8\xd0u\x01\xff\x01\xd1', 0xfffffffffffffffe)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x58, 0x10, 0x401, 0x1000000, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}, @IFLA_XFRM_LINK={0x8, 0x1, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x811)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000940)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)=ANY=[@ANYRES16=r5, @ANYRES16, @ANYRESHEX=r2], 0x28}, 0x1, 0x0, 0x0, 0x20004055}, 0x40)
getsockname$packet(r7, &(0x7f0000000000)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r9, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r9}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r10 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r10, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@delchain={0x24, 0x11, 0x1, 0x0, 0x13, {0x0, 0x0, 0x0, r9, {}, {}, {0x9}}}, 0x24}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x4c23, 0x97ff, @loopback, 0xf5c}, 0x1c)
r12 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r12, 0x40045701, &(0x7f0000000800)=0xffffffff)

3.334862774s ago: executing program 4 (id=2838):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x20001, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="020000000100"], 0x50)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
getresuid(&(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940))
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0xa0, 0x258, 0x690, 0x384, 0xda, 0x10000, 0x20, 0x0, {0x4, 0x7}, {0x5, 0x1}, {0xffffffff, 0x2, 0x1}, {0x800, 0x5, 0x1}, 0x5, 0x1, 0x3ff, 0xffc, 0x1, 0x7, 0x63, 0x10002, 0x5, 0x7fff, 0x8, 0x7, 0x24, 0x7af7ea2b84c5e1ec, 0x0, 0x2})
socket$kcm(0x10, 0x2, 0x4)
gettid()
r2 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f0000000540)={0x1, 0x6, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "b6855a32474ffa64f778ddcf29c94337"})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x88}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
close(0x3)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r4, &(0x7f00000004c0), &(0x7f0000000000), 0x2}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b00000000000000000000000000040000e3ffffb2b72930440a60e23084a2b514c325b121b6527492fdeb26b8e1edea7e7a064744b5ba1b16cacf48f0923b9f", @ANYRES32=0x0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
io_setup(0xffff, &(0x7f00000001c0))

2.666719991s ago: executing program 3 (id=2839):
socket(0x40000000015, 0x5, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2, 0x1bd}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3, 0x0, 0xb}, 0x18)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b7500090583"], 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r6=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000000c0)={r6, 0x6, 0x7a}, 0x8)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x1e1100)
pipe(&(0x7f00000001c0))
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[@ANYBLOB='-'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x28, 0x0, r7, 0x0, 0x0, 0xa4})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2.499757835s ago: executing program 1 (id=2840):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
syz_emit_ethernet(0x8e, &(0x7f0000000380)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x58, 0x2c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[@hopopts={0x3a}], @pkt_toobig={0x2, 0x0, 0x0, 0x4, {0x8, 0x6, "cd85b5", 0x7, 0x84, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, [], "aad25a7f302d4579b298392ccf95e1e48f10658b1a1c7edc1ffd13d9ccbf356d"}}}}}}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, 0xffffffffffffffff, 0x0)
ioperm(0x284, 0x7f, 0xe3)
ioperm(0x7fffffff, 0x1, 0x8)
socket$netlink(0x10, 0x3, 0xc)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r6 = add_key$keyring(&(0x7f0000002900), &(0x7f0000002940)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f00000028c0)='asymmetric\x00', &(0x7f0000002980)=@keyring={'key_or_keyring:', r6})
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r7, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r7, &(0x7f0000000480)=[{&(0x7f00000029c0)=""/4083, 0xff3}, {&(0x7f0000000200)=""/43, 0x2b}, {0x0}, {&(0x7f0000000380)=""/163, 0xa3}], 0x4)

2.203536815s ago: executing program 4 (id=2841):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)

2.07049382s ago: executing program 4 (id=2842):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000780)='GPL\x00', 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r5, 0x0}, 0x20)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @remote}], 0x10)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000180)={'team0\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000004c0)={0x0, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x8, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000153800000000000006000000185800000f00000000000000000000009500000000000000539d62f53a50dcfdd81939d77c8f49bc9aefd49521c978f89a836cce993a45c469d5a86a05d40970c7132ab7c09c090b784530b06ad35fab528eac4aefbecc46f258b77e83d6f137004b3b05a9358e7381fc2bd62a2afc5de3df34c3715e00f01b0b9eb02ef27d3ba933fb0ea9581bc98d44cc06bb270f2319dfe96147ca20f96d5f096126a095628ab299df52d5b284354528abce6997cc1a"], &(0x7f0000000140)='GPL\x00', 0x3, 0x56, &(0x7f0000000280)=""/86, 0x41000, 0x42, '\x00', r6, @cgroup_skb=0x1, r7, 0x8, &(0x7f0000000340)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x8, 0x5, 0x1c}, 0x10, r8, r1, 0x6, &(0x7f0000000500)=[r1], &(0x7f0000000540)=[{0x4, 0x1, 0x10, 0xb}, {0x2, 0x1, 0x3, 0x6}, {0x5, 0x1, 0x5, 0x5}, {0x3, 0x3, 0x4, 0x3}, {0x1, 0x1, 0x4}, {0x0, 0x3, 0x8, 0x7}], 0x10, 0x8}, 0x94)
r9 = dup(r0)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x44, 0x8, 0x1b}, 0x9c)

1.693709796s ago: executing program 1 (id=2843):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0xa880)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$drirender128(0xffffff9c, &(0x7f0000000000), 0x121002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
connect$unix(r0, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
clock_settime(0xfffffffb, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="e874f6733916ea3dad0d586c93a2ff"])
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x4004480d, &(0x7f0000000980))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="818f017c1c28daba506b4b4178eb8aa75a7197bfc20da7fa78f23c17f1019ded544ab4fd47310dcdd4a67cf92fb52f9346f879e421ef999a415f8c003cf3cea4ee44b0faf72421ad1ae841e2fa73710e304a7d2b53749cba6f6506c5f94d4c56c7df0eaf2e35a7d2fb6a3e8f82ed95bd056bda5600894f32a2ffb432085d2a762e0010385a125e8a", @ANYRES16=r2, @ANYBLOB="00012cbd7000fcdb36fa70df250500000008000500090000001800018034000200765a7468746f5f62617461647600050002002000000005000600040000083612eb4bd6d55624f60a873b45b3e774ce05110093beba", @ANYRES64=r1, @ANYRES16, @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x20040814}, 0x4004004)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @netfilter, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.274057123s ago: executing program 0 (id=2844):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@ldst={0x7, 0x3, 0x0, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0401273, &(0x7f0000000680)={'\x00', 0x8001, 0x101, 0x5308, 0xfffffffffffffffb, 0x40000, 0xffffffffffffffff})
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
ioctl$BLKZEROOUT(r2, 0x127f, &(0x7f00000000c0)={0x4000, 0x80600})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001400)={'ip6tnl0\x00', &(0x7f0000001380)={'syztnl2\x00', <r4=>0x0, 0x29, 0x2, 0x8, 0x5, 0x28, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x80, 0x7, 0x3, 0x40}})
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x80, 0x80, 0x6, [@var={0x7f, 0x0, 0x0, 0xe, 0x1, 0x1}, @enum={0x5, 0x5, 0x0, 0x6, 0x4, [{0xf, 0x6}, {}, {0xc, 0x25}, {0x0, 0x3}, {0x2, 0x1}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x4, 0x80000000}}, @float={0x1, 0x0, 0x0, 0x10, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x5, 0x9}}]}, {0x0, [0x5f, 0x5f, 0x5f, 0x61]}}, &(0x7f0000001500)=""/161, 0x9e, 0xa1, 0x1, 0x10000}, 0x28)
openat2(r2, &(0x7f00000017c0)='./file0\x00', &(0x7f0000001800)={0x40000, 0x48, 0x3}, 0x18)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010500000000000000000200000008000300", @ANYRES32=r10, @ANYBLOB="0800a0009e09000008002600b414000008009f0003edff"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000001c0)={0xfffffff7, 0x1, 0x3})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, 0x2a, 0x107, 0xfffffffd, 0x0, {0x1, 0x7c}, [@nested={0x8, 0x1, 0x0, 0x1, [@generic="6b54e1a6"]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001700)=@bpf_ext={0x1c, 0x11, &(0x7f0000000280)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x7}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000340)='GPL\x00', 0x7, 0x1000, &(0x7f0000000380)=""/4096, 0x0, 0x1, '\x00', r4, 0x0, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001640)={0x4, 0x5, 0xff15, 0x4a46}, 0x10, 0x11cb9, r0, 0x7, 0x0, &(0x7f0000001680)=[{0x5, 0x5, 0xc, 0xc}, {0x5, 0x3, 0xb, 0xa}, {0x5, 0x2, 0x7, 0x8}, {0x1, 0x1, 0x7, 0x6}, {0x1, 0x1, 0x0, 0x2}, {0x5, 0x5, 0x4, 0xb}, {0x3, 0x2, 0xa, 0x8}], 0x10, 0x6c}, 0x94)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r12, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}]}, 0x20}}, 0x4804)
cachestat(r2, &(0x7f0000001840)={0x1, 0x2}, &(0x7f0000001880), 0x0)

880.184437ms ago: executing program 4 (id=2845):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x63, 0x0, 0x0, 0x62, 0x0, 0x31, 0x0, 0x9, 0x0, 0x0, 0x32]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_io_uring_setup(0x8d2, &(0x7f0000001400)={0x0, 0xd80e, 0x3010, 0xfffffffc}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xfffffffe)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f00000002c0), 0x4)
cachestat(r7, &(0x7f0000000040), &(0x7f000009de80), 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, &(0x7f0000000040)={0x2, 0x40000105, 0x0, 0x0})
r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r8, 0xc1105511, &(0x7f0000000040)={0x7, 0x3, 0x40, 0x10000, 'syz1\x00', 0x4000041})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x4)
ioctl$KVM_SET_CPUID2(r11, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB='\a'])
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = socket$igmp6(0xa, 0x3, 0x2)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r12, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0, 0x20000010, 0x1})
socket(0x10, 0x3, 0x0)
io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

786.213687ms ago: executing program 0 (id=2846):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x20001, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="020000000100"], 0x50)
syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1a004e0078768000", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x28)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200))

658.747455ms ago: executing program 1 (id=2847):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r0, &(0x7f0000000000)="fa", 0xfffffdef)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)
r3 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

388.441853ms ago: executing program 1 (id=2848):
sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)={0x7c, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan1\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x24}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xc, 0x2}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2a, 0x26}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x7c571d3bd3bb2e8a}, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x8000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x105000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x6000, 0x2000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0xfee00000)

298.700436ms ago: executing program 3 (id=2849):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000306010100000001000000000700000a0500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
recvmmsg(r0, &(0x7f0000000a00)=[{{&(0x7f0000000480)=@nfc_llcp, 0x80, &(0x7f0000000680)=[{&(0x7f0000000400)=""/23, 0x17}, {&(0x7f0000000500)}, {&(0x7f00000005c0)=""/179, 0xb3}, {&(0x7f0000000940)=""/152, 0x98}, {&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f0000000740)=""/108, 0x6c}, {&(0x7f0000000540)=""/62, 0x3e}], 0x7, &(0x7f0000000880)=""/85, 0x55}, 0x8}], 0x1, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4, 0x0, 0x1}, 0x18)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f0000000080)=ANY=[])
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r5, &(0x7f0000000700)={&(0x7f0000000140)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1}, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x80000001, 0x30}, 0xc)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r6 = gettid()
syz_open_procfs(r6, &(0x7f00000001c0)='net/dev\x00')
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x180, 0x0)
ioctl$TIOCGSOFTCAR(r7, 0x5414, &(0x7f0000000000))

0s ago: executing program 0 (id=2850):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)

kernel console output (not intermixed with test programs):

3952]  kvm_vcpu_ioctl+0x5eb/0x1690
[  625.934593][T13952]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  625.934616][T13952]  ? tomoyo_path_number_perm+0x18d/0x580
[  625.934646][T13952]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  625.934682][T13952]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  625.934725][T13952]  ? do_vfs_ioctl+0x128/0x14f0
[  625.934750][T13952]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  625.934789][T13952]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  625.934813][T13952]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  625.934837][T13952]  ? __fget_files+0x20e/0x3c0
[  625.934858][T13952]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  625.934882][T13952]  __ia32_compat_sys_ioctl+0x242/0x370
[  625.934910][T13952]  __do_fast_syscall_32+0x7c/0x300
[  625.934932][T13952]  do_fast_syscall_32+0x32/0x80
[  625.934952][T13952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  625.934972][T13952] RIP: 0023:0xf705d579
[  625.934986][T13952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  625.935002][T13952] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  625.935018][T13952] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  625.935029][T13952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  625.935038][T13952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.935048][T13952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  625.935057][T13952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.935081][T13952]  </TASK>
[  626.074818][    C3] vkms_vblank_simulate: vblank timer overrun
[  626.282196][T13956] 9pnet_fd: Insufficient options for proto=fd
[  626.443534][T13964] tmpfs: Unknown parameter 'GPL'
[  627.545419][T13979] bridge0: entered allmulticast mode
[  627.941491][T13984] binder: 13981:13984 ioctl 0 80000040 returned -22
[  628.489842][T13990] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  628.492531][T13990] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  628.495380][T13990] vhci_hcd vhci_hcd.0: Device attached
[  628.511605][  T844] usb 6-1: USB disconnect, device number 9
[  628.524970][T13938] lo: left allmulticast mode
[  628.723358][T13997] trusted_key: encrypted_key: insufficient parameters specified
[  628.780885][   T74] usb 46-1: SetAddress Request (26) to port 0
[  628.784459][   T74] usb 46-1: new SuperSpeed USB device number 26 using vhci_hcd
[  629.338561][T13991] vhci_hcd: connection reset by peer
[  629.342008][   T49] vhci_hcd: stop threads
[  629.343574][   T49] vhci_hcd: release socket
[  629.345085][   T49] vhci_hcd: disconnect device
[  629.858987][T14006] fuse: Bad value for 'fd'
[  629.994083][T14013] overlayfs: missing 'lowerdir'
[  630.352649][T14019] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  631.202191][T14028] binder: 14024:14028 ioctl 0 80000040 returned -22
[  631.441149][T14032] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2078'.
[  631.882915][T14029] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  631.885941][T14029] UDF-fs: Scanning with blocksize 2048 failed
[  631.889413][T14029] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  631.892550][T14029] UDF-fs: Scanning with blocksize 4096 failed
[  632.115872][T14044] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2080'.
[  633.262597][T14070] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2087'.
[  633.480783][T14077] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  633.843295][   T74] usb 46-1: device descriptor read/8, error -110
[  634.711134][T14105] binder: 14097:14105 ioctl 0 80000040 returned -22
[  634.721075][ T1245] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  634.727932][ T1245] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  634.784960][   T74] usb usb46-port1: attempt power cycle
[  635.609944][T14124] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  635.852512][T14132] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  635.855119][T14132] UDF-fs: Scanning with blocksize 2048 failed
[  635.858391][T14132] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  635.860785][T14132] UDF-fs: Scanning with blocksize 4096 failed
[  635.965241][   T74] usb usb46-port1: unable to enumerate USB device
[  638.062830][T14169] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  638.111475][T14171] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  638.113591][T14171] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  638.177637][T14170] binder: 14163:14170 ioctl 0 80000040 returned -22
[  638.281032][T14171] vhci_hcd vhci_hcd.0: Device attached
[  638.379121][T14185] FAULT_INJECTION: forcing a failure.
[  638.379121][T14185] name failslab, interval 1, probability 0, space 0, times 0
[  638.383708][T14185] CPU: 3 UID: 0 PID: 14185 Comm: syz.1.2118 Not tainted syzkaller #0 PREEMPT(full) 
[  638.383722][T14185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  638.383729][T14185] Call Trace:
[  638.383734][T14185]  <TASK>
[  638.383739][T14185]  dump_stack_lvl+0x16c/0x1f0
[  638.383756][T14185]  should_fail_ex+0x512/0x640
[  638.383772][T14185]  ? fs_reclaim_acquire+0xae/0x150
[  638.383787][T14185]  should_failslab+0xc2/0x120
[  638.383801][T14185]  __kmalloc_noprof+0xdd/0x880
[  638.383818][T14185]  ? tomoyo_encode2+0x100/0x3e0
[  638.383832][T14185]  ? tomoyo_encode2+0x100/0x3e0
[  638.383842][T14185]  tomoyo_encode2+0x100/0x3e0
[  638.383855][T14185]  tomoyo_encode+0x29/0x50
[  638.383866][T14185]  tomoyo_realpath_from_path+0x18f/0x6e0
[  638.383882][T14185]  tomoyo_path_number_perm+0x245/0x580
[  638.383898][T14185]  ? tomoyo_path_number_perm+0x237/0x580
[  638.383915][T14185]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  638.383946][T14185]  ? find_held_lock+0x2b/0x80
[  638.383957][T14185]  ? hook_file_ioctl_common+0x145/0x410
[  638.383971][T14185]  ? __fget_files+0x20e/0x3c0
[  638.383984][T14185]  security_file_ioctl_compat+0x9b/0x240
[  638.383996][T14185]  __ia32_compat_sys_ioctl+0xc3/0x370
[  638.384013][T14185]  __do_fast_syscall_32+0x7c/0x300
[  638.384027][T14185]  do_fast_syscall_32+0x32/0x80
[  638.384040][T14185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  638.384053][T14185] RIP: 0023:0xf7f86579
[  638.384062][T14185] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  638.384072][T14185] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  638.384082][T14185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0105500
[  638.384089][T14185] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  638.384094][T14185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  638.384100][T14185] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  638.384106][T14185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  638.384119][T14185]  </TASK>
[  638.384130][T14185] ERROR: Out of memory at tomoyo_realpath_from_path.
[  638.565731][   T43] usb 44-1: SetAddress Request (37) to port 0
[  638.568469][   T43] usb 44-1: new SuperSpeed USB device number 37 using vhci_hcd
[  638.596127][T14172] vhci_hcd: connection reset by peer
[  638.598645][ T1245] vhci_hcd: stop threads
[  638.600422][ T1245] vhci_hcd: release socket
[  638.602264][ T1245] vhci_hcd: disconnect device
[  638.875870][   T29] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  639.038942][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  639.043367][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  639.047586][   T29] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  639.051373][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.056959][   T29] usb 6-1: config 0 descriptor??
[  639.383179][T14210] tmpfs: Bad value for 'mpol'
[  639.433300][T14212] random: crng reseeded on system resumption
[  639.842863][   T29] usbhid 6-1:0.0: can't add hid device: -71
[  640.230524][T14219] blktrace: Concurrent blktraces are not allowed on nullb0
[  640.341272][T14220] netlink: 'syz.0.2128': attribute type 72 has an invalid length.
[  640.344542][T14220] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2128'.
[  640.370090][T14220] nbd: illegal input index -1495182229
[  640.386237][   T29] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  640.512031][   T29] usb 6-1: USB disconnect, device number 10
[  641.047909][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  641.443608][T14236] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  641.855635][T14241] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  641.858360][T14241] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  642.137494][    T9] usb 38-1: SetAddress Request (44) to port 0
[  642.139785][    T9] usb 38-1: new SuperSpeed USB device number 44 using vhci_hcd
[  642.207664][T14241] vhci_hcd vhci_hcd.0: Device attached
[  642.857826][T14243] vhci_hcd: connection reset by peer
[  642.860094][   T72] vhci_hcd: stop threads
[  642.861650][   T72] vhci_hcd: release socket
[  642.863290][   T72] vhci_hcd: disconnect device
[  643.309212][T14263] blktrace: Concurrent blktraces are not allowed on nullb0
[  643.388613][T14264] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2138'.
[  643.407101][T14263] nbd: illegal input index -1495182229
[  643.599231][   T43] usb 44-1: device descriptor read/8, error -110
[  643.617899][T14265] binder: 14260:14265 ioctl 0 80000040 returned -22
[  644.021706][T14279] binder: 14268:14279 ioctl 0 80000040 returned -22
[  644.122239][T14280] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  644.125212][T14280] UDF-fs: Scanning with blocksize 2048 failed
[  644.129171][T14280] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  644.131838][T14280] UDF-fs: Scanning with blocksize 4096 failed
[  644.883576][   T43] usb usb44-port1: attempt power cycle
[  645.475429][   T43] usb usb44-port1: unable to enumerate USB device
[  647.071287][T14312] binder: 14309:14312 ioctl 0 80000040 returned -22
[  647.696933][    T9] usb 38-1: device descriptor read/8, error -110
[  648.014223][T14332] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2154'.
[  648.018027][T14332] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2154'.
[  648.114875][    T9] usb usb38-port1: attempt power cycle
[  648.375992][T14337] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  648.378064][T14337] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  648.385483][T14337] vhci_hcd vhci_hcd.0: Device attached
[  649.335095][T14338] vhci_hcd: connection closed
[  649.335325][  T101] vhci_hcd: stop threads
[  649.338683][  T101] vhci_hcd: release socket
[  649.340693][  T101] vhci_hcd: disconnect device
[  649.391272][T13548] usb 40-1: enqueue for inactive port 0
[  649.766081][T14345] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  649.769024][T14345] UDF-fs: Scanning with blocksize 2048 failed
[  649.772388][T14345] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  649.775294][T14345] UDF-fs: Scanning with blocksize 4096 failed
[  649.904472][T13548] usb usb40-port1: attempt power cycle
[  649.996503][    T9] usb usb38-port1: unable to enumerate USB device
[  650.445073][T14355] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2161'.
[  650.458277][T14355] bond1: (slave gre0): Device is not bonding slave
[  650.460680][T14355] bond1: option active_slave: invalid value (gre0)
[  650.466063][T14355] bond1 (unregistering): Released all slaves
[  650.537335][T14358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2160'.
[  650.541446][T14358] netlink: 'syz.0.2160': attribute type 1 has an invalid length.
[  650.933071][T14366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2164'.
[  651.032085][T14369] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  651.035187][T14369] UDF-fs: Scanning with blocksize 2048 failed
[  651.039797][T14369] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  651.043048][T14369] UDF-fs: Scanning with blocksize 4096 failed
[  651.093702][T13548] usb usb40-port1: unable to enumerate USB device
[  651.102727][T14371] random: crng reseeded on system resumption
[  651.637522][T14377] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  651.640549][T14377] UDF-fs: Scanning with blocksize 2048 failed
[  651.643473][T14377] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  651.645918][T14377] UDF-fs: Scanning with blocksize 4096 failed
[  652.764981][T14388] FAULT_INJECTION: forcing a failure.
[  652.764981][T14388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.770643][T14388] CPU: 1 UID: 0 PID: 14388 Comm: syz.0.2171 Not tainted syzkaller #0 PREEMPT(full) 
[  652.770667][T14388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  652.770677][T14388] Call Trace:
[  652.770682][T14388]  <TASK>
[  652.770688][T14388]  dump_stack_lvl+0x16c/0x1f0
[  652.770710][T14388]  should_fail_ex+0x512/0x640
[  652.770735][T14388]  _copy_from_iter+0x29f/0x1720
[  652.770763][T14388]  ? __pfx__copy_from_iter+0x10/0x10
[  652.770785][T14388]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  652.770814][T14388]  copy_page_from_iter+0xde/0x180
[  652.770839][T14388]  tun_build_skb.constprop.0+0x2e8/0x1510
[  652.770862][T14388]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  652.770884][T14388]  ? __lock_acquire+0x622/0x1c90
[  652.770917][T14388]  tun_get_user+0x149c/0x3cc0
[  652.770942][T14388]  ? __pfx_tun_get_user+0x10/0x10
[  652.770964][T14388]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  652.770985][T14388]  ? find_held_lock+0x2b/0x80
[  652.771001][T14388]  ? tun_get+0x191/0x370
[  652.771019][T14388]  tun_chr_write_iter+0xdc/0x210
[  652.771037][T14388]  vfs_write+0x7d3/0x11d0
[  652.771054][T14388]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  652.771072][T14388]  ? __pfx_vfs_write+0x10/0x10
[  652.771086][T14388]  ? find_held_lock+0x2b/0x80
[  652.771115][T14388]  ksys_write+0x12a/0x250
[  652.771131][T14388]  ? __pfx_ksys_write+0x10/0x10
[  652.771149][T14388]  ? rcu_is_watching+0x12/0xc0
[  652.771169][T14388]  __do_fast_syscall_32+0x7c/0x300
[  652.771189][T14388]  do_fast_syscall_32+0x32/0x80
[  652.771207][T14388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  652.771224][T14388] RIP: 0023:0xf706d579
[  652.771236][T14388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  652.771250][T14388] RSP: 002b:00000000f545d520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  652.771266][T14388] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000280
[  652.771275][T14388] RDX: 0000000000000042 RSI: 00000000f7406ff4 RDI: 0000000000000000
[  652.771285][T14388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  652.771293][T14388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  652.771302][T14388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  652.771323][T14388]  </TASK>
[  652.948667][T14391] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  652.950981][T14391] UDF-fs: Scanning with blocksize 2048 failed
[  652.953882][T14391] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  652.955995][T14391] UDF-fs: Scanning with blocksize 4096 failed
[  653.300610][T14397] netlink: 45 bytes leftover after parsing attributes in process `syz.1.2173'.
[  653.527004][T14408] random: crng reseeded on system resumption
[  653.586746][T14405] mkiss: ax0: crc mode is auto.
[  653.901664][T14425] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2179'.
[  653.936383][T14424] /dev/sr0: Can't open blockdev
[  654.088943][T14430] 9pnet_fd: Insufficient options for proto=fd
[  654.580173][T14438] netlink: 'syz.3.2182': attribute type 1 has an invalid length.
[  654.608148][T14438] 8021q: adding VLAN 0 to HW filter on device bond2
[  654.621659][T14438] dummy0: left promiscuous mode
[  654.623817][T14438] dummy0: left allmulticast mode
[  654.637418][T14438] bond2: (slave dummy0): making interface the new active one
[  654.643027][T14438] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  655.106947][T14460] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  655.641017][T14477] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2193'.
[  655.863290][T14482] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ'
[  655.981926][T14488] random: crng reseeded on system resumption
[  656.690206][T14497] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  656.692328][T14497] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  656.694960][T14497] vhci_hcd vhci_hcd.0: Device attached
[  656.985577][T10656] usb 44-1: SetAddress Request (41) to port 0
[  656.988623][T10656] usb 44-1: new SuperSpeed USB device number 41 using vhci_hcd
[  657.671919][T14498] vhci_hcd: connection reset by peer
[  657.848965][ T1245] vhci_hcd: stop threads
[  657.850362][ T1245] vhci_hcd: release socket
[  657.852400][ T1245] vhci_hcd: disconnect device
[  658.019686][T14521] binder: 14516:14521 ioctl 0 80000040 returned -22
[  658.554685][T14539] netlink: 'syz.3.2206': attribute type 4 has an invalid length.
[  659.148812][T14546] random: crng reseeded on system resumption
[  659.323328][T14551] overlayfs: failed to resolve './file0': -2
[  659.545056][T14563] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  659.547226][T14563] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  659.550157][T14563] vhci_hcd vhci_hcd.0: Device attached
[  660.053542][T13548] usb 38-1: SetAddress Request (48) to port 0
[  660.060828][T13548] usb 38-1: new SuperSpeed USB device number 48 using vhci_hcd
[  660.487284][T14564] vhci_hcd: connection reset by peer
[  660.793494][  T340] vhci_hcd: stop threads
[  660.795475][  T340] vhci_hcd: release socket
[  660.801443][  T340] vhci_hcd: disconnect device
[  660.942008][T14585] fuse: Bad value for 'group_id'
[  660.944289][T14585] fuse: Bad value for 'group_id'
[  661.108169][T14592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2220'.
[  661.849225][T14604] overlayfs: failed to resolve './file1': -2
[  662.097509][T10656] usb 44-1: device descriptor read/8, error -110
[  662.178422][T14615] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2225'.
[  662.215072][T14615] overlayfs: missing 'lowerdir'
[  662.534048][T10656] usb usb44-port1: attempt power cycle
[  662.544836][T14630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2230'.
[  662.625928][T14636] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2231'.
[  662.629112][T14636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2231'.
[  662.632206][T14636] netlink: 'syz.1.2231': attribute type 14 has an invalid length.
[  662.690686][T14641] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2229'.
[  662.983099][T14650] ubi31: attaching mtd0
[  662.985580][T14650] ubi31 error: ubi_attach_mtd_dev: bad VID header (16) or data offsets (80)
[  663.138849][T10656] usb usb44-port1: unable to enumerate USB device
[  663.257167][T14654] random: crng reseeded on system resumption
[  665.138968][T13548] usb 38-1: device descriptor read/8, error -110
[  665.540054][T13548] usb usb38-port1: attempt power cycle
[  665.810316][T14680] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  665.982185][T14685] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2245'.
[  666.045809][T14686] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ'
[  666.109903][T13548] usb usb38-port1: unable to enumerate USB device
[  666.333518][T14695] random: crng reseeded on system resumption
[  667.207012][T14704] random: crng reseeded on system resumption
[  667.265474][T14702] 9pnet_fd: Insufficient options for proto=fd
[  667.933945][T14707] overlayfs: failed to resolve './file1': -2
[  668.706542][T14723] kvm: emulating exchange as write
[  670.438556][T14709] Set syz1 is full, maxelem 65536 reached
[  670.830467][T14740] 9pnet_fd: Insufficient options for proto=fd
[  671.327880][T14752] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  671.330639][T14752] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  671.335611][T14752] vhci_hcd vhci_hcd.0: Device attached
[  671.412944][T14753] vhci_hcd: connection closed
[  671.413167][T14520] vhci_hcd: stop threads
[  671.417038][T14520] vhci_hcd: release socket
[  671.419214][T14520] vhci_hcd: disconnect device
[  672.464395][T14775] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  673.172958][T14788] netlink: 'syz.4.2274': attribute type 10 has an invalid length.
[  673.176544][T14788] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2274'.
[  673.760201][T14801] 9pnet_fd: Insufficient options for proto=fd
[  673.781168][T14790] trusted_key: encrypted_key: insufficient parameters specified
[  673.915520][T14805] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2279'.
[  675.148493][T14813] block device autoloading is deprecated and will be removed.
[  675.178855][T14815] random: crng reseeded on system resumption
[  676.164334][T14830] FAULT_INJECTION: forcing a failure.
[  676.164334][T14830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  676.169847][T14830] CPU: 2 UID: 0 PID: 14830 Comm: syz.3.2285 Not tainted syzkaller #0 PREEMPT(full) 
[  676.169870][T14830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  676.169880][T14830] Call Trace:
[  676.169888][T14830]  <TASK>
[  676.169896][T14830]  dump_stack_lvl+0x16c/0x1f0
[  676.169921][T14830]  should_fail_ex+0x512/0x640
[  676.169951][T14830]  _copy_to_iter+0x29f/0x1710
[  676.169972][T14830]  ? do_raw_spin_lock+0x12c/0x2b0
[  676.170000][T14830]  ? __pfx__copy_to_iter+0x10/0x10
[  676.170019][T14830]  ? rcu_is_watching+0x12/0xc0
[  676.170036][T14830]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  676.170055][T14830]  ? lockdep_hardirqs_on+0x7c/0x110
[  676.170097][T14830]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  676.170120][T14830]  qrtr_tun_read_iter+0x31b/0x480
[  676.170150][T14830]  ? __pfx_qrtr_tun_read_iter+0x10/0x10
[  676.170176][T14830]  ? __pfx_autoremove_wake_function+0x10/0x10
[  676.170200][T14830]  ? __lock_acquire+0x622/0x1c90
[  676.170227][T14830]  do_iter_readv_writev+0x743/0x9e0
[  676.170251][T14830]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  676.170274][T14830]  ? bpf_lsm_file_permission+0x9/0x10
[  676.170294][T14830]  ? security_file_permission+0x71/0x210
[  676.170313][T14830]  ? rw_verify_area+0xcf/0x6c0
[  676.170333][T14830]  vfs_readv+0x4cb/0x8b0
[  676.170357][T14830]  ? __pfx_vfs_readv+0x10/0x10
[  676.170374][T14830]  ? find_held_lock+0x2b/0x80
[  676.170411][T14830]  ? __fget_files+0x20e/0x3c0
[  676.170428][T14830]  ? __fget_files+0x200/0x3c0
[  676.170449][T14830]  ? do_readv+0x132/0x340
[  676.170462][T14830]  do_readv+0x132/0x340
[  676.170477][T14830]  ? __pfx_do_readv+0x10/0x10
[  676.170494][T14830]  ? rcu_is_watching+0x12/0xc0
[  676.170514][T14830]  __do_fast_syscall_32+0x7c/0x300
[  676.170534][T14830]  do_fast_syscall_32+0x32/0x80
[  676.170554][T14830]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  676.170574][T14830] RIP: 0023:0xf7fd5579
[  676.170588][T14830] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  676.170604][T14830] RSP: 002b:00000000f54a555c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  676.170620][T14830] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080001c80
[  676.170631][T14830] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  676.170641][T14830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  676.170650][T14830] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  676.170659][T14830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  676.170683][T14830]  </TASK>
[  676.944378][T14835] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  676.946771][T14835] UDF-fs: Scanning with blocksize 2048 failed
[  676.949345][T14835] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  676.951608][T14835] UDF-fs: Scanning with blocksize 4096 failed
[  677.116670][T14841] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2288'.
[  677.120529][T14841] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2288'.
[  678.597892][T14863] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2293'.
[  678.706084][T14864] binder: 14860:14864 ioctl 0 80000040 returned -22
[  679.253585][T14872] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  679.255695][T14872] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  679.258685][T14872] vhci_hcd vhci_hcd.0: Device attached
[  679.531941][T14880] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  679.605989][ T6023] usb 44-1: SetAddress Request (45) to port 0
[  679.608058][ T6023] usb 44-1: new SuperSpeed USB device number 45 using vhci_hcd
[  679.824260][T14873] vhci_hcd: connection reset by peer
[  679.829880][T14520] vhci_hcd: stop threads
[  679.831763][T14520] vhci_hcd: release socket
[  679.834258][T14520] vhci_hcd: disconnect device
[  681.273535][   T43] IPVS: starting estimator thread 0...
[  681.376954][T14904] IPVS: using max 43 ests per chain, 103200 per kthread
[  682.146368][T14931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2311'.
[  682.153044][T14931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2311'.
[  682.188182][T14931] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  682.240111][T14933] fuse: Bad value for 'fd'
[  682.250449][   T40] audit: type=1326 audit(1762245686.931:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.261744][   T40] audit: type=1326 audit(1762245686.931:2438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.269973][   T40] audit: type=1326 audit(1762245686.931:2439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.277570][   T40] audit: type=1326 audit(1762245686.941:2440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.285879][   T40] audit: type=1326 audit(1762245686.941:2441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.294000][   T40] audit: type=1326 audit(1762245686.941:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.301070][   T40] audit: type=1326 audit(1762245686.941:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.308436][   T40] audit: type=1326 audit(1762245686.941:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.319161][   T40] audit: type=1326 audit(1762245686.941:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.327725][   T40] audit: type=1326 audit(1762245686.941:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14932 comm="syz.4.2312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  682.706091][T14945] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  682.741080][T14945] overlayfs: failed to resolve './file1': -2
[  683.236652][T14959] kvm: kvm [14958]: vcpu128, guest rIP: 0xfff0 Unhandled RDMSR(0x40000076)
[  683.250408][T14959] binder: 14958:14959 ioctl c0046209 0 returned -22
[  683.574707][T14955] binder: 14953:14955 ioctl 0 80000040 returned -22
[  684.214822][T14978] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  684.216999][T14978] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  684.219699][T14978] vhci_hcd vhci_hcd.0: Device attached
[  684.254162][T14979] vhci_hcd: connection closed
[  684.254527][ T1245] vhci_hcd: stop threads
[  684.258861][ T1245] vhci_hcd: release socket
[  684.260937][ T1245] vhci_hcd: disconnect device
[  684.658375][ T6023] usb 44-1: device descriptor read/8, error -110
[  684.711586][T14982] random: crng reseeded on system resumption
[  684.738378][ T5963] Bluetooth: hci0: command tx timeout
[  685.161177][T14987] afs: Unknown parameter 'dИ'еє1wXИ`—ЙU'
[  685.354680][ T6023] usb usb44-port1: attempt power cycle
[  685.919849][ T6023] usb usb44-port1: unable to enumerate USB device
[  686.509138][T15019] /dev/nullb0: Can't open blockdev
[  687.440457][T15030] tmpfs: Bad value for 'mpol'
[  687.550361][T15021] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  687.552653][T15021] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  687.555920][T15021] vhci_hcd vhci_hcd.0: Device attached
[  687.845949][T15033] vhci_hcd: connection closed
[  687.846370][   T13] vhci_hcd: stop threads
[  687.850747][   T13] vhci_hcd: release socket
[  687.852863][   T13] vhci_hcd: disconnect device
[  687.870713][  T845] usb 38-1: enqueue for inactive port 0
[  688.387093][  T845] usb usb38-port1: attempt power cycle
[  689.043651][  T845] usb usb38-port1: unable to enumerate USB device
[  689.295960][ T5967] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  689.301190][ T5967] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  689.304801][ T5967] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  689.308233][ T5967] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  689.311402][ T5967] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  689.335206][T15068] lo speed is unknown, defaulting to 1000
[  689.453720][T15068] chnl_net:caif_netlink_parms(): no params data found
[  689.659114][T15080] netlink: 'syz.4.2342': attribute type 4 has an invalid length.
[  689.857994][  T340] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.881787][T15068] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.884276][T15068] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.886655][T15068] bridge_slave_0: entered allmulticast mode
[  689.889417][T15068] bridge_slave_0: entered promiscuous mode
[  689.893179][T15068] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.896316][T15068] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.899426][T15068] bridge_slave_1: entered allmulticast mode
[  689.903538][T15068] bridge_slave_1: entered promiscuous mode
[  689.958662][T15068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  689.978007][  T340] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.994859][T15068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.033518][T15068] team0: Port device team_slave_0 added
[  690.036863][T15068] team0: Port device team_slave_1 added
[  690.079970][  T340] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.154384][T15068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.157300][T15068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.167554][T15068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.172087][T15068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.174348][T15068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.183498][T15068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  690.240217][  T340] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.272498][T15068] hsr_slave_0: entered promiscuous mode
[  690.275214][T15068] hsr_slave_1: entered promiscuous mode
[  690.666461][   T34] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  690.781178][T15101] blktrace: Concurrent blktraces are not allowed on nullb0
[  690.822495][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.825917][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  690.829014][   T34] usb 9-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  690.831991][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.837680][   T34] usb 9-1: config 0 descriptor??
[  691.068378][  T340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  691.081818][  T340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  691.090289][  T340] bond0 (unregistering): Released all slaves
[  691.098121][T15105] random: crng reseeded on system resumption
[  691.101426][  T340] bond1 (unregistering): Released all slaves
[  691.217324][  T340] bond2 (unregistering): (slave dummy0): Releasing active interface
[  691.224467][  T340] bond2 (unregistering): Released all slaves
[  691.239828][T15108] tmpfs: Bad value for 'mpol'
[  691.321902][  T340] tipc: Left network mode
[  691.362106][  T340] IPVS: stopping backup sync thread 12993 ...
[  691.381998][ T5963] Bluetooth: hci2: command tx timeout
[  691.771586][T13548] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  691.931720][T13548] usb 6-1: Using ep0 maxpacket: 16
[  691.935834][T13548] usb 6-1: config 0 has an invalid interface number: 132 but max is 0
[  691.939539][T13548] usb 6-1: config 0 has no interface number 0
[  691.945369][T13548] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  691.949146][T13548] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.952462][T13548] usb 6-1: Product: syz
[  691.954141][T13548] usb 6-1: Manufacturer: syz
[  691.955975][T13548] usb 6-1: SerialNumber: syz
[  691.970321][T13548] usb 6-1: config 0 descriptor??
[  691.977090][T13548] hub 6-1:0.132: bad descriptor, ignoring hub
[  691.979413][T13548] hub 6-1:0.132: probe with driver hub failed with error -5
[  691.999156][T13548] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input19
[  692.171991][   T34] usbhid 9-1:0.0: can't add hid device: -71
[  692.173974][   T34] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  692.181496][   T34] usb 9-1: USB disconnect, device number 18
[  692.373742][  T340] hsr_slave_0: left promiscuous mode
[  692.377523][  T340] hsr_slave_1: left promiscuous mode
[  692.383651][  T340] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  692.388164][  T340] batman_adv: batadv0: Removing interface: batadv_slave_0
[  692.391144][  T340] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  692.394614][  T340] batman_adv: batadv0: Removing interface: batadv_slave_1
[  692.404494][  T340] veth1_vlan: left promiscuous mode
[  692.407441][  T340] veth0_vlan: left promiscuous mode
[  692.746981][T15131] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  692.749066][T15131] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  692.751726][T15131] vhci_hcd vhci_hcd.0: Device attached
[  692.789284][T15132] vhci_hcd: connection closed
[  692.789558][ T1245] vhci_hcd: stop threads
[  692.793951][ T1245] vhci_hcd: release socket
[  692.795646][ T1245] vhci_hcd: disconnect device
[  692.900209][T15138] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  692.903081][T15138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  692.907016][T15138] vhci_hcd vhci_hcd.0: Device attached
[  693.162176][T10656] usb 37-1: new low-speed USB device number 4 using vhci_hcd
[  693.229881][  T340] team0 (unregistering): Port device team_slave_1 removed
[  693.475468][ T5963] Bluetooth: hci2: command tx timeout
[  693.666678][T15139] vhci_hcd: connection reset by peer
[  693.668965][ T1245] vhci_hcd: stop threads
[  693.670749][ T1245] vhci_hcd: release socket
[  693.672909][ T1245] vhci_hcd: disconnect device
[  693.755032][T15146] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  694.112137][T15068] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  694.119173][T15068] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  694.123603][T15068] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  694.127869][T15068] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  694.179613][T15068] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.197464][T15068] 8021q: adding VLAN 0 to HW filter on device team0
[  694.203846][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.206251][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.214213][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.217354][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  694.383381][T15068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  694.411011][T15068] veth0_vlan: entered promiscuous mode
[  694.416495][T15068] veth1_vlan: entered promiscuous mode
[  694.438468][T15068] veth0_macvtap: entered promiscuous mode
[  694.448643][T15068] veth1_macvtap: entered promiscuous mode
[  694.458176][T15068] batman_adv: batadv0: Interface activated: batadv_slave_0
[  694.480752][T15068] batman_adv: batadv0: Interface activated: batadv_slave_1
[  694.490051][ T1245] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  694.496696][ T1245] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  694.499581][ T1245] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  694.511244][ T1245] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  694.547878][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  694.551849][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  694.555737][T15171] random: crng reseeded on system resumption
[  694.581997][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  694.584948][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  694.655373][T15173] syz.1.2357 (15173): drop_caches: 2
[  694.657442][T15173] syz.1.2357 (15173): drop_caches: 2
[  694.664279][  T845] usb 6-1: USB disconnect, device number 11
[  694.673098][T15176] QAT: Stopping all acceleration devices.
[  695.553572][ T5963] Bluetooth: hci2: command tx timeout
[  696.025233][T15207] QAT: Stopping all acceleration devices.
[  696.070714][T15209] random: crng reseeded on system resumption
[  696.572993][T15221] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2369'.
[  696.715283][T15222] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  696.718380][T15222] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  696.722250][T15222] vhci_hcd vhci_hcd.0: Device attached
[  696.974215][ T6253] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  697.617271][T15223] vhci_hcd: connection reset by peer
[  697.629636][ T5963] Bluetooth: hci2: command tx timeout
[  697.652759][   T13] vhci_hcd: stop threads
[  697.658521][   T13] vhci_hcd: release socket
[  697.660764][   T13] vhci_hcd: disconnect device
[  697.966426][T15229] binder: 15228:15229 ioctl 0 80000040 returned -22
[  698.274579][T10656] vhci_hcd: vhci_device speed not set
[  698.357636][T15242] QAT: Stopping all acceleration devices.
[  698.548673][T15240] 9pnet_fd: Insufficient options for proto=fd
[  699.862377][T15263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2380'.
[  699.918761][T15263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2380'.
[  699.925965][T15263] hub 8-0:1.0: USB hub found
[  699.927924][T15263] hub 8-0:1.0: 1 port detected
[  700.447971][T15269] netlink: 190972 bytes leftover after parsing attributes in process `syz.3.2383'.
[  700.453200][T15269] netlink: 'syz.3.2383': attribute type 9 has an invalid length.
[  700.457271][T15269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2383'.
[  700.463029][T15269] hsr0: entered promiscuous mode
[  700.465078][T15269] macvlan2: entered promiscuous mode
[  700.467332][T15269] macvlan2: entered allmulticast mode
[  700.469240][T15269] hsr0: entered allmulticast mode
[  700.471063][T15269] hsr_slave_0: entered allmulticast mode
[  700.472887][T15269] hsr_slave_1: entered allmulticast mode
[  700.511651][T15271] QAT: Stopping all acceleration devices.
[  700.926370][T15290] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  701.605007][T15293] bridge6: entered promiscuous mode
[  702.238758][ T6253] vhci_hcd: vhci_device speed not set
[  702.410234][T15301] QAT: Stopping all acceleration devices.
[  702.731309][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  703.517010][T15317] overlayfs: missing 'lowerdir'
[  703.699859][T15322] random: crng reseeded on system resumption
[  703.833915][T15299] Set syz1 is full, maxelem 65536 reached
[  705.190069][T15356] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  705.798540][T15372] random: crng reseeded on system resumption
[  706.068353][T15340] Set syz1 is full, maxelem 65536 reached
[  706.851315][ T5967] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  706.857095][ T5967] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  706.860654][ T5967] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  706.863765][ T5967] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  706.866401][ T5967] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  706.894222][T15390] lo speed is unknown, defaulting to 1000
[  707.150773][T15390] chnl_net:caif_netlink_parms(): no params data found
[  707.314896][T15390] bridge0: port 1(bridge_slave_0) entered blocking state
[  707.317951][T15390] bridge0: port 1(bridge_slave_0) entered disabled state
[  707.323984][T15390] bridge_slave_0: entered allmulticast mode
[  707.328048][T15390] bridge_slave_0: entered promiscuous mode
[  707.334829][T15390] bridge0: port 2(bridge_slave_1) entered blocking state
[  707.338028][T15390] bridge0: port 2(bridge_slave_1) entered disabled state
[  707.341496][T15390] bridge_slave_1: entered allmulticast mode
[  707.345532][T15390] bridge_slave_1: entered promiscuous mode
[  707.452149][T15390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  707.457806][T15390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  707.504625][T15390] team0: Port device team_slave_0 added
[  707.507950][T15390] team0: Port device team_slave_1 added
[  707.530334][T15405] random: crng reseeded on system resumption
[  707.551918][T15390] batman_adv: batadv0: Adding interface: batadv_slave_0
[  707.554157][T15390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.562401][T15390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  707.566741][T15390] batman_adv: batadv0: Adding interface: batadv_slave_1
[  707.569129][T15390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.577210][T15390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  707.677134][T15390] hsr_slave_0: entered promiscuous mode
[  707.680548][T15390] hsr_slave_1: entered promiscuous mode
[  707.683141][T15390] debugfs: 'hsr0' already exists in 'hsr'
[  707.685033][T15390] Cannot create hsr debugfs directory
[  708.793758][T15418] random: crng reseeded on system resumption
[  708.912405][ T5967] Bluetooth: hci1: command tx timeout
[  709.032381][  T340] erspan0: left allmulticast mode
[  709.034186][  T340] erspan0: left promiscuous mode
[  709.038963][  T340] bridge0: port 1(erspan0) entered disabled state
[  709.291436][  T340] bridge0 (unregistering): left promiscuous mode
[  709.841972][  T340] bond0 (unregistering): Released all slaves
[  710.246325][  T340] bond1 (unregistering): (slave veth3): Releasing active interface
[  710.273343][  T340] bond1 (unregistering): Released all slaves
[  710.329929][T15446] random: crng reseeded on system resumption
[  710.582875][T15461] 9pnet: Could not find request transport: Нfd
[  710.588178][T15461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2432'.
[  710.594077][T15461] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2432'.
[  710.783137][T15468] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  710.785804][T15468] UDF-fs: Scanning with blocksize 2048 failed
[  710.790427][T15468] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  710.793649][T15468] UDF-fs: Scanning with blocksize 4096 failed
[  710.925219][  T340] hsr_slave_0: left promiscuous mode
[  710.928184][  T340] hsr_slave_1: left promiscuous mode
[  710.991541][ T5967] Bluetooth: hci1: command tx timeout
[  711.531236][T15478] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  711.533981][T15478] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  711.538117][T15478] vhci_hcd vhci_hcd.0: Device attached
[  711.838133][    T9] usb 44-1: SetAddress Request (49) to port 0
[  711.865162][    T9] usb 44-1: new SuperSpeed USB device number 49 using vhci_hcd
[  712.316371][T15479] vhci_hcd: connection reset by peer
[  712.333182][   T12] vhci_hcd: stop threads
[  712.335454][   T12] vhci_hcd: release socket
[  712.338194][   T12] vhci_hcd: disconnect device
[  712.520726][T15488] blktrace: Concurrent blktraces are not allowed on nullb0
[  712.701823][T15489] netlink: 'syz.4.2435': attribute type 1 has an invalid length.
[  713.074141][ T5967] Bluetooth: hci1: command tx timeout
[  713.209000][  T340] dummy0 (unregistering): left allmulticast mode
[  713.387962][T15503] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2438'.
[  713.390794][T15503] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2438'.
[  713.395787][T15503] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2438'.
[  713.401826][T15390] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  713.415393][T15390] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  713.422542][T15390] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  713.445163][T15390] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  713.516155][T15390] 8021q: adding VLAN 0 to HW filter on device bond0
[  713.525895][T15390] 8021q: adding VLAN 0 to HW filter on device team0
[  713.532815][  T101] bridge0: port 1(bridge_slave_0) entered blocking state
[  713.535937][  T101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  713.546900][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  713.549181][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  713.747711][T15390] 8021q: adding VLAN 0 to HW filter on device batadv0
[  713.857050][T15390] veth0_vlan: entered promiscuous mode
[  713.868538][T15390] veth1_vlan: entered promiscuous mode
[  713.894454][T15390] veth0_macvtap: entered promiscuous mode
[  713.900658][T15390] veth1_macvtap: entered promiscuous mode
[  713.916323][T15390] batman_adv: batadv0: Interface activated: batadv_slave_0
[  713.922883][T15390] batman_adv: batadv0: Interface activated: batadv_slave_1
[  713.937119][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.942837][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.952239][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.961351][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  714.197897][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  714.200879][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  714.362145][T15533] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  714.364297][T15533] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  714.367174][T15533] vhci_hcd vhci_hcd.0: Device attached
[  714.489352][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  714.504315][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  714.648171][   T10] usb 46-1: SetAddress Request (30) to port 0
[  714.651780][   T10] usb 46-1: new SuperSpeed USB device number 30 using vhci_hcd
[  715.199697][ T5967] Bluetooth: hci1: command tx timeout
[  715.261912][T15534] vhci_hcd: connection reset by peer
[  715.291018][   T49] vhci_hcd: stop threads
[  715.295526][   T49] vhci_hcd: release socket
[  715.793823][   T49] vhci_hcd: disconnect device
[  716.927888][    T9] usb 44-1: device descriptor read/8, error -110
[  717.240091][T15558] virtio-fs: tag </dev/md0> not found
[  717.240308][ T5967] Bluetooth: hci1: command tx timeout
[  717.253452][T15562] FAULT_INJECTION: forcing a failure.
[  717.253452][T15562] name failslab, interval 1, probability 0, space 0, times 0
[  717.259302][T15562] CPU: 0 UID: 0 PID: 15562 Comm: syz.4.2448 Not tainted syzkaller #0 PREEMPT(full) 
[  717.259323][T15562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  717.259334][T15562] Call Trace:
[  717.259340][T15562]  <TASK>
[  717.259347][T15562]  dump_stack_lvl+0x16c/0x1f0
[  717.259370][T15562]  should_fail_ex+0x512/0x640
[  717.259394][T15562]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  717.259415][T15562]  should_failslab+0xc2/0x120
[  717.259438][T15562]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  717.259457][T15562]  ? alloc_inode+0x64/0x240
[  717.259483][T15562]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  717.259506][T15562]  ? alloc_inode+0x64/0x240
[  717.259525][T15562]  alloc_inode+0x64/0x240
[  717.259545][T15562]  new_inode+0x22/0x1c0
[  717.259571][T15562]  debugfs_create_dir+0xdd/0x5f0
[  717.259590][T15562]  ieee80211_debugfs_recreate_netdev+0x1d1/0x17e0
[  717.259614][T15562]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  717.259638][T15562]  ? ieee80211_link_setup+0x5e/0x90
[  717.259657][T15562]  ? ieee80211_setup_sdata+0x5b5/0xcf0
[  717.259687][T15562]  ieee80211_if_add+0x9b9/0x1a40
[  717.259713][T15562]  ieee80211_add_iface+0xaf/0x590
[  717.259732][T15562]  ? __pfx_ieee80211_add_iface+0x10/0x10
[  717.259751][T15562]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  717.259785][T15562]  nl80211_new_interface+0x6ba/0x1190
[  717.259806][T15562]  ? __pfx_nl80211_new_interface+0x10/0x10
[  717.259830][T15562]  ? nl80211_pre_doit+0x1b0/0xb10
[  717.259850][T15562]  genl_family_rcv_msg_doit+0x209/0x2f0
[  717.259873][T15562]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  717.259900][T15562]  ? bpf_lsm_capable+0x9/0x10
[  717.259927][T15562]  ? security_capable+0x7e/0x260
[  717.259953][T15562]  ? ns_capable+0xd7/0x110
[  717.259974][T15562]  genl_rcv_msg+0x55c/0x800
[  717.259997][T15562]  ? __pfx_genl_rcv_msg+0x10/0x10
[  717.260019][T15562]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  717.260034][T15562]  ? __pfx_nl80211_new_interface+0x10/0x10
[  717.260049][T15562]  ? __pfx_nl80211_post_doit+0x10/0x10
[  717.260075][T15562]  ? __lock_acquire+0x622/0x1c90
[  717.260101][T15562]  netlink_rcv_skb+0x158/0x420
[  717.260119][T15562]  ? __pfx_genl_rcv_msg+0x10/0x10
[  717.260139][T15562]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  717.260168][T15562]  ? netlink_deliver_tap+0x1ae/0xd30
[  717.260189][T15562]  genl_rcv+0x28/0x40
[  717.260206][T15562]  netlink_unicast+0x5aa/0x870
[  717.260227][T15562]  ? __pfx_netlink_unicast+0x10/0x10
[  717.260255][T15562]  netlink_sendmsg+0x8c8/0xdd0
[  717.260278][T15562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  717.260298][T15562]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  717.260327][T15562]  ____sys_sendmsg+0xa98/0xc70
[  717.260351][T15562]  ? __pfx_____sys_sendmsg+0x10/0x10
[  717.260370][T15562]  ? get_compat_msghdr+0x11a/0x170
[  717.260408][T15562]  ___sys_sendmsg+0x134/0x1d0
[  717.260427][T15562]  ? __pfx____sys_sendmsg+0x10/0x10
[  717.260457][T15562]  ? find_held_lock+0x2b/0x80
[  717.260493][T15562]  __sys_sendmsg+0x16d/0x220
[  717.260510][T15562]  ? __pfx___sys_sendmsg+0x10/0x10
[  717.260540][T15562]  ? rcu_is_watching+0x12/0xc0
[  717.260563][T15562]  __do_fast_syscall_32+0x7c/0x300
[  717.260587][T15562]  do_fast_syscall_32+0x32/0x80
[  717.260608][T15562]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  717.260628][T15562] RIP: 0023:0xf705d579
[  717.260642][T15562] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  717.260659][T15562] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  717.260676][T15562] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  717.260686][T15562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  717.260695][T15562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  717.260705][T15562] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  717.260715][T15562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  717.260740][T15562]  </TASK>
[  717.260747][T15562] debugfs: out of free dentries, can not create directory 'netdev:tunl0'
[  717.930034][   T43] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  717.961564][    T9] usb usb44-port1: attempt power cycle
[  718.081499][   T43] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  718.088662][   T43] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  718.092572][   T43] usb 8-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  718.095515][   T43] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  718.100746][   T43] usb 8-1: config 0 descriptor??
[  718.416345][T15588] tmpfs: Bad value for 'mpol'
[  718.636982][    T9] usb usb44-port1: unable to enumerate USB device
[  718.891482][   T43] usbhid 8-1:0.0: can't add hid device: -71
[  718.893429][   T43] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  718.897252][   T43] usb 8-1: USB disconnect, device number 4
[  718.949796][T15585] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  718.952166][T15585] UDF-fs: Scanning with blocksize 2048 failed
[  718.954931][T15585] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  718.957211][T15585] UDF-fs: Scanning with blocksize 4096 failed
[  719.671175][T15604] blktrace: Concurrent blktraces are not allowed on nullb0
[  719.732561][   T10] usb 46-1: device descriptor read/8, error -110
[  719.987951][T15604] netlink: 'syz.3.2457': attribute type 1 has an invalid length.
[  720.149360][   T10] usb usb46-port1: attempt power cycle
[  720.728588][   T10] usb usb46-port1: unable to enumerate USB device
[  720.792209][T15620] binder: 15616:15620 ioctl 0 80000040 returned -22
[  722.817491][T15641] random: crng reseeded on system resumption
[  722.873373][T15644] QAT: Stopping all acceleration devices.
[  723.558587][T15659] binder: 15654:15659 ioctl 0 80000040 returned -22
[  723.952569][T15662] FAULT_INJECTION: forcing a failure.
[  723.952569][T15662] name failslab, interval 1, probability 0, space 0, times 0
[  723.957823][T15662] CPU: 0 UID: 0 PID: 15662 Comm: syz.4.2472 Not tainted syzkaller #0 PREEMPT(full) 
[  723.957840][T15662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  723.957847][T15662] Call Trace:
[  723.957852][T15662]  <TASK>
[  723.957856][T15662]  dump_stack_lvl+0x16c/0x1f0
[  723.957872][T15662]  should_fail_ex+0x512/0x640
[  723.957894][T15662]  ? fs_reclaim_acquire+0xae/0x150
[  723.957921][T15662]  should_failslab+0xc2/0x120
[  723.957941][T15662]  __kmalloc_noprof+0xdd/0x880
[  723.957964][T15662]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  723.957989][T15662]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  723.958007][T15662]  tomoyo_realpath_from_path+0xc2/0x6e0
[  723.958029][T15662]  ? tomoyo_profile+0x47/0x60
[  723.958053][T15662]  tomoyo_path_number_perm+0x245/0x580
[  723.958076][T15662]  ? tomoyo_path_number_perm+0x237/0x580
[  723.958103][T15662]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  723.958148][T15662]  ? find_held_lock+0x2b/0x80
[  723.958160][T15662]  ? hook_file_ioctl_common+0x145/0x410
[  723.958174][T15662]  ? __fget_files+0x20e/0x3c0
[  723.958187][T15662]  security_file_ioctl_compat+0x9b/0x240
[  723.958199][T15662]  __ia32_compat_sys_ioctl+0xc3/0x370
[  723.958217][T15662]  __do_fast_syscall_32+0x7c/0x300
[  723.958231][T15662]  do_fast_syscall_32+0x32/0x80
[  723.958244][T15662]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  723.958257][T15662] RIP: 0023:0xf705d579
[  723.958266][T15662] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  723.958276][T15662] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  723.958287][T15662] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080287010
[  723.958293][T15662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  723.958299][T15662] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  723.958305][T15662] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  723.958311][T15662] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  723.958324][T15662]  </TASK>
[  723.958417][T15662] ERROR: Out of memory at tomoyo_realpath_from_path.
[  724.088459][T15666] random: crng reseeded on system resumption
[  726.454805][ T5963] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  726.459511][ T5963] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  726.472790][ T5963] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  726.483369][ T5963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  726.490655][ T5963] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  726.806424][T15697] chnl_net:caif_netlink_parms(): no params data found
[  726.931581][T15697] bridge0: port 1(bridge_slave_0) entered blocking state
[  726.934842][T15697] bridge0: port 1(bridge_slave_0) entered disabled state
[  726.937749][T15697] bridge_slave_0: entered allmulticast mode
[  726.942048][T15697] bridge_slave_0: entered promiscuous mode
[  726.981697][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.985315][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  727.258189][T15697] bridge0: port 2(bridge_slave_1) entered blocking state
[  727.260453][T15697] bridge0: port 2(bridge_slave_1) entered disabled state
[  727.262915][T15697] bridge_slave_1: entered allmulticast mode
[  727.265506][T15697] bridge_slave_1: entered promiscuous mode
[  727.301065][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.306281][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  727.339911][T15697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  727.376854][T15697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  727.380033][T15716] random: crng reseeded on system resumption
[  727.400387][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.404058][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  727.720682][T15697] team0: Port device team_slave_0 added
[  727.774141][T15697] team0: Port device team_slave_1 added
[  727.833264][   T13] bond0: (slave netdevsim0): Releasing backup interface
[  727.855338][T15706] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  727.858485][T15706] UDF-fs: Scanning with blocksize 2048 failed
[  727.861030][T15706] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  727.864843][T15706] UDF-fs: Scanning with blocksize 4096 failed
[  727.866873][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.876947][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  727.955157][T15697] batman_adv: batadv0: Adding interface: batadv_slave_0
[  727.958287][T15697] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  727.970247][T15697] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  727.988427][T15697] batman_adv: batadv0: Adding interface: batadv_slave_1
[  727.990616][T15697] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  727.998975][T15697] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  728.047640][T15721] binder: 15720:15721 ioctl 0 80000040 returned -22
[  728.155515][T15697] hsr_slave_0: entered promiscuous mode
[  728.158430][T15697] hsr_slave_1: entered promiscuous mode
[  728.160647][T15697] debugfs: 'hsr0' already exists in 'hsr'
[  728.163865][T15697] Cannot create hsr debugfs directory
[  728.218114][   T13] erspan0: left allmulticast mode
[  728.220780][   T13] erspan0: left promiscuous mode
[  728.223336][   T13] bridge0: port 1(erspan0) entered disabled state
[  728.370090][T15728] blktrace: Concurrent blktraces are not allowed on nullb0
[  728.520902][T15738] netlink: 'syz.4.2488': attribute type 1 has an invalid length.
[  728.524213][T15738] overlayfs: failed to resolve './file0': -2
[  728.532989][ T5967] Bluetooth: hci3: command tx timeout
[  728.569703][T15740] FAULT_INJECTION: forcing a failure.
[  728.569703][T15740] name failslab, interval 1, probability 0, space 0, times 0
[  728.574904][T15740] CPU: 0 UID: 0 PID: 15740 Comm: syz.4.2489 Not tainted syzkaller #0 PREEMPT(full) 
[  728.574920][T15740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  728.574926][T15740] Call Trace:
[  728.574930][T15740]  <TASK>
[  728.574934][T15740]  dump_stack_lvl+0x16c/0x1f0
[  728.574951][T15740]  should_fail_ex+0x512/0x640
[  728.574968][T15740]  ? fs_reclaim_acquire+0xae/0x150
[  728.574984][T15740]  should_failslab+0xc2/0x120
[  728.574999][T15740]  __kmalloc_noprof+0xdd/0x880
[  728.575015][T15740]  ? tomoyo_encode2+0x100/0x3e0
[  728.575029][T15740]  ? tomoyo_encode2+0x100/0x3e0
[  728.575040][T15740]  tomoyo_encode2+0x100/0x3e0
[  728.575053][T15740]  tomoyo_encode+0x29/0x50
[  728.575063][T15740]  tomoyo_realpath_from_path+0x18f/0x6e0
[  728.575076][T15740]  ? tomoyo_profile+0x47/0x60
[  728.575092][T15740]  tomoyo_path_number_perm+0x245/0x580
[  728.575108][T15740]  ? tomoyo_path_number_perm+0x237/0x580
[  728.575115][T15728] netlink: 'syz.3.2486': attribute type 1 has an invalid length.
[  728.575126][T15740]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  728.575156][T15740]  ? find_held_lock+0x2b/0x80
[  728.575167][T15740]  ? hook_file_ioctl_common+0x145/0x410
[  728.575181][T15740]  ? __fget_files+0x20e/0x3c0
[  728.575193][T15740]  security_file_ioctl_compat+0x9b/0x240
[  728.575205][T15740]  __ia32_compat_sys_ioctl+0xc3/0x370
[  728.575222][T15740]  __do_fast_syscall_32+0x7c/0x300
[  728.575236][T15740]  do_fast_syscall_32+0x32/0x80
[  728.575249][T15740]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  728.575262][T15740] RIP: 0023:0xf705d579
[  728.575270][T15740] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  728.575281][T15740] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  728.575290][T15740] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  728.575297][T15740] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  728.575302][T15740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  728.575308][T15740] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  728.575314][T15740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  728.575327][T15740]  </TASK>
[  728.575337][T15740] ERROR: Out of memory at tomoyo_realpath_from_path.
[  728.930435][T15745] overlay: Unknown parameter '/'
[  729.579424][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  729.583548][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  729.587261][   T13] bond0 (unregistering): Released all slaves
[  729.670218][   T13] bond1 (unregistering): Released all slaves
[  729.794265][T15748] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  729.809227][T15748] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  729.889114][T15748] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  729.926630][T15748] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  729.954884][T15748] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  730.082585][T15748] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  730.117408][T15748] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  730.127386][T15748] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  730.210814][   T13] hsr_slave_0: left promiscuous mode
[  730.215149][   T13] hsr_slave_1: left promiscuous mode
[  730.217181][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  730.219541][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  730.222508][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  730.225671][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  730.247168][T15748] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  730.266972][   T13] veth1_macvtap: left promiscuous mode
[  730.269294][   T13] veth0_macvtap: left promiscuous mode
[  730.271858][   T13] veth1_vlan: left promiscuous mode
[  730.275819][   T13] veth0_vlan: left promiscuous mode
[  730.517263][T15778] FAULT_INJECTION: forcing a failure.
[  730.517263][T15778] name failslab, interval 1, probability 0, space 0, times 0
[  730.521517][T15778] CPU: 2 UID: 0 PID: 15778 Comm: syz.1.2496 Not tainted syzkaller #0 PREEMPT(full) 
[  730.521532][T15778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  730.521543][T15778] Call Trace:
[  730.521547][T15778]  <TASK>
[  730.521552][T15778]  dump_stack_lvl+0x16c/0x1f0
[  730.521593][T15778]  should_fail_ex+0x512/0x640
[  730.521610][T15778]  ? fs_reclaim_acquire+0xae/0x150
[  730.521626][T15778]  should_failslab+0xc2/0x120
[  730.521641][T15778]  __kmalloc_noprof+0xdd/0x880
[  730.521657][T15778]  ? tomoyo_encode2+0x100/0x3e0
[  730.521671][T15778]  ? tomoyo_encode2+0x100/0x3e0
[  730.521682][T15778]  tomoyo_encode2+0x100/0x3e0
[  730.521696][T15778]  tomoyo_encode+0x29/0x50
[  730.521706][T15778]  tomoyo_realpath_from_path+0x18f/0x6e0
[  730.521720][T15778]  ? tomoyo_profile+0x47/0x60
[  730.521735][T15778]  tomoyo_path_number_perm+0x245/0x580
[  730.521751][T15778]  ? tomoyo_path_number_perm+0x237/0x580
[  730.521769][T15778]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  730.521801][T15778]  ? find_held_lock+0x2b/0x80
[  730.521812][T15778]  ? hook_file_ioctl_common+0x145/0x410
[  730.521826][T15778]  ? __fget_files+0x20e/0x3c0
[  730.521839][T15778]  security_file_ioctl_compat+0x9b/0x240
[  730.521851][T15778]  __ia32_compat_sys_ioctl+0xc3/0x370
[  730.521869][T15778]  __do_fast_syscall_32+0x7c/0x300
[  730.521883][T15778]  do_fast_syscall_32+0x32/0x80
[  730.521896][T15778]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  730.521910][T15778] RIP: 0023:0xf7fb7579
[  730.521919][T15778] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  730.521929][T15778] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  730.521940][T15778] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000541b
[  730.521946][T15778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  730.521952][T15778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  730.521958][T15778] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  730.521964][T15778] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  730.521978][T15778]  </TASK>
[  730.521990][T15778] ERROR: Out of memory at tomoyo_realpath_from_path.
[  730.703621][T15783] netlink: 'syz.1.2498': attribute type 6 has an invalid length.
[  730.715444][T15783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2498'.
[  730.782131][T15784] overlay: ./file1 is not a directory
[  731.019757][   T43] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  731.591118][   T13] team0 (unregistering): Port device team_slave_1 removed
[  731.772939][T15794] FAULT_INJECTION: forcing a failure.
[  731.772939][T15794] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  731.781478][T15794] CPU: 0 UID: 0 PID: 15794 Comm: syz.4.2502 Not tainted syzkaller #0 PREEMPT(full) 
[  731.781494][T15794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  731.781500][T15794] Call Trace:
[  731.781504][T15794]  <TASK>
[  731.781509][T15794]  dump_stack_lvl+0x16c/0x1f0
[  731.781525][T15794]  should_fail_ex+0x512/0x640
[  731.781574][T15794]  should_fail_alloc_page+0xe7/0x130
[  731.781597][T15794]  prepare_alloc_pages+0x3c2/0x610
[  731.781615][T15794]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  731.781630][T15794]  ? find_held_lock+0x2b/0x80
[  731.781644][T15794]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  731.781659][T15794]  ? kernel_text_address+0x8d/0x100
[  731.781682][T15794]  ? __kernel_text_address+0xd/0x40
[  731.781698][T15794]  ? look_up_lock_class+0x6b/0x150
[  731.781711][T15794]  ? register_lock_class+0x41/0x4c0
[  731.781725][T15794]  ? find_held_lock+0x2b/0x80
[  731.781736][T15794]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  731.781756][T15794]  ? policy_nodemask+0xea/0x4e0
[  731.781771][T15794]  alloc_pages_mpol+0x1fb/0x550
[  731.781786][T15794]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  731.781806][T15794]  alloc_pages_noprof+0x131/0x390
[  731.781820][T15794]  pte_alloc_one+0x1e/0x350
[  731.781833][T15794]  __pte_alloc+0x6d/0x380
[  731.781846][T15794]  ? __pfx___pte_alloc+0x10/0x10
[  731.781859][T15794]  ? walk_to_pmd+0x305/0x4c0
[  731.781874][T15794]  __get_locked_pte+0xa1/0xc0
[  731.781890][T15794]  insert_page+0x101/0x200
[  731.781904][T15794]  ? __pfx_insert_page+0x10/0x10
[  731.781922][T15794]  vm_insert_page+0x2c1/0x440
[  731.781936][T15794]  ? kasan_save_track+0x14/0x30
[  731.781949][T15794]  binder_alloc_new_buf+0x21ac/0x3190
[  731.781971][T15794]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[  731.781989][T15794]  binder_transaction+0x1d09/0x9d10
[  731.782015][T15794]  ? __lock_acquire+0x622/0x1c90
[  731.782028][T15794]  ? __pfx_binder_transaction+0x10/0x10
[  731.782049][T15794]  ? __lock_acquire+0xb8a/0x1c90
[  731.782070][T15794]  ? find_held_lock+0x2b/0x80
[  731.782080][T15794]  ? __might_fault+0xe3/0x190
[  731.782089][T15794]  ? __might_fault+0xe3/0x190
[  731.782098][T15794]  ? __might_fault+0x13b/0x190
[  731.782114][T15794]  binder_thread_write+0xaae/0x4e70
[  731.782129][T15794]  ? __kasan_save_free_info+0x3b/0x60
[  731.782141][T15794]  ? __pfx_binder_thread_write+0x10/0x10
[  731.782155][T15794]  ? binder_debug+0xde/0x1a0
[  731.782167][T15794]  ? binder_debug+0xde/0x1a0
[  731.782176][T15794]  ? __pfx_binder_debug+0x10/0x10
[  731.782186][T15794]  ? find_held_lock+0x2b/0x80
[  731.782202][T15794]  ? __pfx_binder_ioctl+0x10/0x10
[  731.782214][T15794]  binder_ioctl+0x26db/0x73b0
[  731.782230][T15794]  ? tomoyo_path_number_perm+0x295/0x580
[  731.782250][T15794]  ? tomoyo_path_number_perm+0x18d/0x580
[  731.782268][T15794]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  731.782285][T15794]  ? __pfx_binder_ioctl+0x10/0x10
[  731.782300][T15794]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  731.782333][T15794]  ? do_vfs_ioctl+0x128/0x14f0
[  731.782349][T15794]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  731.782368][T15794]  ? find_held_lock+0x2b/0x80
[  731.782378][T15794]  ? hook_file_ioctl_common+0x145/0x410
[  731.782392][T15794]  ? __fget_files+0x20e/0x3c0
[  731.782404][T15794]  ? __pfx_binder_ioctl+0x10/0x10
[  731.782416][T15794]  compat_ptr_ioctl+0x6e/0xa0
[  731.782430][T15794]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  731.782445][T15794]  __ia32_compat_sys_ioctl+0x242/0x370
[  731.782462][T15794]  __do_fast_syscall_32+0x7c/0x300
[  731.782476][T15794]  do_fast_syscall_32+0x32/0x80
[  731.782489][T15794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  731.782502][T15794] RIP: 0023:0xf705d579
[  731.782511][T15794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  731.782522][T15794] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  731.782532][T15794] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0306201
[  731.782542][T15794] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  731.782549][T15794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  731.782555][T15794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  731.782561][T15794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  731.782574][T15794]  </TASK>
[  731.782600][T15794] binder_alloc: 15793: binder_install_single_page failed to insert page at offset 0 with -12
[  731.816977][ T5967] Bluetooth: hci2: command 0x0c1a tx timeout
[  731.829151][   T43] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  731.966156][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  731.970928][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  731.975671][   T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  731.981374][   T43] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  731.985247][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.987102][ T5967] Bluetooth: hci1: command 0x0c1a tx timeout
[  732.001820][   T43] usb 6-1: config 0 descriptor??
[  732.005008][T15786] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  732.118141][T15799] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  732.120310][T15799] UDF-fs: Scanning with blocksize 2048 failed
[  732.124299][T15799] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  732.126573][T15799] UDF-fs: Scanning with blocksize 4096 failed
[  732.137340][ T5967] Bluetooth: hci3: command 0x040f tx timeout
[  732.425463][   T43] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  732.681905][T15697] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  732.686021][T15697] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  732.701291][T15697] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  732.710295][T15697] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  732.722878][   T10] usb 6-1: USB disconnect, device number 12
[  732.824501][T15697] 8021q: adding VLAN 0 to HW filter on device bond0
[  732.839587][T15697] 8021q: adding VLAN 0 to HW filter on device team0
[  732.847726][T15547] bridge0: port 1(bridge_slave_0) entered blocking state
[  732.850695][T15547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  732.862142][T15547] bridge0: port 2(bridge_slave_1) entered blocking state
[  732.865194][T15547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  733.052758][T15697] 8021q: adding VLAN 0 to HW filter on device batadv0
[  733.088306][T15697] veth0_vlan: entered promiscuous mode
[  733.100956][T15697] veth1_vlan: entered promiscuous mode
[  733.126673][T15697] veth0_macvtap: entered promiscuous mode
[  733.133409][T15697] veth1_macvtap: entered promiscuous mode
[  733.150949][T15697] batman_adv: batadv0: Interface activated: batadv_slave_0
[  733.160706][T15697] batman_adv: batadv0: Interface activated: batadv_slave_1
[  733.173300][  T101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  733.177137][  T101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  733.186898][  T101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  733.195394][  T101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  733.244326][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  733.251974][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  733.274418][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  733.277630][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  733.899413][ T5967] Bluetooth: hci2: command 0x0c1a tx timeout
[  734.069690][ T5967] Bluetooth: hci1: command 0x0c1a tx timeout
[  734.376181][T15817] Set syz1 is full, maxelem 65536 reached
[  734.378248][ T5967] Bluetooth: hci3: command 0x040f tx timeout
[  735.506307][T15853] netlink: 'syz.1.2514': attribute type 6 has an invalid length.
[  735.510379][T15853] netlink: 'syz.1.2514': attribute type 6 has an invalid length.
[  735.982065][ T5967] Bluetooth: hci2: command 0x0c1a tx timeout
[  736.113402][T15867] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  736.142302][ T5967] Bluetooth: hci1: command 0x0c1a tx timeout
[  736.145483][ T6022] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  736.304014][ T6022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  736.307698][ T6022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.311462][ T6022] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  736.314698][ T6022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.319170][ T6022] usb 6-1: config 0 descriptor??
[  736.472602][ T5967] Bluetooth: hci3: command 0x040f tx timeout
[  736.500199][T15870] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  736.502903][T15870] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  736.505420][T15870] vhci_hcd vhci_hcd.0: Device attached
[  736.512669][T15871] vhci_hcd: connection closed
[  736.514433][   T12] vhci_hcd: stop threads
[  736.517473][   T12] vhci_hcd: release socket
[  736.519097][   T12] vhci_hcd: disconnect device
[  736.747388][ T6022] usbhid 6-1:0.0: can't add hid device: -71
[  736.749947][ T6022] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  736.755137][ T6022] usb 6-1: USB disconnect, device number 13
[  737.012936][T15880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2522'.
[  737.049244][T15878] loop0: detected capacity change from 0 to 2560
[  737.059622][T15878] buffer_io_error: 310 callbacks suppressed
[  737.059639][T15878] Buffer I/O error on dev loop0, logical block 0, lost async page write
[  737.066887][T15878] Buffer I/O error on dev loop0, logical block 1, lost async page write
[  737.070415][T15878] Buffer I/O error on dev loop0, logical block 2, lost async page write
[  737.074087][T15878] Buffer I/O error on dev loop0, logical block 3, lost async page write
[  737.077229][T15878] Buffer I/O error on dev loop0, logical block 4, lost async page write
[  737.080855][T15878] Buffer I/O error on dev loop0, logical block 5, lost async page write
[  737.084180][T15878] Buffer I/O error on dev loop0, logical block 6, lost async page write
[  737.087487][T15878] Buffer I/O error on dev loop0, logical block 7, lost async page write
[  737.090944][T15878] Buffer I/O error on dev loop0, logical block 8, lost async page write
[  737.094708][T15878] Buffer I/O error on dev loop0, logical block 9, lost async page write
[  737.533611][T15891] FAULT_INJECTION: forcing a failure.
[  737.533611][T15891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  737.538076][T15891] CPU: 3 UID: 0 PID: 15891 Comm: syz.4.2525 Not tainted syzkaller #0 PREEMPT(full) 
[  737.538104][T15891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  737.538111][T15891] Call Trace:
[  737.538116][T15891]  <TASK>
[  737.538121][T15891]  dump_stack_lvl+0x16c/0x1f0
[  737.538138][T15891]  should_fail_ex+0x512/0x640
[  737.538157][T15891]  _copy_from_iter+0x29f/0x1720
[  737.538176][T15891]  ? __alloc_skb+0x200/0x380
[  737.538193][T15891]  ? __pfx__copy_from_iter+0x10/0x10
[  737.538209][T15891]  ? netlink_autobind.isra.0+0x158/0x370
[  737.538226][T15891]  netlink_sendmsg+0x820/0xdd0
[  737.538240][T15891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  737.538253][T15891]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  737.538272][T15891]  ____sys_sendmsg+0xa98/0xc70
[  737.538287][T15891]  ? __pfx_____sys_sendmsg+0x10/0x10
[  737.538299][T15891]  ? get_compat_msghdr+0x11a/0x170
[  737.538322][T15891]  ___sys_sendmsg+0x134/0x1d0
[  737.538333][T15891]  ? __pfx____sys_sendmsg+0x10/0x10
[  737.538350][T15891]  ? find_held_lock+0x2b/0x80
[  737.538371][T15891]  __sys_sendmsg+0x16d/0x220
[  737.538381][T15891]  ? __pfx___sys_sendmsg+0x10/0x10
[  737.538397][T15891]  ? rcu_is_watching+0x12/0xc0
[  737.538411][T15891]  __do_fast_syscall_32+0x7c/0x300
[  737.538426][T15891]  do_fast_syscall_32+0x32/0x80
[  737.538439][T15891]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  737.538452][T15891] RIP: 0023:0xf705d579
[  737.538461][T15891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  737.538472][T15891] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  737.538482][T15891] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  737.538489][T15891] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  737.538495][T15891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  737.538505][T15891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  737.538511][T15891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  737.538525][T15891]  </TASK>
[  737.648464][T15893] blktrace: Concurrent blktraces are not allowed on nullb0
[  737.726410][T15894] netlink: 'syz.4.2527': attribute type 1 has an invalid length.
[  737.754021][  T844] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  737.916483][  T844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  737.920891][  T844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  737.925546][  T844] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  737.929307][  T844] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.934364][  T844] usb 6-1: config 0 descriptor??
[  738.238214][T15905] tmpfs: Bad value for 'mpol'
[  738.558911][ T5967] Bluetooth: hci3: command 0x040f tx timeout
[  738.565176][  T844] usbhid 6-1:0.0: can't add hid device: -71
[  738.576046][  T844] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  738.583553][  T844] usb 6-1: USB disconnect, device number 14
[  739.313659][T15919] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  739.322729][T15919] UDF-fs: Scanning with blocksize 2048 failed
[  739.332889][T15919] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  739.335186][T15919] UDF-fs: Scanning with blocksize 4096 failed
[  739.630649][T15928] 9pnet_fd: Insufficient options for proto=fd
[  739.639805][T15928] netlink: 'syz.4.2539': attribute type 28 has an invalid length.
[  739.643857][T15928] netlink: 'syz.4.2539': attribute type 29 has an invalid length.
[  739.648632][T15928] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2539'.
[  739.669800][T15929] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  739.672905][T15929] UDF-fs: Scanning with blocksize 2048 failed
[  739.677612][T15929] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  739.680573][T15929] UDF-fs: Scanning with blocksize 4096 failed
[  740.637596][ T5967] Bluetooth: hci3: command 0x040f tx timeout
[  741.790237][T15963] random: crng reseeded on system resumption
[  742.281166][T15968] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  742.283493][T15968] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  742.286400][T15968] vhci_hcd vhci_hcd.0: Device attached
[  742.598441][ T6023] usb 44-1: SetAddress Request (53) to port 0
[  742.601186][ T6023] usb 44-1: new SuperSpeed USB device number 53 using vhci_hcd
[  742.806452][T15979] random: crng reseeded on system resumption
[  742.843036][T15969] vhci_hcd: connection reset by peer
[  742.850824][  T101] vhci_hcd: stop threads
[  742.852437][  T101] vhci_hcd: release socket
[  742.854869][  T101] vhci_hcd: disconnect device
[  743.034885][T15987] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  743.673643][T15992] bridge0: port 2(bridge_slave_1) entered disabled state
[  743.676208][T15992] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.681521][T15992] bridge0: entered allmulticast mode
[  744.121646][   T34] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  744.261798][   T34] usb 9-1: device descriptor read/64, error -71
[  744.525724][   T34] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  744.692360][   T34] usb 9-1: device descriptor read/64, error -71
[  744.814305][   T34] usb usb9-port1: attempt power cycle
[  745.162831][   T34] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  745.183558][   T34] usb 9-1: device descriptor read/8, error -71
[  745.423152][   T34] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  745.454835][   T34] usb 9-1: device descriptor read/8, error -71
[  745.563652][   T34] usb usb9-port1: unable to enumerate USB device
[  745.630886][T15999] Set syz1 is full, maxelem 65536 reached
[  745.772097][T16008] binder: 16005:16008 ioctl 0 0 returned -22
[  747.426170][T16033] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  747.453000][T16028] infiniband syz1: set active
[  747.455049][T16028] infiniband syz1: added syz_tun
[  747.522222][T16028] RDS/IB: syz1: added
[  747.523860][T16028] smc: adding ib device syz1 with port count 1
[  747.526176][T16028] smc:    ib device syz1 port 1 has no pnetid
[  747.754998][ T6023] usb 44-1: device descriptor read/8, error -110
[  748.147705][ T6023] usb usb44-port1: attempt power cycle
[  748.746192][ T6023] usb usb44-port1: unable to enumerate USB device
[  749.613709][T16058] FAULT_INJECTION: forcing a failure.
[  749.613709][T16058] name failslab, interval 1, probability 0, space 0, times 0
[  749.617580][T16058] CPU: 1 UID: 0 PID: 16058 Comm: syz.4.2577 Not tainted syzkaller #0 PREEMPT(full) 
[  749.617595][T16058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  749.617602][T16058] Call Trace:
[  749.617607][T16058]  <TASK>
[  749.617612][T16058]  dump_stack_lvl+0x16c/0x1f0
[  749.617629][T16058]  should_fail_ex+0x512/0x640
[  749.617646][T16058]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  749.617660][T16058]  should_failslab+0xc2/0x120
[  749.617675][T16058]  kmem_cache_alloc_node_noprof+0x78/0x770
[  749.617686][T16058]  ? __alloc_skb+0x2b2/0x380
[  749.617705][T16058]  ? __alloc_skb+0x2b2/0x380
[  749.617720][T16058]  ? __pfx_netlink_insert+0x10/0x10
[  749.617730][T16058]  __alloc_skb+0x2b2/0x380
[  749.617747][T16058]  ? __pfx___alloc_skb+0x10/0x10
[  749.617767][T16058]  ? netlink_autobind.isra.0+0x158/0x370
[  749.617788][T16058]  netlink_alloc_large_skb+0x69/0x140
[  749.617806][T16058]  netlink_sendmsg+0x698/0xdd0
[  749.617828][T16058]  ? __pfx_netlink_sendmsg+0x10/0x10
[  749.617847][T16058]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  749.617877][T16058]  ____sys_sendmsg+0xa98/0xc70
[  749.617904][T16058]  ? __pfx_____sys_sendmsg+0x10/0x10
[  749.617923][T16058]  ? get_compat_msghdr+0x11a/0x170
[  749.617974][T16058]  ___sys_sendmsg+0x134/0x1d0
[  749.617996][T16058]  ? __pfx____sys_sendmsg+0x10/0x10
[  749.618027][T16058]  ? find_held_lock+0x2b/0x80
[  749.618061][T16058]  __sys_sendmsg+0x16d/0x220
[  749.618080][T16058]  ? __pfx___sys_sendmsg+0x10/0x10
[  749.618108][T16058]  ? rcu_is_watching+0x12/0xc0
[  749.618132][T16058]  __do_fast_syscall_32+0x7c/0x300
[  749.618155][T16058]  do_fast_syscall_32+0x32/0x80
[  749.618177][T16058]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  749.618198][T16058] RIP: 0023:0xf705d579
[  749.618212][T16058] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  749.618229][T16058] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  749.618246][T16058] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  749.618258][T16058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  749.618269][T16058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  749.618285][T16058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  749.618295][T16058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  749.618322][T16058]  </TASK>
[  750.288366][T16073] QAT: Stopping all acceleration devices.
[  751.360081][ T6021] usb 9-1: new full-speed USB device number 23 using dummy_hcd
[  751.542628][T16101] random: crng reseeded on system resumption
[  751.660526][ T6021] usb 9-1: device descriptor read/64, error -71
[  752.317385][T16104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2590'.
[  752.463096][ T6021] usb 9-1: new full-speed USB device number 24 using dummy_hcd
[  752.470817][T16106] random: crng reseeded on system resumption
[  752.748051][ T6021] usb 9-1: device descriptor read/64, error -71
[  752.869907][T16114] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  752.872898][T16114] UDF-fs: Scanning with blocksize 2048 failed
[  752.876578][T16114] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  752.879753][T16114] UDF-fs: Scanning with blocksize 4096 failed
[  753.262977][ T6021] usb usb9-port1: attempt power cycle
[  753.411535][   T40] kauditd_printk_skb: 55 callbacks suppressed
[  753.411547][   T40] audit: type=1326 audit(1762246014.020:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16115 comm="syz.0.2594" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f04579 code=0x0
[  753.692850][ T6021] usb 9-1: new full-speed USB device number 25 using dummy_hcd
[  753.724715][ T6021] usb 9-1: device descriptor read/8, error -71
[  754.276688][T16130] random: crng reseeded on system resumption
[  756.091714][T16170] binder: 16162:16170 ioctl 0 80000040 returned -22
[  756.791591][T16184] QAT: Stopping all acceleration devices.
[  757.101801][T16188] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  757.104960][T16188] UDF-fs: Scanning with blocksize 2048 failed
[  757.109862][T16188] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  757.112990][T16188] UDF-fs: Scanning with blocksize 4096 failed
[  757.130558][T16189] binder: 16179:16189 ioctl 0 80000040 returned -22
[  757.136452][T16191] FAULT_INJECTION: forcing a failure.
[  757.136452][T16191] name failslab, interval 1, probability 0, space 0, times 0
[  757.140542][T16191] CPU: 0 UID: 0 PID: 16191 Comm: syz.1.2616 Not tainted syzkaller #0 PREEMPT(full) 
[  757.140557][T16191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  757.140564][T16191] Call Trace:
[  757.140568][T16191]  <TASK>
[  757.140572][T16191]  dump_stack_lvl+0x16c/0x1f0
[  757.140588][T16191]  should_fail_ex+0x512/0x640
[  757.140604][T16191]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  757.140617][T16191]  should_failslab+0xc2/0x120
[  757.140632][T16191]  kmem_cache_alloc_node_noprof+0x78/0x770
[  757.140642][T16191]  ? __alloc_skb+0x2b2/0x380
[  757.140662][T16191]  ? __alloc_skb+0x2b2/0x380
[  757.140676][T16191]  __alloc_skb+0x2b2/0x380
[  757.140692][T16191]  ? __pfx___alloc_skb+0x10/0x10
[  757.140713][T16191]  netlink_ack+0x15d/0xb80
[  757.140725][T16191]  ? __pfx___dev_queue_xmit+0x10/0x10
[  757.140743][T16191]  netlink_rcv_skb+0x332/0x420
[  757.140754][T16191]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  757.140770][T16191]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  757.140787][T16191]  ? ns_capable+0xd7/0x110
[  757.140800][T16191]  nfnetlink_rcv+0x1b3/0x430
[  757.140814][T16191]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  757.140828][T16191]  ? netlink_deliver_tap+0x1ae/0xd30
[  757.140841][T16191]  netlink_unicast+0x5aa/0x870
[  757.140853][T16191]  ? __pfx_netlink_unicast+0x10/0x10
[  757.140869][T16191]  netlink_sendmsg+0x8c8/0xdd0
[  757.140882][T16191]  ? __pfx_netlink_sendmsg+0x10/0x10
[  757.140895][T16191]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  757.140913][T16191]  ____sys_sendmsg+0xa98/0xc70
[  757.140928][T16191]  ? __pfx_____sys_sendmsg+0x10/0x10
[  757.140940][T16191]  ? get_compat_msghdr+0x11a/0x170
[  757.140966][T16191]  ___sys_sendmsg+0x134/0x1d0
[  757.140977][T16191]  ? __pfx____sys_sendmsg+0x10/0x10
[  757.140993][T16191]  ? find_held_lock+0x2b/0x80
[  757.141012][T16191]  __sys_sendmsg+0x16d/0x220
[  757.141023][T16191]  ? __pfx___sys_sendmsg+0x10/0x10
[  757.141039][T16191]  ? rcu_is_watching+0x12/0xc0
[  757.141052][T16191]  __do_fast_syscall_32+0x7c/0x300
[  757.141067][T16191]  do_fast_syscall_32+0x32/0x80
[  757.141080][T16191]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  757.141093][T16191] RIP: 0023:0xf7fb7579
[  757.141102][T16191] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  757.141112][T16191] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  757.141123][T16191] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  757.141130][T16191] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  757.141136][T16191] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  757.141142][T16191] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  757.141148][T16191] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  757.141161][T16191]  </TASK>
[  757.257786][    C0] vkms_vblank_simulate: vblank timer overrun
[  757.333706][T16194] random: crng reseeded on system resumption
[  758.513430][    C0] vkms_vblank_simulate: vblank timer overrun
[  758.713407][    C0] vkms_vblank_simulate: vblank timer overrun
[  758.821410][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.028636][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.381444][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.462768][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.545486][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.594186][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.633381][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.717558][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.906182][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.953365][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.001443][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.094664][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.134110][T16254] random: crng reseeded on system resumption
[  763.296694][T16269] binder: 16261:16269 ioctl 0 80000040 returned -22
[  763.583272][T16272] blktrace: Concurrent blktraces are not allowed on nullb0
[  763.948914][T16274] nbd: illegal input index -1495182229
[  765.268353][T16296] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2648'.
[  765.338515][   T40] audit: type=1326 audit(1762246025.946:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16290 comm="syz.3.2647" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc2579 code=0x0
[  765.367564][    C2] vkms_vblank_simulate: vblank timer overrun
[  765.458442][T16303] misc userio: Invalid payload size
[  765.999641][T16300] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  767.100961][T16325] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  767.103961][    C2] vkms_vblank_simulate: vblank timer overrun
[  767.110753][T16325] UDF-fs: Scanning with blocksize 2048 failed
[  767.163527][   T10] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  767.164037][T16325] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  767.164060][T16325] UDF-fs: Scanning with blocksize 4096 failed
[  767.387575][   T10] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  767.391444][   T10] usb 8-1: config 0 interface 0 has no altsetting 0
[  767.456552][   T10] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  767.494695][   T10] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  767.518735][   T10] usb 8-1: Product: syz
[  767.521954][   T10] usb 8-1: Manufacturer: syz
[  767.526329][   T10] usb 8-1: SerialNumber: syz
[  767.537295][    C2] vkms_vblank_simulate: vblank timer overrun
[  767.540591][   T10] usb 8-1: config 0 descriptor??
[  767.547687][   T10] usb 8-1: selecting invalid altsetting 0
[  767.701471][    C2] vkms_vblank_simulate: vblank timer overrun
[  768.261295][    C2] vkms_vblank_simulate: vblank timer overrun
[  768.462162][T16342] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  768.466775][T16342] UDF-fs: Scanning with blocksize 2048 failed
[  768.474387][T16342] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  768.481545][T16342] UDF-fs: Scanning with blocksize 4096 failed
[  768.869286][    C2] vkms_vblank_simulate: vblank timer overrun
[  769.187805][T16347] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  769.200818][T16347] UDF-fs: Scanning with blocksize 2048 failed
[  769.260862][T16347] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  769.274353][T16347] UDF-fs: Scanning with blocksize 4096 failed
[  769.455515][   T40] audit: type=1326 audit(1762246029.991:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.639457][   T40] audit: type=1326 audit(1762246029.991:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.650256][   T40] audit: type=1326 audit(1762246030.021:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.666009][   T40] audit: type=1326 audit(1762246030.021:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.678524][   T40] audit: type=1326 audit(1762246030.021:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.697501][   T40] audit: type=1326 audit(1762246030.021:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.705498][   T40] audit: type=1326 audit(1762246030.021:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.719292][   T40] audit: type=1326 audit(1762246030.021:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.736487][   T40] audit: type=1326 audit(1762246030.021:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16348 comm="syz.1.2662" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  769.894283][   T10] usb 8-1: USB disconnect, device number 5
[  771.891799][T16382] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2665'.
[  771.997472][T16385] loop0: detected capacity change from 0 to 2560
[  772.010980][T15678] buffer_io_error: 310 callbacks suppressed
[  772.010996][T15678] Buffer I/O error on dev loop0, logical block 0, async page read
[  772.033093][T15678] Buffer I/O error on dev loop0, logical block 0, async page read
[  772.038315][T15678] Buffer I/O error on dev loop0, logical block 0, async page read
[  772.058566][T15678] Buffer I/O error on dev loop0, logical block 0, async page read
[  772.070829][T15678] Buffer I/O error on dev loop0, logical block 0, async page read
[  772.088013][T16382] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  772.124640][ T6022] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  772.218111][T16388] Buffer I/O error on dev loop0, logical block 0, lost async page write
[  772.248976][T16388] Buffer I/O error on dev loop0, logical block 1, lost async page write
[  772.257675][T16388] Buffer I/O error on dev loop0, logical block 2, lost async page write
[  772.261006][T16388] Buffer I/O error on dev loop0, logical block 3, lost async page write
[  772.277065][T16388] Buffer I/O error on dev loop0, logical block 4, lost async page write
[  772.309996][ T6022] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  772.314399][ T6022] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  772.321714][ T6022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  772.336269][ T6022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  772.353529][ T6022] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  772.390568][ T6022] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  772.417891][ T6022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.437714][ T6022] usb 6-1: config 0 descriptor??
[  772.440552][T16384] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  772.694078][T16394] QAT: Stopping all acceleration devices.
[  773.544427][ T6022] usbhid 6-1:0.0: can't add hid device: -71
[  773.727757][T16405] binder: 16396:16405 ioctl 0 80000040 returned -22
[  773.778421][T16402] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  773.790046][T16402] block device autoloading is deprecated and will be removed.
[  774.192381][ T6022] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  774.223379][ T6022] usb 6-1: USB disconnect, device number 15
[  775.743591][T16427] QAT: Stopping all acceleration devices.
[  776.544111][T16447] input: syz1 as /devices/virtual/input/input20
[  776.849301][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.066006][T16432] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ'
[  777.101348][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.285287][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.554922][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.678003][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.733302][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.789332][    C0] vkms_vblank_simulate: vblank timer overrun
[  778.121241][    C0] vkms_vblank_simulate: vblank timer overrun
[  778.171667][T16470] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2694'.
[  778.261905][T16467] QAT: Stopping all acceleration devices.
[  778.301102][T16473] tipc: Can't bind to reserved service type 0
[  778.712338][T16481] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2696'.
[  778.848069][T16484] random: crng reseeded on system resumption
[  779.109252][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.189559][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.221292][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.279121][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.581994][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.703590][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.906146][    C0] vkms_vblank_simulate: vblank timer overrun
[  781.076966][T16501] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ'
[  782.838335][T16519] trusted_key: encrypted_key: insufficient parameters specified
[  782.990444][T16522] netlink: 'syz.0.2705': attribute type 29 has an invalid length.
[  785.702964][T16569] 9pnet_fd: Insufficient options for proto=fd
[  786.114942][T16577] random: crng reseeded on system resumption
[  786.193891][T16578] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2719'.
[  787.552896][T16588] evm: overlay not supported
[  790.080030][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  790.080049][   T40] audit: type=1326 audit(1762246050.648:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.1.2727" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x0
[  790.454122][T16610] 9pnet_fd: Insufficient options for proto=fd
[  792.269734][T16631] xt_l2tp: v2 sid > 0xffff: 1114112
[  792.478501][T16635] random: crng reseeded on system resumption
[  795.494418][T16666] QAT: Stopping all acceleration devices.
[  795.520881][T16560] Set syz1 is full, maxelem 65536 reached
[  797.303918][   T40] audit: type=1326 audit(1762246057.820:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16683 comm="syz.1.2748" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb7579 code=0x0
[  798.065062][    C1] vkms_vblank_simulate: vblank timer overrun
[  798.661115][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.411611][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.711762][T16673] Set syz1 is full, maxelem 65536 reached
[  799.731639][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.742053][T16695] QAT: Stopping all acceleration devices.
[  799.819783][T16702] fuse: Bad value for 'fd'
[  799.853178][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.109013][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.389035][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.581027][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.717047][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.723090][T16726] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2761'.
[  800.765738][T16726] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2761'.
[  800.770309][T16725] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2761'.
[  801.056181][T16725] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  801.058728][T16725] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  801.067762][T16725] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  801.074510][T16725] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  801.101337][T16725] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  801.103732][T16725] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  801.251190][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.357045][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.510766][T16743] QAT: Stopping all acceleration devices.
[  801.525080][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.549556][T16746] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2767'.
[  801.797947][T16748] syz.3.2767 (16748): drop_caches: 2
[  801.804195][T16748] syz.3.2767 (16748): drop_caches: 2
[  801.903089][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.933775][    C1] vkms_vblank_simulate: vblank timer overrun
[  802.265100][    C1] vkms_vblank_simulate: vblank timer overrun
[  802.312259][T16756] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2768'.
[  802.349059][    C1] vkms_vblank_simulate: vblank timer overrun
[  803.129167][    C1] hrtimer: interrupt took 15824651 ns
[  804.501485][T16786] 9pnet_virtio: no channels available for device 3$Ю~VКаPкюЈŒ
[  804.582959][T16069] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  804.623295][T16069] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  804.634460][T16069] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  804.659170][T16069] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  804.678692][T16069] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  804.717925][T16793] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2780'.
[  804.750726][ T5967] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  804.758465][T16793] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2780'.
[  804.777740][ T5967] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  804.819527][ T5967] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  804.830261][ T5967] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  804.834857][ T5967] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  804.956631][    C0] vkms_vblank_simulate: vblank timer overrun
[  804.977847][T16793] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  804.986350][T16793] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  805.201042][    C0] vkms_vblank_simulate: vblank timer overrun
[  805.505010][    C0] vkms_vblank_simulate: vblank timer overrun
[  805.883562][T16805] FAULT_INJECTION: forcing a failure.
[  805.883562][T16805] name failslab, interval 1, probability 0, space 0, times 0
[  806.000558][T16805] CPU: 1 UID: 0 PID: 16805 Comm: syz.3.2783 Not tainted syzkaller #0 PREEMPT(full) 
[  806.000583][T16805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  806.000593][T16805] Call Trace:
[  806.000601][T16805]  <TASK>
[  806.000609][T16805]  dump_stack_lvl+0x16c/0x1f0
[  806.000633][T16805]  should_fail_ex+0x512/0x640
[  806.000656][T16805]  ? __kmalloc_cache_noprof+0x5f/0x780
[  806.000684][T16805]  should_failslab+0xc2/0x120
[  806.000704][T16805]  __kmalloc_cache_noprof+0x72/0x780
[  806.000729][T16805]  ? mpi_alloc+0x46/0x230
[  806.000753][T16805]  ? mpi_alloc+0x46/0x230
[  806.000771][T16805]  ? mpi_alloc_limb_space+0x39/0x60
[  806.000790][T16805]  mpi_alloc+0x46/0x230
[  806.000811][T16805]  mpi_read_raw_data+0x133/0x4a0
[  806.000834][T16805]  dh_set_secret+0x151/0x260
[  806.000879][T16805]  ? __pfx_dh_set_secret+0x10/0x10
[  806.000900][T16805]  ? crypto_alloc_tfmmem.isra.0+0xd2/0x110
[  806.000921][T16805]  ? __kmalloc_noprof+0x34f/0x880
[  806.000946][T16805]  ? crypto_alloc_tfm_node+0x126/0x260
[  806.000965][T16805]  __keyctl_dh_compute+0x4dd/0x10e0
[  806.000989][T16805]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  806.001006][T16805]  ? find_held_lock+0x2b/0x80
[  806.001029][T16805]  ? get_pid_task+0xfc/0x250
[  806.001054][T16805]  ? get_pid_task+0x106/0x250
[  806.001088][T16805]  ? ksys_write+0x190/0x250
[  806.001113][T16805]  compat_keyctl_dh_compute+0x143/0x1c0
[  806.001130][T16805]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  806.001147][T16805]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  806.001170][T16805]  ? handle_mm_fault+0x1e0/0xd10
[  806.001201][T16805]  ? ksys_write+0x1ac/0x250
[  806.001218][T16805]  ? __pfx_ksys_write+0x10/0x10
[  806.001238][T16805]  __ia32_compat_sys_keyctl+0x347/0x540
[  806.001259][T16805]  __do_fast_syscall_32+0x7c/0x300
[  806.001281][T16805]  do_fast_syscall_32+0x32/0x80
[  806.001300][T16805]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  806.001487][T16805] RIP: 0023:0xf7fc2579
[  806.001657][T16805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  806.001671][T16805] RSP: 002b:00000000f547455c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  806.001688][T16805] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000080000140
[  806.001699][T16805] RDX: 00000000800000c0 RSI: 00000000fffffe4f RDI: 0000000000000000
[  806.001708][T16805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  806.001717][T16805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  806.001727][T16805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  806.001748][T16805]  </TASK>
[  806.068970][    C0] vkms_vblank_simulate: vblank timer overrun
[  806.257497][    C0] vkms_vblank_simulate: vblank timer overrun
[  806.546947][T16789] chnl_net:caif_netlink_parms(): no params data found
[  806.858690][T16789] bridge0: port 1(bridge_slave_0) entered blocking state
[  806.872560][T16789] bridge0: port 1(bridge_slave_0) entered disabled state
[  806.875489][T16789] bridge_slave_0: entered allmulticast mode
[  806.933758][T16789] bridge_slave_0: entered promiscuous mode
[  806.977655][T16789] bridge0: port 2(bridge_slave_1) entered blocking state
[  806.981818][T16789] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.998671][T16789] bridge_slave_1: entered allmulticast mode
[  807.013507][T16789] bridge_slave_1: entered promiscuous mode
[  807.062703][T16782] Set syz1 is full, maxelem 65536 reached
[  807.475707][T16789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  807.495742][T16789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  807.720368][    C0] vkms_vblank_simulate: vblank timer overrun
[  807.860161][T16789] team0: Port device team_slave_0 added
[  807.876877][T16789] team0: Port device team_slave_1 added
[  807.885078][T16818] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  808.252961][    C0] vkms_vblank_simulate: vblank timer overrun
[  808.317912][T16789] batman_adv: batadv0: Adding interface: batadv_slave_0
[  808.323307][T16789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  808.365040][T16789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  808.387672][T16789] batman_adv: batadv0: Adding interface: batadv_slave_1
[  808.403112][T16789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  808.427422][T16789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  808.570963][    C0] vkms_vblank_simulate: vblank timer overrun
[  808.852992][    C0] vkms_vblank_simulate: vblank timer overrun
[  808.864178][T16789] hsr_slave_0: entered promiscuous mode
[  808.957249][T16789] hsr_slave_1: entered promiscuous mode
[  808.962672][T16789] debugfs: 'hsr0' already exists in 'hsr'
[  808.978425][T16789] Cannot create hsr debugfs directory
[  809.008942][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.060993][    C0] vkms_vblank_simulate: vblank timer overrun
[  809.123899][T16836] FAULT_INJECTION: forcing a failure.
[  809.123899][T16836] name failslab, interval 1, probability 0, space 0, times 0
[  809.176203][T16836] CPU: 2 UID: 0 PID: 16836 Comm: syz.3.2793 Not tainted syzkaller #0 PREEMPT(full) 
[  809.176226][T16836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  809.176235][T16836] Call Trace:
[  809.176240][T16836]  <TASK>
[  809.176246][T16836]  dump_stack_lvl+0x16c/0x1f0
[  809.176268][T16836]  should_fail_ex+0x512/0x640
[  809.176290][T16836]  ? __kmalloc_cache_noprof+0x5f/0x780
[  809.176316][T16836]  should_failslab+0xc2/0x120
[  809.176335][T16836]  __kmalloc_cache_noprof+0x72/0x780
[  809.176358][T16836]  ? alloc_super+0x52/0xb60
[  809.176375][T16836]  ? alloc_super+0x52/0xb60
[  809.176389][T16836]  ? __pfx_super_s_dev_test+0x10/0x10
[  809.176408][T16836]  alloc_super+0x52/0xb60
[  809.176422][T16836]  ? sget_fc+0xd3/0xc20
[  809.176440][T16836]  ? __pfx_super_s_dev_test+0x10/0x10
[  809.176463][T16836]  sget_fc+0x116/0xc20
[  809.176480][T16836]  ? __pfx_super_s_dev_set+0x10/0x10
[  809.176506][T16836]  get_tree_bdev_flags+0x1ba/0x620
[  809.176521][T16836]  ? __pfx_qnx4_fill_super+0x10/0x10
[  809.176542][T16836]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  809.176558][T16836]  ? apparmor_capable+0x114/0x1d0
[  809.176583][T16836]  ? bpf_lsm_capable+0x9/0x10
[  809.176604][T16836]  ? security_capable+0x7e/0x260
[  809.176626][T16836]  vfs_get_tree+0x8e/0x340
[  809.176648][T16836]  path_mount+0x7b9/0x23a0
[  809.176670][T16836]  ? __pfx_path_mount+0x10/0x10
[  809.176691][T16836]  ? putname+0x154/0x1a0
[  809.176714][T16836]  ? putname+0x154/0x1a0
[  809.176737][T16836]  ? __ia32_sys_mount+0x291/0x310
[  809.176756][T16836]  __ia32_sys_mount+0x291/0x310
[  809.176775][T16836]  ? __pfx___ia32_sys_mount+0x10/0x10
[  809.176795][T16836]  ? rcu_is_watching+0x12/0xc0
[  809.176855][T16836]  __do_fast_syscall_32+0x7c/0x300
[  809.176880][T16836]  do_fast_syscall_32+0x32/0x80
[  809.176901][T16836]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  809.176922][T16836] RIP: 0023:0xf7fc2579
[  809.176937][T16836] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  809.176953][T16836] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  809.176971][T16836] RAX: ffffffffffffffda RBX: 0000000080000080 RCX: 0000000080000000
[  809.176982][T16836] RDX: 0000000080000180 RSI: 0000000000208000 RDI: 0000000000000000
[  809.176993][T16836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  809.177002][T16836] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  809.177012][T16836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  809.177036][T16836]  </TASK>
[  811.394607][T16789] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  811.424007][T16789] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  811.438434][T16789] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  811.465690][T16789] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  811.758758][T16789] 8021q: adding VLAN 0 to HW filter on device bond0
[  811.803653][T16789] 8021q: adding VLAN 0 to HW filter on device team0
[  811.818882][T14520] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.850367][T14520] bridge0: port 1(bridge_slave_0) entered forwarding state
[  811.907463][T14520] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.925460][T14520] bridge0: port 2(bridge_slave_1) entered forwarding state
[  812.476492][T16789] 8021q: adding VLAN 0 to HW filter on device batadv0
[  812.570424][T16860] binder: 16851:16860 ioctl 0 80000040 returned -22
[  813.122339][T16789] veth0_vlan: entered promiscuous mode
[  813.177552][T16789] veth1_vlan: entered promiscuous mode
[  813.248529][T16789] veth0_macvtap: entered promiscuous mode
[  813.272176][T16789] veth1_macvtap: entered promiscuous mode
[  813.287637][T16789] batman_adv: batadv0: Interface activated: batadv_slave_0
[  813.318569][T16789] batman_adv: batadv0: Interface activated: batadv_slave_1
[  813.407060][   T49] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.411813][   T49] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.426662][   T49] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  813.445834][   T49] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.474927][T16870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2796'.
[  813.933782][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  813.939111][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  813.949070][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  813.961880][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  814.265113][T16877] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2797'.
[  814.848092][T16891] netlink: 'syz.0.2799': attribute type 1 has an invalid length.
[  814.851714][T16891] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2799'.
[  814.879750][T16891] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2799'.
[  815.195394][T16886] tmpfs: Unknown parameter 'ђџџџђџџџђџџџђџџџђџџџђџџџђџџџўџџџўџџџђџџџђџџџђџџџђџџџђџџџўџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџ
'
[  815.442068][T16894] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  815.445703][T16894] UDF-fs: Scanning with blocksize 2048 failed
[  815.552354][T16894] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  815.564105][T16894] UDF-fs: Scanning with blocksize 4096 failed
[  816.613280][T16904] random: crng reseeded on system resumption
[  817.959076][T16837] Set syz1 is full, maxelem 65536 reached
[  818.140519][T16917] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.2809'.
[  819.214298][T16925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2812'.
[  819.592480][T16934] binder: 16930:16934 ioctl 0 80000040 returned -22
[  820.719966][T16951] random: crng reseeded on system resumption
[  822.445003][T16970] 9pnet_fd: Insufficient options for proto=fd
[  823.564798][    C1] vkms_vblank_simulate: vblank timer overrun
[  823.652808][    C1] vkms_vblank_simulate: vblank timer overrun
[  823.737479][T16996] random: crng reseeded on system resumption
[  823.855822][T16998] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  824.542457][T17010] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2834'.
[  824.580853][    C1] vkms_vblank_simulate: vblank timer overrun
[  824.770971][T17013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2837'.
[  824.803160][T17013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2837'.
[  824.897858][T17017] random: crng reseeded on system resumption
[  824.931424][    C1] vkms_vblank_simulate: vblank timer overrun
[  824.969541][    C1] vkms_vblank_simulate: vblank timer overrun
[  825.424736][    C1] vkms_vblank_simulate: vblank timer overrun
[  825.564774][    C1] vkms_vblank_simulate: vblank timer overrun
[  825.604781][    C1] vkms_vblank_simulate: vblank timer overrun
[  826.162852][   T10] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  826.313029][   T10] usb 8-1: Using ep0 maxpacket: 16
[  826.318352][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  826.335953][   T10] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  826.340304][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.346151][   T10] usb 8-1: Product: syz
[  826.349770][   T10] usb 8-1: Manufacturer: syz
[  826.358890][   T10] usb 8-1: SerialNumber: syz
[  826.388908][   T10] usb 8-1: config 0 descriptor??
[  826.405251][   T10] hub 8-1:0.0: bad descriptor, ignoring hub
[  826.424824][   T10] hub 8-1:0.0: probe with driver hub failed with error -5
[  826.434361][   T10] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input21
[  826.843632][T17029] 9pnet_fd: Insufficient options for proto=fd
[  826.880150][T17033] blktrace: Concurrent blktraces are not allowed on nullb0
[  826.931587][    C1] vkms_vblank_simulate: vblank timer overrun
[  827.031097][T17034] nbd: illegal input index -1495182229
[  827.142349][    C1] vkms_vblank_simulate: vblank timer overrun
[  827.375770][T17036] random: crng reseeded on system resumption
[  828.316134][    C0] ==================================================================
[  828.323869][    C0] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  828.340608][    C0] Read of size 1 at addr ffff888013535c18 by task kworker/0:2H/6084
[  828.344351][    C0] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  828.345413][    C0] CPU: 0 UID: 0 PID: 6084 Comm: kworker/0:2H Not tainted syzkaller #0 PREEMPT(full) 
[  828.345437][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  828.345449][    C0] Workqueue: events_highpri snd_vmidi_output_work
[  828.345475][    C0] Call Trace:
[  828.345482][    C0]  <IRQ>
[  828.345490][    C0]  dump_stack_lvl+0x116/0x1f0
[  828.345510][    C0]  print_report+0xcd/0x630
[  828.345531][    C0]  ? __virt_addr_valid+0x81/0x610
[  828.345550][    C0]  ? __phys_addr+0xe8/0x180
[  828.345569][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  828.345584][    C0]  kasan_report+0xe0/0x110
[  828.345602][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  828.345616][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  828.345631][    C0]  __kasan_check_byte+0x36/0x50
[  828.345648][    C0]  lock_acquire+0xfc/0x350
[  828.345669][    C0]  ? do_raw_spin_unlock+0x53/0x230
[  828.345691][    C0]  ? .slowpath+0x9/0x18
[  828.345708][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  828.345723][    C0]  ? p9_req_put+0xaf/0x250
[  828.345742][    C0]  p9_req_put+0xaf/0x250
[  828.345760][    C0]  req_done+0x1dc/0x2e0
[  828.345775][    C0]  ? __pfx_req_done+0x10/0x10
[  828.345790][    C0]  ? __pfx_req_done+0x10/0x10
[  828.345804][    C0]  vring_interrupt+0x31e/0x400
[  828.345827][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  828.345848][    C0]  __handle_irq_event_percpu+0x236/0x920
[  828.345869][    C0]  handle_irq_event+0xab/0x1e0
[  828.345890][    C0]  handle_edge_irq+0x3ca/0x9e0
[  828.345907][    C0]  __common_interrupt+0xd0/0x2f0
[  828.345928][    C0]  common_interrupt+0x61/0xe0
[  828.345950][    C0]  asm_common_interrupt+0x26/0x40
[  828.345967][    C0] RIP: 0010:handle_softirqs+0x1dd/0x8e0
[  828.345986][    C0] Code: 88 6c 24 26 4c 89 7c 24 18 48 c7 c7 20 ce 8b 8b e8 58 5d e0 09 65 66 c7 05 36 12 24 12 00 00 e8 d9 7f 47 00 fb bb ff ff ff ff <49> c7 c7 c0 c0 00 8e 41 0f bc dc 83 c3 01 0f 85 a4 00 00 00 e9 b1
[  828.346000][    C0] RSP: 0018:ffffc90000007f28 EFLAGS: 00000202
[  828.346013][    C0] RAX: 000000000280b17c RBX: 00000000ffffffff RCX: 0000000000000002
[  828.346023][    C0] RDX: 0000000000000000 RSI: ffffffff8da27d51 RDI: ffffffff8bf075c0
[  828.346034][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  828.346043][    C0] R10: ffffffff908239d7 R11: 0000000000000001 R12: 0000000000000080
[  828.346053][    C0] R13: 000000000000000a R14: 1ffff92000000fed R15: ffffed10045d0000
[  828.346072][    C0]  ? handle_softirqs+0x1d7/0x8e0
[  828.346086][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  828.346107][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  828.346124][    C0]  __irq_exit_rcu+0x109/0x170
[  828.346141][    C0]  irq_exit_rcu+0x9/0x30
[  828.346157][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  828.346175][    C0]  </IRQ>
[  828.346181][    C0]  <TASK>
[  828.346187][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  828.346203][    C0] RIP: 0010:finish_task_switch.isra.0+0x22a/0xc10
[  828.346218][    C0] Code: fb 09 00 00 44 8b 05 99 b8 f8 0e 45 85 c0 0f 85 be 01 00 00 4c 89 e7 e8 a4 f6 ff ff e8 2f bc 3a 00 fb 65 48 8b 1d 5e 4e 17 12 <48> 8d bb 58 16 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[  828.346231][    C0] RSP: 0018:ffffc9000424f8a0 EFLAGS: 00000202
[  828.346242][    C0] RAX: 000000000280b179 RBX: ffff888022e80000 RCX: 0000000000000006
[  828.346252][    C0] RDX: 0000000000000000 RSI: ffffffff8da27d51 RDI: ffffffff8bf075c0
[  828.346261][    C0] RBP: ffffc9000424f8e8 R08: 0000000000000001 R09: 0000000000000001
[  828.346271][    C0] R10: ffffffff908239d7 R11: 0000000000000001 R12: ffff88802b23a4c0
[  828.346280][    C0] R13: ffff888023b28000 R14: ffff88802b23a4c0 R15: ffff88802b23b2f0
[  828.346298][    C0]  ? __switch_to+0x7af/0x11b0
[  828.346317][    C0]  __schedule+0x1198/0x5de0
[  828.346336][    C0]  ? __print_lock_name+0xa1/0xe0
[  828.346359][    C0]  ? __pfx___schedule+0x10/0x10
[  828.346376][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  828.346394][    C0]  ? find_held_lock+0x2b/0x80
[  828.346409][    C0]  ? __wake_up+0x3f/0x60
[  828.346422][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  828.346441][    C0]  preempt_schedule_common+0x44/0xc0
[  828.346456][    C0]  preempt_schedule_thunk+0x16/0x30
[  828.346478][    C0]  _raw_spin_unlock_irqrestore+0x61/0x80
[  828.346491][    C0]  snd_rawmidi_transmit+0x117/0x160
[  828.346513][    C0]  snd_vmidi_output_work+0x111/0x390
[  828.346532][    C0]  ? __pfx_snd_vmidi_output_work+0x10/0x10
[  828.346552][    C0]  ? rcu_is_watching+0x12/0xc0
[  828.346571][    C0]  process_one_work+0x9cf/0x1b70
[  828.346597][    C0]  ? __pfx_process_one_work+0x10/0x10
[  828.346623][    C0]  ? assign_work+0x1a0/0x250
[  828.346644][    C0]  worker_thread+0x6c8/0xf10
[  828.346670][    C0]  ? __kthread_parkme+0x19e/0x250
[  828.346691][    C0]  ? __pfx_worker_thread+0x10/0x10
[  828.346715][    C0]  kthread+0x3c5/0x780
[  828.346739][    C0]  ? __pfx_kthread+0x10/0x10
[  828.346762][    C0]  ? rcu_is_watching+0x12/0xc0
[  828.346780][    C0]  ? __pfx_kthread+0x10/0x10
[  828.346803][    C0]  ret_from_fork+0x675/0x7d0
[  828.346827][    C0]  ? __pfx_kthread+0x10/0x10
[  828.346850][    C0]  ret_from_fork_asm+0x1a/0x30
[  828.346879][    C0]  </TASK>
[  828.346892][    C0] 
[  828.501243][    C1] vkms_vblank_simulate: vblank timer overrun
[  828.522232][    C0] Allocated by task 17056:
[  828.522255][    C0]  kasan_save_stack+0x33/0x60
[  828.522279][    C0]  kasan_save_track+0x14/0x30
[  828.522297][    C0]  __kasan_kmalloc+0xaa/0xb0
[  828.522314][    C0]  p9_client_create+0xc7/0x11d0
[  828.522335][    C0]  v9fs_session_init+0x1f7/0x1a80
[  828.522354][    C0]  v9fs_mount+0xc5/0xa90
[  828.522372][    C0]  legacy_get_tree+0x10c/0x220
[  828.522389][    C0]  vfs_get_tree+0x8e/0x340
[  828.522410][    C0]  path_mount+0x7b9/0x23a0
[  828.522427][    C0]  __ia32_sys_mount+0x291/0x310
[  828.522444][    C0]  __do_fast_syscall_32+0x7c/0x300
[  828.522461][    C0]  do_fast_syscall_32+0x32/0x80
[  828.522477][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  828.522502][    C0] 
[  828.522507][    C0] Freed by task 17056:
[  828.522515][    C0]  kasan_save_stack+0x33/0x60
[  828.522531][    C0]  kasan_save_track+0x14/0x30
[  828.522549][    C0]  __kasan_save_free_info+0x3b/0x60
[  828.522564][    C0]  __kasan_slab_free+0x5f/0x80
[  828.522586][    C0]  kfree+0x2b8/0x6d0
[  828.522598][    C0]  p9_client_create+0xa28/0x11d0
[  828.522615][    C0]  v9fs_session_init+0x1f7/0x1a80
[  828.522632][    C0]  v9fs_mount+0xc5/0xa90
[  828.522650][    C0]  legacy_get_tree+0x10c/0x220
[  828.522666][    C0]  vfs_get_tree+0x8e/0x340
[  828.522686][    C0]  path_mount+0x7b9/0x23a0
[  828.522701][    C0]  __ia32_sys_mount+0x291/0x310
[  828.522718][    C0]  __do_fast_syscall_32+0x7c/0x300
[  828.522735][    C0]  do_fast_syscall_32+0x32/0x80
[  828.522752][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  828.522771][    C0] 
[  828.522776][    C0] The buggy address belongs to the object at ffff888013535c00
[  828.522776][    C0]  which belongs to the cache kmalloc-512 of size 512
[  828.522789][    C0] The buggy address is located 24 bytes inside of
[  828.522789][    C0]  freed 512-byte region [ffff888013535c00, ffff888013535e00)
[  828.522806][    C0] 
[  828.522811][    C0] The buggy address belongs to the physical page:
[  828.522819][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13534
[  828.522835][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  828.522850][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  828.522862][    C0] page_type: f5(slab)
[  828.522876][    C0] raw: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  828.522898][    C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  828.522913][    C0] head: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  828.522926][    C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  828.522941][    C0] head: 00fff00000000002 ffffea00004d4d01 00000000ffffffff 00000000ffffffff
[  828.522956][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  828.522965][    C0] page dumped because: kasan: bad access detected
[  828.522973][    C0] page_owner tracks the page as allocated
[  828.522979][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 13, tgid 13 (kworker/u32:1), ts 116944591797, free_ts 96061395712
[  828.523012][    C0]  post_alloc_hook+0x1c0/0x230
[  828.523034][    C0]  get_page_from_freelist+0x10a3/0x3a30
[  828.523049][    C0]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  828.523065][    C0]  alloc_pages_mpol+0x1fb/0x550
[  828.523084][    C0]  new_slab+0x24a/0x360
[  828.523104][    C0]  ___slab_alloc+0xdae/0x1a60
[  828.523125][    C0]  __slab_alloc.constprop.0+0x63/0x110
[  828.523147][    C0]  __kmalloc_cache_noprof+0x477/0x780
[  828.523169][    C0]  __ipv6_dev_mc_inc+0x2f1/0xbc0
[  828.523185][    C0]  addrconf_dad_work+0x28c/0x14e0
[  828.523205][    C0]  process_one_work+0x9cf/0x1b70
[  828.523227][    C0]  worker_thread+0x6c8/0xf10
[  828.523248][    C0]  kthread+0x3c5/0x780
[  828.523267][    C0]  ret_from_fork+0x675/0x7d0
[  828.523289][    C0]  ret_from_fork_asm+0x1a/0x30
[  828.523311][    C0] page last free pid 5917 tgid 5917 stack trace:
[  828.523319][    C0]  __free_frozen_pages+0x7df/0x1160
[  828.523339][    C0]  qlist_free_all+0x4d/0x120
[  828.523355][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[  828.523372][    C0]  __kasan_slab_alloc+0x69/0x90
[  828.523388][    C0]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  828.523404][    C0]  __alloc_skb+0x2b2/0x380
[  828.523426][    C0]  netlink_alloc_large_skb+0x69/0x140
[  828.523442][    C0]  netlink_sendmsg+0x698/0xdd0
[  828.523456][    C0]  __sys_sendto+0x4a3/0x520
[  828.523476][    C0]  __ia32_compat_sys_socketcall+0x625/0x770
[  828.523491][    C0]  __do_fast_syscall_32+0x7c/0x300
[  828.523509][    C0]  do_fast_syscall_32+0x32/0x80
[  828.523527][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  828.523545][    C0] 
[  828.523549][    C0] Memory state around the buggy address:
[  828.523558][    C0]  ffff888013535b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  828.523570][    C0]  ffff888013535b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  828.523581][    C0] >ffff888013535c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  828.523590][    C0]                             ^
[  828.523598][    C0]  ffff888013535c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  828.523610][    C0]  ffff888013535d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  828.523619][    C0] ==================================================================
[  828.523629][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  828.523641][    C0] CPU: 0 UID: 0 PID: 6084 Comm: kworker/0:2H Not tainted syzkaller #0 PREEMPT(full) 
[  828.523661][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  828.523673][    C0] Workqueue: events_highpri snd_vmidi_output_work
[  828.523695][    C0] Call Trace:
[  828.523704][    C0]  <IRQ>
[  828.523714][    C0]  dump_stack_lvl+0x3d/0x1f0
[  828.523732][    C0]  vpanic+0x640/0x6f0
[  828.523756][    C0]  panic+0xca/0xd0
[  828.523775][    C0]  ? __pfx_panic+0x10/0x10
[  828.523797][    C0]  ? end_report+0x4c/0x170
[  828.523815][    C0]  ? rcu_is_watching+0x12/0xc0
[  828.523833][    C0]  ? lock_release+0x201/0x2f0
[  828.523854][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  828.523877][    C0]  check_panic_on_warn+0xab/0xb0
[  828.523905][    C0]  end_report+0x107/0x170
[  828.523924][    C0]  kasan_report+0xee/0x110
[  828.523944][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  828.523963][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  828.523979][    C0]  __kasan_check_byte+0x36/0x50
[  828.523999][    C0]  lock_acquire+0xfc/0x350
[  828.524020][    C0]  ? do_raw_spin_unlock+0x53/0x230
[  828.524043][    C0]  ? .slowpath+0x9/0x18
[  828.524061][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  828.524074][    C0]  ? p9_req_put+0xaf/0x250
[  828.524090][    C0]  p9_req_put+0xaf/0x250
[  828.524108][    C0]  req_done+0x1dc/0x2e0
[  828.524126][    C0]  ? __pfx_req_done+0x10/0x10
[  828.524143][    C0]  ? __pfx_req_done+0x10/0x10
[  828.524159][    C0]  vring_interrupt+0x31e/0x400
[  828.524182][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  828.524204][    C0]  __handle_irq_event_percpu+0x236/0x920
[  828.524225][    C0]  handle_irq_event+0xab/0x1e0
[  828.524241][    C0]  handle_edge_irq+0x3ca/0x9e0
[  828.524260][    C0]  __common_interrupt+0xd0/0x2f0
[  828.524282][    C0]  common_interrupt+0x61/0xe0
[  828.524304][    C0]  asm_common_interrupt+0x26/0x40
[  828.524321][    C0] RIP: 0010:handle_softirqs+0x1dd/0x8e0
[  828.524340][    C0] Code: 88 6c 24 26 4c 89 7c 24 18 48 c7 c7 20 ce 8b 8b e8 58 5d e0 09 65 66 c7 05 36 12 24 12 00 00 e8 d9 7f 47 00 fb bb ff ff ff ff <49> c7 c7 c0 c0 00 8e 41 0f bc dc 83 c3 01 0f 85 a4 00 00 00 e9 b1
[  828.524356][    C0] RSP: 0018:ffffc90000007f28 EFLAGS: 00000202
[  828.524371][    C0] RAX: 000000000280b17c RBX: 00000000ffffffff RCX: 0000000000000002
[  828.524383][    C0] RDX: 0000000000000000 RSI: ffffffff8da27d51 RDI: ffffffff8bf075c0
[  828.524395][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  828.524403][    C0] R10: ffffffff908239d7 R11: 0000000000000001 R12: 0000000000000080
[  828.524413][    C0] R13: 000000000000000a R14: 1ffff92000000fed R15: ffffed10045d0000
[  828.524427][    C0]  ? handle_softirqs+0x1d7/0x8e0
[  828.524442][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  828.524461][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  828.524478][    C0]  __irq_exit_rcu+0x109/0x170
[  828.524494][    C0]  irq_exit_rcu+0x9/0x30
[  828.524509][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  828.524527][    C0]  </IRQ>
[  828.524533][    C0]  <TASK>
[  828.524539][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  828.524557][    C0] RIP: 0010:finish_task_switch.isra.0+0x22a/0xc10
[  828.524575][    C0] Code: fb 09 00 00 44 8b 05 99 b8 f8 0e 45 85 c0 0f 85 be 01 00 00 4c 89 e7 e8 a4 f6 ff ff e8 2f bc 3a 00 fb 65 48 8b 1d 5e 4e 17 12 <48> 8d bb 58 16 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[  828.524590][    C0] RSP: 0018:ffffc9000424f8a0 EFLAGS: 00000202
[  828.524605][    C0] RAX: 000000000280b179 RBX: ffff888022e80000 RCX: 0000000000000006
[  828.524616][    C0] RDX: 0000000000000000 RSI: ffffffff8da27d51 RDI: ffffffff8bf075c0
[  828.524627][    C0] RBP: ffffc9000424f8e8 R08: 0000000000000001 R09: 0000000000000001
[  828.524637][    C0] R10: ffffffff908239d7 R11: 0000000000000001 R12: ffff88802b23a4c0
[  828.524686][    C0] R13: ffff888023b28000 R14: ffff88802b23a4c0 R15: ffff88802b23b2f0
[  828.524704][    C0]  ? __switch_to+0x7af/0x11b0
[  828.524725][    C0]  __schedule+0x1198/0x5de0
[  828.524744][    C0]  ? __print_lock_name+0xa1/0xe0
[  828.524765][    C0]  ? __pfx___schedule+0x10/0x10
[  828.524782][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  828.524800][    C0]  ? find_held_lock+0x2b/0x80
[  828.524817][    C0]  ? __wake_up+0x3f/0x60
[  828.524834][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  828.524857][    C0]  preempt_schedule_common+0x44/0xc0
[  828.524875][    C0]  preempt_schedule_thunk+0x16/0x30
[  828.524908][    C0]  _raw_spin_unlock_irqrestore+0x61/0x80
[  828.524924][    C0]  snd_rawmidi_transmit+0x117/0x160
[  828.524946][    C0]  snd_vmidi_output_work+0x111/0x390
[  828.524968][    C0]  ? __pfx_snd_vmidi_output_work+0x10/0x10
[  828.524989][    C0]  ? rcu_is_watching+0x12/0xc0
[  828.525008][    C0]  process_one_work+0x9cf/0x1b70
[  828.525035][    C0]  ? __pfx_process_one_work+0x10/0x10
[  828.525062][    C0]  ? assign_work+0x1a0/0x250
[  828.525084][    C0]  worker_thread+0x6c8/0xf10
[  828.525111][    C0]  ? __kthread_parkme+0x19e/0x250
[  828.525131][    C0]  ? __pfx_worker_thread+0x10/0x10
[  828.525154][    C0]  kthread+0x3c5/0x780
[  828.525176][    C0]  ? __pfx_kthread+0x10/0x10
[  828.525198][    C0]  ? rcu_is_watching+0x12/0xc0
[  828.525215][    C0]  ? __pfx_kthread+0x10/0x10
[  828.525237][    C0]  ret_from_fork+0x675/0x7d0
[  828.525260][    C0]  ? __pfx_kthread+0x10/0x10
[  828.525282][    C0]  ret_from_fork_asm+0x1a/0x30
[  828.525305][    C0]  </TASK>
[  829.512080][    C0] Kernel Offset: disabled
[  829.515049][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:39:38  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85267e30 RDI=ffffffff9adc2de0 RBP=ffffffff9adc2da0 RSP=ffffc90000007518
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=206e692065655542
R12=0000000000000000 R13=0000000000000060 R14=fffffbfff35b860e R15=dffffc0000000000
RIP=ffffffff85267e57 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097810000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080002000 CR3=000000007095b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000048400000000 0000001700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffff88802283df18 RBX=000000000000000c RCX=ffffffff8198af0c RDX=1ffff11004507be3
RSI=0000000000000000 RDI=ffff8880231437c0 RBP=ffffc9000d4179b0 RSP=ffffc9000d417880
R8 =0000000000000001 R9 =fffff52001a82efe R10=0000000000000003 R11=0000000000000001
R12=dffffc0000000000 R13=ffff88804ae43850 R14=ffff88802283df18 R15=ffff88804ae438a0
RIP=ffffffff84a9c69d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097910000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031720ff8 CR3=0000000042e7b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000048400000000 0000001700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffff88802b4332a8 RCX=ffffffff822c5811 RDX=1ffff11005686655
RSI=ffffffff8bf07540 RDI=ffffffff8dccdef0 RBP=0000000000000002 RSP=ffffc90002f7f6f8
R8 =0000000000000000 R9 =fffffbfff210473a R10=ffffffff908239d7 R11=0000000000000001
R12=0000607f1487d100 R13=ffff88806c0e6000 R14=ffffe8ffac28d100 R15=ffffe8ffac28d110
RIP=ffffffff81a1544c RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a10000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f56e40 CR3=0000000049a99000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000615000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=3a624edcd064f0b1 99bcf66d67d20056 3a624edcd064f0b1 99bcf66d67d20056 3a624edcd064f0b1 99bcf66d67d20056 3a624edcd064f0b1 99bcf66d67d20056
ZMM18=f36b517949e9f42d 1b73c565f41a8264 f36b517949e9f42d 1b73c565f41a8264 f36b517949e9f42d 1b73c565f41a8264 f36b517949e9f42d 1b73c565f41a8264
ZMM19=6d21000000000000 0000000000000005 6d21000000000000 0000000000000004 6d21000000000000 0000000000000003 6d21000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f636e79732f6775 6265642f6c656e72 656b2f7379732f01 ffffffffffffffff
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c1080f8003078002 088183909a080001 0000000806060117 8e0010000790030a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1000078003000800 0208000280020600 759c002364726163 2f6972642f766564
ZMM24=9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b 9c25f91b9c25f91b
ZMM25=a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4 a17339d4a17339d4
ZMM26=a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3 a56d79c3a56d79c3
ZMM27=43940e7243940e72 43940e7243940e72 43940e7243940e72 43940e7243940e72 43940e7243940e72 43940e7243940e72 43940e7243940e72 43940e7243940e72
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=d9140000d9140000 d9140000d9140000 d9140000d9140000 d9140000d9140000 d9140000d9140000 d9140000d9140000 d9140000d9140000 d9140000d9140000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b242540 RCX=ffffc90026461000 RDX=0000000000080000
RSI=ffffffff81b068db RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90002e0fa08
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=ffffed10056484a9 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81b068e2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097b10000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c301d18 CR3=000000007095b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000