last executing test programs:

3.100471859s ago: executing program 2 (id=6288):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=@ipv6_delrule={0x38, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x20001}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x4, 0x1}, @FRA_DST={0x14, 0x7, @loopback}]}, 0x38}}, 0x0) (fail_nth: 6)

2.977952045s ago: executing program 2 (id=6289):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x3, 0x6}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x40000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x23, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

2.893229964s ago: executing program 2 (id=6292):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
readv(r0, &(0x7f0000001400)=[{&(0x7f0000001440)=""/4096, 0x1000}], 0x1)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000002480), 0x20402, 0x0)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b3", 0x14) (fail_nth: 24)

2.881275383s ago: executing program 1 (id=6293):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_setup(0x6, &(0x7f0000001380))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r2, 0x25, &(0x7f00000000c0))
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.240409742s ago: executing program 2 (id=6297):
r0 = socket$netlink(0x10, 0x3, 0x0)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000180)={<r5=>0xffffffffffffffff, 0x9, 0xfffffffffffffe00, 0xb})
fsmount(r5, 0x6768663a56ce2098, 0x76)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'veth1\x00', <r9=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0xff00, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

1.724978563s ago: executing program 1 (id=6299):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000001ac0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
pipe2(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f2fdd32382b9d53229b6d19d04b3461e6fbdbf7e44bb5c8945f07e63191e43c40c3372b9cb2e8453d54d5b127c3770c27d497f8bae8a00a8fc4c97fa81d88a317caa5657f596a825ae94ba0545c87758c6f4c077cc8665e0104e48e0ffe16a747d4a1efc5a76b1d45b09d2169995c5e5c5d473f452bcd7df769e2a28d4557abdc8ce959b1c8c49721bcf4efc90376f320b2c5d5f024a04b4435f49ce10dc4a0d127ad43b75a0c5b74d1ad596b90763c69649202169de1726d6b5590993406e55c"])
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000540)={'syztnl1\x00', &(0x7f00000016c0)={'ip6gre0\x00', <r6=>0x0, 0x4, 0xff, 0x9b, 0x1, 0x8, @remote, @dev={0xfe, 0x80, '\x00', 0x43}, 0x1e, 0x40, 0x70c1, 0xffff7fff}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a00)={r3, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000001740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x7, 0x8, &(0x7f0000001780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x8f, &(0x7f0000001800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001840), &(0x7f0000001880), 0x8, 0xb6, 0x8, 0x8, &(0x7f00000018c0)}}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000000), 0xffffff6a)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001a40)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x3, '\x00', 0x0, r3, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001c80)={0x1b, 0x0, 0x0, 0x6, 0x0, r3, 0xffffffd6, '\x00', r7, r4, 0x800004, 0x5, 0x6, 0x0, @void, @value, @void, @value}, 0x50)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r12, 0x2283, &(0x7f0000000380)=0x3)
r13 = fcntl$dupfd(r12, 0x0, r12)
write$sndseq(r13, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0xf2, @tick=0x5, {}, {}, @raw32={[0x9, 0x8, 0x5a7]}}, {0xfb, 0x0, 0x1, 0x81, @time={0xffff, 0x80000015}, {0x8, 0x30}, {0x2}, @time=@tick=0xfffffffe}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000001bc0)={0x16, 0x1b, &(0x7f00000005c0)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @generic={0x6, 0x9, 0x8, 0x400, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @ldst={0x1, 0x1, 0x1, 0x3, 0xa, 0xfffffffffffffff8, 0x8}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xc0}}, @exit, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}], &(0x7f0000000500)='GPL\x00', 0x5, 0x1000, &(0x7f00000006c0)=""/4096, 0x41000, 0x18, '\x00', r6, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r8, r9, 0x0, &(0x7f0000001b40)=[r10, r11, r3, r5, r4, r3, r13, r4], &(0x7f0000001b80), 0x10, 0x80, @void, @value}, 0x94)
r14 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_ext={0x1c, 0xe, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffb}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x5}, @ldst={0x0, 0x0, 0x2, 0x0, 0x5, 0x80, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000480)='GPL\x00', 0x3ff, 0x70, &(0x7f00000004c0)=""/112, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x4, 0xc, 0x7, 0x772}, 0x10, 0x630e, 0xffffffffffffffff, 0x3, 0x0, &(0x7f00000005c0)=[{0x5, 0x2, 0x2, 0x6}, {0x2, 0x2, 0x3, 0x3}, {0x4, 0x4, 0x9, 0x2}], 0x10, 0x3, @void, @value}, 0x94)
r15 = fsmount(0xffffffffffffffff, 0x1, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1e, 0x16, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@jmp={0x5, 0x0, 0xc, 0x9, 0x1, 0xffffffffffffffe0, 0xfffffffffffffff7}, @btf_id={0x18, 0xe, 0x3, 0x0, 0x3}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xfffffffffffffff8}, @alu={0x7, 0x1, 0x7, 0x8, 0x9, 0x30, 0x8}, @generic={0x10, 0x0, 0x2, 0x4, 0xed}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x5, 0x35, &(0x7f0000000280)=""/53, 0x41000, 0x63, '\x00', 0x0, @sk_lookup, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, r8, r14, 0x2, &(0x7f00000006c0)=[r15], &(0x7f0000000700)=[{0x5, 0x4, 0xb}, {0x1, 0x4, 0xf, 0xb}], 0x10, 0x401, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0}, &(0x7f0000001380)=0x40)

1.68612384s ago: executing program 2 (id=6300):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
mkdir(0x0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0xe8, 0x30, 0x1, 0x70b52b, 0x25dfdbff, {}, [{0xd4, 0x1, [@m_ct={0x88, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x46, 0x6, "49e1d131000000000100000063987e67d90bf50770c597308828c32f2dff6b1e0440df9e1b6e50e433b5c2b17edad5e88933ac89600edc5419bb2dd0b7d39c7b4d07"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91524fc60", 0x14}], 0x1}, 0x40048820)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x1e3d50de03aa3d1, &(0x7f0000000180)={0x2})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x5, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000841, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x208000, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r6 = fsopen(&(0x7f0000000080)='gadgetfs\x00', 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000010100000000000c9b370007ec5bf3", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="180000002000000000000000fcffff51e1529d7f18110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000035a8529af8e0ffffb703000008000000b70400000200000085000000820000f1850000e70d00000095000000e3ad2ad6"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r8}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c9, 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

1.4844117s ago: executing program 0 (id=6302):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x72030280)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d37, 0x100, 0xe, 0x2be})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@getqdisc={0x3c, 0x26, 0x800, 0x2070bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9, 0x9}, {0xfff2, 0xffe0}, {0x2, 0xc}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000002000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000018000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000085000000b5000000bf91000000000000b70200000100530b31b86a9709296ddfaec8d000008500000084000000b700002bf4c4e740f034a0ae415e5a56e04c627fc13707c5cae75955ff66353e1e15b28e9b18167b18405893ac3eb6fdc893bfc36337902194b9d2187d72e5fe661574d02444db6279ac876644165db9c0c75c3fffe36714d8bda300b85fcc92fbf035e635794280d6e35fd42b913cc46a343312177e17edfbfea44125378360f6089052e9818149dc0d055c3216cd54fe74dabff332716c0d57548dc904a3f2cffd2290152aec36a1f013af5d973a9c968ae69ade0e5b83efbf6be4a0e30aecea624bd7b6ad1488b5"], &(0x7f0000000bc0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x25, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_ifreq(r6, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})

1.437512343s ago: executing program 3 (id=6303):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = gettid()
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = syz_io_uring_setup(0x2b9, &(0x7f0000000740)={0x0, 0xb1e9, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000080)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_misc(r8, &(0x7f0000000000), 0xfffffecc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r2, r4, 0x0, 0x0, 0x0}, 0x30)
r9 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r9, 0x227b, &(0x7f00000000c0)=0x1)
readv(r9, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x57}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
clock_adjtime(0x0, &(0x7f0000000040)={0xd54})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800"/124], 0x98}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe80000000000000000000000000003a0c000280050001000000000008000740000000001800068014000400ff01000000000000000000"], 0xac}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000000000000bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000035040000500000001d400200000000006504020000ffffffb4030000000000001d440000000000007a0a00fe000000000f03000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b5264f00000000cd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af2542ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64364f56e24e6d2128c7e0ec82770c8204a1ddeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d3490dd97adab638cca595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8c83c3d8cbfedc038395342846e1b207974e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfcd7ad0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f9212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0000cf70a91c76e8b14de02b884114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6a582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbad8508f7550cad7ec93af7fb1b50c75ba1ee7baa19faf67256b56a355b6a686ba99d0a8950f0937f778af083e055f5138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003ebfbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1e1979e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a508460f2d0455cf79a43746979f99f60037e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adde305ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1ecbf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792747588d49df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d943622000000000000000000000000000000000000000000000000000000000000000000000000000000000000f112fc8a4942d7453cf29cbbef3a567ea0a2a8a0561dfb6cfe7f1812405e1a092b382adc0698c377b0a1f49afb6ba26f8e28cf68b0065857b36276931c318cb84f748a26c4d81a0322ce21e7d9c002006cf8ac6402e036cf9344a1cb1b8603276000144268a0aa584a92188f55318dde1d1b09319c00d0de3471ab4243ac0f49516a690c514ba6449f0a804fcac3f30bf4a933d32c889283aa092cca9aa349b624c5ed2b66fa0439f54f83c9ff8be083221609c8696433da46c91ac52e5b1d159daed1af0cda0ee05ae770a7ea467d5602b441e748b7f22496f8453fb6b7cc2dd3a8ce15fd76387fc02d4e2b7b4502a80000000000000000000000000000000000000000e046c0756c0955a81165e4212a1a58334fe51269f228ad32fba2bdae0172278d3bb48c370f6b59c0c7ba9b0aaae317d3f8104fd696bc76268923c396b017003ddcd205c05311dcae277e5b00"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r0, 0x0, 0x0)

1.410580717s ago: executing program 0 (id=6304):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r0, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c000500040000000000000008000100030000000500020000000000050002000800000024"], 0x12c}, 0x1, 0x0, 0x0, 0x20000020}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x0)

1.364100828s ago: executing program 0 (id=6305):
syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
r0 = memfd_secret(0x80000)
close(r0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x29, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r1, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8000f28, 0x0)
splice(r4, 0x0, r3, 0x0, 0x7f, 0xe)
futex_waitv(&(0x7f0000001b00)=[{0xfff, &(0x7f0000000940)=0x6, 0x6}], 0x1, 0x0, 0x0, 0x1)
write(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r6 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r6, 0x2004, 0x0)

1.300420591s ago: executing program 1 (id=6306):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x300, 0x4)
connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
sendto(r0, &(0x7f0000000540)="1db4d479c5faee911d50fbdf12a30d564a0e992d5f77ad426077a9f0ca1475183db32443011ff101251bcef8f165533aacd8c755793dc1ae99ad602c7cca2944de604d849a1e3b22905b0d26e9ff30b83f38a29b2530d22bdb6e73ef2a359249c3e29408dd3e", 0x66, 0x8004, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000400)="8cef4f52", 0x4, 0x40004, 0x0, 0x0)
sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280))
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0xff00, 0x90, [0x1000000, 0x0, 0x0, 0x0, 0xfffff9, 0x800005c0], 0x0, 0x0, &(0x7f00000005c0)=[{0xff00, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0)

809.989678ms ago: executing program 3 (id=6307):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f0000003dc0)=[{{0x0, 0xeaff, &(0x7f0000001080)=[{&(0x7f0000003100)=""/211, 0xd3}], 0x1}, 0x7fff}], 0x1, 0x100, 0x0)

752.681994ms ago: executing program 0 (id=6308):
mkdir(&(0x7f0000000400)='./file0\x00', 0x99) (async)
mkdir(&(0x7f0000000400)='./file0\x00', 0x99)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001) (async)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000219000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000, @void, @value}, 0x94) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYRESDEC=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
pipe2(&(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r8, 0x407, 0x0) (async)
fcntl$setpipe(r8, 0x407, 0x0)
write$FUSE_INIT(r8, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
vmsplice(r8, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r8, 0x407, 0x2000000) (async)
fcntl$setpipe(r8, 0x407, 0x2000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x23, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x101}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x7, 0x1, 0xa, 0x4, 0x8, 0xffffffffffffffff, 0xffffffffffffffff}, @alu={0xeca8f7c34e7ea1b4, 0x1, 0xc, 0x6, 0xb, 0xffffffffffffffc0, 0xffffffffffffffff}, @alu={0x7, 0x0, 0x6, 0xa, 0x1, 0x20, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x8, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x8ec}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0x8, 0xe, &(0x7f0000000300)=""/14, 0x41000, 0x40, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f00000003c0)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x4, 0x3, 0xffff, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680)=[r8], 0x0, 0x10, 0x8, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x23, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x101}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@call={0x85, 0x0, 0x0, 0xb8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x7, 0x1, 0xa, 0x4, 0x8, 0xffffffffffffffff, 0xffffffffffffffff}, @alu={0xeca8f7c34e7ea1b4, 0x1, 0xc, 0x6, 0xb, 0xffffffffffffffc0, 0xffffffffffffffff}, @alu={0x7, 0x0, 0x6, 0xa, 0x1, 0x20, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x8, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x8ec}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0x8, 0xe, &(0x7f0000000300)=""/14, 0x41000, 0x40, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f00000003c0)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x4, 0x3, 0xffff, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000680)=[r8], 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='xprtrdma_frwr_maperr\x00', r7, 0x0, 0x400000}, 0x18)
syz_clone(0xc2002000, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)
ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000005c0)=@get={0x1, 0x0, 0xffff})

686.613726ms ago: executing program 2 (id=6309):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
unshare(0x22020600)
syz_open_procfs(0x0, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x198b, 0x10100, 0x0, 0x3aa, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280), 0x0)
sendto$inet6(r3, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bind$tipc(r1, &(0x7f0000000080)=@name={0x1e, 0x2, 0x2, {{0x2, 0x3}, 0x2}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
lseek(r4, 0x1, 0x1)
getdents(r4, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x33, "dabb6386f6d73094a90d1fdb507195e485f544228032f04eff6b7454b702570f", "6aabb3257fbc4eb5a702000000a9b0bfed5a88511bfa36cd4d6206598017dffa", "3323b7b8cd277c616d9206e6fd2d56ff18c6adb2b5f90e30b32158c846051324", "193d5bf82fba97515dda05e0637ba9fbf81e49d4f1b5508a4c956379155801bc", "d87badb8a826b9f7474cf73cc0ade30d0cd9c5a00f9025f55d18c2764e77d3fe", "14d3094839a1d8e1ef22cffc"}})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1, &(0x7f00000000c0)=@raw=[@exit={0x95, 0x0, 0x9fff}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r6, 0x28, 0x1, &(0x7f0000000100)=0xffffffff00040000, 0x112)
msgsnd(0x0, &(0x7f0000002900)={0x3, "2c5b92fe53d0a8d45c8df77b3a5b24f5b5f47fb21e984f7cd98be58672f21c05d89a28dd30d16695fd88872467e730c5c5b07c0baad7f374dbe55481983863b91989f7f9e702207af9ed03c1ce4f6eb9b24a840cf9e71f78cba191462144280a2866a9e564cdf705a0dcf7833ebd4d2f23d396cbe8ffa41ecb67a470e3bb3037a146b21a2af740178582259f87014c3647901b3c888b71cb87bcb145a83f4429394c319164566ac0c8821c5827f7c81d9a289c18b0808e9046145a3890f5273bab59211376b73224dc2cfc9a99c36c8266430e1877aa8fb26ccbdee4c77a0de31deb8729c07d000f3714455c7db1999b623eee354be50ae48db0bc57b0d663aeabe13198305efa3c242b6b1745acf3aaf07f57727548163f83393600bc81201c2792b82cc5cdaa5ba4ae7ecdb2db7defa75da39bfbcdc1c139ac6f945758e6f536796ee758ebc486b289244942a2db4721deede70ef5b975e2ef6f72e7530e2a48d4cbb74ce7a376939ddd77cdc6aab076c17bba11ad81fb16f55aec0a603d71da0c53bb4b10c369308e8d397bd797b54a9fbb2f8b96b982a5775124bd1a73d659d8ec88148e5c9ee4f6156071adb66ee79e19cc753724cc31b5883b7a8c0d2921aff7103de65c90b97e4acd5e18bb3f373b9cd32f6a03476d6324645fcc44adad16f2bf3935232b2d33e68f16882e264d01064d9d74bdd36d1a43a6157875309e8ca7d23e87d44ae57f8db8a005f6833f75016ee942f226686cd342e11cc3b035d815c3935d0104783cb3d4bc70c2f1a377ef865b1ae7f1f8da4bd85a748b24a592b020891acd6f1bd1f6462e0fa5bd704dd94e254a60f7da2794abd16fa208a2b3dd40b8b6c91502da6aa9ce0b49c30dc886e94f9c637d0279234f69e9cc824a9f9eab8b78437f839d19c2d33b26f3a4aee997de0a3a9f4e850f2672de91b03e4199a231ac11b370a8381f742bd42521dde5e5703306273f763c36a499b7dfd591847d9a037761fb6b5fe63259896d3cc5a92839c7f8c7bc30fdb87bdf10e20528f85eee2e898e505d85ea55c7ca6f8188c99203ac65ab028c3ec8537a4bab01abe8df789fce5bb267737e936ba40834855589736b9ddd9610593ba55853cc171a5f40b81dadc741a2dd608977251c67cf5265066c064d9f29f444f08d6e220f930856207a4fc954dfdc2aa0af045c2a1e053e37c88af310ed6394c7fb0593ff5b20d729a71c91bd509ea2e50aad1f878523463eda57c4199287f9265289cef64c4e38da47adee287055d8f54bb6f9f7082b8046d62be6d974dfee3b99784d3a7c2bf332711bba305d6d13954282a390ec2872ce52c84d25b38f2c29a797eb21f3a2df1b207382561df9ec9432cc14a99ac51ded0afd4e4a2ea0504c9500100000000000002726bbed0eeabf92a5d44b36b686976a0521439afd"}, 0x2000, 0x0)

510.255159ms ago: executing program 3 (id=6310):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000015000103000000000008e7ff0b00000008000100", @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)

430.117308ms ago: executing program 3 (id=6311):
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x1a1002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f00000017c0)=""/195, 0xc3, <r2=>0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x4, 0x87, &(0x7f0000000380)=""/135, 0x41100, 0x10, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x10, 0x1a, &(0x7f0000000340)=ANY=[@ANYRES8=r2, @ANYRES32=r1, @ANYRES16, @ANYRES32=r1, @ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000650a0000186400001000000000000000ff07000018440000f9ffffff0000000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0xd, 0x1000, &(0x7f00000004c0)=""/4096, 0x41000, 0x52, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0xf, 0x1, 0xfffffe00}, 0x10, r2, r0, 0x2, &(0x7f0000001540)=[0xffffffffffffffff, r1, r1, r1], &(0x7f0000001580)=[{0x0, 0x4, 0x8, 0x3}, {0x0, 0x1, 0x8, 0x5}], 0x10, 0x5, @void, @value}, 0x94)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000c00)=ANY=[])
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x11)

429.794601ms ago: executing program 0 (id=6312):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0x3, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40010)
r3 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_opts(r3, 0x29, 0x3b, 0x0, &(0x7f00000008c0))
fsetxattr$security_capability(r3, &(0x7f0000000180), 0xffffffffffffffff, 0x0, 0x6dc4e4980008043c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
socket(0x2c, 0x4, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
setrlimit(0x8, 0x0)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0xfffff, 0xffffffffffffffff)
keyctl$read(0x2, r7, &(0x7f00000003c0)=""/4094, 0xffe)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r8=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000100), r8, 0x0, 0x1, 0x4}}, 0x20)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000ac0)=""/4096)
ioctl$PIO_SCRNMAP(r0, 0x4b52, &(0x7f00000001c0)="677e4b9c6e4ad5392c")

426.859071ms ago: executing program 3 (id=6313):
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05000000000c00"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="030000e001"], 0x80}}, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x8000)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x40084503, &(0x7f0000001500)=""/4103)
ioperm(0xa, 0x81, 0x2)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000400)={0x0, 0x0})
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r3, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000000000000080001000300000005000200000000000500020008000000240003"], 0x12c}, 0x1, 0x0, 0x0, 0x20000020}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r4, &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x0)

354.594159ms ago: executing program 1 (id=6314):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0x80000000000b, 0x0, 0x0, &(0x7f00000000c0), 0x0)
ioperm(0x284, 0x7f, 0xe3)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180), &(0x7f00000001c0))
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x2, 0xd}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8, 0xf, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24040840}, 0x0)

305.051654ms ago: executing program 3 (id=6315):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
setsockopt$inet_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000140)=0xffff, 0x4)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd74)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, 0x0, 0x0, 0x7d, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0x476e, 0x4)
connect$inet(r5, &(0x7f0000000200)={0x2, 0x4e1d, @loopback}, 0x10)
sendmmsg(r5, 0x0, 0x0, 0x0)
setsockopt$inet_int(r5, 0x0, 0xb, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
listen(0xffffffffffffffff, 0x6)
socket$kcm(0x10, 0x2, 0x4)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r7, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(0xffffffffffffffff, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
syz_io_uring_setup(0x86a6e, 0x0, 0x0, &(0x7f0000000180))
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x20042)
ioctl$DRM_IOCTL_WAIT_VBLANK(r8, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})

205.671774ms ago: executing program 1 (id=6316):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x1, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde08104500003800000000000190780a010101ac1414aa030c907800025ef5451d0001006800090973000fe0000001ac1e0101e0f46f0105f4f734"], 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

188.809409ms ago: executing program 0 (id=6317):
r0 = io_uring_setup(0x1379, &(0x7f0000000080)={0x0, 0x7f09, 0x1000, 0x800000, 0x121})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(0xffffffffffffffff, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r2, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="b00000000000000000000000000000000000000000200000000000000000000000000000000000000200000000000000000000000000000000000000000800000000000000000000000000000000000002000000000000000000000000000000000000002e0b000000000000000000000200000000c0000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="002000000000000000000000000000000000000000000000000000000100"/44], 0x0, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

98.941744ms ago: executing program 1 (id=6318):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000700)={0x0, 0x3, 0x4, 0x1})
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x4, &(0x7f0000000180)=0x8, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="050000000800000002000000040000004c010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000008946b2042b1f82b488ffd3b17b02d9e04644bfb5de168fb72261675b7fe0da703bd9042465a0fdcb91f73a3809280e39ec1064946837362efd28106bf8b660bf1e47a03540f56e423dd3562eb78f1f35bfaf5509bd3a41015ef1b28a0034d031951c09cddb250cad459576cae435a5261cc140506bd8752deaa4a050d50bd854f8c194afe7ea9f3914d00be9fc"], 0x50)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314, 0x8000}], 0x0, 0x0, 0x0})
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000200)=<r5=>0x0)
mq_notify(r4, &(0x7f0000000340)={0x0, 0x2d, 0x4, @tid=r5})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r8=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={r8, 0xc, 0xb3}, &(0x7f0000000240)=0xc)
socket$inet_sctp(0x2, 0x5, 0x84)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x30, r10, 0x100, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x30}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001f500000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000088000000060a010400000000000000000100000008000b400000000060000480280001800e000100636f6e6e6c696d69740000001400028008000140000006e508000240000000003400018008000100636d7000280002800800024000000001140003800400010009000100efbb17b799000000080001400000000e0900010073797a30"], 0xfc}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x7b312000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r12 = memfd_secret(0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={0x0, 0xfffffff8}, &(0x7f0000000040)=0x8)
syz_clone3(&(0x7f0000000280)={0x110000, &(0x7f0000000100), &(0x7f0000000140), &(0x7f00000001c0)=<r13=>0x0, {0x34}, &(0x7f0000000200), 0x0, &(0x7f00000008c0)=""/4096, &(0x7f0000000240)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x5, {r12}}, 0x58)
syz_open_procfs(r13, &(0x7f0000000300)='sched\x00')

0s ago: executing program 32 (id=6317):
r0 = io_uring_setup(0x1379, &(0x7f0000000080)={0x0, 0x7f09, 0x1000, 0x800000, 0x121})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(0xffffffffffffffff, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r2, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="b00000000000000000000000000000000000000000200000000000000000000000000000000000000200000000000000000000000000000000000000000800000000000000000000000000000000000002000000000000000000000000000000000000002e0b000000000000000000000200000000c0000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="002000000000000000000000000000000000000000000000000000000100"/44], 0x0, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 later): interface not active
[  949.645701][T25165] hsr_slave_0: entered promiscuous mode
[  949.647996][T25165] hsr_slave_1: entered promiscuous mode
[  949.651024][T25165] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  949.654260][T25165] Cannot create hsr debugfs directory
[  949.881511][  T837] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[  950.036562][  T837] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  950.039613][  T837] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  950.047475][  T837] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  950.053942][  T837] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  950.061616][  T837] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  950.076579][  T837] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  950.079433][  T837] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  950.084595][  T837] usb 7-1: Product: syz
[  950.087654][  T837] usb 7-1: Manufacturer: syz
[  950.110276][  T837] cdc_wdm 7-1:1.0: skipping garbage
[  950.115173][  T837] cdc_wdm 7-1:1.0: skipping garbage
[  950.130736][  T837] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  950.134787][  T837] cdc_wdm 7-1:1.0: Unknown control protocol
[  950.359083][ T7433] usb 7-1: USB disconnect, device number 48
[  950.530559][T15984] hsr_slave_0: left promiscuous mode
[  950.535910][T15984] hsr_slave_1: left promiscuous mode
[  950.538842][T15984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  950.541972][T15984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  950.584991][T15984] veth1_macvtap: left promiscuous mode
[  950.587414][T15984] veth0_macvtap: left promiscuous mode
[  950.788725][T25222] 9pnet: Found fid 0 not clunked
[  950.838204][T25222] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  950.902178][T22403] Bluetooth: hci0: command tx timeout
[  950.928696][T25228] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5115'.
[  951.294617][T25251] netlink: 92 bytes leftover after parsing attributes in process `syz.0.5126'.
[  951.404301][T15984] team0 (unregistering): Port device team_slave_1 removed
[  951.551635][T15984] team0 (unregistering): Port device team_slave_0 removed
[  952.172145][T25261] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5129'.
[  952.467528][T25269] netlink: 'syz.0.5131': attribute type 10 has an invalid length.
[  952.530479][T25275] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5131'.
[  952.534810][T25269] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5131'.
[  952.622782][T25282] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5134'.
[  952.728042][T25286] 9pnet: Found fid 0 not clunked
[  952.797696][T25289] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  952.821978][T25165] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  952.827146][T25165] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  952.832930][T25165] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  952.840434][T25165] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  952.911643][T25165] 8021q: adding VLAN 0 to HW filter on device bond0
[  952.922801][T25165] 8021q: adding VLAN 0 to HW filter on device team0
[  952.936676][T21650] bridge0: port 1(bridge_slave_0) entered blocking state
[  952.939470][T21650] bridge0: port 1(bridge_slave_0) entered forwarding state
[  952.943287][T21650] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.945555][T21650] bridge0: port 2(bridge_slave_1) entered forwarding state
[  952.970759][T25165] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  952.972030][T22403] Bluetooth: hci0: command tx timeout
[  953.122920][T25165] 8021q: adding VLAN 0 to HW filter on device batadv0
[  953.178461][T25165] veth0_vlan: entered promiscuous mode
[  953.190559][T25165] veth1_vlan: entered promiscuous mode
[  953.249969][T25165] veth0_macvtap: entered promiscuous mode
[  953.256007][T25165] veth1_macvtap: entered promiscuous mode
[  953.265010][T25165] batman_adv: batadv0: Interface activated: batadv_slave_0
[  953.277236][T25165] batman_adv: batadv0: Interface activated: batadv_slave_1
[  953.282360][T25165] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  953.285244][T25165] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  953.288030][T25165] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  953.290740][T25165] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  953.373414][T21650] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  953.383540][T21650] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  953.397055][T15984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  953.400147][T15984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  953.535789][T25319] erspan0: left allmulticast mode
[  953.537452][T25319] erspan0: left promiscuous mode
[  953.539144][T25319] bridge0: port 3(erspan0) entered disabled state
[  953.553970][T25319] bridge_slave_0: left allmulticast mode
[  953.556391][T25319] bridge_slave_0: left promiscuous mode
[  953.558904][T25319] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.564647][T25319] bridge_slave_1: left allmulticast mode
[  953.567020][T25319] bridge_slave_1: left promiscuous mode
[  953.569485][T25319] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.578484][T25319] : (slave bond_slave_0): Releasing backup interface
[  953.586520][T25319] : (slave bond_slave_1): Releasing backup interface
[  953.589205][T25322] netlink: 'syz.1.5138': attribute type 23 has an invalid length.
[  953.617579][T25319] team0: Port device team_slave_0 removed
[  953.630981][T25319] team0: Port device team_slave_1 removed
[  953.634843][T25319] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  953.637899][T25319] batman_adv: batadv0: Removing interface: batadv_slave_0
[  953.643758][T25319] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  953.646700][T25319] batman_adv: batadv0: Removing interface: batadv_slave_1
[  953.835080][T25329] 9pnet: Found fid 0 not clunked
[  953.861903][T25331] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5143'.
[  953.927608][T25329] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  954.086405][T25339] vlan3: entered promiscuous mode
[  954.088179][T25339] vlan3: entered allmulticast mode
[  954.089809][T25339] hsr_slave_1: entered allmulticast mode
[  954.212599][T25345] FAULT_INJECTION: forcing a failure.
[  954.212599][T25345] name failslab, interval 1, probability 0, space 0, times 0
[  954.217222][T25345] CPU: 0 UID: 0 PID: 25345 Comm: syz.0.5148 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  954.217246][T25345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  954.217257][T25345] Call Trace:
[  954.217263][T25345]  <TASK>
[  954.217270][T25345]  dump_stack_lvl+0x16c/0x1f0
[  954.217301][T25345]  should_fail_ex+0x512/0x640
[  954.217322][T25345]  ? __kvmalloc_node_noprof+0x124/0x620
[  954.217349][T25345]  should_failslab+0xc2/0x120
[  954.217367][T25345]  __kvmalloc_node_noprof+0x137/0x620
[  954.217390][T25345]  ? bpf_opcode_in_insntable+0xf/0x50
[  954.217415][T25345]  ? resolve_pseudo_ldimm64+0x716/0x1a90
[  954.217432][T25345]  ? check_cfg+0x107/0xab0
[  954.217453][T25345]  ? check_cfg+0x107/0xab0
[  954.217467][T25345]  check_cfg+0x107/0xab0
[  954.217481][T25345]  ? check_subprogs+0x5e2/0x850
[  954.217502][T25345]  bpf_check+0x61f5/0xb4f0
[  954.217520][T25345]  ? __mutex_trylock_common+0xe9/0x250
[  954.217553][T25345]  ? __pfx_bpf_check+0x10/0x10
[  954.217574][T25345]  ? css_rstat_updated+0x9d/0xd30
[  954.217593][T25345]  ? __lock_acquire+0xb8a/0x1c90
[  954.217621][T25345]  ? find_held_lock+0x2b/0x80
[  954.217637][T25345]  ? rcu_is_watching+0x12/0xc0
[  954.217651][T25345]  ? ktime_get_with_offset+0x26e/0x3b0
[  954.217669][T25345]  ? __asan_memset+0x23/0x50
[  954.217688][T25345]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  954.217712][T25345]  bpf_prog_load+0xe41/0x2490
[  954.217738][T25345]  ? __pfx_bpf_prog_load+0x10/0x10
[  954.217779][T25345]  __sys_bpf+0x433c/0x4d80
[  954.217794][T25345]  ? __pfx___sys_bpf+0x10/0x10
[  954.217809][T25345]  ? ksys_write+0x190/0x250
[  954.217844][T25345]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  954.217874][T25345]  ? fput+0x70/0xf0
[  954.217892][T25345]  ? ksys_write+0x1ac/0x250
[  954.217917][T25345]  ? __pfx_ksys_write+0x10/0x10
[  954.217947][T25345]  __ia32_sys_bpf+0x76/0xe0
[  954.217965][T25345]  __do_fast_syscall_32+0x7c/0x3a0
[  954.217986][T25345]  do_fast_syscall_32+0x32/0x80
[  954.218004][T25345]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  954.218026][T25345] RIP: 0023:0xf7f91579
[  954.218039][T25345] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  954.218056][T25345] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  954.218074][T25345] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000008000e000
[  954.218086][T25345] RDX: 0000000000000052 RSI: 0000000000000000 RDI: 0000000000000000
[  954.218097][T25345] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  954.218107][T25345] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  954.218118][T25345] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  954.218142][T25345]  </TASK>
[  954.635464][T25351] netlink: 'syz.3.5150': attribute type 4 has an invalid length.
[  954.638598][T25351] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5150'.
[  954.655374][T25351] : renamed from bond0 (while UP)
[  954.686099][T25351] syz.3.5150: attempt to access beyond end of device
[  954.686099][T25351] nbd3: rw=4096, sector=0, nr_sectors = 2 limit=0
[  954.701509][T25351] XFS (nbd3): SB validate failed with error -5.
[  954.784828][T25358] xt_hashlimit: size too large, truncated to 1048576
[  954.799623][T25358] x_tables: ip_tables: icmp match: only valid for protocol 1
[  955.061650][T22403] Bluetooth: hci0: command tx timeout
[  955.062175][ T5960] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  955.067059][ T5960] Bluetooth: hci3: Injecting HCI hardware error event
[  955.074410][T22403] Bluetooth: hci3: hardware error 0x00
[  956.250752][T25389] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5161'.
[  957.132892][T22403] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  957.133080][T25367] Bluetooth: hci0: command tx timeout
[  958.012064][T25367] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  958.016990][T25367] Bluetooth: hci2: Injecting HCI hardware error event
[  958.022154][T22403] Bluetooth: hci2: hardware error 0x00
[  958.048075][T25432] block device autoloading is deprecated and will be removed.
[  959.207265][T25468] syz_tun: entered allmulticast mode
[  959.274228][T25367] Bluetooth: hci0: command 0x0405 tx timeout
[  959.573899][T25465] syz_tun: left allmulticast mode
[  960.101215][T22403] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  960.384427][T25490] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  961.147852][T25506] netlink: 'syz.0.5197': attribute type 10 has an invalid length.
[  961.157764][T25506] tipc: Resetting bearer <eth:team0>
[  961.189029][T25506] team0: MTU too low for tipc bearer
[  961.193104][T25506] tipc: Disabling bearer <eth:team0>
[  961.197147][T25506] 8021q: adding VLAN 0 to HW filter on device team0
[  961.201349][T25506] : (slave team0): Enslaving as an active interface with an up link
[  961.201459][T25508] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  961.222081][T25507] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:d029:95ff:fe5d:badf error=-28
[  961.346169][T25507] infiniband syz2: set active
[  961.348314][T25507] infiniband syz2: added team_slave_0
[  961.354476][T25507] syz2: rxe_create_cq: returned err = -12
[  961.357040][T25507] infiniband syz2: Couldn't create ib_mad CQ
[  961.359724][T25507] infiniband syz2: Couldn't open port 1
[  961.384265][T25507] RDS/IB: syz2: added
[  961.390402][T25507] smc: adding ib device syz2 with port count 1
[  961.401136][T25507] smc:    ib device syz2 port 1 has pnetid 
[  961.654272][   T53] kernel write not supported for file /sysvipc/msg (pid: 53 comm: kworker/1:1)
[  961.751834][T25525] sock: sock_timestamping_bind_phc: sock not bind to device
[  962.660475][T25540] vlan2: entered promiscuous mode
[  962.662335][T25540] vlan2: entered allmulticast mode
[  962.664318][T25540] hsr_slave_1: entered allmulticast mode
[  962.842553][T25542] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  962.853476][T25542] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  963.448880][T25546] fuse: Bad value for 'fd'
[  964.200540][T25565] vlan2: entered promiscuous mode
[  964.202539][T25565] vlan2: entered allmulticast mode
[  964.204165][T25565] hsr_slave_1: entered allmulticast mode
[  964.527891][T25571] fuse: Bad value for 'fd'
[  964.612668][T25575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5222'.
[  964.615686][T25575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  964.618040][T25575] batman_adv: batadv0: Removing interface: batadv_slave_0
[  964.621736][T25575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  964.624082][T25575] batman_adv: batadv0: Removing interface: batadv_slave_1
[  964.964331][T25586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5224'.
[  965.050817][T25591] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  965.053264][T25591] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  965.057005][T25591] vhci_hcd vhci_hcd.0: Device attached
[  965.303180][T13232] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  965.383494][T25604] fuse: Bad value for 'fd'
[  965.451453][ T7433] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  965.601166][ T7433] usb 6-1: Using ep0 maxpacket: 8
[  965.607933][ T7433] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  965.614015][ T7433] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  965.617790][ T7433] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  965.620843][ T7433] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  965.629709][ T7433] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  965.632614][ T7433] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  965.783604][T25595] vhci_hcd: connection reset by peer
[  965.786596][T15984] vhci_hcd: stop threads
[  965.788090][T15984] vhci_hcd: release socket
[  965.789730][T15984] vhci_hcd: disconnect device
[  965.841887][ T7433] usb 6-1: GET_CAPABILITIES returned 0
[  965.843713][ T7433] usbtmc 6-1:16.0: can't read capabilities
[  966.056708][ T7433] usb 6-1: USB disconnect, device number 36
[  966.409102][T25619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5234'.
[  966.610441][   T40] audit: type=1326 audit(1749095312.939:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25622 comm="syz.2.5235" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  966.681015][T25632] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  967.549275][T25643] syz.3.5242: vmalloc error: size 2003292160, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  967.554587][T25643] CPU: 3 UID: 0 PID: 25643 Comm: syz.3.5242 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  967.554603][T25643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  967.554611][T25643] Call Trace:
[  967.554615][T25643]  <TASK>
[  967.554620][T25643]  dump_stack_lvl+0x16c/0x1f0
[  967.554642][T25643]  warn_alloc+0x248/0x3a0
[  967.554660][T25643]  ? __pfx_warn_alloc+0x10/0x10
[  967.554675][T25643]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  967.554692][T25643]  ? stack_depot_save_flags+0x3e0/0xa40
[  967.554714][T25643]  ? kasan_save_stack+0x42/0x60
[  967.554730][T25643]  ? kasan_save_stack+0x33/0x60
[  967.554745][T25643]  ? kasan_save_track+0x14/0x30
[  967.554760][T25643]  ? vb2_vmalloc_alloc+0xf9/0x3f0
[  967.554774][T25643]  ? __vb2_queue_alloc+0x8c9/0x1280
[  967.554786][T25643]  ? vb2_core_create_bufs+0x559/0xab0
[  967.554800][T25643]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  967.554815][T25643]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  967.554829][T25643]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  967.554848][T25643]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  967.554865][T25643]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  967.554884][T25643]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  967.554898][T25643]  vmalloc_user_noprof+0x9e/0xe0
[  967.554912][T25643]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  967.554926][T25643]  vb2_vmalloc_alloc+0x135/0x3f0
[  967.554941][T25643]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  967.554954][T25643]  __vb2_queue_alloc+0x8c9/0x1280
[  967.554974][T25643]  vb2_core_create_bufs+0x559/0xab0
[  967.554990][T25643]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  967.555010][T25643]  vb2_create_bufs+0x5e8/0x840
[  967.555024][T25643]  ? __pfx_vb2_create_bufs+0x10/0x10
[  967.555036][T25643]  ? v4l_sanitize_colorspace+0x213/0x400
[  967.555058][T25643]  vb2_ioctl_create_bufs+0x244/0x3e0
[  967.555070][T25643]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  967.555088][T25643]  vidioc_create_bufs+0x7d/0xf0
[  967.555101][T25643]  v4l_create_bufs+0x156/0x270
[  967.555117][T25643]  __video_do_ioctl+0xb40/0xfc0
[  967.555136][T25643]  ? __pfx___video_do_ioctl+0x10/0x10
[  967.555154][T25643]  ? __kmalloc_noprof+0x242/0x510
[  967.555174][T25643]  video_usercopy+0x47c/0x1440
[  967.555185][T25643]  ? __pfx___video_do_ioctl+0x10/0x10
[  967.555208][T25643]  ? __pfx_video_usercopy+0x10/0x10
[  967.555231][T25643]  ? hook_file_ioctl_common+0x145/0x410
[  967.555280][T25643]  v4l2_ioctl+0x1bd/0x250
[  967.555297][T25643]  ? __ia32_compat_sys_openat+0x111/0x210
[  967.555312][T25643]  v4l2_compat_ioctl32+0x214/0x2c0
[  967.555327][T25643]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  967.555343][T25643]  __ia32_compat_sys_ioctl+0x242/0x370
[  967.555359][T25643]  __do_fast_syscall_32+0x7c/0x3a0
[  967.555372][T25643]  do_fast_syscall_32+0x32/0x80
[  967.555383][T25643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  967.555397][T25643] RIP: 0023:0xf711e579
[  967.555405][T25643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  967.555416][T25643] RSP: 002b:00000000f50ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  967.555426][T25643] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000c0f8565c
[  967.555434][T25643] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  967.555440][T25643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  967.555446][T25643] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  967.555452][T25643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  967.555465][T25643]  </TASK>
[  967.555470][T25643] Mem-Info:
[  967.668202][T25643] active_anon:5260 inactive_anon:1072 isolated_anon:0
[  967.668202][T25643]  active_file:4173 inactive_file:1064 isolated_file:0
[  967.668202][T25643]  unevictable:1768 dirty:361 writeback:0
[  967.668202][T25643]  slab_reclaimable:8853 slab_unreclaimable:84055
[  967.668202][T25643]  mapped:26444 shmem:5709 pagetables:1279
[  967.668202][T25643]  sec_pagetables:335 bounce:0
[  967.668202][T25643]  kernel_misc_reclaimable:0
[  967.668202][T25643]  free:43439 free_pcp:11757 free_cma:0
[  967.681975][T25643] Node 0 active_anon:36kB inactive_anon:216kB active_file:644kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8080kB pagetables:1212kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB
[  967.691882][T25643] Node 1 active_anon:21004kB inactive_anon:4072kB active_file:16048kB inactive_file:4248kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:105760kB dirty:1444kB writeback:0kB shmem:18928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7688kB pagetables:3904kB sec_pagetables:180kB all_unreclaimable? no Balloon:0kB
[  967.702124][T25643] Node 0 DMA free:2504kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:20kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:128kB local_pcp:0kB free_cma:0kB
[  967.711140][T25643] lowmem_reserve[]: 0 289 289 289 289
[  967.712826][T25643] Node 0 DMA32 free:23560kB boost:8192kB min:21524kB low:24856kB high:28188kB reserved_highatomic:4096KB free_highatomic:888KB active_anon:36kB inactive_anon:196kB active_file:644kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:296832kB mlocked:0kB bounce:0kB free_pcp:6120kB local_pcp:920kB free_cma:0kB
[  967.723782][T25643] lowmem_reserve[]: 0 0 0 0 0
[  967.725435][T25643] Node 1 DMA32 free:147692kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:10240KB free_highatomic:3720KB active_anon:20904kB inactive_anon:4072kB active_file:16048kB inactive_file:4248kB unevictable:3536kB writepending:1444kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:40940kB local_pcp:8276kB free_cma:0kB
[  967.735446][T25643] lowmem_reserve[]: 0 0 0 0 0
[  967.736944][T25643] Node 0 DMA: 46*4kB (UM) 32*8kB (UM) 13*16kB (UM) 14*32kB (UM) 4*64kB (UM) 1*128kB (M) 2*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2504kB
[  967.741693][T25643] Node 0 DMA32: 470*4kB (UMEH) 350*8kB (UMEH) 116*16kB (UME) 246*32kB (UMEH) 57*64kB (UMH) 21*128kB (UMEH) 7*256kB (ME) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 23560kB
[  967.746917][T25643] Node 1 DMA32: 1243*4kB (UMEH) 1471*8kB (UMEH) 675*16kB (UMEH) 480*32kB (UMEH) 132*64kB (UMEH) 112*128kB (UMEH) 70*256kB (UMEH) 41*512kB (UME) 26*1024kB (ME) 8*2048kB (UM) 0*4096kB = 147604kB
[  967.752812][T25643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  967.755744][T25643] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  967.758637][T25643] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  967.761623][T25643] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  967.764487][T25643] 11402 total pagecache pages
[  967.766036][T25643] 460 pages in swap cache
[  967.767411][T25643] Free swap  = 89204kB
[  967.768695][T25643] Total swap = 124996kB
[  967.770005][T25643] 524155 pages RAM
[  967.771274][T25643] 0 pages HighMem/MovableOnly
[  967.772754][T25643] 209040 pages reserved
[  967.774096][T25643] 0 pages cma reserved
[  968.275783][T25665] FAULT_INJECTION: forcing a failure.
[  968.275783][T25665] name failslab, interval 1, probability 0, space 0, times 0
[  968.279805][T25665] CPU: 1 UID: 0 PID: 25665 Comm: syz.0.5247 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  968.279821][T25665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  968.279828][T25665] Call Trace:
[  968.279833][T25665]  <TASK>
[  968.279837][T25665]  dump_stack_lvl+0x16c/0x1f0
[  968.279860][T25665]  should_fail_ex+0x512/0x640
[  968.279873][T25665]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  968.279891][T25665]  should_failslab+0xc2/0x120
[  968.279902][T25665]  __kmalloc_cache_noprof+0x6a/0x3e0
[  968.279917][T25665]  ? snd_mixer_oss_put_volume1_sw.constprop.0.isra.0+0x2f1/0x510
[  968.279932][T25665]  ? snd_mixer_oss_put_volume1_sw.constprop.0.isra.0+0x345/0x510
[  968.279946][T25665]  ? snd_mixer_oss_put_volume1_sw.constprop.0.isra.0+0x9c/0x510
[  968.279963][T25665]  snd_mixer_oss_put_volume1_sw.constprop.0.isra.0+0x9c/0x510
[  968.279980][T25665]  snd_mixer_oss_put_recsrc1_sw+0x87/0xc0
[  968.279994][T25665]  snd_mixer_oss_ioctl1+0xaf3/0x1cf0
[  968.280007][T25665]  ? __pfx_snd_mixer_oss_put_recsrc1_sw+0x10/0x10
[  968.280021][T25665]  ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10
[  968.280039][T25665]  ? find_held_lock+0x2b/0x80
[  968.280050][T25665]  ? hook_file_ioctl_common+0x145/0x410
[  968.280070][T25665]  ? __fget_files+0x20e/0x3c0
[  968.280085][T25665]  ? __fput_deferred+0x460/0x480
[  968.280099][T25665]  snd_mixer_oss_ioctl_compat+0x43/0x70
[  968.280112][T25665]  ? __pfx_snd_mixer_oss_ioctl_compat+0x10/0x10
[  968.280124][T25665]  __ia32_compat_sys_ioctl+0x242/0x370
[  968.280140][T25665]  __do_fast_syscall_32+0x7c/0x3a0
[  968.280153][T25665]  do_fast_syscall_32+0x32/0x80
[  968.280165][T25665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  968.280179][T25665] RIP: 0023:0xf7f91579
[  968.280188][T25665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  968.280199][T25665] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  968.280210][T25665] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0044dff
[  968.280217][T25665] RDX: 0000000080004000 RSI: 0000000000000000 RDI: 0000000000000000
[  968.280224][T25665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  968.280230][T25665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  968.280237][T25665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  968.280251][T25665]  </TASK>
[  968.442157][T25667] 9pnet: Found fid 0 not clunked
[  968.505607][T25667] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  968.865062][T25679] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5251'.
[  969.858989][T25710] 9pnet: Found fid 0 not clunked
[  969.913737][T25711] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  970.247270][T25721] fuse: Unknown parameter '0x0000000000000003'
[  970.401194][T13232] vhci_hcd: vhci_device speed not set
[  970.643806][T25736] ieee802154 phy0 wpan0: encryption failed: -22
[  970.938596][T25744] 9pnet: Found fid 0 not clunked
[  970.988548][T25744] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  971.327053][T25754] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  971.662333][T25763] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  971.671490][T25763] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  971.813346][T25768] netlink: 'syz.0.5277': attribute type 4 has an invalid length.
[  971.816653][T25768] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5277'.
[  972.506032][T25781] 9pnet: Found fid 0 not clunked
[  972.577352][T25781] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  973.382303][T25795] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  973.386076][T25795] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  973.475422][T25800] lo speed is unknown, defaulting to 1000
[  973.625631][T25802] lo speed is unknown, defaulting to 1000
[  974.218001][T25816] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  974.222223][T25816] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  974.589213][T25822] FAULT_INJECTION: forcing a failure.
[  974.589213][T25822] name failslab, interval 1, probability 0, space 0, times 0
[  974.595535][T25822] CPU: 1 UID: 0 PID: 25822 Comm: syz.1.5293 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  974.595552][T25822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  974.595559][T25822] Call Trace:
[  974.595563][T25822]  <TASK>
[  974.595568][T25822]  dump_stack_lvl+0x16c/0x1f0
[  974.595591][T25822]  should_fail_ex+0x512/0x640
[  974.595604][T25822]  ? __kvmalloc_node_noprof+0x124/0x620
[  974.595622][T25822]  should_failslab+0xc2/0x120
[  974.595634][T25822]  __kvmalloc_node_noprof+0x137/0x620
[  974.595651][T25822]  ? bucket_table_alloc.isra.0+0x83/0x460
[  974.595671][T25822]  ? bucket_table_alloc.isra.0+0x83/0x460
[  974.595682][T25822]  bucket_table_alloc.isra.0+0x83/0x460
[  974.595696][T25822]  rhashtable_init_noprof+0x41a/0x7e0
[  974.595709][T25822]  rhltable_init_noprof+0x20/0x60
[  974.595722][T25822]  nf_tables_newtable+0xf94/0x1b40
[  974.595741][T25822]  ? __pfx___nla_validate_parse+0x10/0x10
[  974.595758][T25822]  ? __pfx_nf_tables_newtable+0x10/0x10
[  974.595778][T25822]  ? __nla_parse+0x40/0x60
[  974.595795][T25822]  nfnetlink_rcv_batch+0x18ed/0x2330
[  974.595819][T25822]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  974.595837][T25822]  ? __local_bh_enable_ip+0xa4/0x120
[  974.595850][T25822]  ? __dev_queue_xmit+0x896/0x43e0
[  974.595865][T25822]  ? __dev_queue_xmit+0x8b7/0x43e0
[  974.595887][T25822]  ? __pfx___dev_queue_xmit+0x10/0x10
[  974.595916][T25822]  ? __nla_parse+0x40/0x60
[  974.595934][T25822]  nfnetlink_rcv+0x3c1/0x430
[  974.595949][T25822]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  974.595968][T25822]  netlink_unicast+0x53d/0x7f0
[  974.595984][T25822]  ? __pfx_netlink_unicast+0x10/0x10
[  974.596002][T25822]  netlink_sendmsg+0x8d1/0xdd0
[  974.596018][T25822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  974.596032][T25822]  ? __import_iovec+0x1dd/0x650
[  974.596050][T25822]  ____sys_sendmsg+0xa95/0xc70
[  974.596064][T25822]  ? udl_crtc_helper_atomic_enable+0xc60/0x1c50
[  974.596081][T25822]  ? __pfx_____sys_sendmsg+0x10/0x10
[  974.596095][T25822]  ? get_compat_msghdr+0x11a/0x170
[  974.596113][T25822]  ___sys_sendmsg+0x134/0x1d0
[  974.596125][T25822]  ? __pfx____sys_sendmsg+0x10/0x10
[  974.596143][T25822]  ? find_held_lock+0x2b/0x80
[  974.596165][T25822]  __sys_sendmsg+0x16d/0x220
[  974.596176][T25822]  ? __pfx___sys_sendmsg+0x10/0x10
[  974.596193][T25822]  ? rcu_is_watching+0x12/0xc0
[  974.596207][T25822]  __do_fast_syscall_32+0x7c/0x3a0
[  974.596220][T25822]  do_fast_syscall_32+0x32/0x80
[  974.596231][T25822]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  974.596246][T25822] RIP: 0023:0xf70ae579
[  974.596255][T25822] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  974.596266][T25822] RSP: 002b:00000000f507d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  974.596277][T25822] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  974.596284][T25822] RDX: 0000000006000090 RSI: 0000000000000000 RDI: 0000000000000000
[  974.596291][T25822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  974.596297][T25822] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  974.596303][T25822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  974.596317][T25822]  </TASK>
�½0=Ò k"0c³CÞ;å.ÀºEÈ@ÞÝw÷ÉÔ…H
iò=¼Rv©™[s;ݧõ8[�†µUxR©ª@å¾Þõ]u+¸'¯Þò“,]u²¨�”ÖÐg‡ª‰›(²¤#£ÒÍ0ÜwèÀeÍ…z�$aá¹’ãu§b9›yû˜ç¯YE)&Oþ)�Ÿ‹6ø“b;æÁ©¡yg¾Uü4>´rÉ“´Žt€_Æ�œàʘÚG‚†Ã0µØ0Hö”ŽÑVpẑEŠ=N©
OeÝ¢Ï2ûæ�"y�ÄJ½I�ª†èÝz‰F°<@MS0êQ¥¤up¥øQ¯�ʃ’´¥ølƒ’~™�ñ7¿çMüžÂؤZGõk½›×í�φÈÛwðW·§›_F•°‹cã1×�`LÞéŠÏ챈*‘]Ðä°kjF‡U�)B–6Ñ=xŒ}³í<˜úiä&vÛ5@½‰3£ûw]+ú‹ÏÎáÇ$Ì6´_§)¦s½\ç( 
µH˜‘co bxz$!/	Î*ǽû	ˆM3…ËG‡¼¦v[Ȁ¥mތ˖VP§CHØ\«üiÎ>€[4OÑñö<r½m=”ƒºÚˆšýxÆÍÇjæ�†›1ÝìÓ�ù3`³É%¬{dæ‰çtç÷yzµ†¼MÓa�A¥lþÜùÏãËqýTb 8†À¬¾[kµ˜mp/>wùO_ÑÆ;�þø¨öÕ½†a,µÃaÓxÏ02a0ˆs¹1œ¼=Ï*¤*Š$þ»S8 ŽÆ+èW1E$”Æ�mCK-�ÁX_É^y—b1²À9õúQs�Ùîü'ê°CŒ9ÁñÓwBà°x(›„Ñ›‰ö·…"¯ÐuƒÏ›B«ÑI.XÕïOÚW¸­Zétp»0ÚÇ\PÖ‚ŒòXÎ�l¥fw;hB²?ŸÂe�Þ#`!ödܱ
Œo7¥ZlÇ‚¾©`¹
:‰“ýÅ[Ì!vHDÒVû€‘â.MŸgŽ“¹`	hZ
q­ƒØC�Î>Ô–’E8ĵôq©Ê%SËS·å§*vÔiü#yIWg�¢ΙrÞ#ƒ…-¨
¦�Ô>6�lÚc~cà‚²×× .k
à7‡Áa#ßJ#÷'�NÑN¹·&G]BÂVŸ3È^“"ûô7·ïI+|£Æ�¬¡ž±¹ nŸ‡ŠÎášÐî^F/’8£¹ù'U잦"ïh7&¬1x}O¦Չ܌sQ"‘:oêLÇf…æƒz}öonùŠ˜<sG?R34xÊ]ÅlFìôÊ:wJ„æfS%pÈ	É*ú9Í‚èØePQÀeUoªÎÄ�qÿÇŸ¾¥¨gèQ8'?•3ð`ÂTHž!o;˨¢Ô¡N‡•¦ë­¶<ãÀ	ç;÷aþog”Ãð@´>ø=Lò»±Fl>¶åàÄËÌ=O£�I„áêÒÝø¹éœÐ…9gâ6vß8€�DïQHwYǺԒ_fÎ’ü·„‰|q
Í™ƒ'0Y^˜}íW_å³é“ÝÏ{S¼q*‰Ñ{ÒéºWUÓJ¸ªŒ+-TZ7c.Ý÷â¨% ,l6PŽXò6Å?|’ñ9eJ5ì<°›)œ �\ˆ8÷ûVóò–Y©Í%v59C%ªwYzÕí2˾¨~Àò�šúáúi5îgšR÷Œ‚Ð(\?ņ�«;ˆ1!†Jq+tôŒ¹+øŒ5¶Ô�·°bNþu£ ÓaY=ã�ñH©Ìö	*9 3Zä\—Pˆ‹¦åWªð'À¶œ�_n\‚I¶2×OWE„GR^…�Y^—»2æn« I¸Ú¤Ë­üoÖ+Ó…âJ¶˜º¤\
ò0©ü{còŒÜT,—‡ÐgbJMÝãÆ%îýðºKÑìÊ{;. �u�iT-©Á[…ÀÞ+ðÉì�x:‚†%y1zsY<$]cp¥qo4ùß@Dñ„\aÊ)#óŸåGÈ­‘@Ó�	·'걜Œz!'‹è?C	1ƒñ¦ë³y§Y «(f€1ýGà˜©¡ž™WZ©Ï‘ç¼Ks~èìe÷˜îq�°šg…ÀO
þï´‚3îmý™Ím„ÐŽåä×zAŠŸóXË­e`]²†ß³ÙáAxÔv
ÖÏ+F¼»¶ùñîê¬ë0£—¬Üï?Oø}†.Ì<{„ƒ‚GñÞNJ÷kÒ¿2˜‡šYÃŒ;Tc÷.c&âÍ�’&jäzŒRΉc“ȧé¹Ê-	îÕzj
ýz/w$²â(>¼ÒT
”|Ôh‹ÊýÍ3ÓÀ7ð`(*ûì¦úéxÃk"ÞºùGzR…òú±AoOäź™:m@dcÜ~້Éî–]°F
#§„ø<ÉÐÈHÓKœS¿_	}å ¥&4�Ò½¥:–Bƒ@Y»a‹èH{€I�êȃ¢1À/Žt‡683Ù-ªHèÓ‡ÕŸOŽ6dÓÖg;ü„zÕá¿æG·Xê4WÐ6BÛg‘í³\¨"\‹V[1¯C³ç¡ cÀ½[H+í´ó™QçˆK°¾lÍ,NJçèTt0ôêáO3 «~ÿ7ÄT7æ˜iò†‚ìÃBJ*à©—Mï<OËbù4Ï2Ù¬…x/àÉÏ­Ö:+¨€Þ‰ãß3l"0ËZ�¿d®O#ýÃ̵G<'„-ÊP„%¶p»žÀmxB?=ÌžêKÏå;¢¤Âm$8¡™µ¹·ªI@¿;¥�ÍŠrmDD"…÷©ÿÄeÑ€>w
ÿåj&/oc¹ÿáiˆ!iòP_yQ2¨3@†�Sèºv³—yAe]Q3œL.Õùp9^€:êèl‚‘
Ÿ~ðXöƒŒ±zÔÂ~MÿÏ&
H~‚hó !Ôc·N'á²Ð¾Z8í £a–êµõÏ€LRß%Å(Þ…Ðÿ]åÃZG”ÖÓ…�Ô–°ºjçÁŸ®3¿ùDõ“C9à°ü§R8„M¹2æxZ
ý²bÀŒ%„#Rž»|fÍÅ漮䷓Èl_Ià�\G_b‘h§Vi×ô?ÓNfgV¾BpI+¢ëh9ãµ?ªæ ïMvÀsîÀ½¹>Å'Çp›MX¥sQâ�.™`ì�Ìläqëx©ÖIóê¶z4Rg[ƒÒªa_®^íAHzôÎz/fš2=ah×ÂeRW³ô³Î5:
&É6„k,c’š›æÀ#�‡VIVHF¿¦Ã`à²ó�ù±‚
éWèVo&Wõ’l�ÚËëIirŠ•‚·³æ�Údÿcÿ¦áËØ2È-¤»Äðeƒd¸ŒDÛ*Žñ.=÷8ó—´¦ùÝ;øÓ?íw¤ž¡»1)nÊß±[§uyøS W¸Òq…·¦5ï'Zb·ÊŒÀ—0yùm:åå}kk™´
 |æ´V“×’;¬%×+îlÀ
;·HŠ°ï�#°ìoŸFœù€J÷;öÎ
!YgŽòe4Ëóð<;ýÏ�¹®ˆØ#~­•¦™OpµLª}qü(Qê¶;‡¤gj<Ìó�N%ŽüQÁ=@£~NHNß„0‘4Ùè¿	‚³›†gÅ«Êø¯GÇ,S0lâ,«åÃ�wm";öæÚïoÓÑûù涠`Ž�Hà7íÑvòÐå‘Ãâ½Iüj϶Uß(Á˜³þ³‹cçÞ—ŒY­m�O[ïA¾•YÉœ•0Ï€`‘Ø;‰W±
©dÀªð×!ÐxX~# µ�–Ëÿ;ûàäÌâ`VHëˆdUü„“°+ê“ø*íus‡�ãþ^[6;מù9[<µûíÁ¯*I41Á=„ÆE0´A¥²Ï�êÆÆPn‚Á]“-„Y¹’¥ÔÃÍŒýï@z=ðïÅò‰Õ8·†àÞ�É�[wñÝ+¯»´ØØ¿ÑbMUlì•æÐe*ß4xå ½ƒÓ8³Xü�p€|&ÿd_ÊšÖµ�ÀËùì->…Eè¡k]«Pת”	_pvš«S.ÄÊR
úû^üfx,^É}m÷VŸ5p/Ó¯ù¾YNÄÇ�ŠS°9i`ØP€!‘(œm[,|"¥ûáF ¸çw]×eü4w¼~É
Òh¡ÜÜ29 œ¨½bÅÚ¬@ñ™×¯˜?ÐðT­ÄÑæR¯›¶>KÒÛÚyZ+bt«ÚžW Â-bQõÕŠ	~ìf£i†hv‡^€ç|/˜xÅ$,YÕÕí	㣖ƒAœêÉ´ÃVÊGáHLSMK�Ì*SuÝÊã—L§ãÝ­ð8*Ì1m&ÞúQìópÏ¿5ƒæµ=ùXŸ¥­ú¤
Œ:==öB>];�oFÒÈçåjö+ X„þsëm‘ogI OP瀎Ž›‹p±=w•«ñ“ûú姩!z÷¢÷[È­±×‚G$ë[ûniUJœ\œBÔ°
ǯJ¨Ûïz¢�ä�²žG«èYE¿]Apaxeê‰&1]Á/hâKDRkZ*°îE°k7ŸÜªcÐ,Ùk*Êu?'«†rÏ“kV}'r¦eàùSJÖÞ¦kpá„”ý¦³ð¿Ròó��œ$šH$ëÿ.Ä�<WýG@ú?^Â'ýë‘!Ža‘)Èéˆ�}Ž"ð“�Ü© XäxɉR´	G³B;è™â�ÿöj“a:NõÃÖ!Ï&ØÝç8°ó– ÀBÏërºÒSßØ|'V~z04`e«¯›Ãô„u*î¨�‡wBùJµÑ»Q͇bÂù™H12÷¿$¥Ïsaئr´º¢ðq˜{SαE±ÖM
á<ë® ±?õøN¶î1ðjÒ³Õ±°D„%ÆK¢K¬£_ªÑ€mLØ’ËYͼ_²QMÄÀ㇡Ú;\�×*Pt¢û3ë¯+¬Ã|¢­œ¸Sn±Òl­?ò(�CG°ßÞv_0®ÚØ”÷ÇÙ§xðã±}"ß-Rß!ð‰O‡÷k/¤Sˆ¤ö™wñ
Ã&Ïð]-z�®~ß¡L‹/'÷ A’TÖH%�ÍÀ
·;gz&(üM=cÊaDÉ=ži ‡»YÕG¶CÓ«�[>`ü›�{“´“«­Ô^¾ýàç¦DYëÆÝÏ ÿïÛ†Idmy/kQm¶ëÌÏÒ£Ê9¹†�t�àÄô
F˜VÜ�|¦A\`K—Gëô‰ÿJÓè˜%ô.í©RDh)ŽøT"/0ê¤Kâ�h»BçöÕûô&ýƈ“ÒJ¶+a
z9ÝY2®«z—˜…Å	ÄÚã�dXÑ[E�
E³<�r�‹V9	'NuÌxq¢Þ=xƒðŠm§íTlzø=œÁÔcpzŒ>¢J¸ižVAoU˜m4T„[Ó-½>`Ѥg-;¨“3e-�ú4$¾ë…‹ô’¯º6#<¬[  977.196567][T25863] FAULT_INJECTION: forcing a failure.
[  977.196567][T25863] name failslab, interval 1, probability 0, space 0, times 0
[  977.204928][T25863] CPU: 3 UID: 0 PID: 25863 Comm: syz.2.5307 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  977.204954][T25863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  977.204965][T25863] Call Trace:
[  977.204971][T25863]  <TASK>
[  977.204978][T25863]  dump_stack_lvl+0x16c/0x1f0
[  977.205008][T25863]  should_fail_ex+0x512/0x640
[  977.205027][T25863]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  977.205057][T25863]  should_failslab+0xc2/0x120
[  977.205075][T25863]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  977.205099][T25863]  ? genl_rcv_msg+0x46e/0x800
[  977.205121][T25863]  ? netlink_rcv_skb+0x155/0x420
[  977.205140][T25863]  ? __alloc_skb+0x2b2/0x380
[  977.205171][T25863]  __alloc_skb+0x2b2/0x380
[  977.205195][T25863]  ? __pfx___alloc_skb+0x10/0x10
[  977.205233][T25863]  netlink_dump+0x678/0xce0
[  977.205257][T25863]  ? __pfx_netlink_dump+0x10/0x10
[  977.205287][T25863]  ? __asan_memset+0x23/0x50
[  977.205311][T25863]  ? genl_start+0x67f/0x980
[  977.205338][T25863]  __netlink_dump_start+0x6d6/0x990
[  977.205363][T25863]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  977.205387][T25863]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  977.205418][T25863]  ? __pfx_genl_start+0x10/0x10
[  977.205439][T25863]  ? __pfx_genl_dumpit+0x10/0x10
[  977.205459][T25863]  ? __pfx_genl_done+0x10/0x10
[  977.205483][T25863]  ? bpf_lsm_capable+0x9/0x10
[  977.205503][T25863]  ? security_capable+0x7e/0x260
[  977.205526][T25863]  ? ns_capable+0xd7/0x110
[  977.205546][T25863]  genl_rcv_msg+0x46e/0x800
[  977.205572][T25863]  ? __pfx_genl_rcv_msg+0x10/0x10
[  977.205596][T25863]  ? __pfx_batadv_hardif_neigh_dump+0x10/0x10
[  977.205630][T25863]  netlink_rcv_skb+0x155/0x420
[  977.205650][T25863]  ? __pfx_genl_rcv_msg+0x10/0x10
[  977.205674][T25863]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  977.205705][T25863]  ? netlink_deliver_tap+0x1ae/0xd30
[  977.205730][T25863]  genl_rcv+0x28/0x40
[  977.205749][T25863]  netlink_unicast+0x53d/0x7f0
[  977.205773][T25863]  ? __pfx_netlink_unicast+0x10/0x10
[  977.205802][T25863]  netlink_sendmsg+0x8d1/0xdd0
[  977.205828][T25863]  ? __pfx_netlink_sendmsg+0x10/0x10
[  977.205851][T25863]  ? __import_iovec+0x1dd/0x650
[  977.205879][T25863]  ____sys_sendmsg+0xa95/0xc70
[  977.205903][T25863]  ? __pfx_____sys_sendmsg+0x10/0x10
[  977.205923][T25863]  ? get_compat_msghdr+0x11a/0x170
[  977.205954][T25863]  ___sys_sendmsg+0x134/0x1d0
[  977.205981][T25863]  ? __pfx____sys_sendmsg+0x10/0x10
[  977.206014][T25863]  ? find_held_lock+0x2b/0x80
[  977.206051][T25863]  __sys_sendmsg+0x16d/0x220
[  977.206068][T25863]  ? __pfx___sys_sendmsg+0x10/0x10
[  977.206098][T25863]  ? rcu_is_watching+0x12/0xc0
[  977.206119][T25863]  __do_fast_syscall_32+0x7c/0x3a0
[  977.206139][T25863]  do_fast_syscall_32+0x32/0x80
[  977.206156][T25863]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  977.206177][T25863] RIP: 0023:0xf710e579
[  977.206191][T25863] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  977.206208][T25863] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  977.206224][T25863] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004340
[  977.206235][T25863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  977.206246][T25863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  977.206256][T25863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  977.206266][T25863] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  977.206291][T25863]  </TASK>
[  977.392188][T25867] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.490539][T25867] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.563324][T25867] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.643600][T25867] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.755050][T25867] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  977.767353][T25867] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  977.778162][T25867] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  977.787420][T25867] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  977.827274][T25892] program syz.0.5317 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  979.328741][T25916] 9pnet: Found fid 0 not clunked
[  979.395530][T25917] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  979.775390][T22403] Bluetooth: hci0: unexpected event for opcode 0x1004
[  980.577019][T25941] 9pnet: Found fid 0 not clunked
[  980.637541][T25946] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  980.653513][T25951] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5335'.
[  980.663917][T25951] fuse: Unknown parameter 'group�Káv¶Fu_Çq'
[  980.675620][T25953] vlan0: entered promiscuous mode
[  980.677939][T25953] vlan0: entered allmulticast mode
[  980.680004][T25953] hsr_slave_1: entered allmulticast mode
[  981.164334][T25965] fuse: Unknown parameter '0x0000000000000003'
[  981.310384][T25967] netlink: 1076 bytes leftover after parsing attributes in process `syz.1.5341'.
[  981.323726][T25967] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5341'.
[  981.635523][ T5988] Process accounting resumed
[  981.688347][T25985] fuse: Unknown parameter '0x0000000000000003'
[  983.334628][T26019] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  983.338179][T26019] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  983.473562][T26023] fuse: Unknown parameter '0x0000000000000003'
[  983.771343][T22403] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  983.774559][T22403] Bluetooth: hci0: Injecting HCI hardware error event
[  983.779832][T22403] Bluetooth: hci0: hardware error 0x00
[  983.820589][T26033] loop7: detected capacity change from 0 to 16384
[  984.091576][T26037] loop7: detected capacity change from 16384 to 0
[  984.285349][T26044] fuse: Bad value for 'fd'
[  984.346076][T26046] affs: No valid root block on device nbd3
[  984.361202][T26046] ieee802154 phy0 wpan0: encryption failed: -126
[  984.565565][T26048] fuse: Unknown parameter '0x0000000000000003'
[  984.604561][T26052] tmpfs: Unknown parameter 'grpquota_ino¹Ž'
[  984.649735][T26055] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5367'.
[  985.193491][T26075] fuse: Unknown parameter '0x0000000000000003'
[  985.410840][T26080] vivid-007: disconnect
[  985.500238][T26078] vivid-007: reconnect
[  985.744595][T26096] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5385'.
[  985.876321][T22403] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  985.883335][T26099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5382'.
[  985.890035][T26099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5382'.
[  986.553772][T26104] fuse: Unknown parameter '0x0000000000000003'
[  986.729535][T26111] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  986.733884][T26111] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  986.831619][  T837] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  986.887963][T26116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5391'.
[  986.890912][T26116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5391'.
[  986.902744][T26116] loop6: detected capacity change from 0 to 524287999
[  986.991765][  T837] usb 5-1: Using ep0 maxpacket: 32
[  986.995408][  T837] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  987.000832][  T837] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  987.004397][  T837] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  987.006927][  T837] usb 5-1: Product: syz
[  987.008323][  T837] usb 5-1: Manufacturer: syz
[  987.010071][  T837] usb 5-1: SerialNumber: syz
[  987.017109][  T837] usb 5-1: config 0 descriptor??
[  987.020636][T26105] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  987.025777][  T837] hub 5-1:0.0: bad descriptor, ignoring hub
[  987.028862][  T837] hub 5-1:0.0: probe with driver hub failed with error -5
[  987.738473][T26138] fuse: Unknown parameter '0x0000000000000003'
[  987.797343][T26140] 9pnet: Found fid 0 not clunked
[  987.860797][T26141] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  987.941330][T26105] usb 5-1: reset high-speed USB device number 37 using dummy_hcd
[  987.947170][T26105] usb 5-1: device reset changed ep0 maxpacket size!
[  987.951298][   T34] usb 5-1: USB disconnect, device number 37
[  988.081164][   T34] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  988.231154][   T34] usb 5-1: Using ep0 maxpacket: 16
[  988.237242][   T34] usb 5-1: New USB device found, idVendor=0b05, idProduct=18f0, bcdDevice=99.2f
[  988.240381][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  988.244605][   T34] usb 5-1: Product: syz
[  988.246402][   T34] usb 5-1: Manufacturer: syz
[  988.248224][   T34] usb 5-1: SerialNumber: syz
[  988.252931][   T34] usb 5-1: config 0 descriptor??
[  988.632797][   T53] usb 5-1: USB disconnect, device number 38
[  989.234342][T26166] 9pnet: Found fid 0 not clunked
[  989.302228][T26170] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  990.538600][T26207] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5422'.
[  990.564097][   T34] libceph: connect (1)[c::]:6789 error -101
[  990.566341][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  990.684543][T26207] ceph: No mds server is up or the cluster is laggy
[  990.867162][T26226] netlink: 'syz.2.5428': attribute type 10 has an invalid length.
[  990.887244][T26226] syz_tun: entered promiscuous mode
[  990.889414][T26226] FAULT_INJECTION: forcing a failure.
[  990.889414][T26226] name failslab, interval 1, probability 0, space 0, times 0
[  990.911245][T26226] CPU: 2 UID: 0 PID: 26226 Comm: syz.2.5428 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  990.911275][T26226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  990.911285][T26226] Call Trace:
[  990.911292][T26226]  <TASK>
[  990.911299][T26226]  dump_stack_lvl+0x16c/0x1f0
[  990.911333][T26226]  should_fail_ex+0x512/0x640
[  990.911354][T26226]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  990.911385][T26226]  should_failslab+0xc2/0x120
[  990.911405][T26226]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  990.911433][T26226]  ? __alloc_skb+0x2b2/0x380
[  990.911466][T26226]  __alloc_skb+0x2b2/0x380
[  990.911493][T26226]  ? __pfx___alloc_skb+0x10/0x10
[  990.911520][T26226]  ? __pfx_debug_object_assert_init+0x10/0x10
[  990.911549][T26226]  ? __igmp_group_dropped+0x26a/0xe80
[  990.911576][T26226]  inet_ifmcaddr_notify+0xc7/0x1c0
[  990.911597][T26226]  ? __pfx_inet_ifmcaddr_notify+0x10/0x10
[  990.911629][T26226]  __ip_mc_dec_group+0x442/0x5b0
[  990.911655][T26226]  inetdev_event+0x3b2/0x18a0
[  990.911681][T26226]  ? ib_netdevice_event+0xfc/0x330
[  990.911706][T26226]  ? __pfx_inetdev_event+0x10/0x10
[  990.911729][T26226]  ? wext_netdev_notifier_call+0xe/0x20
[  990.911746][T26226]  ? cfg802154_netdev_notifier_call+0x391/0xa00
[  990.911766][T26226]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  990.911797][T26226]  notifier_call_chain+0xbc/0x410
[  990.911817][T26226]  ? __pfx_inetdev_event+0x10/0x10
[  990.911846][T26226]  call_netdevice_notifiers_info+0xbe/0x140
[  990.911872][T26226]  __dev_notify_flags+0x1f7/0x2e0
[  990.911901][T26226]  ? __pfx___dev_notify_flags+0x10/0x10
[  990.911928][T26226]  ? __dev_change_flags+0x3d5/0x720
[  990.911947][T26226]  ? __pfx___dev_change_flags+0x10/0x10
[  990.911969][T26226]  ? __pfx_validate_linkmsg+0x10/0x10
[  990.911991][T26226]  netif_change_flags+0x108/0x160
[  990.912013][T26226]  do_setlink.constprop.0+0xb53/0x4380
[  990.912036][T26226]  ? __pfx_console_unlock+0x10/0x10
[  990.912058][T26226]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  990.912080][T26226]  ? __wake_up_klogd.part.0+0x99/0xf0
[  990.912111][T26226]  ? __lock_acquire+0xb8a/0x1c90
[  990.912145][T26226]  ? __mutex_trylock_common+0xe9/0x250
[  990.912171][T26226]  ? __pfx___mutex_trylock_common+0x10/0x10
[  990.912197][T26226]  ? __pfx___might_resched+0x10/0x10
[  990.912225][T26226]  ? rcu_is_watching+0x12/0xc0
[  990.912245][T26226]  ? trace_contention_end+0xdd/0x130
[  990.912270][T26226]  ? __mutex_lock+0x1ca/0xb90
[  990.912289][T26226]  ? rcu_is_watching+0x12/0xc0
[  990.912306][T26226]  ? rtnl_newlink+0x600/0x2000
[  990.912324][T26226]  ? trace_cap_capable+0x18d/0x200
[  990.912348][T26226]  ? __pfx___mutex_lock+0x10/0x10
[  990.912382][T26226]  ? apparmor_capable+0x114/0x1d0
[  990.912417][T26226]  ? netlink_ns_capable+0xfa/0x130
[  990.912441][T26226]  rtnl_newlink+0x1446/0x2000
[  990.912469][T26226]  ? __pfx_rtnl_newlink+0x10/0x10
[  990.912487][T26226]  ? kasan_quarantine_put+0x10a/0x240
[  990.912512][T26226]  ? lockdep_hardirqs_on+0x7c/0x110
[  990.912545][T26226]  ? kmem_cache_free+0x2d1/0x4d0
[  990.912570][T26226]  ? kfree_skbmem+0x1a4/0x1f0
[  990.912601][T26226]  ? __lock_acquire+0x622/0x1c90
[  990.912627][T26226]  ? rcu_is_watching+0x12/0xc0
[  990.912645][T26226]  ? trace_cap_capable+0x18d/0x200
[  990.912675][T26226]  ? find_held_lock+0x2b/0x80
[  990.912692][T26226]  ? __pfx_rtnl_newlink+0x10/0x10
[  990.912710][T26226]  ? __pfx_rtnl_newlink+0x10/0x10
[  990.912727][T26226]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  990.912748][T26226]  ? __pfx_rtnl_newlink+0x10/0x10
[  990.912768][T26226]  rtnetlink_rcv_msg+0x95e/0xe90
[  990.912790][T26226]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  990.912818][T26226]  ? ref_tracker_free+0x37c/0x830
[  990.912843][T26226]  netlink_rcv_skb+0x155/0x420
[  990.912865][T26226]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  990.912886][T26226]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  990.912919][T26226]  ? netlink_deliver_tap+0x1ae/0xd30
[  990.912946][T26226]  netlink_unicast+0x53d/0x7f0
[  990.912971][T26226]  ? __pfx_netlink_unicast+0x10/0x10
[  990.913001][T26226]  netlink_sendmsg+0x8d1/0xdd0
[  990.913028][T26226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  990.913052][T26226]  ? __import_iovec+0x1dd/0x650
[  990.913082][T26226]  ____sys_sendmsg+0xa95/0xc70
[  990.913106][T26226]  ? __pfx_____sys_sendmsg+0x10/0x10
[  990.913127][T26226]  ? get_compat_msghdr+0x11a/0x170
[  990.913158][T26226]  ___sys_sendmsg+0x134/0x1d0
[  990.913179][T26226]  ? __pfx____sys_sendmsg+0x10/0x10
[  990.913211][T26226]  ? find_held_lock+0x2b/0x80
[  990.913251][T26226]  __sys_sendmsg+0x16d/0x220
[  990.913270][T26226]  ? __pfx___sys_sendmsg+0x10/0x10
[  990.913301][T26226]  ? rcu_is_watching+0x12/0xc0
[  990.913325][T26226]  __do_fast_syscall_32+0x7c/0x3a0
[  990.913346][T26226]  do_fast_syscall_32+0x32/0x80
[  990.913364][T26226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  990.913388][T26226] RIP: 0023:0xf710e579
[  990.913402][T26226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  990.913417][T26226] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  990.913429][T26226] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000600
[  990.913436][T26226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  990.913443][T26226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  990.913449][T26226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  990.913455][T26226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  990.913469][T26226]  </TASK>
[  990.917564][T26226] : (slave syz_tun): Enslaving as an active interface with an up link
[  991.461174][   T34] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  991.616618][   T34] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  991.621296][   T34] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  991.625347][   T34] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  991.629001][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.642384][T26239] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  991.649016][   T34] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  991.854828][   T34] usb 7-1: USB disconnect, device number 49
[  992.423544][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  992.425724][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  992.476088][   T40] audit: type=1326 audit(1749095338.809:258): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=26268 comm="syz.0.5441" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f91579 code=0x0
[  993.325987][T26297] input: syz1 as /devices/virtual/input/input159
[  993.393764][T26299] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  993.398550][T26299] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  994.036588][T26327] ucma_write: process 631 (syz.2.5456) changed security contexts after opening file descriptor, this is not allowed.
[  995.047245][T26354] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  995.049952][T26354] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  995.052888][T26354] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  995.316240][T26361] 9pnet: Found fid 0 not clunked
[  995.371657][T26361] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  995.536837][T26372] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5477'.
[  995.739758][T26386] FAULT_INJECTION: forcing a failure.
[  995.739758][T26386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  995.744186][T26386] CPU: 3 UID: 0 PID: 26386 Comm: syz.2.5480 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  995.744213][T26386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  995.744223][T26386] Call Trace:
[  995.744229][T26386]  <TASK>
[  995.744236][T26386]  dump_stack_lvl+0x16c/0x1f0
[  995.744269][T26386]  should_fail_ex+0x512/0x640
[  995.744297][T26386]  _copy_from_iter+0x29f/0x16f0
[  995.744322][T26386]  ? __alloc_skb+0x200/0x380
[  995.744350][T26386]  ? __pfx__copy_from_iter+0x10/0x10
[  995.744373][T26386]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  995.744400][T26386]  netlink_sendmsg+0x829/0xdd0
[  995.744425][T26386]  ? __pfx_netlink_sendmsg+0x10/0x10
[  995.744447][T26386]  ? __import_iovec+0x1dd/0x650
[  995.744473][T26386]  ____sys_sendmsg+0xa95/0xc70
[  995.744498][T26386]  ? __pfx_____sys_sendmsg+0x10/0x10
[  995.744522][T26386]  ? get_compat_msghdr+0x11a/0x170
[  995.744551][T26386]  ___sys_sendmsg+0x134/0x1d0
[  995.744570][T26386]  ? __pfx____sys_sendmsg+0x10/0x10
[  995.744597][T26386]  ? find_held_lock+0x2b/0x80
[  995.744631][T26386]  __sys_sendmsg+0x16d/0x220
[  995.744648][T26386]  ? __pfx___sys_sendmsg+0x10/0x10
[  995.744675][T26386]  ? rcu_is_watching+0x12/0xc0
[  995.744696][T26386]  __do_fast_syscall_32+0x7c/0x3a0
[  995.744715][T26386]  do_fast_syscall_32+0x32/0x80
[  995.744732][T26386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  995.744753][T26386] RIP: 0023:0xf710e579
[  995.744766][T26386] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  995.744783][T26386] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  995.744799][T26386] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  995.744811][T26386] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  995.744820][T26386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  995.744830][T26386] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  995.744845][T26386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  995.744867][T26386]  </TASK>
[  996.204182][T26409] 9pnet: Found fid 0 not clunked
[  996.219183][T26411] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  996.224200][T26411] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  996.263656][T26415] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  997.046955][T26451] block device autoloading is deprecated and will be removed.
[  997.845709][T26470] bridge0: port 3(netdevsim0) entered blocking state
[  997.848401][T26470] bridge0: port 3(netdevsim0) entered disabled state
[  997.852424][T26470] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  997.864677][T26470] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  997.869024][T26470] bridge0: port 3(netdevsim0) entered blocking state
[  997.871775][T26470] bridge0: port 3(netdevsim0) entered forwarding state
[  998.041634][T26476] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5513'.
[  998.253248][T26485] block device autoloading is deprecated and will be removed.
[  998.816990][T26511] FAULT_INJECTION: forcing a failure.
[  998.816990][T26511] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  998.828074][T26511] CPU: 0 UID: 0 PID: 26511 Comm: syz.1.5527 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[  998.828102][T26511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  998.828113][T26511] Call Trace:
[  998.828120][T26511]  <TASK>
[  998.828128][T26511]  dump_stack_lvl+0x16c/0x1f0
[  998.828160][T26511]  should_fail_ex+0x512/0x640
[  998.828185][T26511]  should_fail_alloc_page+0xe7/0x130
[  998.828205][T26511]  prepare_alloc_pages+0x3c2/0x610
[  998.828228][T26511]  ? rcu_is_watching+0x12/0xc0
[  998.828249][T26511]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  998.828275][T26511]  ? trace_kmem_cache_alloc+0x28/0xc0
[  998.828295][T26511]  ? __pfx_stack_trace_save+0x10/0x10
[  998.828314][T26511]  ? xas_alloc+0x34f/0x460
[  998.828340][T26511]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  998.828370][T26511]  ? __lock_acquire+0x622/0x1c90
[  998.828411][T26511]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  998.828439][T26511]  ? policy_nodemask+0xea/0x4e0
[  998.828459][T26511]  alloc_pages_mpol+0x1fb/0x550
[  998.828479][T26511]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  998.828499][T26511]  ? find_held_lock+0x2b/0x80
[  998.828520][T26511]  alloc_pages_noprof+0x131/0x390
[  998.828539][T26511]  brd_submit_bio+0x951/0x10a0
[  998.828562][T26511]  ? brd_submit_bio+0x935/0x10a0
[  998.828594][T26511]  __submit_bio+0x301/0x690
[  998.828623][T26511]  ? __pfx___submit_bio+0x10/0x10
[  998.828665][T26511]  ? submit_bio_noacct_nocheck+0x852/0xd30
[  998.828693][T26511]  submit_bio_noacct_nocheck+0x852/0xd30
[  998.828724][T26511]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  998.828755][T26511]  ? __pfx___might_resched+0x10/0x10
[  998.828779][T26511]  submit_bio_noacct+0x50d/0x1eb0
[  998.828803][T26511]  blkdev_direct_IO+0x1647/0x1ff0
[  998.828836][T26511]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  998.828860][T26511]  ? filemap_check_errors+0xa9/0x160
[  998.828889][T26511]  blkdev_write_iter+0x6fd/0xdf0
[  998.828914][T26511]  do_iter_readv_writev+0x654/0x950
[  998.828941][T26511]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  998.828968][T26511]  ? bpf_lsm_file_permission+0x9/0x10
[  998.828988][T26511]  ? security_file_permission+0x71/0x210
[  998.829017][T26511]  ? rw_verify_area+0xcf/0x680
[  998.829042][T26511]  vfs_writev+0x35f/0xde0
[  998.829090][T26511]  ? __pfx_vfs_writev+0x10/0x10
[  998.829117][T26511]  ? find_held_lock+0x2b/0x80
[  998.829153][T26511]  ? __fget_files+0x20e/0x3c0
[  998.829176][T26511]  ? __fget_files+0x150/0x3c0
[  998.829206][T26511]  ? do_writev+0x132/0x340
[  998.829229][T26511]  do_writev+0x132/0x340
[  998.829253][T26511]  ? __pfx_do_writev+0x10/0x10
[  998.829279][T26511]  ? rcu_is_watching+0x12/0xc0
[  998.829300][T26511]  __do_fast_syscall_32+0x7c/0x3a0
[  998.829320][T26511]  do_fast_syscall_32+0x32/0x80
[  998.829338][T26511]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  998.829360][T26511] RIP: 0023:0xf70ae579
[  998.829377][T26511] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  998.829398][T26511] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  998.829416][T26511] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000a40
[  998.829427][T26511] RDX: 0000000000000021 RSI: 0000000000000000 RDI: 0000000000000000
[  998.829438][T26511] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  998.829448][T26511] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  998.829459][T26511] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  998.829483][T26511]  </TASK>
[  998.971807][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1000.020787][T26538] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1000.132911][T26547] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1000.137672][T26547] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1001.049312][T26567] block device autoloading is deprecated and will be removed.
[ 1001.175385][T26582] FAULT_INJECTION: forcing a failure.
[ 1001.175385][T26582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1001.187576][T26582] CPU: 0 UID: 0 PID: 26582 Comm: syz.2.5549 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1001.187605][T26582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1001.187617][T26582] Call Trace:
[ 1001.187625][T26582]  <TASK>
[ 1001.187632][T26582]  dump_stack_lvl+0x16c/0x1f0
[ 1001.187665][T26582]  should_fail_ex+0x512/0x640
[ 1001.187693][T26582]  _copy_to_user+0x32/0xd0
[ 1001.187717][T26582]  simple_read_from_buffer+0xcb/0x170
[ 1001.187745][T26582]  proc_fail_nth_read+0x197/0x270
[ 1001.187767][T26582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1001.187790][T26582]  ? rw_verify_area+0xcf/0x680
[ 1001.187812][T26582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1001.187834][T26582]  vfs_read+0x1e1/0xc60
[ 1001.187860][T26582]  ? fdget_pos+0x2a2/0x370
[ 1001.187888][T26582]  ? __pfx_vfs_read+0x10/0x10
[ 1001.187908][T26582]  ? find_held_lock+0x2b/0x80
[ 1001.187934][T26582]  ? __fget_files+0x20e/0x3c0
[ 1001.187966][T26582]  ksys_read+0x12a/0x250
[ 1001.187993][T26582]  ? __pfx_ksys_read+0x10/0x10
[ 1001.188021][T26582]  ? rcu_is_watching+0x12/0xc0
[ 1001.188046][T26582]  __do_fast_syscall_32+0x7c/0x3a0
[ 1001.188068][T26582]  do_fast_syscall_32+0x32/0x80
[ 1001.188087][T26582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1001.188111][T26582] RIP: 0023:0xf710e579
[ 1001.188132][T26582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1001.188149][T26582] RSP: 002b:00000000f50fe590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1001.188169][T26582] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50fe620
[ 1001.188180][T26582] RDX: 000000000000000f RSI: 00000000f7472ff4 RDI: 0000000000000000
[ 1001.188191][T26582] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1001.188201][T26582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1001.188211][T26582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1001.188235][T26582]  </TASK>
[ 1001.272606][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1001.331639][T26584] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5553'.
[ 1001.336849][T26589] FAULT_INJECTION: forcing a failure.
[ 1001.336849][T26589] name failslab, interval 1, probability 0, space 0, times 0
[ 1001.342279][T26589] CPU: 0 UID: 0 PID: 26589 Comm: syz.3.5551 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1001.342298][T26589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1001.342305][T26589] Call Trace:
[ 1001.342310][T26589]  <TASK>
[ 1001.342315][T26589]  dump_stack_lvl+0x16c/0x1f0
[ 1001.342351][T26589]  should_fail_ex+0x512/0x640
[ 1001.342366][T26589]  ? fs_reclaim_acquire+0xae/0x150
[ 1001.342383][T26589]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1001.342396][T26589]  should_failslab+0xc2/0x120
[ 1001.342408][T26589]  __kmalloc_noprof+0xd2/0x510
[ 1001.342428][T26589]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1001.342441][T26589]  ? tomoyo_profile+0x47/0x60
[ 1001.342455][T26589]  tomoyo_path_number_perm+0x245/0x580
[ 1001.342472][T26589]  ? tomoyo_path_number_perm+0x237/0x580
[ 1001.342489][T26589]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1001.342521][T26589]  ? find_held_lock+0x2b/0x80
[ 1001.342532][T26589]  ? hook_file_ioctl_common+0x145/0x410
[ 1001.342551][T26589]  ? __fget_files+0x20e/0x3c0
[ 1001.342566][T26589]  ? __fput_deferred+0x460/0x480
[ 1001.342580][T26589]  security_file_ioctl_compat+0x9b/0x240
[ 1001.342599][T26589]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1001.342615][T26589]  __do_fast_syscall_32+0x7c/0x3a0
[ 1001.342628][T26589]  do_fast_syscall_32+0x32/0x80
[ 1001.342639][T26589]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1001.342654][T26589] RIP: 0023:0xf711e579
[ 1001.342663][T26589] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1001.342674][T26589] RSP: 002b:00000000f50ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1001.342685][T26589] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000000000ae80
[ 1001.342693][T26589] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1001.342699][T26589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1001.342705][T26589] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1001.342711][T26589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1001.342725][T26589]  </TASK>
[ 1001.342745][T26589] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1001.366533][T26590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5554'.
[ 1001.660061][T26610] block device autoloading is deprecated and will be removed.
[ 1001.664444][T26612] FAULT_INJECTION: forcing a failure.
[ 1001.664444][T26612] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1001.665460][T26609] 9pnet: Found fid 0 not clunked
[ 1001.669604][T26612] CPU: 1 UID: 0 PID: 26612 Comm: syz.2.5562 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1001.669628][T26612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1001.669640][T26612] Call Trace:
[ 1001.669647][T26612]  <TASK>
[ 1001.669656][T26612]  dump_stack_lvl+0x16c/0x1f0
[ 1001.669685][T26612]  should_fail_ex+0x512/0x640
[ 1001.669710][T26612]  _copy_from_user+0x2e/0xd0
[ 1001.669735][T26612]  kstrtouint_from_user+0xd6/0x1d0
[ 1001.669762][T26612]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1001.669789][T26612]  ? __lock_acquire+0xb8a/0x1c90
[ 1001.669824][T26612]  proc_fail_nth_write+0x83/0x250
[ 1001.669847][T26612]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1001.669877][T26612]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1001.669893][T26612]  vfs_write+0x2a0/0x1150
[ 1001.669924][T26612]  ? __pfx_vfs_write+0x10/0x10
[ 1001.669946][T26612]  ? find_held_lock+0x2b/0x80
[ 1001.669971][T26612]  ? __fget_files+0x20e/0x3c0
[ 1001.670005][T26612]  ksys_write+0x12a/0x250
[ 1001.670028][T26612]  ? __pfx_ksys_write+0x10/0x10
[ 1001.670057][T26612]  ? rcu_is_watching+0x12/0xc0
[ 1001.670080][T26612]  __do_fast_syscall_32+0x7c/0x3a0
[ 1001.670096][T26612]  do_fast_syscall_32+0x32/0x80
[ 1001.670113][T26612]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1001.670137][T26612] RIP: 0023:0xf710e579
[ 1001.670152][T26612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1001.670168][T26612] RSP: 002b:00000000f50fe590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 1001.670185][T26612] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50fe620
[ 1001.670197][T26612] RDX: 0000000000000001 RSI: 00000000f7472ff4 RDI: 0000000000000000
[ 1001.670207][T26612] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1001.670217][T26612] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1001.670226][T26612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1001.670251][T26612]  </TASK>
[ 1001.730372][T26615] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1002.936418][T26654] block device autoloading is deprecated and will be removed.
[ 1004.485602][T26696] 9pnet: Found fid 0 not clunked
[ 1004.536845][T26699] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1004.855191][T26706] 9pnet: Found fid 0 not clunked
[ 1004.912870][T26713] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1007.049255][T26783] 9pnet_fd: Insufficient options for proto=fd
[ 1007.444744][T26794] block device autoloading is deprecated and will be removed.
[ 1007.573017][T26798] ªªªªª»: renamed from hsr0 (while UP)
[ 1008.028028][T26810] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1008.041353][T26810] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1008.554342][T26831] 9pnet_fd: Insufficient options for proto=fd
[ 1008.580492][T26832] 9pnet_fd: Insufficient options for proto=fd
[ 1009.423505][T26863] block device autoloading is deprecated and will be removed.
[ 1009.767404][T26883] block device autoloading is deprecated and will be removed.
[ 1009.950042][T26887] 9pnet_fd: Insufficient options for proto=fd
[ 1010.209925][T26898] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5655'.
[ 1010.216468][T26898] bridge0: port 1(macvlan2) entered blocking state
[ 1010.218613][T26898] bridge0: port 1(macvlan2) entered disabled state
[ 1010.220739][T26898] macvlan2: entered allmulticast mode
[ 1010.224028][T26898] bridge0: entered allmulticast mode
[ 1010.226903][T26898] macvlan2: left allmulticast mode
[ 1010.228526][T26898] bridge0: left allmulticast mode
[ 1010.488321][T26904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5658'.
[ 1011.071640][T26926] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1011.075402][T26926] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1011.285731][T26937] random: crng reseeded on system resumption
[ 1011.304401][T26937] Restarting kernel threads ...
[ 1011.306426][T26937] Done restarting kernel threads.
[ 1013.264778][T26970] netlink: 'syz.2.5678': attribute type 1 has an invalid length.
[ 1013.267271][T26970] netlink: 244 bytes leftover after parsing attributes in process `syz.2.5678'.
[ 1013.373705][T26973] block device autoloading is deprecated and will be removed.
[ 1013.989695][T26983] openvswitch: netlink: Duplicate or invalid key (type 0).
[ 1013.992651][T26983] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1014.524698][T27000] bridge0: port 1(netdevsim0) entered blocking state
[ 1014.527916][T27000] bridge0: port 1(netdevsim0) entered disabled state
[ 1014.531698][T27000] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1014.791672][T27013] 9pnet: Found fid 0 not clunked
[ 1014.809043][T27015] syz.2.5694: attempt to access beyond end of device
[ 1014.809043][T27015] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[ 1014.816660][T27015] (syz.2.5694,27015,0):ocfs2_get_sector:1714 ERROR: status = -5
[ 1014.819150][T27015] (syz.2.5694,27015,0):ocfs2_sb_probe:753 ERROR: status = -5
[ 1014.823254][T27015] (syz.2.5694,27015,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1014.826035][T27015] (syz.2.5694,27015,0):ocfs2_fill_super:1177 ERROR: status = -5
[ 1014.844515][T27017] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1014.904673][T27019] netlink: 'syz.0.5688': attribute type 10 has an invalid length.
[ 1015.851789][T27060] 9pnet: Found fid 0 not clunked
[ 1015.903248][T27060] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1016.759254][T27070] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1016.761938][T27070] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1016.764611][T27070] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1016.952166][T27097] 9pnet: Found fid 0 not clunked
[ 1017.002904][T27101] 9pnet_fd: Insufficient options for proto=fd
[ 1017.004994][T27100] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1017.073163][T27105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1017.393557][T27112] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1017.397258][T27112] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1018.391888][T27140] ieee802154 phy0 wpan0: encryption failed: -22
[ 1018.636980][T27152] 9pnet_fd: Insufficient options for proto=fd
[ 1018.943490][T27156] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[ 1018.946152][T27156] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[ 1018.948728][T27156] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[ 1019.119144][T27157] netlink: 'syz.0.5737': attribute type 10 has an invalid length.
[ 1019.483749][T27164] fuse: Bad value for 'fd'
[ 1019.603108][T27175] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5742'.
[ 1019.670559][T27182] ieee802154 phy0 wpan0: encryption failed: -22
[ 1020.212616][T27218] 9pnet: Found fid 0 not clunked
[ 1020.277734][T27219] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1020.987381][T27250] bridge0: port 3(netdevsim0) entered blocking state
[ 1020.989874][T27250] bridge0: port 3(netdevsim0) entered disabled state
[ 1020.992828][T27250] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1021.000418][T27250] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1021.007250][T27250] bridge0: port 3(netdevsim0) entered blocking state
[ 1021.009659][T27250] bridge0: port 3(netdevsim0) entered forwarding state
[ 1021.427628][T27256] 9pnet: Found fid 0 not clunked
[ 1021.493661][T27256] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1021.980022][T27268] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[ 1021.982880][T27268] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[ 1021.985587][T27268] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1023.952582][T27348] usb usb1: usbfs: process 27348 (syz.2.5803) did not claim interface 0 before use
[ 1023.957088][T27348] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1024.053106][T27351] 9pnet_fd: Insufficient options for proto=fd
[ 1024.268333][T27359] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1024.273130][T27359] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1024.437270][T27374] 9pnet_fd: Insufficient options for proto=fd
[ 1025.181733][T27405] FAULT_INJECTION: forcing a failure.
[ 1025.181733][T27405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.187174][T27405] CPU: 3 UID: 0 PID: 27405 Comm: syz.0.5826 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1025.187199][T27405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1025.187210][T27405] Call Trace:
[ 1025.187217][T27405]  <TASK>
[ 1025.187225][T27405]  dump_stack_lvl+0x16c/0x1f0
[ 1025.187265][T27405]  should_fail_ex+0x512/0x640
[ 1025.187290][T27405]  _copy_from_iter+0x29f/0x16f0
[ 1025.187315][T27405]  ? __alloc_skb+0x200/0x380
[ 1025.187344][T27405]  ? __pfx__copy_from_iter+0x10/0x10
[ 1025.187367][T27405]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1025.187397][T27405]  netlink_sendmsg+0x829/0xdd0
[ 1025.187422][T27405]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1025.187445][T27405]  ? __import_iovec+0x1dd/0x650
[ 1025.187471][T27405]  ____sys_sendmsg+0xa95/0xc70
[ 1025.187497][T27405]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1025.187518][T27405]  ? get_compat_msghdr+0x11a/0x170
[ 1025.187548][T27405]  ___sys_sendmsg+0x134/0x1d0
[ 1025.187568][T27405]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1025.187598][T27405]  ? find_held_lock+0x2b/0x80
[ 1025.187633][T27405]  __sys_sendmsg+0x16d/0x220
[ 1025.187651][T27405]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1025.187681][T27405]  ? rcu_is_watching+0x12/0xc0
[ 1025.187704][T27405]  __do_fast_syscall_32+0x7c/0x3a0
[ 1025.187725][T27405]  do_fast_syscall_32+0x32/0x80
[ 1025.187742][T27405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1025.187764][T27405] RIP: 0023:0xf7f91579
[ 1025.187778][T27405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1025.187794][T27405] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1025.187810][T27405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1025.187820][T27405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1025.187829][T27405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1025.187838][T27405] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1025.187848][T27405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1025.187870][T27405]  </TASK>
[ 1025.203042][T27407] 9pnet_fd: Insufficient options for proto=fd
[ 1025.694319][T27436] FAULT_INJECTION: forcing a failure.
[ 1025.694319][T27436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.699481][T27436] CPU: 0 UID: 0 PID: 27436 Comm: syz.1.5837 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1025.699506][T27436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1025.699517][T27436] Call Trace:
[ 1025.699525][T27436]  <TASK>
[ 1025.699533][T27436]  dump_stack_lvl+0x16c/0x1f0
[ 1025.699566][T27436]  should_fail_ex+0x512/0x640
[ 1025.699590][T27436]  _copy_to_user+0x32/0xd0
[ 1025.699614][T27436]  simple_read_from_buffer+0xcb/0x170
[ 1025.699640][T27436]  proc_fail_nth_read+0x197/0x270
[ 1025.699663][T27436]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.699687][T27436]  ? rw_verify_area+0xcf/0x680
[ 1025.699710][T27436]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.699731][T27436]  vfs_read+0x1e1/0xc60
[ 1025.699758][T27436]  ? fdget_pos+0x2a2/0x370
[ 1025.699787][T27436]  ? __pfx_vfs_read+0x10/0x10
[ 1025.699809][T27436]  ? find_held_lock+0x2b/0x80
[ 1025.699835][T27436]  ? __fget_files+0x20e/0x3c0
[ 1025.699867][T27436]  ksys_read+0x12a/0x250
[ 1025.699891][T27436]  ? __pfx_ksys_read+0x10/0x10
[ 1025.699925][T27436]  ? rcu_is_watching+0x12/0xc0
[ 1025.699946][T27436]  __do_fast_syscall_32+0x7c/0x3a0
[ 1025.699967][T27436]  do_fast_syscall_32+0x32/0x80
[ 1025.699985][T27436]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1025.700007][T27436] RIP: 0023:0xf70ae579
[ 1025.700021][T27436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1025.700038][T27436] RSP: 002b:00000000f509e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1025.700055][T27436] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f509e620
[ 1025.700067][T27436] RDX: 000000000000000f RSI: 00000000f7412ff4 RDI: 0000000000000000
[ 1025.700078][T27436] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1025.700088][T27436] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1025.700099][T27436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1025.700123][T27436]  </TASK>
[ 1025.764825][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1025.768026][T27435] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1026.432548][T27460] fuse: Bad value for 'fd'
[ 1026.676112][T27473] 9pnet: Found fid 0 not clunked
[ 1026.738229][T27473] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1026.874906][T27485] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1026.878504][T27485] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1027.009678][T27488] netlink: 168 bytes leftover after parsing attributes in process `syz.2.5856'.
[ 1027.527646][T27510] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5864'.
[ 1027.571839][T27511] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[ 1027.574746][T27511] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[ 1027.577769][T27511] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1027.725987][T27516] 9pnet: Found fid 0 not clunked
[ 1027.767780][T27516] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1028.260107][T27531] netlink: 168 bytes leftover after parsing attributes in process `syz.2.5871'.
[ 1028.480914][T27542] netlink: 168 bytes leftover after parsing attributes in process `syz.2.5875'.
[ 1028.934983][T27556] 9pnet_fd: Insufficient options for proto=fd
[ 1028.946126][T27558] fuse: Bad value for 'group_id'
[ 1028.947717][T27558] fuse: Bad value for 'group_id'
[ 1029.400857][T27566] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5884'.
[ 1029.678024][T27580] fuse: Bad value for 'group_id'
[ 1029.679647][T27580] fuse: Bad value for 'group_id'
[ 1029.970441][T27590] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5894'.
[ 1030.640667][T27606] fuse: Bad value for 'group_id'
[ 1030.642401][T27606] fuse: Bad value for 'group_id'
[ 1031.269522][T27626] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5906'.
[ 1031.770413][T27648] netlink: 168 bytes leftover after parsing attributes in process `syz.2.5912'.
[ 1031.882511][T27652] input: syz0 as /devices/virtual/input/input160
[ 1032.352976][T27665] 9pnet_fd: Insufficient options for proto=fd
[ 1032.489403][T27676] 9pnet: Found fid 0 not clunked
[ 1032.544286][T27677] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1032.720619][T27680] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[ 1032.723307][T27680] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[ 1032.725893][T27680] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[ 1033.257789][T27696] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5931'.
[ 1033.516321][T27713] 9pnet: Found fid 0 not clunked
[ 1033.576251][T27714] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1034.098867][T27730] kernel read not supported for file /z¿ (pid: 27730 comm: syz.1.5946)
[ 1034.103739][   T40] audit: type=1800 audit(1749095609.439:259): pid=27730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5946" name=7ABF17 dev="mqueue" ino=136471 res=0 errno=0
[ 1034.113286][T27730] FAULT_INJECTION: forcing a failure.
[ 1034.113286][T27730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1034.117654][T27730] CPU: 0 UID: 0 PID: 27730 Comm: syz.1.5946 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1034.117671][T27730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1034.117678][T27730] Call Trace:
[ 1034.117683][T27730]  <TASK>
[ 1034.117688][T27730]  dump_stack_lvl+0x16c/0x1f0
[ 1034.117710][T27730]  should_fail_ex+0x512/0x640
[ 1034.117726][T27730]  _copy_from_user+0x2e/0xd0
[ 1034.117741][T27730]  copy_mount_options+0x76/0x190
[ 1034.117755][T27730]  __ia32_sys_mount+0x1ac/0x310
[ 1034.117766][T27730]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1034.117778][T27730]  ? rcu_is_watching+0x12/0xc0
[ 1034.117792][T27730]  __do_fast_syscall_32+0x7c/0x3a0
[ 1034.117805][T27730]  do_fast_syscall_32+0x32/0x80
[ 1034.117816][T27730]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1034.117831][T27730] RIP: 0023:0xf70ae579
[ 1034.117840][T27730] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1034.117851][T27730] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1034.117862][T27730] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000100
[ 1034.117869][T27730] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000080
[ 1034.117876][T27730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1034.117882][T27730] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1034.117889][T27730] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1034.117902][T27730]  </TASK>
[ 1034.148343][T27742] can: request_module (can-proto-0) failed.
[ 1034.149081][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1034.166297][T27742] netlink: 'syz.0.5951': attribute type 1 has an invalid length.
[ 1034.227353][T27752] netlink: 168 bytes leftover after parsing attributes in process `syz.2.5952'.
[ 1034.449873][T27763] lo speed is unknown, defaulting to 1000
[ 1035.296083][T27790] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1035.299684][T27790] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1035.585735][T27797] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5967'.
[ 1035.656087][T27805] fuse: Bad value for 'group_id'
[ 1035.658187][T27805] fuse: Bad value for 'group_id'
[ 1036.019000][T27815] 9pnet: Found fid 0 not clunked
[ 1036.081525][T27815] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1036.290965][T27822] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1036.294788][T27822] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1036.541985][T27835] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5980'.
[ 1036.815679][T27855] fuse: Bad value for 'group_id'
[ 1036.817691][T27855] fuse: Bad value for 'group_id'
[ 1036.853051][T27858] netlink: 'syz.3.5989': attribute type 1 has an invalid length.
[ 1037.177345][T27871] netlink: 168 bytes leftover after parsing attributes in process `syz.1.5992'.
[ 1037.733851][T27887] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5998'.
[ 1038.192880][T27899] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1038.196457][T27899] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1038.310972][T27893] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[ 1038.328814][T27893] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[ 1038.345053][T27893] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1038.697878][T27909] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1039.257593][T27937] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1039.288534][T27939] No source specified
[ 1039.448420][T27952] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1039.452792][T27952] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1039.569915][T27961] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1040.289279][T27980] block device autoloading is deprecated and will be removed.
[ 1040.344086][T27982] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1040.488580][T27996] 9pnet_fd: Insufficient options for proto=fd
[ 1041.307398][T28011] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1041.910143][T28025] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[ 1041.912906][T28025] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[ 1041.916111][T28025] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1042.425280][T28036] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1042.430095][T28036] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1043.807192][T28048] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1043.807728][T28046] 9pnet: Found fid 0 not clunked
[ 1043.865928][T28055] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1043.968079][T28064] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1043.978996][T28064] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1044.650340][T28086] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1044.653430][T28086] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1044.656112][T28086] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1044.833829][T28094] syz.1.6069: attempt to access beyond end of device
[ 1044.833829][T28094] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0
[ 1044.837844][T28094] (syz.1.6069,28094,0):ocfs2_get_sector:1714 ERROR: status = -5
[ 1044.840369][T28094] (syz.1.6069,28094,0):ocfs2_sb_probe:753 ERROR: status = -5
[ 1044.843286][T28094] (syz.1.6069,28094,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1044.846600][T28094] (syz.1.6069,28094,2):ocfs2_fill_super:1177 ERROR: status = -5
[ 1044.864138][T28096] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1044.874115][T28096] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1044.926500][T28101] fuse: Bad value for 'user_id'
[ 1044.928672][T28101] fuse: Bad value for 'user_id'
[ 1045.504751][T28111] netlink: 168 bytes leftover after parsing attributes in process `syz.3.6073'.
[ 1045.848203][T28127] fuse: Bad value for 'user_id'
[ 1045.849862][T28127] fuse: Bad value for 'user_id'
[ 1045.927107][T28133] 9pnet: Found fid 0 not clunked
[ 1045.993706][T28134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1046.568402][T28153] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1046.572753][T28153] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1046.575359][T28155] fuse: Bad value for 'user_id'
[ 1046.578125][T28155] fuse: Bad value for 'user_id'
[ 1046.987646][T28163] 9pnet: Found fid 0 not clunked
[ 1047.043877][T28166] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1047.198473][T28171] random: crng reseeded on system resumption
[ 1047.236437][T28171] Restarting kernel threads ...
[ 1047.240988][T28171] Done restarting kernel threads.
[ 1048.142120][T28184] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[ 1048.145467][T28184] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[ 1048.148728][T28184] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[ 1048.496622][T28193] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1048.500581][T28193] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1048.535487][T28198] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6102'.
[ 1049.700111][T28229] 9pnet: Found fid 0 not clunked
[ 1049.768460][T28230] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1049.952996][T28233] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1049.955692][T28233] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1049.958352][T28233] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1050.122599][T28235] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6111'.
[ 1050.424008][T28247] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1050.428994][T28247] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1051.132513][T28265] fuse: Bad value for 'fd'
[ 1051.258168][T28275] netlink: 168 bytes leftover after parsing attributes in process `syz.2.6124'.
[ 1051.532067][T28289] FAULT_INJECTION: forcing a failure.
[ 1051.532067][T28289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1051.536175][T28289] CPU: 1 UID: 0 PID: 28289 Comm: syz.1.6127 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1051.536191][T28289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1051.536198][T28289] Call Trace:
[ 1051.536203][T28289]  <TASK>
[ 1051.536207][T28289]  dump_stack_lvl+0x16c/0x1f0
[ 1051.536229][T28289]  should_fail_ex+0x512/0x640
[ 1051.536245][T28289]  _copy_from_user+0x2e/0xd0
[ 1051.536260][T28289]  kstrtouint_from_user+0xd6/0x1d0
[ 1051.536278][T28289]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1051.536295][T28289]  ? __lock_acquire+0xb8a/0x1c90
[ 1051.536316][T28289]  proc_fail_nth_write+0x83/0x250
[ 1051.536331][T28289]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1051.536350][T28289]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1051.536363][T28289]  vfs_write+0x2a0/0x1150
[ 1051.536383][T28289]  ? __pfx_vfs_write+0x10/0x10
[ 1051.536398][T28289]  ? find_held_lock+0x2b/0x80
[ 1051.536412][T28289]  ? __fget_files+0x20e/0x3c0
[ 1051.536432][T28289]  ksys_write+0x12a/0x250
[ 1051.536448][T28289]  ? __pfx_ksys_write+0x10/0x10
[ 1051.536466][T28289]  ? rcu_is_watching+0x12/0xc0
[ 1051.536480][T28289]  __do_fast_syscall_32+0x7c/0x3a0
[ 1051.536493][T28289]  do_fast_syscall_32+0x32/0x80
[ 1051.536504][T28289]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1051.536519][T28289] RIP: 0023:0xf70ae579
[ 1051.536528][T28289] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1051.536539][T28289] RSP: 002b:00000000f507d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 1051.536550][T28289] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f507d620
[ 1051.536557][T28289] RDX: 0000000000000001 RSI: 00000000f7412ff4 RDI: 0000000000000000
[ 1051.536564][T28289] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1051.536570][T28289] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1051.536576][T28289] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1051.536590][T28289]  </TASK>
[ 1051.663707][T28294] fuse: Bad value for 'fd'
[ 1051.694122][T28296] fuse: Bad value for 'user_id'
[ 1051.696283][T28296] fuse: Bad value for 'user_id'
[ 1051.821431][T28300] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1051.828498][T28300] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1052.384641][T28317] lo speed is unknown, defaulting to 1000
[ 1052.740488][T28328] fuse: Invalid rootmode
[ 1053.353002][T28343] netlink: 168 bytes leftover after parsing attributes in process `syz.0.6144'.
[ 1053.855050][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[ 1053.857109][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[ 1053.966380][T28354] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1053.971049][T28354] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1054.161827][T28363] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1054.164519][T28363] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1054.167146][T28363] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1054.844938][T28369] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1054.849454][T28369] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1055.529893][T28389] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[ 1055.531999][T28389] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1055.535694][T28389] vhci_hcd vhci_hcd.0: Device attached
[ 1055.678832][T28393] input: syz0 as /devices/virtual/input/input161
[ 1055.830924][T28390] vhci_hcd: connection closed
[ 1055.831152][   T53] usb 39-1: new high-speed USB device number 3 using vhci_hcd
[ 1055.835792][   T74] vhci_hcd: stop threads
[ 1055.837117][   T74] vhci_hcd: release socket
[ 1055.838971][   T74] vhci_hcd: disconnect device
[ 1056.000415][T28403] 9pnet_fd: Insufficient options for proto=fd
[ 1056.839534][T28423] netlink: 'syz.2.6168': attribute type 32 has an invalid length.
[ 1056.843221][T28423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6168'.
[ 1056.847114][T28423] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[ 1056.991310][T28425] netlink: 'syz.0.6167': attribute type 4 has an invalid length.
[ 1057.029258][T28425] netlink: 'syz.0.6167': attribute type 4 has an invalid length.
[ 1057.322042][T28441] fuse: Bad value for 'fd'
[ 1057.367618][T28439] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1057.373271][T28439] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1057.445881][T28448] 9pnet_fd: Insufficient options for proto=fd
[ 1058.263546][T28458] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6181'.
[ 1058.518852][T28475] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1058.523640][T28475] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1059.055220][T28491] af_packet: tpacket_rcv: packet too big, clamped from 8 to 4294967272. macoff=96
[ 1059.304208][T28495] tmpfs: Unknown parameter 'gN�ýøCH¤?HrpquaZota_block_har'
[ 1060.038678][T28514] fuse: Invalid rootmode
[ 1060.109509][T28519] 9pnet_fd: Insufficient options for proto=fd
[ 1060.572679][T28525] usb usb1: usbfs: process 28525 (syz.1.6201) did not claim interface 0 before use
[ 1060.575975][T28525] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1060.948949][T28530] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6203'.
[ 1060.961550][   T53] vhci_hcd: vhci_device speed not set
[ 1061.366670][T28544] netlink: 'syz.1.6206': attribute type 4 has an invalid length.
[ 1061.403463][T28544] netlink: 'syz.1.6206': attribute type 4 has an invalid length.
[ 1061.674702][T28555] fuse: Unknown parameter 'use00000000000000000000'
[ 1061.886868][T28561] netlink: 168 bytes leftover after parsing attributes in process `syz.3.6211'.
[ 1061.994882][T28568] fuse: Bad value for 'rootmode'
[ 1062.610204][T28583] netlink: 168 bytes leftover after parsing attributes in process `syz.2.6221'.
[ 1062.641869][T28585] fuse: Unknown parameter 'use00000000000000000000'
[ 1062.708987][T28590] 9pnet_fd: Insufficient options for proto=fd
[ 1062.842239][T28593] fuse: Bad value for 'rootmode'
[ 1063.395478][T28603] netlink: 212 bytes leftover after parsing attributes in process `syz.1.6227'.
[ 1063.684633][T28613] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1063.736682][T28617] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6232'.
[ 1063.773347][T28619] fuse: Bad value for 'rootmode'
[ 1065.237108][T28647] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1065.613466][T28656] netlink: 168 bytes leftover after parsing attributes in process `syz.3.6244'.
[ 1066.103289][T28669] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1066.106776][T28669] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1066.110262][T28669] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1066.715630][T28677] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1067.012884][T28688] tipc: Started in network mode
[ 1067.014628][T28688] tipc: Node identity 4, cluster identity 4711
[ 1067.017057][T28688] tipc: Node number set to 4
[ 1067.036214][T28695] netlink: 168 bytes leftover after parsing attributes in process `syz.2.6255'.
[ 1067.214286][T28704] loop8: detected capacity change from 0 to 7
[ 1067.220375][T28704] Dev loop8: unable to read RDB block 7
[ 1067.224288][T28704]  loop8: AHDI p1 p2 p3
[ 1067.225638][T28704] loop8: partition table partially beyond EOD, truncated
[ 1067.228184][T28704] loop8: p1 start 1601398130 is beyond EOD, truncated
[ 1067.230415][T28704] loop8: p2 start 1702059890 is beyond EOD, truncated
[ 1067.321716][T25318] usb 6-1: new low-speed USB device number 37 using dummy_hcd
[ 1067.471504][  T837] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 1067.475651][T25318] usb 6-1: config 0 has an invalid interface number: 198 but max is 0
[ 1067.478315][T25318] usb 6-1: config 0 has no interface number 0
[ 1067.480305][T25318] usb 6-1: config 0 interface 198 has no altsetting 0
[ 1067.484282][T25318] usb 6-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6
[ 1067.487118][T25318] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.490910][T25318] usb 6-1: config 0 descriptor??
[ 1067.573939][T28706] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1067.633715][  T837] usb 5-1: Using ep0 maxpacket: 8
[ 1067.637072][  T837] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1067.639759][  T837] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1067.643833][  T837] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1067.646928][  T837] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1067.650014][  T837] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1067.654850][  T837] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1067.657836][  T837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.699478][T25318] usb 6-1: string descriptor 0 read error: -71
[ 1067.703179][T25318] ftdi_sio 6-1:0.198: FTDI USB Serial Device converter detected
[ 1067.707012][T25318] ftdi_sio ttyUSB0: unknown device type: 0x74e6
[ 1067.713256][T25318] usb 6-1: USB disconnect, device number 37
[ 1067.717751][T25318] ftdi_sio 6-1:0.198: device disconnected
[ 1067.838876][T28710] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1067.841628][T28710] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1067.844428][T28710] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1068.151281][  T837] usb 5-1: usb_control_msg returned -32
[ 1068.153087][  T837] usbtmc 5-1:16.0: can't read capabilities
[ 1068.207907][T28714] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6262'.
[ 1068.246730][T28717] usbtmc 5-1:16.0: usb_control_msg returned -32
[ 1068.248929][T28716] fuse: Unknown parameter 'use00000000000000000000'
[ 1068.250473][   T34] usb 5-1: USB disconnect, device number 39
[ 1068.337135][T28712] wireguard0: entered promiscuous mode
[ 1068.340017][T28712] wireguard0: entered allmulticast mode
[ 1068.693352][T28732] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1069.205971][T28748] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.275422][T28748] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.357186][T28748] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.415750][T28748] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.551380][T28748] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.559013][T28748] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.572641][T28748] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.580112][T28748] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1069.596460][T28752] 9pnet_fd: Insufficient options for proto=fd
[ 1070.339741][T28764] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[ 1070.342619][T28764] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[ 1070.345273][T28764] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1070.391297][T28766] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1070.576648][T28775] 9pnet: Found fid 0 not clunked
[ 1070.592332][T28777] netlink: 204 bytes leftover after parsing attributes in process `syz.0.6283'.
[ 1070.640367][T28775] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1070.914050][T28793] FAULT_INJECTION: forcing a failure.
[ 1070.914050][T28793] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.917881][T28793] CPU: 3 UID: 0 PID: 28793 Comm: syz.2.6288 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1070.917896][T28793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1070.917904][T28793] Call Trace:
[ 1070.917908][T28793]  <TASK>
[ 1070.917913][T28793]  dump_stack_lvl+0x16c/0x1f0
[ 1070.917934][T28793]  should_fail_ex+0x512/0x640
[ 1070.917948][T28793]  ? __kmalloc_noprof+0xbf/0x510
[ 1070.917967][T28793]  ? fib6_info_alloc+0x40/0x160
[ 1070.917978][T28793]  should_failslab+0xc2/0x120
[ 1070.917989][T28793]  __kmalloc_noprof+0xd2/0x510
[ 1070.918009][T28793]  fib6_info_alloc+0x40/0x160
[ 1070.918021][T28793]  ip6_route_info_create+0x14c/0x870
[ 1070.918041][T28793]  ip6_route_add+0x26/0x1d0
[ 1070.918058][T28793]  inet6_rtm_newroute+0x181/0x190
[ 1070.918076][T28793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1070.918094][T28793]  ? __lock_acquire+0x622/0x1c90
[ 1070.918115][T28793]  ? find_held_lock+0x2b/0x80
[ 1070.918126][T28793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1070.918143][T28793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1070.918159][T28793]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1070.918174][T28793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1070.918191][T28793]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1070.918205][T28793]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1070.918220][T28793]  ? ref_tracker_free+0x37c/0x830
[ 1070.918235][T28793]  netlink_rcv_skb+0x155/0x420
[ 1070.918249][T28793]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1070.918262][T28793]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1070.918280][T28793]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1070.918310][T28793]  netlink_unicast+0x53d/0x7f0
[ 1070.918328][T28793]  ? __pfx_netlink_unicast+0x10/0x10
[ 1070.918345][T28793]  netlink_sendmsg+0x8d1/0xdd0
[ 1070.918360][T28793]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1070.918375][T28793]  ? __import_iovec+0x1dd/0x650
[ 1070.918392][T28793]  ____sys_sendmsg+0xa95/0xc70
[ 1070.918408][T28793]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1070.918421][T28793]  ? get_compat_msghdr+0x11a/0x170
[ 1070.918439][T28793]  ___sys_sendmsg+0x134/0x1d0
[ 1070.918451][T28793]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1070.918468][T28793]  ? find_held_lock+0x2b/0x80
[ 1070.918486][T28793]  __sys_sendmsg+0x16d/0x220
[ 1070.918497][T28793]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1070.918514][T28793]  ? rcu_is_watching+0x12/0xc0
[ 1070.918527][T28793]  __do_fast_syscall_32+0x7c/0x3a0
[ 1070.918540][T28793]  do_fast_syscall_32+0x32/0x80
[ 1070.918551][T28793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1070.918565][T28793] RIP: 0023:0xf710e579
[ 1070.918574][T28793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1070.918589][T28793] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1070.918600][T28793] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[ 1070.918607][T28793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1070.918613][T28793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1070.918620][T28793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1070.918626][T28793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1070.918639][T28793]  </TASK>
[ 1071.016244][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1071.042885][T28795] Bluetooth: MGMT ver 1.23
[ 1071.133472][T28802] FAULT_INJECTION: forcing a failure.
[ 1071.133472][T28802] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1071.139514][T28802] CPU: 2 UID: 0 PID: 28802 Comm: syz.2.6292 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1071.139539][T28802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1071.139550][T28802] Call Trace:
[ 1071.139562][T28802]  <TASK>
[ 1071.139570][T28802]  dump_stack_lvl+0x16c/0x1f0
[ 1071.139603][T28802]  should_fail_ex+0x512/0x640
[ 1071.139628][T28802]  should_fail_alloc_page+0xe7/0x130
[ 1071.139647][T28802]  prepare_alloc_pages+0x3c2/0x610
[ 1071.139674][T28802]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1071.139704][T28802]  ? rcu_is_watching+0x12/0xc0
[ 1071.139723][T28802]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1071.139743][T28802]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 1071.139769][T28802]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1071.139796][T28802]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1071.139830][T28802]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[ 1071.139856][T28802]  ? __get_vm_area_node+0x1ca/0x330
[ 1071.139876][T28802]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1071.139896][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.139921][T28802]  ? snd_dma_alloc_dir_pages+0x151/0x240
[ 1071.139944][T28802]  ? do_alloc_pages+0x115/0x280
[ 1071.139966][T28802]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[ 1071.139990][T28802]  ? snd_pcm_hw_params+0x15e1/0x1b40
[ 1071.140013][T28802]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[ 1071.140039][T28802]  ? __do_fast_syscall_32+0x7c/0x3a0
[ 1071.140055][T28802]  ? do_fast_syscall_32+0x32/0x80
[ 1071.140072][T28802]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1071.140098][T28802]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1071.140124][T28802]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1071.140151][T28802]  ? policy_nodemask+0xea/0x4e0
[ 1071.140172][T28802]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1071.140199][T28802]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1071.140228][T28802]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1071.140259][T28802]  alloc_vmap_area+0x959/0x29c0
[ 1071.140289][T28802]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1071.140316][T28802]  __get_vm_area_node+0x1ca/0x330
[ 1071.140342][T28802]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1071.140366][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.140392][T28802]  ? __mutex_trylock_common+0xe9/0x250
[ 1071.140417][T28802]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1071.140440][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.140472][T28802]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1071.140499][T28802]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1071.140521][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.140545][T28802]  __vmalloc_node_noprof+0xad/0xf0
[ 1071.140570][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.140594][T28802]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 1071.140622][T28802]  __snd_dma_alloc_pages+0x53/0x90
[ 1071.140648][T28802]  snd_dma_alloc_dir_pages+0x151/0x240
[ 1071.140676][T28802]  do_alloc_pages+0x115/0x280
[ 1071.140702][T28802]  snd_pcm_lib_malloc_pages+0x3df/0x980
[ 1071.140731][T28802]  snd_pcm_hw_params+0x15e1/0x1b40
[ 1071.140760][T28802]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 1071.140785][T28802]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[ 1071.140813][T28802]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1071.140836][T28802]  ? __asan_memset+0x23/0x50
[ 1071.140859][T28802]  snd_pcm_kernel_ioctl+0x147/0x2e0
[ 1071.140886][T28802]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[ 1071.140921][T28802]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1071.140965][T28802]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1071.140988][T28802]  snd_pcm_oss_write+0x4c3/0xa10
[ 1071.141013][T28802]  ? bpf_lsm_file_permission+0x9/0x10
[ 1071.141033][T28802]  ? security_file_permission+0x71/0x210
[ 1071.141078][T28802]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1071.141101][T28802]  vfs_write+0x2a0/0x1150
[ 1071.141131][T28802]  ? __pfx_vfs_write+0x10/0x10
[ 1071.141152][T28802]  ? find_held_lock+0x2b/0x80
[ 1071.141171][T28802]  ? __fget_files+0x204/0x3c0
[ 1071.141197][T28802]  ? __fget_files+0x20e/0x3c0
[ 1071.141217][T28802]  ? handle_mm_fault+0x1f0/0xd10
[ 1071.141246][T28802]  ksys_write+0x12a/0x250
[ 1071.141271][T28802]  ? __pfx_ksys_write+0x10/0x10
[ 1071.141297][T28802]  ? rcu_is_watching+0x12/0xc0
[ 1071.141318][T28802]  __do_fast_syscall_32+0x7c/0x3a0
[ 1071.141338][T28802]  do_fast_syscall_32+0x32/0x80
[ 1071.141355][T28802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1071.141375][T28802] RIP: 0023:0xf710e579
[ 1071.141390][T28802] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1071.141405][T28802] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1071.141422][T28802] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800012c0
[ 1071.141434][T28802] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[ 1071.141444][T28802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1071.141453][T28802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1071.141463][T28802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1071.141487][T28802]  </TASK>
[ 1071.308269][T28802] syz.2.6292: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1071.312925][T28802] CPU: 2 UID: 0 PID: 28802 Comm: syz.2.6292 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1071.312941][T28802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1071.312948][T28802] Call Trace:
[ 1071.312952][T28802]  <TASK>
[ 1071.312957][T28802]  dump_stack_lvl+0x16c/0x1f0
[ 1071.312979][T28802]  warn_alloc+0x248/0x3a0
[ 1071.312997][T28802]  ? __pfx_warn_alloc+0x10/0x10
[ 1071.313015][T28802]  ? kfree+0x2b4/0x4d0
[ 1071.313033][T28802]  ? __get_vm_area_node+0x208/0x330
[ 1071.313050][T28802]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[ 1071.313066][T28802]  ? __mutex_trylock_common+0xe9/0x250
[ 1071.313083][T28802]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1071.313099][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.313120][T28802]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1071.313137][T28802]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1071.313150][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.313166][T28802]  __vmalloc_node_noprof+0xad/0xf0
[ 1071.313181][T28802]  ? __snd_dma_alloc_pages+0x53/0x90
[ 1071.313196][T28802]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 1071.313215][T28802]  __snd_dma_alloc_pages+0x53/0x90
[ 1071.313232][T28802]  snd_dma_alloc_dir_pages+0x151/0x240
[ 1071.313250][T28802]  do_alloc_pages+0x115/0x280
[ 1071.313268][T28802]  snd_pcm_lib_malloc_pages+0x3df/0x980
[ 1071.313287][T28802]  snd_pcm_hw_params+0x15e1/0x1b40
[ 1071.313306][T28802]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 1071.313323][T28802]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[ 1071.313341][T28802]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1071.313355][T28802]  ? __asan_memset+0x23/0x50
[ 1071.313372][T28802]  snd_pcm_kernel_ioctl+0x147/0x2e0
[ 1071.313389][T28802]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[ 1071.313411][T28802]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1071.313437][T28802]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1071.313453][T28802]  snd_pcm_oss_write+0x4c3/0xa10
[ 1071.313468][T28802]  ? bpf_lsm_file_permission+0x9/0x10
[ 1071.313481][T28802]  ? security_file_permission+0x71/0x210
[ 1071.313502][T28802]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1071.313517][T28802]  vfs_write+0x2a0/0x1150
[ 1071.313536][T28802]  ? __pfx_vfs_write+0x10/0x10
[ 1071.313551][T28802]  ? find_held_lock+0x2b/0x80
[ 1071.313566][T28802]  ? __fget_files+0x204/0x3c0
[ 1071.313584][T28802]  ? __fget_files+0x20e/0x3c0
[ 1071.313598][T28802]  ? handle_mm_fault+0x1f0/0xd10
[ 1071.313617][T28802]  ksys_write+0x12a/0x250
[ 1071.313633][T28802]  ? __pfx_ksys_write+0x10/0x10
[ 1071.313651][T28802]  ? rcu_is_watching+0x12/0xc0
[ 1071.313664][T28802]  __do_fast_syscall_32+0x7c/0x3a0
[ 1071.313677][T28802]  do_fast_syscall_32+0x32/0x80
[ 1071.313688][T28802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1071.313703][T28802] RIP: 0023:0xf710e579
[ 1071.313711][T28802] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1071.313723][T28802] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1071.313733][T28802] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800012c0
[ 1071.313740][T28802] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[ 1071.313747][T28802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1071.313753][T28802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1071.313760][T28802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1071.313773][T28802]  </TASK>
[ 1071.313777][T28802] Mem-Info:
[ 1071.420094][T28802] active_anon:826 inactive_anon:846 isolated_anon:0
[ 1071.420094][T28802]  active_file:1477 inactive_file:1978 isolated_file:0
[ 1071.420094][T28802]  unevictable:1768 dirty:969 writeback:0
[ 1071.420094][T28802]  slab_reclaimable:8907 slab_unreclaimable:89016
[ 1071.420094][T28802]  mapped:23114 shmem:1835 pagetables:1290
[ 1071.420094][T28802]  sec_pagetables:336 bounce:0
[ 1071.420094][T28802]  kernel_misc_reclaimable:0
[ 1071.420094][T28802]  free:35045 free_pcp:18517 free_cma:0
[ 1071.433744][T28802] Node 0 active_anon:156kB inactive_anon:216kB active_file:700kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:36kB dirty:4kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8080kB pagetables:1212kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB
[ 1071.447123][T28802] Node 1 active_anon:3172kB inactive_anon:3168kB active_file:5208kB inactive_file:7908kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92420kB dirty:3872kB writeback:0kB shmem:3432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7696kB pagetables:3944kB sec_pagetables:184kB all_unreclaimable? no Balloon:0kB
[ 1071.457999][T28802] Node 0 DMA free:2672kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:20kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1071.468452][T28802] lowmem_reserve[]: 0 289 289 289 289
[ 1071.471559][T28802] Node 0 DMA32 free:24832kB boost:8192kB min:21524kB low:24856kB high:28188kB reserved_highatomic:4096KB free_highatomic:1296KB active_anon:156kB inactive_anon:196kB active_file:700kB inactive_file:8kB unevictable:3536kB writepending:4kB present:1032196kB managed:296832kB mlocked:0kB bounce:0kB free_pcp:3608kB local_pcp:640kB free_cma:0kB
[ 1071.483932][T28802] lowmem_reserve[]: 0 0 0 0 0
[ 1071.487366][T28802] Node 1 DMA32 free:112640kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:4096KB free_highatomic:1348KB active_anon:3072kB inactive_anon:3168kB active_file:5208kB inactive_file:7908kB unevictable:3536kB writepending:3872kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:70968kB local_pcp:15988kB free_cma:0kB
[ 1071.502599][T28802] lowmem_reserve[]: 0 0 0 0 0
[ 1071.504388][T28802] Node 0 DMA: 44*4kB (UM) 32*8kB (UM) 12*16kB (UM) 14*32kB (UM) 3*64kB (UM) 3*128kB (M) 2*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2672kB
[ 1071.509882][T28802] Node 0 DMA32: 312*4kB (UME) 364*8kB (UMEH) 100*16kB (UME) 196*32kB (UMH) 70*64kB (UMEH) 29*128kB (UME) 12*256kB (UME) 1*512kB (M) 1*1024kB (H) 0*2048kB 0*4096kB = 24832kB
[ 1071.515998][T28802] Node 1 DMA32: 620*4kB (UMEH) 1202*8kB (MEH) 300*16kB (UMH) 296*32kB (MEH) 92*64kB (UMEH) 66*128kB (MEH) 55*256kB (MEH) 49*512kB (UME) 28*1024kB (ME) 2*2048kB (UM) 0*4096kB = 112640kB
[ 1071.522542][T28802] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1071.526264][T28802] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1071.529366][T28802] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1071.535640][T28802] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1071.539000][T28802] 6132 total pagecache pages
[ 1071.540629][T28802] 845 pages in swap cache
[ 1071.542414][T28802] Free swap  = 75600kB
[ 1071.543771][T28802] Total swap = 124996kB
[ 1071.545069][T28802] 524155 pages RAM
[ 1071.546314][T28802] 0 pages HighMem/MovableOnly
[ 1071.547744][T28802] 209040 pages reserved
[ 1071.549010][T28802] 0 pages cma reserved
[ 1071.767516][T28813] netlink: 'syz.2.6297': attribute type 1 has an invalid length.
[ 1072.004009][T28813] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1072.199904][T28823] bond2: (slave veth5): Enslaving as an active interface with a down link
[ 1072.218387][T28824] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6298'.
[ 1072.245588][T28813] vlan3: entered allmulticast mode
[ 1072.247369][T28813] veth1: entered allmulticast mode
[ 1072.249767][T28813] veth1: entered promiscuous mode
[ 1072.252608][T28813] veth1: left promiscuous mode
[ 1072.255588][T28813] bond2: (slave vlan3): making interface the new active one
[ 1072.258433][T28813] veth1: entered promiscuous mode
[ 1072.260462][T28813] vlan3: entered promiscuous mode
[ 1072.275531][T28813] bond2: (slave vlan3): Enslaving as an active interface with an up link
[ 1072.323468][T28826] 9pnet: Found fid 0 not clunked
[ 1072.377713][T28826] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1072.617372][T28840] netlink: 168 bytes leftover after parsing attributes in process `syz.0.6304'.
[ 1072.773150][T28849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6303'.
[ 1072.777191][T28849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6303'.
[ 1072.861502][T28853] 9pnet_fd: Insufficient options for proto=fd
[ 1073.418723][T28858] lo speed is unknown, defaulting to 1000
[ 1073.492779][T28863] netdevsim netdevsim2: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1073.496482][T28863] netdevsim netdevsim2: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1073.668592][T28871] netlink: 168 bytes leftover after parsing attributes in process `syz.3.6313'.
[ 1073.885797][T28880] binder: 28879:28880 ioctl c0306201 80000640 returned -22
[ 1074.069758][ T1138] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.144036][ T1138] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.171486][    C3] ------------[ cut here ]------------
[ 1074.174229][    C3] refcount_t: addition on 0; use-after-free.
[ 1074.177293][    C3] WARNING: CPU: 3 PID: 24055 at lib/refcount.c:25 refcount_warn_saturate+0x1ca/0x210
[ 1074.181919][    C3] Modules linked in:
[ 1074.183943][    C3] CPU: 3 UID: 0 PID: 24055 Comm: syz-executor Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1074.191305][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1074.195842][    C3] RIP: 0010:refcount_warn_saturate+0x1ca/0x210
[ 1074.197900][    C3] Code: ff 89 de e8 e8 cc e4 fc 84 db 0f 85 e6 fe ff ff e8 fb d1 e4 fc c6 05 ae 95 99 0b 01 90 48 c7 c7 00 df f4 8b e8 57 f0 a3 fc 90 <0f> 0b 90 90 e9 c3 fe ff ff e8 d8 d1 e4 fc c6 05 89 95 99 0b 01 90
[ 1074.204550][    C3] RSP: 0018:ffffc900005e88b0 EFLAGS: 00010286
[ 1074.206882][    C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8
[ 1074.210006][    C3] RDX: ffff888048bb4880 RSI: ffffffff817a92d5 RDI: 0000000000000001
[ 1074.213300][    C3] RBP: ffff88804cb8426c R08: 0000000000000001 R09: 0000000000000000
[ 1074.213476][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1074.216630][    C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804cb8426c
[ 1074.221794][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1074.222464][    C3] R13: ffff88804cb84100 R14: ffff88806c093800 R15: ffff88805916f600
[ 1074.226368][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1074.228448][    C3] FS:  0000000000000000(0000) GS:ffff888097a72000(0063) knlGS:0000000057339440
[ 1074.234315][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1074.235082][    C3] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1074.238617][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1074.240687][    C3] CR2: 00000000f7413230 CR3: 000000005d19e000 CR4: 0000000000352ef0
[ 1074.246993][    C3] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[ 1074.250252][    C3] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1074.253619][    C3] Call Trace:
[ 1074.255065][    C3]  <IRQ>
[ 1074.256342][    C3]  tipc_crypto_xmit+0x20c1/0x2550
[ 1074.258470][    C3]  ? __pfx_tipc_crypto_xmit+0x10/0x10
[ 1074.260702][    C3]  ? lock_acquire+0x179/0x350
[ 1074.262775][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.264766][    C3]  ? net_generic+0xea/0x2a0
[ 1074.266738][    C3]  tipc_bearer_xmit_skb+0x15f/0x430
[ 1074.268958][    C3]  ? __pfx_tipc_bearer_xmit_skb+0x10/0x10
[ 1074.271401][    C3]  ? mark_held_locks+0x49/0x80
[ 1074.273414][    C3]  ? __local_bh_enable_ip+0xa4/0x120
[ 1074.275582][    C3]  tipc_disc_timeout+0x5b2/0x850
[ 1074.277138][T28883] lo speed is unknown, defaulting to 1000
[ 1074.277597][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.282074][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.284280][    C3]  call_timer_fn+0x19a/0x620
[ 1074.286123][    C3]  ? __pfx_call_timer_fn+0x10/0x10
[ 1074.288146][    C3]  ? mark_held_locks+0x49/0x80
[ 1074.289725][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.291545][    C3]  __run_timers+0x6ef/0x960
[ 1074.293017][    C3]  ? __pfx___run_timers+0x10/0x10
[ 1074.294665][    C3]  run_timer_base+0x114/0x190
[ 1074.296179][    C3]  ? __pfx_run_timer_base+0x10/0x10
[ 1074.297825][    C3]  run_timer_softirq+0x1a/0x40
[ 1074.299359][    C3]  handle_softirqs+0x219/0x8e0
[ 1074.300882][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[ 1074.302633][    C3]  __irq_exit_rcu+0x109/0x170
[ 1074.304171][    C3]  irq_exit_rcu+0x9/0x30
[ 1074.305574][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1074.307363][    C3]  </IRQ>
[ 1074.308322][    C3]  <TASK>
[ 1074.309301][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1074.311553][    C3] RIP: 0010:lock_acquire+0x62/0x350
[ 1074.313218][    C3] Code: e8 12 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 02 df ef 0e 0f 82 74 02 00 00 8b 35 ca 10 f0 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 99 e8 12 12 0f 85 c7 02 00 00 48 83 c4
[ 1074.319198][    C3] RSP: 0018:ffffc90007697180 EFLAGS: 00000206
[ 1074.321161][    C3] RAX: 0000000000000046 RBX: ffffffff8e3c4b40 RCX: 00000000461f8657
[ 1074.323737][    C3] RDX: 0000000000000000 RSI: ffffffff8dbe5250 RDI: ffffffff8bf533a0
[ 1074.326239][    C3] RBP: 0000000000000002 R08: fd55b2198b05037c R09: 0000000000000000
[ 1074.328746][    C3] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 1074.331308][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1074.333833][    C3]  ? unwind_next_frame+0x3f4/0x20a0
[ 1074.335486][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1074.337418][    C3]  unwind_next_frame+0xd1/0x20a0
[ 1074.339031][    C3]  ? unwind_next_frame+0xbd/0x20a0
[ 1074.340642][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.342515][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1074.344487][    C3]  arch_stack_walk+0x94/0x100
[ 1074.345993][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.347739][    C3]  stack_trace_save+0x8e/0xc0
[ 1074.349240][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[ 1074.350964][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.352528][    C3]  kasan_save_stack+0x33/0x60
[ 1074.354054][    C3]  ? kasan_save_stack+0x33/0x60
[ 1074.355660][    C3]  ? kasan_save_track+0x14/0x30
[ 1074.357219][    C3]  ? __kasan_kmalloc+0xaa/0xb0
[ 1074.358812][    C3]  ? __get_vm_area_node+0x101/0x330
[ 1074.360456][    C3]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[ 1074.362448][    C3]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1074.364168][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.365907][    C3]  kasan_save_track+0x14/0x30
[ 1074.367425][    C3]  __kasan_kmalloc+0xaa/0xb0
[ 1074.368906][    C3]  __get_vm_area_node+0x101/0x330
[ 1074.370524][    C3]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1074.372531][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.374289][    C3]  ? __lock_acquire+0xb8a/0x1c90
[ 1074.375869][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.377598][    C3]  ? __mutex_trylock_common+0xe9/0x250
[ 1074.379339][    C3]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1074.381654][    C3]  ? rcu_is_watching+0x12/0xc0
[ 1074.383245][    C3]  ? trace_contention_end+0xdd/0x130
[ 1074.385304][    C3]  ? __mutex_lock+0x1ca/0xb90
[ 1074.387063][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.389109][    C3]  __vmalloc_node_noprof+0xad/0xf0
[ 1074.390753][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.392540][    C3]  xt_compat_init_offsets+0xe6/0x1f0
[ 1074.394553][    C3]  compat_table_info+0x11b/0x830
[ 1074.396238][    C3]  compat_do_ebt_get_ctl+0x1d0/0x5a0
[ 1074.397904][    C3]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[ 1074.399762][    C3]  ? trace_cap_capable+0x18d/0x200
[ 1074.401430][    C3]  ? bpf_lsm_capable+0x9/0x10
[ 1074.402954][    C3]  ? security_capable+0x7e/0x260
[ 1074.404573][    C3]  do_ebt_get_ctl+0x2c4/0x6d0
[ 1074.406109][    C3]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[ 1074.407765][    C3]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1074.409644][    C3]  nf_getsockopt+0x7c/0xe0
[ 1074.411149][    C3]  ip_getsockopt+0x18c/0x1e0
[ 1074.412634][    C3]  ? __pfx_ip_getsockopt+0x10/0x10
[ 1074.414290][    C3]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1074.415835][    C3]  ? __pfx_do_wp_page+0x10/0x10
[ 1074.417377][    C3]  tcp_getsockopt+0xa1/0x100
[ 1074.418857][    C3]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1074.420723][    C3]  do_sock_getsockopt+0x3fc/0x800
[ 1074.422408][    C3]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1074.424209][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.425698][    C3]  ? __might_fault+0xe3/0x190
[ 1074.427217][    C3]  __sys_getsockopt+0x123/0x1b0
[ 1074.428769][    C3]  __ia32_compat_sys_socketcall+0x4ba/0x770
[ 1074.430653][    C3]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[ 1074.432761][    C3]  ? exc_page_fault+0x5c/0xb0
[ 1074.434290][    C3]  ? rcu_is_watching+0x12/0xc0
[ 1074.435812][    C3]  __do_fast_syscall_32+0x7c/0x3a0
[ 1074.437431][    C3]  do_fast_syscall_32+0x32/0x80
[ 1074.439018][    C3]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1074.441008][    C3] RIP: 0023:0xf70ae579
[ 1074.442389][    C3] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1074.448446][    C3] RSP: 002b:00000000ffcb6250 EFLAGS: 00000286 ORIG_RAX: 0000000000000066
[ 1074.451124][    C3] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00000000ffcb6288
[ 1074.453615][    C3] RDX: 00000000ffcb630c RSI: 00000000ffcb6310 RDI: 00000000f7412ff4
[ 1074.456169][    C3] RBP: 00000000ffcb6310 R08: 0000000000000000 R09: 0000000000000000
[ 1074.458645][    C3] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 1074.461185][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1074.463715][    C3]  </TASK>
[ 1074.464713][    C3] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1074.466997][    C3] CPU: 3 UID: 0 PID: 24055 Comm: syz-executor Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) 
[ 1074.470639][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1074.473992][    C3] Call Trace:
[ 1074.475068][    C3]  <IRQ>
[ 1074.475994][    C3]  dump_stack_lvl+0x3d/0x1f0
[ 1074.477363][    C3]  panic+0x71c/0x800
[ 1074.478634][    C3]  ? __pfx_panic+0x10/0x10
[ 1074.480059][    C3]  ? show_trace_log_lvl+0x29b/0x3e0
[ 1074.481715][    C3]  ? check_panic_on_warn+0x1f/0xb0
[ 1074.483373][    C3]  ? refcount_warn_saturate+0x1ca/0x210
[ 1074.485141][    C3]  check_panic_on_warn+0xab/0xb0
[ 1074.486803][    C3]  __warn+0xf6/0x3c0
[ 1074.488202][    C3]  ? __pfx_vprintk_emit+0x10/0x10
[ 1074.489929][    C3]  ? refcount_warn_saturate+0x1ca/0x210
[ 1074.492022][    C3]  report_bug+0x3c3/0x580
[ 1074.493542][    C3]  ? refcount_warn_saturate+0x1ca/0x210
[ 1074.495459][    C3]  handle_bug+0x184/0x210
[ 1074.496847][    C3]  exc_invalid_op+0x17/0x50
[ 1074.498444][    C3]  asm_exc_invalid_op+0x1a/0x20
[ 1074.500075][    C3] RIP: 0010:refcount_warn_saturate+0x1ca/0x210
[ 1074.502230][    C3] Code: ff 89 de e8 e8 cc e4 fc 84 db 0f 85 e6 fe ff ff e8 fb d1 e4 fc c6 05 ae 95 99 0b 01 90 48 c7 c7 00 df f4 8b e8 57 f0 a3 fc 90 <0f> 0b 90 90 e9 c3 fe ff ff e8 d8 d1 e4 fc c6 05 89 95 99 0b 01 90
[ 1074.508866][    C3] RSP: 0018:ffffc900005e88b0 EFLAGS: 00010286
[ 1074.510805][    C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8
[ 1074.513277][    C3] RDX: ffff888048bb4880 RSI: ffffffff817a92d5 RDI: 0000000000000001
[ 1074.515873][    C3] RBP: ffff88804cb8426c R08: 0000000000000001 R09: 0000000000000000
[ 1074.518818][    C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804cb8426c
[ 1074.521812][    C3] R13: ffff88804cb84100 R14: ffff88806c093800 R15: ffff88805916f600
[ 1074.524754][    C3]  ? __warn_printk+0x198/0x350
[ 1074.526322][    C3]  ? __warn_printk+0x1a5/0x350
[ 1074.527853][    C3]  tipc_crypto_xmit+0x20c1/0x2550
[ 1074.529456][    C3]  ? __pfx_tipc_crypto_xmit+0x10/0x10
[ 1074.531184][    C3]  ? lock_acquire+0x179/0x350
[ 1074.532684][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.534181][    C3]  ? net_generic+0xea/0x2a0
[ 1074.535649][    C3]  tipc_bearer_xmit_skb+0x15f/0x430
[ 1074.537294][    C3]  ? __pfx_tipc_bearer_xmit_skb+0x10/0x10
[ 1074.539099][    C3]  ? mark_held_locks+0x49/0x80
[ 1074.540617][    C3]  ? __local_bh_enable_ip+0xa4/0x120
[ 1074.542324][    C3]  tipc_disc_timeout+0x5b2/0x850
[ 1074.544192][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.546209][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.547937][    C3]  call_timer_fn+0x19a/0x620
[ 1074.549419][    C3]  ? __pfx_call_timer_fn+0x10/0x10
[ 1074.551023][    C3]  ? mark_held_locks+0x49/0x80
[ 1074.552533][    C3]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1074.554226][    C3]  __run_timers+0x6ef/0x960
[ 1074.555686][    C3]  ? __pfx___run_timers+0x10/0x10
[ 1074.557291][    C3]  run_timer_base+0x114/0x190
[ 1074.558919][    C3]  ? __pfx_run_timer_base+0x10/0x10
[ 1074.560577][    C3]  run_timer_softirq+0x1a/0x40
[ 1074.562112][    C3]  handle_softirqs+0x219/0x8e0
[ 1074.563831][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[ 1074.565851][    C3]  __irq_exit_rcu+0x109/0x170
[ 1074.567365][    C3]  irq_exit_rcu+0x9/0x30
[ 1074.568720][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1074.570511][    C3]  </IRQ>
[ 1074.571468][    C3]  <TASK>
[ 1074.572420][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1074.574554][    C3] RIP: 0010:lock_acquire+0x62/0x350
[ 1074.576254][    C3] Code: e8 12 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 02 df ef 0e 0f 82 74 02 00 00 8b 35 ca 10 f0 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 99 e8 12 12 0f 85 c7 02 00 00 48 83 c4
[ 1074.582238][    C3] RSP: 0018:ffffc90007697180 EFLAGS: 00000206
[ 1074.584205][    C3] RAX: 0000000000000046 RBX: ffffffff8e3c4b40 RCX: 00000000461f8657
[ 1074.586687][    C3] RDX: 0000000000000000 RSI: ffffffff8dbe5250 RDI: ffffffff8bf533a0
[ 1074.589167][    C3] RBP: 0000000000000002 R08: fd55b2198b05037c R09: 0000000000000000
[ 1074.591648][    C3] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 1074.594356][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1074.597141][    C3]  ? unwind_next_frame+0x3f4/0x20a0
[ 1074.598798][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1074.600750][    C3]  unwind_next_frame+0xd1/0x20a0
[ 1074.602341][    C3]  ? unwind_next_frame+0xbd/0x20a0
[ 1074.604341][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.606564][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1074.608984][    C3]  arch_stack_walk+0x94/0x100
[ 1074.610867][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.613024][    C3]  stack_trace_save+0x8e/0xc0
[ 1074.614915][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[ 1074.617022][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.618892][    C3]  kasan_save_stack+0x33/0x60
[ 1074.620755][    C3]  ? kasan_save_stack+0x33/0x60
[ 1074.622689][    C3]  ? kasan_save_track+0x14/0x30
[ 1074.624651][    C3]  ? __kasan_kmalloc+0xaa/0xb0
[ 1074.626567][    C3]  ? __get_vm_area_node+0x101/0x330
[ 1074.628614][    C3]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[ 1074.631027][    C3]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1074.632899][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.634961][    C3]  kasan_save_track+0x14/0x30
[ 1074.636669][    C3]  __kasan_kmalloc+0xaa/0xb0
[ 1074.638339][    C3]  __get_vm_area_node+0x101/0x330
[ 1074.640026][    C3]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1074.641923][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.643681][    C3]  ? __lock_acquire+0xb8a/0x1c90
[ 1074.645235][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.646977][    C3]  ? __mutex_trylock_common+0xe9/0x250
[ 1074.648846][    C3]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1074.651217][    C3]  ? rcu_is_watching+0x12/0xc0
[ 1074.652921][    C3]  ? trace_contention_end+0xdd/0x130
[ 1074.654532][    C3]  ? __mutex_lock+0x1ca/0xb90
[ 1074.655972][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.657681][    C3]  __vmalloc_node_noprof+0xad/0xf0
[ 1074.659297][    C3]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1074.660979][    C3]  xt_compat_init_offsets+0xe6/0x1f0
[ 1074.662634][    C3]  compat_table_info+0x11b/0x830
[ 1074.664225][    C3]  compat_do_ebt_get_ctl+0x1d0/0x5a0
[ 1074.665887][    C3]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[ 1074.667770][    C3]  ? trace_cap_capable+0x18d/0x200
[ 1074.669392][    C3]  ? bpf_lsm_capable+0x9/0x10
[ 1074.670913][    C3]  ? security_capable+0x7e/0x260
[ 1074.672486][    C3]  do_ebt_get_ctl+0x2c4/0x6d0
[ 1074.673992][    C3]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[ 1074.675654][    C3]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1074.677549][    C3]  nf_getsockopt+0x7c/0xe0
[ 1074.678982][    C3]  ip_getsockopt+0x18c/0x1e0
[ 1074.680438][    C3]  ? __pfx_ip_getsockopt+0x10/0x10
[ 1074.682061][    C3]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1074.683627][    C3]  ? __pfx_do_wp_page+0x10/0x10
[ 1074.685165][    C3]  tcp_getsockopt+0xa1/0x100
[ 1074.686629][    C3]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1074.688476][    C3]  do_sock_getsockopt+0x3fc/0x800
[ 1074.689991][    C3]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1074.691719][    C3]  ? find_held_lock+0x2b/0x80
[ 1074.693207][    C3]  ? __might_fault+0xe3/0x190
[ 1074.694703][    C3]  __sys_getsockopt+0x123/0x1b0
[ 1074.696247][    C3]  __ia32_compat_sys_socketcall+0x4ba/0x770
[ 1074.698101][    C3]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[ 1074.700115][    C3]  ? exc_page_fault+0x5c/0xb0
[ 1074.701610][    C3]  ? rcu_is_watching+0x12/0xc0
[ 1074.703147][    C3]  __do_fast_syscall_32+0x7c/0x3a0
[ 1074.704767][    C3]  do_fast_syscall_32+0x32/0x80
[ 1074.706302][    C3]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1074.708252][    C3] RIP: 0023:0xf70ae579
[ 1074.709519][    C3] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1074.715355][    C3] RSP: 002b:00000000ffcb6250 EFLAGS: 00000286 ORIG_RAX: 0000000000000066
[ 1074.717939][    C3] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00000000ffcb6288
[ 1074.720395][    C3] RDX: 00000000ffcb630c RSI: 00000000ffcb6310 RDI: 00000000f7412ff4
[ 1074.722859][    C3] RBP: 00000000ffcb6310 R08: 0000000000000000 R09: 0000000000000000
[ 1074.725338][    C3] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 1074.727803][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1074.730289][    C3]  </TASK>
[ 1074.731999][    C3] Kernel Offset: disabled
[ 1074.733393][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:50:19  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88804a1c2f30 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8e3c4b40 RDI=ffff88804a1c2f30 RBP=ffffffff8e3c4b40 RSP=ffffc9000684f4b8
R8 =0000000000000006 R9 =0000000000001000 R10=0000000000000000 R11=0000000000000001
R12=ffff88804a1c2440 R13=ffff88804a1c2f30 R14=00000000ffffffff R15=0000000000000000
RIP=ffffffff8b798f70 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097772000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000325d5ffc CR3=000000002882e000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=fffff940003bdf50 RBX=fffff940003bdf51 RCX=ffffffff82088543 RDX=0000000000000000
RSI=0000000000000008 RDI=ffffea0001defa80 RBP=fffff940003bdf50 RSP=ffffc90003c6f670
R8 =0000000000000000 R9 =fffff940003bdf50 R10=ffffea0001defa87 R11=0000000000000001
R12=0000000000000000 R13=dffffc0000000000 R14=ffffea0001defa80 R15=ffff888045044cf0
RIP=ffffffff82212a7f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097872000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080006680 CR3=000000005429d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff91acd866 RBX=ffffffff90f94ad8 RCX=dffffc0000000000 RDX=1ffffffff21f295b
RSI=0000000000000000 RDI=ffffffff90f94ab8 RBP=ffffffff90f94ab8 RSP=ffffc90000537d28
R8 =ffffffff91acd8cc R9 =0000000000000000 R10=0000000000000000 R11=0000000000084d24
R12=ffffffff90f94af8 R13=ffffffff894d24a6 R14=ffffffff90f94ab8 R15=ffffffff90f94ab8
RIP=ffffffff816a6e60 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f10565a1300 ffffffff 00c00000
GS =0000 ffff888097972000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f3035ffc CR3=000000004b928000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1df2ffffffff81f2 1d8fffffffff81f2 11d6ffffffff81f3 3bb9ffffffff81f1
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1b1cffffffff81f2 15ecffffffff81f2 151affffffff81f2 10c5ffffffff81f2
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3065ffffffff81f2 10d5ffffffff81f2 1499ffffffff81f2 1faeffffffff81f2
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bd4effffffff8b77 bf71ffffffff8b77 b8faffffffff8b77 bbceffffffff8b77
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b8e1ffffffff8b77 b4e3ffffffff8b77 bbefffffffff8b77 b927ffffffff8b77
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b679ffffffff8b77 bd5fffffffff8b77 b8b7ffffffff8b77 bd3cffffffff8b77
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d666ffffffff81f3 30e5ffffffff81f3 39b7ffffffff81f3 3132ffffffff81f3
ZMM24=9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c 9e03986c9e03986c
ZMM25=68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187 68c8e18768c8e187
ZMM26=f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc f31cf8bcf31cf8bc
ZMM27=b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a b9abf34ab9abf34a
ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000 8e4d00008e4d0000
info registers vcpu 3

CPU#3
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8555fc15 RDI=ffffffff9ae5ca00 RBP=ffffffff9ae5c9c0 RSP=ffffc900005e8220
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=000000000000003a R14=ffffffff9ae5c9c0 R15=ffffffff8555fbb0
RIP=ffffffff8555fc3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097a72000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7413230 CR3=000000005d19e000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000