last executing test programs:

2m14.564973001s ago: executing program 0 (id=547):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
socket(0x2, 0x80805, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[], 0x0}, 0x94)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r1, 0x7a6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(0xffffffffffffffff, 0x408c5333, &(0x7f0000000280)={0xfffffffc, 0x0, 0x0, {0x8}, 0x20007})
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$phonet_pipe(0x23, 0x5, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
inotify_init()
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

2m12.361563249s ago: executing program 0 (id=558):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_khugepaged_scan_pmd\x00', r0}, 0x18)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x200100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000140)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x810)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xffb)
r3 = getpgrp(0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x6, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, r3, 0x0, 0x8, 'syz0\x00', 0x0})

2m11.404547868s ago: executing program 0 (id=563):
unshare(0x6020480)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
shutdown(r0, 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f00003f7000/0x2000)=nil, 0x2000, 0x800001, 0x80010, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r4, 0x5}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r3, 0x26, 0x0, 0x379, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'wg1\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0xd, 0x5, 0x7, 0x28, 0xe, 0xa1, 0x9, 0xa, 0x0, [0x4e, 0xc, 0xdaa, 0x7, 0x405, 0x8, 0x9, 0xfffffffb], [0x103]}})
r6 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r6, 0x0, 0x0)
r7 = dup(r2)
r8 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r8, 0x8008662c, &(0x7f0000000240))
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x30004084)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000003c0)=0x14)

2m11.012684075s ago: executing program 0 (id=565):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
recvmmsg(r0, &(0x7f00000004c0)=[{{&(0x7f0000000080)=@isdn, 0x80, &(0x7f0000000300)=[{&(0x7f0000000100)=""/141, 0x8d}, {&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000240)=""/87, 0x57}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f00000003c0)=""/239, 0xef}], 0x5}, 0x7}], 0x1, 0x40000061, &(0x7f0000000500))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x5800)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000340)='./file0/file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x15, 0x2, 0x0, 0x5, 0x0})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000300)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x2, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4004af61, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x80000007, 0x1}, 0x1c)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad7, 0x10000, 0x2}, &(0x7f0000000040), &(0x7f0000000280))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000040)={0xfffffeff})
close(r7)
io_uring_enter(r5, 0x1f85, 0x40110a, 0x4d, 0x0, 0xa6)
recvmmsg$unix(r4, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000005c0)=""/227, 0xe3}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1}}], 0x2, 0x40000000, 0x0)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

2m9.9646652s ago: executing program 0 (id=570):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000280), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x14, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback=0x10, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1811edff", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000006540600ff000000185300000600"/88], &(0x7f00000000c0)='syzkaller\x00', 0x8b, 0x8c, &(0x7f0000000480)=""/140, 0x41000, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x8, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000580)=[r0, r0, r0, r0, r0, 0xffffffffffffffff, r0, r0], &(0x7f00000006c0)=[{0x2, 0x3, 0xe, 0x1}, {0x3, 0x3, 0x1, 0xa}, {0x4, 0x4, 0xe}, {0x4, 0x2, 0xd, 0xc}, {0x0, 0x2, 0x4, 0xb}, {0x1, 0x4, 0x8, 0x5}, {0x0, 0x1, 0xe, 0xa}, {0x5, 0x1, 0xb}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000840)='fdb_delete\x00', r2}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0)
getsockopt$ax25_int(r4, 0x101, 0x8, &(0x7f0000000080), &(0x7f0000000000)=0x1b)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2m9.6950833s ago: executing program 0 (id=572):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000200)={0x50, 0x0, r1, {0x7, 0x1f, 0x800, 0x11428, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x400000400, {0x0, 0x5, 0x0, {0x2, 0xfffffff, 0x0, 0xe979, 0x7ff, 0xfffffffffffffffd, 0x0, 0x3966, 0x3, 0x8000, 0x4, r2, r3, 0xc3d, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
write$tcp_congestion(r4, 0x0, 0x0)

2m9.369251101s ago: executing program 32 (id=572):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000200)={0x50, 0x0, r1, {0x7, 0x1f, 0x800, 0x11428, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x400000400, {0x0, 0x5, 0x0, {0x2, 0xfffffff, 0x0, 0xe979, 0x7ff, 0xfffffffffffffffd, 0x0, 0x3966, 0x3, 0x8000, 0x4, r2, r3, 0xc3d, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
write$tcp_congestion(r4, 0x0, 0x0)

5.013182417s ago: executing program 4 (id=1315):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$int_out(r0, 0x5460, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
r3 = io_uring_setup(0xf42, &(0x7f0000001400)={0x0, 0x47bc, 0x2000, 0x3, 0x3b4})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000001480)={0x0, 0x0, 0x80, 0x0, 0x4000, 0x0, r3}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @cmp={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa4}}, 0x0)
setsockopt$inet_int(r7, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x3, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
recvmsg(r7, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x40002002)
ioctl$CDROMSEEK(0xffffffffffffffff, 0x5316, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff})
r10 = socket$nl_route(0x10, 0x3, 0x0)
splice(r9, 0x0, r10, 0x0, 0x4ffe6, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x100000b, 0x10, r0, 0x67c09000)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000100)=0x13, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x4, &(0x7f0000000080)=[{0x6, 0x9, 0x6, 0x3}, {0x3, 0x5, 0x8, 0x3}, {0x101, 0x9, 0x80}, {0x5, 0x8, 0x8, 0x1ad8f15b}]}, 0x8)
r11 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000140)={'team_slave_0\x00', &(0x7f0000000280)=@ethtool_channels={0x48, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}})
socket$packet(0x11, 0x3, 0x300)
close_range(r1, 0xffffffffffffffff, 0x0)

4.84220088s ago: executing program 4 (id=1318):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20000)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r4, 0xc008ae88, &(0x7f0000000300)={0x2, 0x0, [{0x250, 0x0, 0x100000001}, {0x25d, 0x0, 0xf35}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = syz_open_dev$vim2m(0x0, 0xa, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r5, 0xc02c564a, &(0x7f0000000140)={0x0, 0x34324142, 0x2, @discrete={0x1, 0x401}})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000000)="2e000000010002", 0x7)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0x0, @local}, 0x2}}, 0x26)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c0000007be9d00210d68b8b2eb238629e72cc6d5e76b45d299a68aced96fc71e455593663486a443d7fc1599f9ca6113b7883b7810cac364c", @ANYRES16=r8, @ANYBLOB="010027bd60000400000005000000080009000200000008000c00a80a000008000b000000000006000100070000000500130001000000"], 0x3c}}, 0x20)
r10 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r10, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r10, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000080)={0xd7, 0x1000, 0x2000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)
lseek(r10, 0x0, 0x4)
ftruncate(r0, 0xfffffd83)

3.932971566s ago: executing program 3 (id=1323):
unshare(0x6020480)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
shutdown(r0, 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mmap(&(0x7f00003f7000/0x2000)=nil, 0x2000, 0x800001, 0x80010, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r2, 0x26, 0x0, 0x379, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'wg1\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0xd, 0x5, 0x7, 0x28, 0xe, 0xa1, 0x9, 0xa, 0x0, [0x4e, 0xc, 0xdaa, 0x7, 0x405, 0x8, 0x9, 0xfffffffb], [0x103]}})
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r6 = dup(0xffffffffffffffff)
r7 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r7, 0x8008662c, 0x0)
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x30004084)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x14)

3.932551571s ago: executing program 4 (id=1324):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}}, 0x0)
sendmsg$SMC_PNETID_DEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r3, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
ioctl$KVM_GET_XSAVE2(0xffffffffffffffff, 0x9000aecf, &(0x7f0000ffc000/0x3000)=nil)
sendmmsg(r2, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

3.032477658s ago: executing program 3 (id=1327):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x41, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0xe})
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0x3ff00000000)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x80c0)
recvmmsg(r2, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'erspan0\x00'})
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r7, 0x89a2, &(0x7f0000000200)='bridge0\x00')
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, 0x0, 0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)

3.032134736s ago: executing program 4 (id=1328):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
syz_emit_ethernet(0x2a, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x1c09, 0x0, &(0x7f0000000080), &(0x7f00000001c0))
syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r3, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4, 0x3f}}, 0x2e)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="3c00d300", @ANYRES16, @ANYBLOB="01002cbd70100400000005000000080009000200000008000b0000000000060001000500000008000c00a80a00000500120077000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20008080}, 0x30)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
socket$inet6_sctp(0xa, 0x5, 0x84)

2.703944333s ago: executing program 1 (id=1332):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20000)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r4, 0xc008ae88, &(0x7f0000000300)={0x2, 0x0, [{0x250, 0x0, 0x100000001}, {0x25d, 0x0, 0xf35}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = syz_open_dev$vim2m(0x0, 0xa, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r5, 0xc02c564a, &(0x7f0000000140)={0x0, 0x34324142, 0x2, @discrete={0x1, 0x401}})
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(0xffffffffffffffff, &(0x7f0000000000)="2e000000010002", 0x7)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0x0, @local}, 0x2}}, 0x26)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c0000007be9d00210d68b8b2eb238629e72cc6d5e76b45d299a68aced96fc71e455593663486a443d7fc1599f9ca6113b7883b7810cac364c", @ANYRES16=r8, @ANYBLOB="010027bd60000400000005000000080009000200000008000c00a80a000008000b000000000006000100070000000500130001000000"], 0x3c}}, 0x20)
r10 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r10, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r10, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000080)={0xd7, 0x1000, 0x2000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)
lseek(r10, 0x0, 0x4)
ftruncate(r0, 0xfffffd83)

2.45424423s ago: executing program 4 (id=1333):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x20004800}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x9, 0x0, 0x1, 0xc, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x2}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x19, 0x4, 0x8, 0x30000, 0x0, 0xffffffffffffffff, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000500)={0x4, 0x7, 0x0, 0x6, 0x2, [0x1, 0x4e, 0x7fffffff, 0x666]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'team_slave_1\x00', <r2=>0x0})
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000f100000003"], 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x12, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f00000004c0)=0x2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@generic={0x9, 0x3, 0x3, 0x5, 0x6}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x5, 0x4d, &(0x7f0000000280)=""/77, 0x41000, 0x20, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xf, 0x6, 0x7}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x4206, r6)
ptrace(0xffffffffffffffff, r6)
ptrace(0x4207, r6)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x4)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$9p_virtio(&(0x7f0000000100), &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x4, &(0x7f00000007c0)={'trans=virtio,', {[{@nodevmap}]}})
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r9, 0x10001, 0x0)
setsockopt$packet_fanout_data(r7, 0x107, 0x16, &(0x7f0000000380)={0x9, &(0x7f0000000300)=[{0x4, 0x6, 0x8, 0x3}, {0xb, 0x9, 0x3}, {0xffff, 0x8, 0xa6, 0x8}, {0x1, 0x81, 0x5, 0x7f}, {0xc, 0x1, 0x2, 0x6}, {0x9, 0x8, 0x9, 0xa}, {0x4, 0xf9, 0x1, 0x6}, {0xb, 0x5, 0x0, 0x8}, {0x9, 0x4, 0x7, 0x9}]}, 0x8)
ioctl$KDSKBSENT(r8, 0x4b49, &(0x7f0000000040)={0x6d, "d4aa55a2851d891f14d7730a9980210f3c0d2ec5700ff0cd90d3cda056809c13b0ec5c08ce4974ca4666516f251459a32599646625e40aae2811eaa5eebd026c284494802e05d411252d7c6d475d91992d7dd7ad0561d4a7b3d547fc6c6d287b44d8f21976083a70a036f09d87462deb1532f0da46c652e64f2589b17ca66fa444deb801bb9a6099cca1a782953cbafb42b95a7f8c815e38bbe376f8a4ce4f8ed2b7ee56d036d7360bccac353d04b08a97de58862672f3d05223cba789b52dffc0ebc3fff6534ac9e1e5fe3768bf18672ad48ef870ba1c8ccf6c1dc612e396d7c15ad90910ec0bce37f100c7b944ac2c71ef81836a62af4a762f9d9614c3503887207c5fe6f4a3b1075ec5f6e6e13804e0554efdf7a2ac62770bbcd8f8d13c7a514164a8d189ab17ae0a8055a66a4dcf661633c632873300de543d26a62c841e82d37e697258d733f699cfea0ad39ce3cc20241ca464a2ba7accf74ba3230451882d67d6bdd52d00f567793a00bca63e25fe4f4283f0fa8512eea9f70c555776f6ba88f35f966f8508df5c5fbb2b6e67d33cb92ca4f94d63844a62537395a0b8fe4bddd909126960e15b94c25a0fd815068fb9d5add15b2502137f5880667febf9a82c2a6c5409a0e993b404fe10287884192053cd2c01e10071aa77e87e7d2617f64b30f42982ef81b40352bf6f9cd6c456b3095e9be0360a7be4f0870e00"})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

2.043958849s ago: executing program 3 (id=1334):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x276)
r1 = openat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r1, 0x8008f512, &(0x7f0000000800))
bpf$TOKEN_CREATE(0x24, &(0x7f0000000580)={0x0, r0}, 0x8)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@deltclass={0x7c, 0x29, 0x400, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xc, 0xd}, {0x2, 0xb}, {0xfff3, 0xffe0}}, [@tclass_kind_options=@c_cbs={0x8}, @tclass_kind_options=@c_cbs={0x8}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_mq={0x7}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}, @TCA_RATE={0x6, 0x5, {0x9, 0x7}}, @TCA_RATE={0x6, 0x5, {0x8d, 0x7}}, @tclass_kind_options=@c_netem={0xa}, @TCA_RATE={0x6, 0x5, {0x4, 0x1}}, @TCA_RATE={0x6, 0x5, {0x0, 0x7}}]}, 0x7c}}, 0x40000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xe, &(0x7f0000000b80)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0x4a, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xfffffffc}, 0x8, 0x10, &(0x7f0000000340)={0x2, 0x0, 0x0, 0x3ff}, 0x10}, 0x94)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r4, r6}, 0x14)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000d80)={{0x1, 0x1, 0x0, 0x4, 'syz1\x00', 0x6}, 0x1, [0x9, 0x5, 0x1ff, 0x4, 0x1, 0x85, 0x2, 0x5, 0x6, 0x4, 0x9, 0x10000, 0xb, 0x33, 0x4, 0xb221, 0xfff, 0x0, 0xb8a1, 0x6, 0xced, 0x3, 0x1000, 0x7, 0xc, 0x101, 0x1, 0x40, 0x6, 0x9, 0x100000001, 0x5, 0x0, 0x8, 0x5, 0x9, 0x8001, 0x4, 0x0, 0x9, 0xffffffffffffff80, 0x7f, 0x3, 0x200, 0x9, 0x5, 0x82c2, 0x7, 0x4, 0x100, 0x4, 0xa, 0x7, 0x2, 0x10000, 0x9, 0x0, 0x0, 0x1, 0x10, 0x4, 0x3, 0x9, 0x80000000, 0x8, 0x7, 0x1ff, 0xffffffffffffff01, 0x9, 0x3399, 0x7, 0x87, 0x8, 0x12d2, 0x10, 0x2, 0x8, 0x2, 0xa1, 0x3f800000000000, 0x1, 0x0, 0x4, 0x3, 0x3, 0x8000, 0x8000000000000000, 0x6, 0xfffffffffffffffd, 0x8, 0x5, 0xa, 0x0, 0xfffffffffffff1c3, 0x0, 0x3, 0x5, 0x7ff, 0xa24, 0x80000001, 0x7, 0xbf6, 0xc000000000, 0x6, 0x80, 0x7ff, 0x101, 0x9, 0x400, 0x7f, 0x5, 0x2, 0x0, 0x100, 0x3, 0x8, 0x2e, 0x10, 0x1400000000400000, 0x5, 0x1, 0x1, 0x8000000000000001, 0x1, 0x3, 0x7f, 0x6, 0x800]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cg\xefnup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_pressure(r7, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r8, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xff}, 0x2f)
r9 = openat$cgroup_pressure(r7, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f00000001c0)=[{r8}], 0x1, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_pressure(r9, &(0x7f0000000100)={'some', 0x20, 0x4, 0x20, 0xffffd}, 0x2f)
close(r9)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r11, 0x0, 0x0)
sendmmsg$inet(r11, &(0x7f0000000bc0)=[{{&(0x7f0000000180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10, 0x0}}], 0x1, 0x20004840)
shutdown(r11, 0x1)

1.712589696s ago: executing program 1 (id=1337):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x800000}, 0x18)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06e78b00000004000000060000000b000000000000001bde409c0562d692daaf14480ca39699636ec908e18ddd140ac73d22d7b02b84207c7404aff247d68bf633f3b40a499f3b12ee8209027470dbcbe3601038847c93af7ca11bea57ed5cec53b324ae5e4d82915a383fe4010492", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="58000000020601080000000000000000000000000900020073797a31000000000500010007000000050005000a0000000c00078008000640000000001100030068cd09e7a9d2acf1ae9f530a83766173683a69702c6d617220a0a1d3b939d325f3f6476e79f1016c8c8b6ac7da10a8174a7525b241ee2830673d77cf3727234fde7107e9e7"], 0x58}}, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04221f02"], 0x22)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x480}], 0x1, 0xf0)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @empty, 0x3}, 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x6, 0x200200)

1.711580161s ago: executing program 2 (id=1338):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000850000007d000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000003c0)='subflow_check_data_avail\x00', r0}, 0x10)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)

1.653324215s ago: executing program 2 (id=1339):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000abc010000000a05000000000000000000010000000900010073797a3000000000d30006003407ae8929b5d5805c2cb15c6832bdf04f6f732bf6c75790a071b67033b0bb7e81aac8c9ccb093263d99fcafa58fe6c7126fc1d2ccbc1888abd4a61e1818723b358b147b8836997950921d849981687e7eb599e28bd439758eefcbda6f7906db339e68d3869e4011ddfb254a2dda9b523f928b3626f8faa75357d4f9cb925df5cde675f9e8bb05e4f8cc9a0610fb2945b1b755b94883afb3697a7535ea5f9db3ce21c1f0cc3fb343e830c6a947f512c56b1a706b86e76bc58a075f7cb0322f7fa6fb5df1718361423df5cbd47608ca000900010073797a310000000008000240000000030c000440000000000000000499000600db2b252f3c9b3b419bda841c524cb69270214a733fee6d8e10561ce9d682ad271b8a317d699b2f000178b2aca7c7058e0df489887ebdcf11c4ddf03bc9b1284f5fb568bac9b64b06c9d8c2acf08c892fb2abeb7c72bc9c8fa0c7425b5aa3df8074d8412d67fad836b6cc1c0be2fff19dbd1830e29ae4bc6aaa4f42c244e40238dc8e2a247b1792a177693b55dc155f631634db5af90000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000098000000060a010400000000000000000100000008000b40000000005c000480580001800b000100746172676574000048000280300003005fad843dc5c1efe84ced18d4422d5b0b86e8441958d3d2ea41149f1e55359af069a2a5e039ccf56f068a5a0b09000100534e415400"], 0x2a8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.652295482s ago: executing program 2 (id=1340):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB], 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000280), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x14, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback=0x10, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000006540600ff000000185300000600"/88], &(0x7f00000000c0)='syzkaller\x00', 0x8b, 0x8c, &(0x7f0000000480)=""/140, 0x41000, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x8, 0x9, 0x8}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000580)=[r0, r0, r0, r0, r0, 0xffffffffffffffff, r0, r0], &(0x7f00000006c0)=[{0x2, 0x3, 0xe, 0x1}, {0x3, 0x3, 0x1, 0xa}, {0x4, 0x4, 0xe}, {0x4, 0x2, 0xd, 0xc}, {0x0, 0x2, 0x4, 0xb}, {0x1, 0x4, 0x8, 0x5}, {0x0, 0x1, 0xe, 0xa}, {0x5, 0x1, 0xb}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000840)='fdb_delete\x00', r2}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0)
getsockopt$ax25_int(r4, 0x101, 0x8, &(0x7f0000000080), &(0x7f0000000000)=0x1b)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.564217828s ago: executing program 4 (id=1341):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x4008000)
socket$nl_netfilter(0x10, 0x3, 0xc)
read$dsp(0xffffffffffffffff, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x40e0)
syz_usb_connect$uac1(0x0, 0x0, 0x0, 0x0)

1.46375377s ago: executing program 1 (id=1342):
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000100)={0x2, 0x6, 0x1, 0x880})
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000400), 0x802, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff15, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
getsockopt$MRT6(r1, 0x29, 0xcf, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
setresuid(0xee00, 0xee01, 0xee01)
shmat(0x0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
munmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="7472616e863d756e69782c00"])
close(0x3)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
sendmmsg$inet6(r3, &(0x7f00000000c0), 0x0, 0x4404c880)
socket(0x10, 0x3, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000300)="fcd0ce61f082da47f383913824c6f340ebe9a054a37f0a2bef3b47363c9cb3f80984e5dffa0ce840c29e51b73c45d13bac7d05c22e939848cf5f28e9a48b730b0adca862545d82c396b83f6b85289ec57e00e728bc7073b2d31eb21ab4f0dcfe0fdad6da1775c3b3d3d09341c492ca446e20594b8d722940658a4a1905a7fb5c2674f4c8baff574a", 0x88}, {&(0x7f00000001c0)="5d8b6f", 0x3}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.257499473s ago: executing program 2 (id=1343):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = fsopen(&(0x7f0000000100)='nilfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0x21, &(0x7f0000000040)=0x2, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(0x0, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x8c, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r5, &(0x7f0000000400)=""/4096, 0x1000)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[@ANYBLOB="280000d42e9fe2ec3e7c98bce7b1d88478bf36b07ee5095e2565c8c3dfe302f12cab3008c88bef88f8f3e7f572b6958ed72843a3b521aca65804204d5761f75b0cd672413790bd6768051c5860933d50c48742f07a16abc0a9c0d95311302f58f4fd8abb59d500000000000033dffc568f5499", @ANYRES16=r0, @ANYBLOB="01002abd7000ffdbdf25250000000a0001007770616e3100000005002a0001000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x8800)
io_setup(0x800, &(0x7f0000000500))

1.114221698s ago: executing program 3 (id=1344):
socket$inet(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001000810000000000008000000000", @ANYRES32=r0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

1.053673536s ago: executing program 3 (id=1345):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20000)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r4, 0xc008ae88, &(0x7f0000000300)={0x2, 0x0, [{0x250, 0x0, 0x100000001}, {0x25d, 0x0, 0xf35}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = syz_open_dev$vim2m(0x0, 0xa, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r5, 0xc02c564a, &(0x7f0000000140)={0x0, 0x34324142, 0x2, @discrete={0x1, 0x401}})
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(0xffffffffffffffff, &(0x7f0000000000)="2e000000010002", 0x7)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0x0, @local}, 0x2}}, 0x26)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c0000007be9d00210d68b8b2eb238629e72cc6d5e76b45d299a68aced96fc71e455593663486a443d7fc1599f9ca6113b7883b7810cac364c", @ANYRES16=r8, @ANYBLOB="010027bd60000400000005000000080009000200000008000c00a80a000008000b000000000006000100070000000500130001000000"], 0x3c}}, 0x20)
r10 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r10, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r10, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000080)={0xd7, 0x1000, 0x2000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)
lseek(r10, 0x0, 0x4)
ftruncate(r0, 0xfffffd83)

428.449454ms ago: executing program 1 (id=1346):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0)

331.328904ms ago: executing program 1 (id=1347):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000003c0)='subflow_check_data_avail\x00', r0}, 0x10)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)

330.070585ms ago: executing program 1 (id=1348):
unshare(0x6020480)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
shutdown(r0, 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mmap(&(0x7f00003f7000/0x2000)=nil, 0x2000, 0x800001, 0x80010, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r2, 0x26, 0x0, 0x379, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'wg1\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0xd, 0x5, 0x7, 0x28, 0xe, 0xa1, 0x9, 0xa, 0x0, [0x4e, 0xc, 0xdaa, 0x7, 0x405, 0x8, 0x9, 0xfffffffb], [0x103]}})
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r6 = dup(0xffffffffffffffff)
r7 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r7, 0x8008662c, &(0x7f0000000240))
ioctl$TIOCL_SETSEL(r6, 0x541c, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x30004084)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x14)

159.698631ms ago: executing program 2 (id=1349):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000abc010000000a05000000000000000000010000000900010073797a3000000000d30006003407ae8929b5d5805c2cb15c6832bdf04f6f732bf6c75790a071b67033b0bb7e81aac8c9ccb093263d99fcafa58fe6c7126fc1d2ccbc1888abd4a61e1818723b358b147b8836997950921d849981687e7eb599e28bd439758eefcbda6f7906db339e68d3869e4011ddfb254a2dda9b523f928b3626f8faa75357d4f9cb925df5cde675f9e8bb05e4f8cc9a0610fb2945b1b755b94883afb3697a7535ea5f9db3ce21c1f0cc3fb343e830c6a947f512c56b1a706b86e76bc58a075f7cb0322f7fa6fb5df1718361423df5cbd47608ca000900010073797a310000000008000240000000030c000440000000000000000499000600db2b252f3c9b3b419bda841c524cb69270214a733fee6d8e10561ce9d682ad271b8a317d699b2f000178b2aca7c7058e0df489887ebdcf11c4ddf03bc9b1284f5fb568bac9b64b06c9d8c2acf08c892fb2abeb7c72bc9c8fa0c7425b5aa3df8074d8412d67fad836b6cc1c0be2fff19dbd1830e29ae4bc6aaa4f42c244e40238dc8e2a247b1792a177693b55dc155f631634db5af90000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000098000000060a010400000000000000000100000008000b40000000005c000480580001800b000100746172676574000048000280300003005fad843dc5c1efe84ced18d4422d5b0b86e8441958d3d2ea41149f1e55359af069a2a5e039ccf56f068a5a0b09000100534e415400"], 0x2a8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

93.883004ms ago: executing program 2 (id=1350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x800000}, 0x18)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06e78b00000004000000060000000b000000000000001bde409c0562d692daaf14480ca39699636ec908e18ddd140ac73d22d7b02b84207c7404aff247d68bf633f3b40a499f3b12ee8209027470dbcbe3601038847c93af7ca11bea57ed5cec53b324ae5e4d82915a383fe4010492", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="58000000020601080000000000000000000000000900020073797a31000000000500010007000000050005000a0000000c00078008000640000000001100030068cd09e7a9d2acf1ae9f530a83766173683a69702c6d617220a0a1d3b939d325f3f6476e79f1016c8c8b6ac7da10a8174a7525b241ee2830673d77cf3727234fde7107e9e7"], 0x58}}, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04221f02"], 0x22)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x480}], 0x1, 0xf0)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @empty, 0x3}, 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x6, 0x200200)

0s ago: executing program 3 (id=1351):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
socket(0x2, 0x80805, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000002000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r1, 0x7a6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0x408c5333, &(0x7f0000000280)={0xfffffffc, 0x0, 0x0, {0x8}, 0x20007})
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$phonet_pipe(0x23, 0x5, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = inotify_init()
fstat64(r4, &(0x7f0000000040))
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
exit(0x280)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)

kernel console output (not intermixed with test programs):

[  165.692465][ T8258] netlink: 264 bytes leftover after parsing attributes in process `syz.2.420'.
[  165.698080][ T8258] syz_tun: entered promiscuous mode
[  165.700758][ T8258] syz_tun: entered allmulticast mode
./file0./file0fuse.

}
file0ßÞƒùm
˜#„èÖ‰!œ¹f›ÛªyŸ‚êÉ&jAcaŽÔùAC¤àò|Düï9  ³€^Ô瀘ØhœÇyØfHÒ8fC2”�‡†l�%�ü
˜S«Ùí`¹Ÿ¦®-½$«m¼ëÛRF�ZÎ|Å£²†HüÚ7M[ >Q×,EäÝãéîšGÿäXº÷»IQ5¨J¡ð¨?¢«íV9��Úÿg–4a”Sõ3ò%ƒ¦à¤Ü	éÞFhM^
6â)Q7Ï:LÐ]>]<Až8¨¥Pà‚©ÅýÌ&»^ŽEžt{ï¼\k`¬èô··Œõ~[9„ðÍÝÆÅàTÓô¡–ûmªbœð°$_•º•�†ÜVøÍ:Äs}Ã¥ÿq—3&5
ôFŽ~ÍHÖ‰¸,Ò*åñ…ƒ¡´ÏÞ�ÓG©�ÜÞ@ÑÄ�›P™ûÌðžx"¾K,ãj+ÃÉîyJ¿þr¥PlO?h·GaÿÖb	"J;ñe]­µÈ¥�;ûFƒšÆ‚_]‰‘Rë:XÀ݂ДùMÒÈVfö„¨ô7»ÐækŸM6a¶zM!,O¼(xHËx95ÕÖ±M™¢ãߎŠ-]é›Îüªµ»\Ç=Ýf³yÁdŽ(¡€Ó®ÌT#W]K§ÛóÇÚ{‡ÝEKnüÓl‘ª¦1[؇#Ò!u/+ÀǬl\zÖtzô
¶Óž«{’´FƒÅ†8jÐ
Ï`û�›¬Unµº·1{]‰öM±Ù
�úmeÙ8bèQ¯¼0ýpþ_ã"F Er1…,¨NxÚOêyº5C3l‹Ç}0Š�%jìEÒŒf‘ÓùªÂ�í6Jeî䛩YœîèE4»aÐ-¦s/'×)b÷KYóR+øDÅ)†ÕY4䋆�·õ·S#‘DŒ®ï1](2
FؽxTNKù”áJQœ&Tÿ ´+ÛiÂb‰~(ì¥(ð™˜@°Ø%e—Ò|ü ×_@лÊuŸu”ÆJ¡áj„í/­Ü0:a"WqO‚:ü^¢AÔ‚ÓXWYb:øÉ|¦¨J 3³×1N ï{©²ˆ³b¢”É,‹—6‚œöZàJÊ–]q"’'E•êbÉ‘Ž‚yÉŸ](0ÆÅ‚ýtR3
„¹B�^ÁÕÍuÝÌmã2oÜpè‘K;
<0ÿÌúó0�–q°k
“¬ RÆó˜¦b�Ôj¬ûP¾ÇÔm
ãçDó¼Ã'Ã]Ä<økt=·�ò哱™##^ÖF)›q�á„§H“]ÿ”Pû³s³{ù¯\†Ì�ž"šƒ.Nò^Éq+>�bHYv€¢Ñr8`)âò¤€—ü ¡5í¬õݺŦ.‹±=ÑW&W¨!¨s’—÷.)#�Ýß>0Ëé¯1Aò'^ä®…ØnȈþšgQòR~•¸¾°UâvC•�¯î“ÍDñé/på÷%E:¶b‘�û±&•	ûÕéZìq�`ÖC†J½jÑÌM×ù37š`x¨l!XÛ€vç¶`6oÊ{FÐ�,Žg¦IKûL,gPçe“‰[^++Ç€“„<J€x&¼'P©kNÕ¸+I+²!UÉ dÑv<7&å.súÃôQyS®ìû±˜àÚzûêžê òVêíËša÷Ðê\Ô–�EË
HòȈÕÂ!|ðöšuw˜ƒµsR»ˆƒÌXH‘•ny%7OOÄ3z¡››öíÙ9Ò‰ûJkz¦Æm¢tâIÊOw�<‘šŽL8¯jÞ̇ÕHÖ`#ÿÿ$oN%V²þ�¬ëâuñÞo&[m…¥5"9kðâò±SĘä‹6Ño‹›ÕoE×õ¹9}9zm­hèh$Óá�â|�Âþ¹\ƺ†­GñáY½C‰ã«(t½'î¼VM«™s±?>‚ªb§à¡Q×=䌸ã+æ?ý0?Zn¦ð—ív?¿6Ä0‚EFÞy’#H5Lâ…¯	—¿<fæï”.$¸ñÌÝT/	Ïæ\ 	L_Òk¼8´^Ò˳�î)±
Kzi`	ᵸlDÀ¥a¢WÁTþ®±C>¢uínK"…þqîYBfQdú®Öiq kàþxc®½K¾•]ꢔ۠y1–8_MQAÉÖÄ°ú"²âÏ·R¬£UçZWlËŒË[dtŠ©�í»�¨±®¼g¾vçá—b-˜€BŸl¥\[;æºÎ‘‘åÅ�¿qõ”ËýM°éö’?Xÿ”d¦r
]O	Æ"ÃÎ?]:�ô±nž¯6ÃSq\ÓR`V¿ÐU]QÎ\@»Û|•Î®­­¸�)tÞP°†3H8dõêh.g‚† jo9jòš|³:5yâX5–6óÀÔÏ6�…•š
ÞÚ”ÓX$oºƒùgX?q=wƒ2<péL›ã1ø`Û9]½æúÎ[ý¶üï©Æ°icÚ¨@£õT¤XÀÅµàŸ‘õOc#E‰ÞÊô[¿ºïËÿJææ\¢jSađ¨U¡×F3‘ɶkélòL<2好ÈWöX&ƒÆ®7u¶*Ÿÿ�¥€ÊŠ*<mç�õr{¡ %çær:#¨|¦åL{8ÿdˆ#]!çîRX•=Ëùâ©bðÊOþ‡Y$,…ºä"+;rÄøi47›¢êÑÜÞ�bA¹”Ù\ˆ5Zõ©£
Îœ“:iBóA­"Ø%„j�ÔLâê©1&áZ×˺–"ï#×ëº4ÎÅï	±Îr�J—ã;ÒŸ=žÈ
OEÑÒ”†¬ÏÁ€ØIçbog‚u×Ǭ°,ÀæãK·fºkuíü©5.	ö“�ÀEÏÈBÿšÞŒ¦“À­Çz”nnW:ü[P–A9]ÚÜ-Y H4�Ô/Ïãɵ®E?P†»A»¤È£åãUK?’0%ÝrÎËô1—‹4¨T|q×19’Px�<aÓ°ÙF”Éý—ÌߢpûlGìˆa¡ÈÙ	î¬çaµ k¤n%x_ø†ww«²7ÆÉ€hy‘ñí
WÕ„’&q,ì4Áü	b9UÛMP�¶è@œóÃÇ�iôûÀ²%
mÍEiiÍ2åB•3¿o‹Ú„À_ @Þ‹S¿¸gnìKvÃßoF±ä72]ÚW~uö@wjéÒñ¯BºF-¬s Å™¿ï
¬Ö ÔÑykË�XQ�ošÙ£ g©MG%¹ˆDìÒæòŠIªD�¸yrü™Z—7™Tn¤1Cê,÷y©Ëèè‘)Û6I!d«%˜ì§æšicغ¨g)Û†ä ý–Ö�±Ü+3›W§@Jå·uêöØ]É4æ¿+KÕŽà´ßW¬ ÿ�´Z˜+W–Cˆ$Q¢çVÜvÛõ3è>H¿µÏ*x¨“xBauÁbÿªrx¤;™21�Á¸ËúƱ­#[‘ùËv#±U~÷¸v£Ãv'ª1êþÑAÌT‘Äö!¦kmƒzMxqœFQ “Ïeüéú¾[ÖÔ™ìëcSŽÎ<ñ�SU
#›ùxÀŒ‡Ÿ™THZN>[í¸K@|í…ÄßÄ×Zñ�Y’ŸÉ'Ä©�ÊäüÉþ¹ìU^ÐB0…S”ÕÌüŽÒdØø;åÞ»p)5Gð~MÄ(ñà
yŽlîâU‹oøÁuŸ�&žâ&3+™¬�ÑÉ ˆáùÎ1˜Àõ›ûuÄ䦗fíC¢œƒU-ãÎmΖúQ¶â0q¤éD"Ñ^._gÚ|¦Êæ¾×t>¿úËŠ�6y#!�¥èr÷bÃÇ6hðԘö¢k®iŒ÷�$ÂÛìÓ™¡�æ¸ÐhN’Ÿ.€ƒv^²Æw“¡­»‰ÓkX¿±—ÍÅóÈ”¬�ˆn�;	6ú½#<	Þ�«€™÷*tÙº\^M9yùä[qU‡·É7Çf�ÅÅüæ!¥:ŸÐ;
NæØÑ«¾.Õa‚
wñ*ÊÐuU@«mÑ`K|0¨e)•«€¸^‘�Þ”8¤c~°)$íKt^x,ÿ˜Q°;çœ*�5¿'e„×\Ý–¹É~sëq:·ÃÁœ,«D—)�Ë0RµÔP=çó1‹æøHT{OM¸,®á�€x¾(P6ªM‘ò�Áó–4>s¥þ‹µÌð£~Ñ÷zÍ¡¤¤�Ìü«�]yð÷ˆ¶Õéø"Š‹ÍÀinkõíÿ¼×éPœ‡ûá÷&¹;øÆØÓt(v>%`Älž‰Os…�ÂZ¼O6‘ëÍ
qàÔ‘]—¢8šíë²ëG\{E_Š¨Q“µÀô;CLÞ
aM&FÍn67óI¤4§WÁÅÖ˜E-™&xÜ¥å’ìÓÊü­„äé�KJÜR[�½hCBˆƒ:n¤ 8È¿µAÿr€'J4ÔÏ�Ÿ-ºágÊ®„qÄ•à´Q”­‘ÄQo!˱&ý]sL×r]õ³ûé)Uô©»;›�:îÿyÖí]¹-ïÐ`¢ÃìŒBÁxo–Å
rI°?Ç’vCf‰J52™Ð¾ùýj$l6£Wƹ…܃£z�›‹šÖCÞ©H`Ëçc»sÌ„"¶�M3"BÈ•@uûq¦g–86«Í´a˜U²jñ`df³SE£¿zâ�Ö®"Iñç¨FBxºáH`"¼ÇÃs�ÈÙ ï°áÏ ÚŽ÷¥àrùšGìÇ^ND(€7Q“ÛI»‚º4�†ÊG>Õ¶>@HÛMÄUçK?Ý.x˜Ê?L:Ô5ÍæêdPU:}Ï"�BW
¯ÅXYõyTçÕŒt†±à*Ál·™·v2Æk·ŽnRáÁsd$úMC?´È�Ò?*Õúã®$3�ˆ�›IjÙ{Ùöâ
…—ÑE*rÜô=»Ú�e…Àm!ûÿåþ{U÷›Ÿ4 +Ð\¦<|ë»�ÒO±‘°Lf]EMÒ‹…Ø!Î~a1‰–x^¨Ú¼H™±&q}ZXí6;�K9Ð/ŒÅãPûð£H­ìÑùâÊt›Øo^´Ž›FðPÞÖB”yF÷øŠš
Fƒ­„ÖN9S¼M�Ì3K—e5)Öh*‡¥úÈ
mFÖç/Â.X¾{�†³7.òb!«ÄHqq²W¬ÿå]Ç…^ž‡­—zg’²1Zž´FŒhd›`ÀÚ·
jÁ­cÍ€¶ì¨üˆ±ä&:ÌI’UÁkHz
øX_œ‰-ÈLAFå¥g|J,²KÞ^‰…J±äÈt’çk~oK½qØK«…Ép(Iç÷(wk”¨ûŒ| aïo 2¢�”›þG?â';‹[:Õ@ñ‡Ic}̼¦ö/
zfq|YlÞôòVh^Þ–{>æ‹Œ•Y®±×VL;�€k,èX8“§™·�~�¾­®0ÿÀ²¶8,ÅQ¤Ee �³QkãyïVj°g?تîìÜñŒ`é¤w¹á7WIŠDÿ“QÑòz¿Ÿ×hù$PFGÑ$wʆ¾bArÃ"mfë+$ŽË>]ܨ›(|WQì@üø�€,ô6Š†ó à4÷¦}KÅI^‡ìßà/xÉ¥š;ù»cd>Àdç´GnÄãh[ú;þžùìÁ-͉š¾<´hh
ÀÀ©Iª&¾Õ}õo+ÅNñš÷ü¼{iuô*Jg¬ù€µh¬²4/B$Ÿ|ãR|+	`dìÒPˆz”-&ö7áÄ–YÒF*hh°C‡£³™ã–¹þtÞ5a%úGТ'7¿6§›oÿ­éC�ÖÏÿK¾Óïï¶Iã/“]b0|º6šÈÂoãÔ…|æÒ@ìåäÑIðXqU¨5Ìï®/ñÛáR¨$™¡™møµF.áp²„2v»åÃôƒ‡dM•ð‡Å˜ãÔo¾'ö?§„½¢9Q!B@E¢ÅÛƼ6bÊs
†Ñ<øöþ'C"L§µ5Êö´p}®œúÓ×)
»º¶ d®n�š	Ÿuûä|žeMŽ;�ÀóÛÿè)æÅoz$VQ6�*…Y«VZ™‘Ʊث̔Ƴ;º1OnP`æWäd–šUÖÅü ÿ]žO@í¼,’~±í•ï%ôå¬Ë¤™“"º9I“ÝXuC:"ƒ\ýBýwýF€·þv}z¥Ã:ÍàJe½:f?ÍäÈŸ*ô˜ñ;ù«º¡Á&^Üi”«ÜÉ"pÀXÍ*�ëï¿ìžK©®\Þ!›“,à4¶Í_¾œû¬O~$ï—fOs
|Ã`<�ÍxÛ%ü4Ybž¯ ßÛ,~P*¦”8„z�%M[ïÄQÍ£`oÈ®bà®é(ùí!רӉžD^àdV=2÷¶»ZÑ—<õ(Ù³)ìg�\mß'Ò¦ÿ§2‹¹“@|Þ=aYýIþF’T¸L)Úê�ùÖ›ï
ŸQ¹¼á“ãxƒ[‚ê_`ÜÝtR·¨ ®|ÖÜ)׬jldq–3‹v‘F²£…Ò‚¿ªæfﯫ-‰¤V{”`Ì"×RøéªÊª·ÈHyõ5–bÕ]öWBtQÇEtÎ×3€|»TWA’9L=ê½ATÐåh�WÃ6ÚÉQùj5ŽœFj\Qó¦2á„õ^ÞôÜÉr–;ë•ß	Þß„‚`ËÁëýÇ@‚êºm,Q’ŒÓ|LŸ2»	”¥iGÏÙd0VÛ]¾¦
$�L“+ÈæE²ì.¹¼Nž/AV)24Ð^pË&¸£p° lukÚmïÁ^³†dSZOûqAhÞüm‚ô�[¨v…7êÕw<S½wœ¨™¢Ý1É…iÿQÂû¸7\;=ɸ(¿ÕP2Šß5�qèjIûŸ^ùàl…\¿ÇѦ,¢êe^Ù¦Ü{¸±†Vè’?Ç¡p*³iGד„Ö�Ã#éŒô	÷v¼+!š|Ížuj�Z£Qæê®�wŠ?–Í\fä×z5y…Un37Ø¥Ã�à×o@�¯éùšØ —k3BõT³t´º©§ò!$Ò¸'IDn0ÙyZËœ<:0Zm':Å(èéÉ\7§Žv_Ý¥Y‚–¼…¡OÀ•§‹FTîmü2˜tšcš¹ÈáU¯:wø¤ ÃS"ùÏ€`U
wMw×2³´Ê[ĤHŒå•|â°2®XRst��±žÜóæËš“ì$äk<G/›¯<¤l¸¹©ñŠÎ¾}ƒ½DsuO&€m¢ù[ž¤‹4$`¯rš±^Ÿ>Úgþìd_˜]K”‰ÏlîÁ±Ð¿FÇKå<~¡r–ùŵˮsd‘!<“µž½ìüÖF׸ln;^(�+¥†|“n{Ñ°å!‘ë†0ÿ‚̯²zY)Qdu¿tïñåâ«ß<“¼]É�Kè;%bGy5âú0Û~»nÀñ˜øÅëqÇ0³U¡Ý¦H«•¶<Rž
–ÎÈó†€"`‰’mƒ	yly™Mc¶{ûbökJP/0í¾Aè–è‹ÄZ
Ro½_.gs"ñìW@×V<Ò>èSÀ¸I˜ã�ß…V[  166.262101][   T75] usb 42-1: device descriptor read/8, error -110
âŠS%s•n|ùÊ$\)Z=^:™êraÑ(“´5ÔÈòõÌàj0‘â¤)‰uÅ=u)·úô-+¬�¸Õ6iÏYÇ	Â^ž@µþ®ÔÃ}Þ‹„Ä–q#&ûjªèvk@·$€ó—ïaÑÑ)gmòGŽw�‰žÓBnÃ>ImÝ.Âq(øúî’‚ŽÚrÖ®è3
yˆêȶNÄز	�†LÅ,KæÐ0K‡Ù{ÿÝœf§@µ"0‰Ùóô«íÅ<v�«’ ¹€æÁ�_ º‰”̈†×½î!4BôVןδ�¿`
flŠÞ$Ñæ2‚QÏ{W¦(\e
˜Pó’±Âšì\�ĉ£��`ÕÞ7}L¸îV%·À,]PÒ¯3—o.*A o’)îõ‡ŽÙŸkç鈒Mºë„Uö'^†˜Ù?µ6âÈ9²ªi¼ìíÛùÅ?ŠÝºSÕ ÷¤ršB¬n·Wñ´­J
GTasæ/v!ë©áhÌëHà£
·¡¿qÕgBÕð4ò×%çêh Û±únïäî	8sÞ6m4ô$ '¢\[—œšÄ}Ñܶí‚Ä®à�Ì#Ï2š†Dø›\ðVƒ“K7WN›9³	òváZ @•Ÿß8Ê?Z±~EfhÐ`Dã¡?:
ohWžPÕ°O�{ÏÍ烖Ï0ð±ß÷m׫ZD²ëª÷;”\WP)®-Î rI‘æU
UÞÖ¤&r`Ÿ$9Ū´ˆ+/ú÷Úx{qÐ]QkÖŒo�y¶u9XEòNèSøwç,¶Æp/{‡uÊú»¼ô
Ÿ{Ìð!1ßÆjz÷ž’¢ÑËá².	çãì¹ÓÂEÂ*W¿à›×5ö6ÚÂHŠà­Çˆ^Üe]ªõ5áޖ̾xiÕ1Ø¿=µûÑ|w#2£øÏ.à .¹š6 ø×!˜ˆ¬»W	Úó²Žbèü.Â7½ñ…’§¯äØ9Ë^Ì1¿Oy~oW	&\ÂèÄY·ÚQj½lŒ[À¾-/PZe7bfV:ǵžó´âW
l°½”ÔjØa1|t<áÞ¿¢)Z˜ÍÞÔAM‡¡XFu»ßs¢,¬J�Emž`Ëý�;ÑÚÄ�ÛIú]ˆ
ÐûD´¯ì«Naú8¦gˆ
Ø9S¾{YÉß×ù7x:è óÇËï§Ò)£|õ#Rž›Òâ@b›d¯-@Gsé‘ zr,2!Î#ºí|¾@¤@Åh±"Ϻ�’þG�…­ËÞ¬·ml¿$‘êúéƒ'²xâg‚Ðnù°2Ž$lØÆ;“2)‰¼Ÿ˜žÿÆuÇš‡
À$uloZ~2º½ib]aHzç9”�·ÐúÞ}p­›W0
-Þw«¯ôö:…5‰ÔNú–ŽÓeaðD­Â'ük/�Lêщ üÊ›.l½åI†Rà³¼�‹y!GDq�ë\ÇPÜpõ©± ®,d ¶¡¨«r+N9àÈiËÜ`ÉF_]VMº/[;ÃàZE‡Dt0Åêà-Øð¦]}ØÙÙ¸qwÒ#šWxq”#û*ì|¨n°|9Þe£K˜�e7ztsé_ו“éi3¿:€$üQ�›ª® xoKFü£UÿÌö\Ì­–0š\Ï VÝT,’˜PÌ‘ÍeYb6ãUz³û7ƒ(÷zÙÚ$D}?¢8.Òèì•) sCLd°·ÃZ ä«QÍÉÀòf«%¶˜C8 º‘`(;cl]~Š?–œáÉ›T»§ÿ6yûîË·IðvH
†|ÄîL¬®£œ€öBS5™Hm/ûw¸Éš�%úåŽÊvO}VFž¹Tp6»ê�\=5´ÁûÃÓš7,+zÑ„–\­8È’�ˆÐ	I”œL“Ó
ÇöfRGÀ‹Ø�ÿ:¯ç€¬fþ¿¬ÈÆ£Ì8}	ÚmçHz€âÈÕmùM~½>žAl_~¶ÚAÆõ)—µ­Gº˜Ra?ßëJ((²HöRﶫ̫.±a¸x¹ÛÀª‘¶özݨ<wH×µ$ÿæ8HŸC-Y.aq½œË,Õ/—qCõ¿*°¸#ÔI®Uð$@—#44LÚ
ƒ{“¯¤ôj/Þþ'é'dÏ•–xFÞ.;¨>bîC±ÀZîg^%65­ßªhçÅ>Ö…A?[©Qñ ЦFät‡,�娇FLøF
èÿÿ$ËQÝ-Ê(Õ—«.¦	IøÛ¾gòcç"ýµÎN2Šõÿáö;�¦Ô½T�–D™²R.£#14‰>­f–b¦j±:ßÏr^ÑC9Ä`Àà@#†´|ÙùýøKÈ^tÓ®|ÅDäÖVp¥T¥7q,né÷Q‘c*LM oÄ#±Õ¸(× 5²—Adõ*¡kîpîP’Pu/OÝkŸ�C߃ h*o€ÿg«zL[;{c€°Çðʦ{ºq1U£·U¯,q†8”8a]ø{%Js?É%¶&‚‡3Àñb]ú Œø=ðC	K{Z	‹;6øµ°ñ
{ø®5y“,
_ ‰…º³Øùu(;ˆ8®\·	¾rµ�÷B^ŸÛôàîQ³Ú
þD–<–ºî^Å�šØ�`óíÙt•*ø³¾Î,/”E“ôÞ}åà]í	k�OÖ]ü.€ox"„³ÛVO±/N^�^«1e‘ðé7LÎŽxrc¼8'¯þg“Á0¸b;»*†ý‡ðpê!q‚�îzìK³»q¯KõrìÑ9ľŒ�ôì�û	¥Ï†¢]9ú©ðd©—Âó4äA	ü;Mg­¨Øz8Àøk¿e=Ý®µ·[0‹Ï×’…‹ïŠ²>4!“œY!)dÉí]Õn!]µŒïSÓ–k¸ÎNÕb‡þË:…ºC^A²¡KœŸ,Iú{¨žÄ~ïé’Ö>✌
Î&dþèí­Ô66¥LHQ›OÏU°Ù6¹$A¥ø\øÅäÐõ�_�70™4½xû¬ð ;E(ÛO|	Þ}
«¯Ê76¸%œ�Œ£8ÊgTàtwÂyMfJ¬ÁéÅ'd£æßsÙuc†0·LÎlI±ºÁdTéhRÄùØ펆ÒñÈÜ3¼ÍJ¾�µèV„ÝÌXçDAÍå�ùð˜|ûuµ¿îÕ;ÿhh˜kVmw
ô�ßÊËÓ%ÈÙ0¼ï&q;ö…ÕÉ‘â¦Ì3̼'÷Ýû¡�™„—Âë7ŒÈòÌ¡´ñAÅàûoRá‚Bå¼öÝ ã:F�jOÕç-©Ð¼Î/ž�ÇÑǶË6(~Êh-ûÿÿsß[  166.695310][   T75] usb usb42-port1: attempt power cycle
[  167.233596][ T8293] sp0: Synchronizing with TNC
[  167.267786][   T75] usb usb42-port1: unable to enumerate USB device
[  167.909562][ T8290] [U] è
[  168.910955][ T8330] debugfs: 'ttyS3' already exists in 'caif_serial'
[  169.347868][ T8334] syzkaller0: entered promiscuous mode
[  169.350826][ T8334] syzkaller0: entered allmulticast mode
[  169.618985][ T8346] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  170.131495][ T8370] netlink: 'syz.2.440': attribute type 1 has an invalid length.
[  170.234205][ T8381] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  170.237143][ T8381] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  170.243225][ T8381] vhci_hcd vhci_hcd.0: Device attached
[  170.505781][ T6107] usb 40-1: SetAddress Request (2) to port 0
[  170.508646][ T6107] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  171.200243][ T8382] vhci_hcd: connection reset by peer
[  171.209952][   T60] vhci_hcd vhci_hcd.1: stop threads
[  171.212949][   T60] vhci_hcd vhci_hcd.1: release socket
[  171.224291][   T60] vhci_hcd vhci_hcd.1: disconnect device
[  171.928246][ T8406] kvm: requested 162590 ns i8254 timer period limited to 200000 ns
[  172.358461][ T8442] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  172.361129][ T8442] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  172.365045][ T8442] vhci_hcd vhci_hcd.0: Device attached
[  172.388074][ T8442] random: crng reseeded on system resumption
[  172.445157][ T8442] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.675722][   T29] usb 44-1: SetAddress Request (2) to port 0
[  172.678435][   T29] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  173.541525][ T8484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'.
[  173.544743][ T8484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'.
[  173.632353][ T8489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.463'.
[  173.641633][ T8443] vhci_hcd: connection reset by peer
[  173.644304][   T12] vhci_hcd vhci_hcd.3: stop threads
[  173.647557][   T12] vhci_hcd vhci_hcd.3: release socket
[  173.650696][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  174.883781][ T8532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'.
[  174.948540][ T8536] FAULT_INJECTION: forcing a failure.
[  174.948540][ T8536] name failslab, interval 1, probability 0, space 0, times 1
[  174.953189][ T8536] CPU: 2 UID: 0 PID: 8536 Comm: syz.2.475 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  174.953206][ T8536] Tainted: [L]=SOFTLOCKUP
[  174.953210][ T8536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  174.953216][ T8536] Call Trace:
[  174.953220][ T8536]  <TASK>
[  174.953225][ T8536]  dump_stack_lvl+0x16c/0x1f0
[  174.953250][ T8536]  should_fail_ex+0x512/0x640
[  174.953273][ T8536]  should_failslab+0xc2/0x120
[  174.953315][ T8536]  __kmalloc_cache_noprof+0x80/0x800
[  174.953338][ T8536]  ? sctp_add_bind_addr+0xae/0x3f0
[  174.953365][ T8536]  ? sctp_add_bind_addr+0xae/0x3f0
[  174.953386][ T8536]  sctp_add_bind_addr+0xae/0x3f0
[  174.953412][ T8536]  sctp_copy_local_addr_list+0x349/0x550
[  174.953442][ T8536]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  174.953472][ T8536]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  174.953501][ T8536]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  174.953532][ T8536]  sctp_bind_addr_copy+0xe0/0x530
[  174.953558][ T8536]  sctp_connect_new_asoc+0x1c9/0x770
[  174.953572][ T8536]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  174.953591][ T8536]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  174.953609][ T8536]  sctp_sendmsg+0x157c/0x1e20
[  174.953624][ T8536]  ? __pfx_sctp_sendmsg+0x10/0x10
[  174.953635][ T8536]  ? __pfx___might_resched+0x10/0x10
[  174.953654][ T8536]  ? aa_sk_perm+0x2f2/0xae0
[  174.953668][ T8536]  ? __pfx_aa_sk_perm+0x10/0x10
[  174.953680][ T8536]  ? __might_fault+0xe3/0x190
[  174.953696][ T8536]  ? __pfx_sctp_sendmsg+0x10/0x10
[  174.953708][ T8536]  inet_sendmsg+0x11c/0x140
[  174.953722][ T8536]  __sys_sendto+0x43c/0x520
[  174.953735][ T8536]  ? __pfx___sys_sendto+0x10/0x10
[  174.953759][ T8536]  ? ksys_write+0x1ac/0x250
[  174.953775][ T8536]  ? __pfx_ksys_write+0x10/0x10
[  174.953792][ T8536]  __ia32_sys_sendto+0xdd/0x1b0
[  174.953804][ T8536]  ? __do_fast_syscall_32+0x9a/0x680
[  174.953821][ T8536]  ? lockdep_hardirqs_on+0x7c/0x110
[  174.953838][ T8536]  __do_fast_syscall_32+0xe8/0x680
[  174.953857][ T8536]  do_fast_syscall_32+0x32/0x80
[  174.953874][ T8536]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  174.953887][ T8536] RIP: 0023:0xf7f81579
[  174.953896][ T8536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  174.953906][ T8536] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  174.953917][ T8536] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080847fff
[  174.953923][ T8536] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000008005ffe4
[  174.953929][ T8536] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  174.953935][ T8536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  174.953941][ T8536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  174.953955][ T8536]  </TASK>
[  175.605607][ T6107] usb 40-1: device descriptor read/8, error -110
[  176.018180][ T6107] usb usb40-port1: attempt power cycle
[  176.586402][ T6107] usb usb40-port1: unable to enumerate USB device
[  176.723265][ T8576] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  177.756079][   T29] usb 44-1: device descriptor read/8, error -110
[  178.297376][   T29] usb usb44-port1: attempt power cycle
[  178.344566][ T8593] =======================================================
[  178.344566][ T8593] WARNING: The mand mount option has been deprecated and
[  178.344566][ T8593]          and is ignored by this kernel. Remove the mand
[  178.344566][ T8593]          option from the mount to silence this warning.
[  178.344566][ T8593] =======================================================
[  178.370581][ T8593] netlink: 20 bytes leftover after parsing attributes in process `syz.2.489'.
[  178.374676][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.2.489'.
[  178.886114][   T29] usb usb44-port1: unable to enumerate USB device
[  179.051317][ T8629] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  180.395979][ T8656] overlayfs: missing 'lowerdir'
[  180.400195][ T8656] overlay: ./file0 is not a directory
[  180.476108][ T5952] Bluetooth: hci2: command 0x0406 tx timeout
[  180.477906][ T5956] Bluetooth: hci0: command 0x0406 tx timeout
[  180.485603][ T5956] Bluetooth: hci1: command 0x0406 tx timeout
[  180.591613][ T8664] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  180.655064][ T8667] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  180.658225][ T8667] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  180.661867][ T8667] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  180.934381][ T8671] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size.
[  181.945783][ T8697] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  182.295419][ T8716] overlayfs: missing 'lowerdir'
[  182.328748][ T8716] overlay: ./file0 is not a directory
[  183.400024][ T8749] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  183.530949][ T5946] Bluetooth: hci0: unexpected event 0x03 length: 13 > 11
[  185.818553][ T8810] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  186.133879][ T8812] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  186.136589][ T8812] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  186.139864][ T8812] vhci_hcd vhci_hcd.0: Device attached
[  186.174253][ T8820] vhci_hcd: connection closed
[  186.176593][ T4856] vhci_hcd vhci_hcd.1: stop threads
[  186.184559][ T4856] vhci_hcd vhci_hcd.1: release socket
[  186.187297][ T4856] vhci_hcd vhci_hcd.1: disconnect device
[  187.246377][ T8847] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  187.298138][ T8850] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  188.116021][ T1338] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  188.256906][ T1338] usb 6-1: device descriptor read/64, error -71
[  188.504171][ T8881] overlayfs: missing 'lowerdir'
[  188.515302][ T8881] overlay: ./file0 is not a directory
[  188.539473][ T1338] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  188.675597][ T1338] usb 6-1: device descriptor read/64, error -71
[  188.786223][ T1338] usb usb6-port1: attempt power cycle
[  189.135624][ T1338] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  189.166233][ T1338] usb 6-1: device descriptor read/8, error -71
[  189.408989][ T8904] netlink: 48 bytes leftover after parsing attributes in process `syz.3.557'.
[  189.425566][ T1338] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  189.456094][ T1338] usb 6-1: device descriptor read/8, error -71
[  189.518039][ T8912] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  189.575934][ T1338] usb usb6-port1: unable to enumerate USB device
[  190.737709][ T8936] netlink: 28 bytes leftover after parsing attributes in process `syz.2.564'.
[  190.740914][ T8936] netlink: 28 bytes leftover after parsing attributes in process `syz.2.564'.
[  190.960844][ T8948] netlink: 'syz.2.564': attribute type 10 has an invalid length.
[  190.971928][ T8948] batman_adv: batadv0: Adding interface: team0
[  190.974089][ T8948] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  190.982922][ T8948] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  192.105181][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.186674][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.466849][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.487766][ T5301] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  192.494213][ T5301] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  192.497733][ T5301] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  192.501701][ T5301] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  192.506677][ T5301] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  192.590740][ T8982] Bluetooth: MGMT ver 1.23
[  192.711022][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.820501][ T8976] chnl_net:caif_netlink_parms(): no params data found
[  193.171923][ T8976] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.174952][ T8976] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.178580][ T8976] bridge_slave_0: entered allmulticast mode
[  193.182342][ T8976] bridge_slave_0: entered promiscuous mode
[  193.187108][ T8976] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.190277][ T8976] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.193325][ T8976] bridge_slave_1: entered allmulticast mode
[  193.197357][ T8976] bridge_slave_1: entered promiscuous mode
[  193.221071][ T8976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  193.228623][ T8976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  193.257521][ T8976] team0: Port device team_slave_0 added
[  193.261994][ T8976] team0: Port device team_slave_1 added
[  193.291057][ T8976] batman_adv: batadv0: Adding interface: batadv_slave_0
[  193.293991][ T8976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.321841][ T8976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.336389][ T8976] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.338951][ T8976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.355540][ T8976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.486761][ T8976] hsr_slave_0: entered promiscuous mode
[  193.495264][ T8976] hsr_slave_1: entered promiscuous mode
[  193.499425][ T9025] netlink: 16 bytes leftover after parsing attributes in process `syz.2.579'.
[  193.514478][ T8976] debugfs: 'hsr0' already exists in 'hsr'
[  193.517866][ T8976] Cannot create hsr debugfs directory
[  193.724017][   T12] erspan0: left allmulticast mode
[  193.727639][   T12] erspan0: left promiscuous mode
[  193.730678][   T12] bridge0: port 3(erspan0) entered disabled state
[  193.738853][   T12] bridge_slave_1: left allmulticast mode
[  193.741355][   T12] bridge_slave_1: left promiscuous mode
[  193.743670][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.749689][   T12] bridge_slave_0: left allmulticast mode
[  193.751581][   T12] bridge_slave_0: left promiscuous mode
[  193.754070][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.781461][ T9040] netlink: 'syz.3.582': attribute type 27 has an invalid length.
[  193.950811][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.955135][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.960111][   T12] bond0 (unregistering): Released all slaves
[  193.987549][ T9040] bridge0: port 3(erspan0) entered disabled state
[  193.999245][ T9042] bridge0: port 3(erspan0) entered blocking state
[  194.002150][ T9042] bridge0: port 3(erspan0) entered forwarding state
[  194.012496][ T9042] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  194.565745][ T5301] Bluetooth: hci2: command tx timeout
[  196.032976][ T8976] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  196.063619][ T8976] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  196.275177][   T12] hsr_slave_0: left promiscuous mode
[  196.278409][   T12] hsr_slave_1: left promiscuous mode
[  196.281396][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.284643][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.289711][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.292979][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.309574][   T12] veth1_macvtap: left promiscuous mode
[  196.312118][   T12] veth0_macvtap: left promiscuous mode
[  196.314741][   T12] veth1_vlan: left promiscuous mode
[  196.317774][   T12] veth0_vlan: left promiscuous mode
[  196.635687][ T5301] Bluetooth: hci2: command tx timeout
[  196.820166][   T12] team0 (unregistering): Port device team_slave_1 removed
[  196.848350][   T12] team0 (unregistering): Port device team_slave_0 removed
[  197.185351][ T8976] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  197.194804][ T8976] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  197.285539][ T8976] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.306734][ T8976] 8021q: adding VLAN 0 to HW filter on device team0
[  197.311736][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.314103][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.324137][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.327419][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.485342][ T8976] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.642066][ T9124] erspan0: left allmulticast mode
[  197.647217][ T9124] erspan0: left promiscuous mode
[  197.649112][ T9124] bridge0: port 1(erspan0) entered disabled state
[  197.657643][ T9124] batman_adv: batadv0: Removing interface: team0
[  197.665254][ T9124] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  197.706634][ T8976] veth0_vlan: entered promiscuous mode
[  197.715328][ T8976] veth1_vlan: entered promiscuous mode
[  197.741701][ T8976] veth0_macvtap: entered promiscuous mode
[  197.752505][ T8976] veth1_macvtap: entered promiscuous mode
[  197.776880][ T8976] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.791734][ T8976] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.808654][ T4856] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.811576][ T4856] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.830625][ T4856] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.834089][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.881955][ T4856] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.889634][ T4856] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.902426][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.906614][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.962922][ T9143] netlink: 44 bytes leftover after parsing attributes in process `syz.4.574'.
[  197.966763][ T9143] netlink: 44 bytes leftover after parsing attributes in process `syz.4.574'.
[  198.053158][ T9143] nbd: must specify a size in bytes for the device
[  198.715663][ T5301] Bluetooth: hci2: command tx timeout
[  198.889657][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  198.891866][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  199.446228][ T9174] overlayfs: missing 'lowerdir'
[  199.450584][ T9174] overlay: ./file0 is not a directory
[  199.920186][ T9191] FAULT_INJECTION: forcing a failure.
[  199.920186][ T9191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.925364][ T9191] CPU: 0 UID: 0 PID: 9191 Comm: syz.1.606 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  199.925391][ T9191] Tainted: [L]=SOFTLOCKUP
[  199.925397][ T9191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.925408][ T9191] Call Trace:
[  199.925415][ T9191]  <TASK>
[  199.925422][ T9191]  dump_stack_lvl+0x16c/0x1f0
[  199.925454][ T9191]  should_fail_ex+0x512/0x640
[  199.925491][ T9191]  _copy_from_user+0x2e/0xd0
[  199.925514][ T9191]  get_compat_msghdr+0xa7/0x170
[  199.925537][ T9191]  ? __pfx_get_compat_msghdr+0x10/0x10
[  199.925562][ T9191]  ? __pfx__kstrtoull+0x10/0x10
[  199.925590][ T9191]  ___sys_sendmsg+0x1ae/0x1d0
[  199.925616][ T9191]  ? __pfx____sys_sendmsg+0x10/0x10
[  199.925675][ T9191]  __sys_sendmmsg+0x2f9/0x420
[  199.925700][ T9191]  ? __pfx___sys_sendmmsg+0x10/0x10
[  199.925730][ T9191]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  199.925768][ T9191]  ? fput+0x70/0xf0
[  199.925786][ T9191]  ? ksys_write+0x1ac/0x250
[  199.925810][ T9191]  ? __pfx_ksys_write+0x10/0x10
[  199.925854][ T9191]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  199.925877][ T9191]  ? lockdep_hardirqs_on+0x7c/0x110
[  199.925902][ T9191]  __do_fast_syscall_32+0xe8/0x680
[  199.925932][ T9191]  do_fast_syscall_32+0x32/0x80
[  199.925959][ T9191]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  199.925981][ T9191] RIP: 0023:0xf709d579
[  199.925994][ T9191] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  199.926010][ T9191] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  199.926027][ T9191] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080001c00
[  199.926038][ T9191] RDX: 0000000000000159 RSI: 0000000000040840 RDI: 0000000000000000
[  199.926048][ T9191] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  199.926058][ T9191] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  199.926068][ T9191] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  199.926090][ T9191]  </TASK>
[  200.015381][ T9189] overlayfs: missing 'lowerdir'
[  200.020353][ T9189] overlay: ./file0 is not a directory
[  200.387419][ T9213] bridge0: port 3(erspan0) entered blocking state
[  200.389888][ T9213] bridge0: port 3(erspan0) entered disabled state
[  200.393426][ T9213] erspan0: entered allmulticast mode
[  200.396926][ T9213] erspan0: entered promiscuous mode
[  200.399651][ T9213] bridge0: port 3(erspan0) entered blocking state
[  200.402562][ T9213] bridge0: port 3(erspan0) entered forwarding state
[  200.795568][ T5301] Bluetooth: hci2: command tx timeout
[  201.421159][ T9229] netlink: 20 bytes leftover after parsing attributes in process `syz.4.615'.
[  201.424272][ T9229] netlink: 20 bytes leftover after parsing attributes in process `syz.4.615'.
[  201.736052][ T9237] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  201.738286][ T9237] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  201.830068][ T9245] dlm: no local IP address has been set
[  201.832063][ T9245] dlm: cannot start dlm midcomms -107
[  201.857810][ T9245] dlm: non-version read from control device 8224
[  201.863331][ T9245] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  201.866410][ T9237] vhci_hcd vhci_hcd.0: Device attached
[  201.878413][ T9245] netlink: 'syz.2.617': attribute type 12 has an invalid length.
[  202.145637][   T75] usb 46-1: SetAddress Request (2) to port 0
[  202.148289][   T75] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  202.499600][ T9238] vhci_hcd: connection reset by peer
[  202.515614][  T187] vhci_hcd vhci_hcd.4: stop threads
[  202.517400][  T187] vhci_hcd vhci_hcd.4: release socket
[  202.522670][  T187] vhci_hcd vhci_hcd.4: disconnect device
[  202.727743][ T9266] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  203.597155][ T9279] fuse: Invalid rootmode
[  204.663083][ T9301] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  204.799884][ T9306] netlink: 20 bytes leftover after parsing attributes in process `syz.2.632'.
[  204.803959][ T9306] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  206.349869][ T9359] netlink: 'syz.1.643': attribute type 27 has an invalid length.
[  206.367723][ T9359] bridge0: port 3(erspan0) entered disabled state
[  207.222462][ T9393] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  207.274417][   T75] usb 46-1: device descriptor read/8, error -110
[  207.630773][ T9408] netlink: 'syz.1.652': attribute type 27 has an invalid length.
[  207.646700][ T9408] bridge0: port 3(erspan0) entered blocking state
[  207.648982][ T9408] bridge0: port 3(erspan0) entered forwarding state
[  207.676087][   T75] usb usb46-port1: attempt power cycle
[  207.685662][ T9408] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.252608][   T75] usb usb46-port1: unable to enumerate USB device
[  208.851328][ T9426] /dev/sr0: Can't open blockdev
[  209.169636][ T9421] FAULT_INJECTION: forcing a failure.
[  209.169636][ T9421] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  209.176103][ T9421] CPU: 3 UID: 0 PID: 9421 Comm: syz.2.657 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  209.176132][ T9421] Tainted: [L]=SOFTLOCKUP
[  209.176139][ T9421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.176149][ T9421] Call Trace:
[  209.176155][ T9421]  <TASK>
[  209.176162][ T9421]  dump_stack_lvl+0x16c/0x1f0
[  209.176193][ T9421]  should_fail_ex+0x512/0x640
[  209.176217][ T9421]  should_fail_alloc_page+0xe7/0x130
[  209.176246][ T9421]  prepare_alloc_pages+0x401/0x670
[  209.176278][ T9421]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  209.176302][ T9421]  ? __lock_acquire+0x436/0x2890
[  209.176320][ T9421]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  209.176349][ T9421]  ? is_bpf_text_address+0x94/0x1a0
[  209.176373][ T9421]  ? kernel_text_address+0x8d/0x100
[  209.176393][ T9421]  ? __kernel_text_address+0xd/0x40
[  209.176417][ T9421]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  209.176440][ T9421]  ? find_held_lock+0x2b/0x80
[  209.176467][ T9421]  ? lockdep_hardirqs_on+0x7c/0x110
[  209.176500][ T9421]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  209.176525][ T9421]  ? stack_depot_save_flags+0x3de/0x9b0
[  209.176549][ T9421]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  209.176577][ T9421]  ? policy_nodemask+0xea/0x4e0
[  209.176606][ T9421]  alloc_pages_mpol+0x1fb/0x550
[  209.176633][ T9421]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  209.176668][ T9421]  folio_alloc_mpol_noprof+0x36/0x2f0
[  209.176687][ T9421]  vma_alloc_folio_noprof+0xed/0x1e0
[  209.176705][ T9421]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  209.176732][ T9421]  do_anonymous_page+0xc81/0x2190
[  209.176762][ T9421]  __handle_mm_fault+0x1ecf/0x2bb0
[  209.176786][ T9421]  ? reacquire_held_locks+0xcd/0x1f0
[  209.176804][ T9421]  ? __pfx___handle_mm_fault+0x10/0x10
[  209.176826][ T9421]  ? lock_vma_under_rcu+0x176/0x580
[  209.176862][ T9421]  handle_mm_fault+0x3fe/0xad0
[  209.176886][ T9421]  do_user_addr_fault+0x60c/0x1370
[  209.176910][ T9421]  ? rcu_is_watching+0x12/0xc0
[  209.176938][ T9421]  exc_page_fault+0x64/0xc0
[  209.176964][ T9421]  asm_exc_page_fault+0x26/0x30
[  209.176982][ T9421] RIP: 0023:0xf719c500
[  209.176996][ T9421] Code: 20 00 00 65 8b 15 14 00 00 00 89 94 24 cc 20 00 00 8b 56 68 85 d2 0f 85 46 01 00 00 c7 46 68 ff ff ff ff 8d 94 24 cc 00 00 00 <89> b4 24 bc 00 00 00 89 54 24 38 89 54 24 34 8d 94 24 cc 20 00 00
[  209.177012][ T9421] RSP: 002b:00000000f5474490 EFLAGS: 00010246
[  209.177026][ T9421] RAX: 00000000f7246748 RBX: 00000000f7416ff4 RCX: 00000000f54765c4
[  209.177036][ T9421] RDX: 00000000f547455c RSI: 00000000f741d260 RDI: 0000000000000009
[  209.177045][ T9421] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  209.177054][ T9421] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.177063][ T9421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.177086][ T9421]  </TASK>
[  209.551181][ T9470] dlm: no local IP address has been set
[  209.553752][ T9470] dlm: cannot start dlm midcomms -107
[  209.558731][ T9466] overlayfs: missing 'lowerdir'
[  209.563126][ T9466] overlay: ./file0 is not a directory
[  209.576122][ T9470] dlm: non-version read from control device 8224
[  209.580211][ T9470] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  209.584839][ T9470] netlink: 'syz.1.661': attribute type 12 has an invalid length.
[  210.126251][ T9476] fuse: Bad value for 'user_id'
[  210.128483][ T9476] fuse: Bad value for 'user_id'
[  210.457534][ T9495] netlink: 40 bytes leftover after parsing attributes in process `syz.1.665'.
[  212.148525][ T9521] overlayfs: missing 'lowerdir'
[  212.157091][ T9521] overlay: ./file0 is not a directory
[  212.319110][ T9536] netlink: 'syz.2.673': attribute type 2 has an invalid length.
[  212.405928][ T9542] loop7: detected capacity change from 0 to 16384
[  212.556096][ T9547] loop7: detected capacity change from 16384 to 16383
[  214.655811][ T9619] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  214.976762][ T9633] overlayfs: missing 'lowerdir'
[  214.980463][ T9633] overlay: ./file0 is not a directory
[  216.140253][ T9644] netlink: 20 bytes leftover after parsing attributes in process `syz.1.690'.
[  216.145624][ T9644] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  216.846917][ T9679] bridge0: port 1(erspan0) entered blocking state
[  216.849153][ T9679] bridge0: port 1(erspan0) entered disabled state
[  216.851331][ T9679] erspan0: entered allmulticast mode
[  216.853603][ T9679] erspan0: entered promiscuous mode
[  216.867504][ T9679] bridge0: port 1(erspan0) entered blocking state
[  216.869682][ T9679] bridge0: port 1(erspan0) entered forwarding state
[  216.929237][   T40] audit: type=1326 audit(1767259346.591:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz.1.697" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x0
[  216.979227][   T40] audit: type=1326 audit(1767259346.641:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz.1.697" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x0
[  217.976032][ T9688] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  217.978250][ T9688] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  217.981614][ T9688] vhci_hcd vhci_hcd.0: Device attached
[  218.170094][ T9691] vhci_hcd: connection closed
[  218.171168][  T187] vhci_hcd vhci_hcd.4: stop threads
[  218.180601][  T187] vhci_hcd vhci_hcd.4: release socket
[  218.184210][  T187] vhci_hcd vhci_hcd.4: disconnect device
[  218.276905][ T9696] overlayfs: missing 'lowerdir'
[  218.280117][ T9696] overlay: ./file0 is not a directory
[  218.424990][ T9716] netlink: 20 bytes leftover after parsing attributes in process `syz.4.703'.
[  218.428149][ T9716] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  218.901097][ T9731] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  219.800899][ T9755] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  219.831878][ T9757] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  221.134032][ T9796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  222.011705][ T9832] comedi comedi0: Minor 47 could not be opened
[  222.014251][ T9832] netlink: 'syz.4.724': attribute type 1 has an invalid length.
[  222.032075][ T9832] bond2: entered promiscuous mode
[  222.033973][ T9832] 8021q: adding VLAN 0 to HW filter on device bond2
[  222.066978][ T9832] 8021q: adding VLAN 0 to HW filter on device bond2
[  222.069876][ T9832] bond2: (slave gre1): The slave device specified does not support setting the MAC address
[  222.073181][ T9832] bond2: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  222.079765][ T9832] bond2: (slave gre1): making interface the new active one
[  222.082230][ T9832] gre1: entered promiscuous mode
[  222.084598][ T9832] bond2: (slave gre1): Enslaving as an active interface with an up link
[  222.844612][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.727'.
[  222.866932][ T9848] netlink: 'syz.3.727': attribute type 1 has an invalid length.
[  222.959724][ T9850] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  223.778011][ T9877] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  223.876787][ T9877] bond1 (unregistering): Released all slaves
[  226.109192][ T9950] overlayfs: missing 'lowerdir'
[  226.114908][ T9950] overlay: ./file0 is not a directory
[  226.442732][ T9946] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  226.470996][ T9946] bond1 (unregistering): Released all slaves
[  226.835459][ T9976] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  229.277869][T10030] netlink: 20 bytes leftover after parsing attributes in process `syz.1.756'.
[  229.281920][T10030] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  229.342442][T10033] netlink: 'syz.1.757': attribute type 27 has an invalid length.
[  229.346813][T10033] bridge0: port 3(erspan0) entered disabled state
[  229.353099][T10033] bridge0: port 3(erspan0) entered blocking state
[  229.356116][T10033] bridge0: port 3(erspan0) entered forwarding state
[  229.366476][T10033] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  229.424410][T10031] overlayfs: missing 'lowerdir'
[  229.429676][T10031] overlay: ./file0 is not a directory
[  229.488273][T10037] netlink: 'syz.1.758': attribute type 27 has an invalid length.
[  229.493500][T10037] bridge0: port 3(erspan0) entered disabled state
[  229.510404][T10037] bridge0: port 3(erspan0) entered blocking state
[  229.513334][T10037] bridge0: port 3(erspan0) entered forwarding state
[  229.522737][T10037] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  229.727399][T10043] netlink: 20 bytes leftover after parsing attributes in process `syz.4.760'.
[  229.731451][T10043] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  230.001721][T10059] fuse: Unknown parameter '0x0000000000000008'
[  231.550070][T10081] netlink: 20 bytes leftover after parsing attributes in process `syz.4.769'.
[  231.561775][T10081] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  231.640054][T10083] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  231.665229][T10083] netlink: 24 bytes leftover after parsing attributes in process `syz.3.770'.
[  231.675790][ T5301] Bluetooth: hci3: command 0x0406 tx timeout
[  232.044103][T10096] overlayfs: missing 'lowerdir'
[  232.047597][T10096] overlay: ./file0 is not a directory
[  233.606133][T10126] sp0: Synchronizing with TNC
[  234.109143][T10123] [U] è
[  234.583145][T10156] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  234.622072][T10153] lo speed is unknown, defaulting to 1000
[  234.624387][T10153] lo speed is unknown, defaulting to 1000
[  234.628638][T10153] lo speed is unknown, defaulting to 1000
[  234.648751][T10153] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  234.700708][T10153] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  234.731201][T10153] lo speed is unknown, defaulting to 1000
[  234.734367][T10153] lo speed is unknown, defaulting to 1000
[  234.737423][T10153] lo speed is unknown, defaulting to 1000
[  234.740151][T10153] lo speed is unknown, defaulting to 1000
[  235.782796][   T40] audit: type=1326 audit(1767259365.441:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.795741][   T40] audit: type=1326 audit(1767259365.451:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.804688][   T40] audit: type=1326 audit(1767259365.451:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.824417][   T40] audit: type=1326 audit(1767259365.451:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.840872][   T40] audit: type=1326 audit(1767259365.451:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.859218][   T40] audit: type=1326 audit(1767259365.451:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.868495][   T40] audit: type=1326 audit(1767259365.501:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.875609][   T40] audit: type=1326 audit(1767259365.501:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.885815][   T40] audit: type=1326 audit(1767259365.501:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  235.895868][   T40] audit: type=1326 audit(1767259365.501:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.3.797" exe="/syz-executor" sig=0 arch=40000003 syscall=284 compat=1 ip=0xf705d579 code=0x7ffc0000
[  236.189751][T10198] netlink: 'syz.3.800': attribute type 9 has an invalid length.
[  236.192612][T10198] netlink: 'syz.3.800': attribute type 11 has an invalid length.
[  236.198703][T10198] netlink: 'syz.3.800': attribute type 12 has an invalid length.
[  236.202181][T10198] netlink: 210020 bytes leftover after parsing attributes in process `syz.3.800'.
[  236.206075][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.800'.
[  236.362590][T10204] netlink: 'syz.3.804': attribute type 27 has an invalid length.
[  236.421238][T10204] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.716773][T10243] program syz.3.811 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.817033][T10245] syz.1.812 uses obsolete (PF_INET,SOCK_PACKET)
[  237.874476][T10241] smb3: Unknown parameter 'rdma/swradio#'
[  237.876781][T10241] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  237.885421][T10241] CIFS mount error: No usable UNC path provided in device string!
[  237.885421][T10241] 
[  237.889429][T10241] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  238.056898][   T75] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  238.207312][   T75] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  238.211472][   T75] usb 6-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  238.216523][   T75] usb 6-1: config 0 interface 0 has no altsetting 0
[  238.224030][   T75] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  238.229077][   T75] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  238.232611][   T75] usb 6-1: Product: syz
[  238.234260][   T75] usb 6-1: Manufacturer: syz
[  238.237009][   T75] usb 6-1: SerialNumber: syz
[  238.243334][   T75] usb 6-1: config 0 descriptor??
[  238.301623][   T75] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22
[  238.335975][ T6076] udevd[6076]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  238.556507][T10273] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  238.727473][   T75] usb 6-1: USB disconnect, device number 7
[  240.271414][T10297] netlink: 20 bytes leftover after parsing attributes in process `syz.4.823'.
[  240.275434][T10297] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  240.344817][T10303] nvme_fabrics: missing parameter 'transport=%s'
[  240.348087][T10303] nvme_fabrics: missing parameter 'nqn=%s'
[  240.580118][T10312] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  241.267769][T10327] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  241.691219][T10338] netlink: 20 bytes leftover after parsing attributes in process `syz.1.834'.
[  241.710474][T10338] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  242.073007][T10347] netlink: 4 bytes leftover after parsing attributes in process `syz.4.838'.
[  242.247583][T10357] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.253610][ T9038] lo speed is unknown, defaulting to 1000
[  242.309933][T10360] FAULT_INJECTION: forcing a failure.
[  242.309933][T10360] name failslab, interval 1, probability 0, space 0, times 0
[  242.315443][T10360] CPU: 3 UID: 0 PID: 10360 Comm: syz.4.841 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  242.315471][T10360] Tainted: [L]=SOFTLOCKUP
[  242.315490][T10360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.315501][T10360] Call Trace:
[  242.315508][T10360]  <TASK>
[  242.315514][T10360]  dump_stack_lvl+0x16c/0x1f0
[  242.315544][T10360]  should_fail_ex+0x512/0x640
[  242.315564][T10360]  ? __kmalloc_cache_node_noprof+0x62/0x830
[  242.315592][T10360]  should_failslab+0xc2/0x120
[  242.315634][T10360]  __kmalloc_cache_node_noprof+0x83/0x830
[  242.315661][T10360]  ? __get_vm_area_node+0x101/0x330
[  242.315690][T10360]  ? __get_vm_area_node+0x101/0x330
[  242.315715][T10360]  __get_vm_area_node+0x101/0x330
[  242.315744][T10360]  __vmalloc_node_range_noprof+0x247/0x16b0
[  242.315762][T10360]  ? bpf_check+0x1b8/0xc820
[  242.315791][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.315818][T10360]  ? bpf_check+0x1b8/0xc820
[  242.315843][T10360]  ? rcu_read_unlock+0x17/0x60
[  242.315863][T10360]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  242.315882][T10360]  ? ___kmalloc_large_node+0x97/0x150
[  242.315912][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.315946][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.315970][T10360]  ? trace_kmalloc+0x2b/0xb0
[  242.315995][T10360]  ? __kvmalloc_node_noprof.cold+0x61/0x8e
[  242.316026][T10360]  ? bpf_check+0x1b8/0xc820
[  242.316048][T10360]  __vmalloc_node_noprof+0xad/0xf0
[  242.316067][T10360]  ? bpf_check+0x1b8/0xc820
[  242.316093][T10360]  bpf_check+0x1b8/0xc820
[  242.316128][T10360]  ? pcpu_memcg_post_alloc_hook+0x2d7/0x690
[  242.316156][T10360]  ? __pfx_bpf_check+0x10/0x10
[  242.316188][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.316212][T10360]  ? ktime_get_with_offset+0x26e/0x3b0
[  242.316232][T10360]  ? __asan_memset+0x23/0x50
[  242.316253][T10360]  ? lsm_blob_alloc+0x2b/0x90
[  242.316281][T10360]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  242.316311][T10360]  bpf_prog_load+0x114e/0x2cc0
[  242.316340][T10360]  ? _parse_integer_limit+0x17f/0x1d0
[  242.316374][T10360]  ? __pfx_bpf_prog_load+0x10/0x10
[  242.316400][T10360]  ? __lock_acquire+0x436/0x2890
[  242.316447][T10360]  __sys_bpf+0x3e72/0x4980
[  242.316469][T10360]  ? __pfx___sys_bpf+0x10/0x10
[  242.316485][T10360]  ? find_held_lock+0x2b/0x80
[  242.316514][T10360]  ? find_held_lock+0x2b/0x80
[  242.316543][T10360]  ? __mutex_unlock_slowpath+0x161/0x790
[  242.316587][T10360]  ? fput+0x70/0xf0
[  242.316604][T10360]  ? ksys_write+0x1ac/0x250
[  242.316629][T10360]  ? __pfx_ksys_write+0x10/0x10
[  242.316658][T10360]  __ia32_sys_bpf+0x76/0xe0
[  242.316674][T10360]  ? lockdep_hardirqs_on+0x7c/0x110
[  242.316699][T10360]  __do_fast_syscall_32+0xe8/0x680
[  242.316746][T10360]  do_fast_syscall_32+0x32/0x80
[  242.316775][T10360]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.316797][T10360] RIP: 0023:0xf7fe1579
[  242.316811][T10360] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.316828][T10360] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  242.316845][T10360] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000680
[  242.316857][T10360] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  242.316881][T10360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.316892][T10360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.316902][T10360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.316925][T10360]  </TASK>
[  242.463295][T10360] syz.4.841: vmalloc error: size 768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  242.468637][T10360] CPU: 3 UID: 0 PID: 10360 Comm: syz.4.841 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  242.468653][T10360] Tainted: [L]=SOFTLOCKUP
[  242.468657][T10360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.468663][T10360] Call Trace:
[  242.468667][T10360]  <TASK>
[  242.468671][T10360]  dump_stack_lvl+0x16c/0x1f0
[  242.468691][T10360]  warn_alloc+0x248/0x3a0
[  242.468705][T10360]  ? __pfx_warn_alloc+0x10/0x10
[  242.468717][T10360]  ? trace_kmalloc+0x2b/0xb0
[  242.468732][T10360]  ? __kmalloc_cache_node_noprof+0x2ed/0x830
[  242.468751][T10360]  ? __kasan_kmalloc+0x8a/0xb0
[  242.468766][T10360]  ? __get_vm_area_node+0x208/0x330
[  242.468785][T10360]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  242.468798][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.468815][T10360]  ? bpf_check+0x1b8/0xc820
[  242.468830][T10360]  ? rcu_read_unlock+0x17/0x60
[  242.468842][T10360]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  242.468852][T10360]  ? ___kmalloc_large_node+0x97/0x150
[  242.468870][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.468885][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.468900][T10360]  ? trace_kmalloc+0x2b/0xb0
[  242.468914][T10360]  ? __kvmalloc_node_noprof.cold+0x61/0x8e
[  242.468937][T10360]  ? bpf_check+0x1b8/0xc820
[  242.468951][T10360]  __vmalloc_node_noprof+0xad/0xf0
[  242.468961][T10360]  ? bpf_check+0x1b8/0xc820
[  242.468976][T10360]  bpf_check+0x1b8/0xc820
[  242.468996][T10360]  ? pcpu_memcg_post_alloc_hook+0x2d7/0x690
[  242.469011][T10360]  ? __pfx_bpf_check+0x10/0x10
[  242.469030][T10360]  ? rcu_is_watching+0x12/0xc0
[  242.469044][T10360]  ? ktime_get_with_offset+0x26e/0x3b0
[  242.469056][T10360]  ? __asan_memset+0x23/0x50
[  242.469068][T10360]  ? lsm_blob_alloc+0x2b/0x90
[  242.469084][T10360]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  242.469100][T10360]  bpf_prog_load+0x114e/0x2cc0
[  242.469117][T10360]  ? _parse_integer_limit+0x17f/0x1d0
[  242.469135][T10360]  ? __pfx_bpf_prog_load+0x10/0x10
[  242.469151][T10360]  ? __lock_acquire+0x436/0x2890
[  242.469176][T10360]  __sys_bpf+0x3e72/0x4980
[  242.469187][T10360]  ? __pfx___sys_bpf+0x10/0x10
[  242.469196][T10360]  ? find_held_lock+0x2b/0x80
[  242.469213][T10360]  ? find_held_lock+0x2b/0x80
[  242.469230][T10360]  ? __mutex_unlock_slowpath+0x161/0x790
[  242.469255][T10360]  ? fput+0x70/0xf0
[  242.469265][T10360]  ? ksys_write+0x1ac/0x250
[  242.469280][T10360]  ? __pfx_ksys_write+0x10/0x10
[  242.469298][T10360]  __ia32_sys_bpf+0x76/0xe0
[  242.469307][T10360]  ? lockdep_hardirqs_on+0x7c/0x110
[  242.469323][T10360]  __do_fast_syscall_32+0xe8/0x680
[  242.469341][T10360]  do_fast_syscall_32+0x32/0x80
[  242.469365][T10360]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.469385][T10360] RIP: 0023:0xf7fe1579
[  242.469394][T10360] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.469404][T10360] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  242.469414][T10360] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000680
[  242.469421][T10360] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  242.469427][T10360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.469433][T10360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.469439][T10360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.469452][T10360]  </TASK>
[  242.469455][T10360] Mem-Info:
[  242.587597][T10360] active_anon:10959 inactive_anon:2 isolated_anon:0
[  242.587597][T10360]  active_file:13217 inactive_file:37058 isolated_file:0
[  242.587597][T10360]  unevictable:2782 dirty:275 writeback:0
[  242.587597][T10360]  slab_reclaimable:9876 slab_unreclaimable:54676
[  242.587597][T10360]  mapped:24652 shmem:6021 pagetables:1226
[  242.587597][T10360]  sec_pagetables:312 bounce:0
[  242.587597][T10360]  kernel_misc_reclaimable:0
[  242.587597][T10360]  free:26300 free_pcp:17294 free_cma:0
[  242.605341][T10360] Node 0 active_anon:32kB inactive_anon:8kB active_file:140kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9772kB pagetables:1648kB sec_pagetables:1144kB all_unreclaimable? yes Balloon:0kB
[  242.618190][T10360] Node 1 active_anon:45228kB inactive_anon:0kB active_file:52728kB inactive_file:148232kB unevictable:7592kB isolated(anon):0kB isolated(file):0kB mapped:98636kB dirty:1116kB writeback:0kB shmem:21948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4128kB pagetables:3288kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB
[  242.630416][T10360] Node 0 DMA free:2088kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:460kB local_pcp:60kB free_cma:0kB
[  242.642290][T10360] lowmem_reserve[]: 0 289 289 289 289
[  242.644613][T10360] Node 0 DMA32 free:16560kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32kB inactive_anon:8kB active_file:140kB inactive_file:0kB unevictable:3536kB writepending:4kB zspages:0kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:12548kB local_pcp:1552kB free_cma:0kB
[  242.657784][T10360] lowmem_reserve[]: 0 0 0 0 0
[  242.659407][T10360] Node 1 DMA32 free:84252kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45928kB inactive_anon:0kB active_file:52728kB inactive_file:148232kB unevictable:7592kB writepending:1116kB zspages:1840kB present:1048432kB managed:948212kB mlocked:4096kB bounce:0kB free_pcp:56244kB local_pcp:8864kB free_cma:0kB
[  242.670608][T10360] lowmem_reserve[]: 0 0 0 0 0
[  242.672705][T10360] Node 0 DMA: 44*4kB (UM) 5*8kB (UM) 1*16kB (U) 8*32kB (UM) 5*64kB (UM) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2088kB
[  242.680025][T10360] Node 0 DMA32: 954*4kB (UME) 219*8kB (UME) 31*16kB (UME) 14*32kB (UME) 41*64kB (UME) 16*128kB (UME) 7*256kB (UME) 1*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 16560kB
[  242.687698][T10360] Node 1 DMA32: 1309*4kB (UM) 1001*8kB (UM) 468*16kB (U) 6*32kB (ME) 45*64kB (ME) 157*128kB (ME) 10*256kB (UM) 5*512kB (UME) 7*1024kB (UM) 6*2048kB (UM) 3*4096kB (M) = 80764kB
[  242.695286][T10360] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.699742][T10360] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  242.703895][T10360] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.708291][T10360] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  242.712355][T10360] 58392 total pagecache pages
[  242.714454][T10360] 400 pages in swap cache
[  242.716733][T10360] Free swap  = 119932kB
[  242.718685][T10360] Total swap = 124996kB
[  242.720580][T10360] 524155 pages RAM
[  242.722295][T10360] 0 pages HighMem/MovableOnly
[  242.724428][T10360] 209059 pages reserved
[  242.726778][T10360] 0 pages cma reserved
[  242.988750][T10366] overlayfs: missing 'lowerdir'
[  242.991751][T10366] overlay: ./file0 is not a directory
[  243.031137][T10374] netlink: 20 bytes leftover after parsing attributes in process `syz.1.846'.
[  243.034191][T10374] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  243.100590][T10379] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  243.313657][T10380] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  243.810224][T10401] random: crng reseeded on system resumption
[  244.695871][T10431] netlink: 20 bytes leftover after parsing attributes in process `syz.4.858'.
[  244.699834][T10431] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  245.638078][T10450] overlayfs: missing 'lowerdir'
[  245.654353][T10450] overlay: ./file0 is not a directory
[  245.900278][T10460] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  246.426196][T10466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.450568][T10469] netlink: 20 bytes leftover after parsing attributes in process `syz.4.867'.
[  246.453654][T10469] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  246.524035][T10471] comedi comedi3: comedi_config --init_data is deprecated
[  247.017080][   T10] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  247.183762][   T10] usb 9-1: device descriptor read/64, error -71
[  247.445970][   T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  247.470114][T10502] netlink: 20 bytes leftover after parsing attributes in process `syz.2.877'.
[  247.475782][T10502] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  247.576545][   T10] usb 9-1: device descriptor read/64, error -71
[  247.711598][   T10] usb usb9-port1: attempt power cycle
[  248.085569][   T10] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  248.106688][   T10] usb 9-1: device descriptor read/8, error -71
[  248.380543][   T10] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  248.406542][   T10] usb 9-1: device descriptor read/8, error -71
[  248.517134][   T10] usb usb9-port1: unable to enumerate USB device
[  248.978210][T10543] netlink: 20 bytes leftover after parsing attributes in process `syz.3.889'.
[  248.982686][T10543] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  249.836456][T10560] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  250.327033][T10572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'.
[  250.484696][T10581] netlink: 20 bytes leftover after parsing attributes in process `syz.2.899'.
[  250.489424][T10581] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  251.113044][T10619] lo speed is unknown, defaulting to 1000
[  251.173495][ T1330] usb 8-1: new low-speed USB device number 2 using dummy_hcd
[  251.338378][ T1330] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  251.342599][ T1330] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  251.346361][ T1330] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  251.351141][ T1330] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.355371][ T1330] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  251.366816][ T1330] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.420003][ T1330] hub 8-1:1.0: bad descriptor, ignoring hub
[  251.422045][ T1330] hub 8-1:1.0: probe with driver hub failed with error -5
[  251.424792][ T1330] cdc_wdm 8-1:1.0: skipping garbage
[  251.434718][ T1330] cdc_wdm 8-1:1.0: skipping garbage
[  251.456039][ T1330] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  251.460332][ T1330] cdc_wdm 8-1:1.0: Unknown control protocol
[  251.777120][T10632] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.216694][T10605] cdc_wdm 8-1:1.0: Error autopm - -16
[  252.216773][ T9038] usb 8-1: USB disconnect, device number 2
[  252.355602][ T9038] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  252.507324][ T9038] usb 8-1: config 0 has no interfaces?
[  252.510888][ T9038] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  252.515217][ T9038] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  252.520045][ T9038] usb 8-1: Product: syz
[  252.522354][ T9038] usb 8-1: Manufacturer: syz
[  252.524936][ T9038] usb 8-1: SerialNumber: syz
[  252.531784][ T9038] usb 8-1: config 0 descriptor??
[  252.738200][ T1330] usb 8-1: USB disconnect, device number 3
[  252.772911][T10649] snd_dummy snd_dummy.0: control 6:0:128:syz0:0 is already present
[  254.040139][T10676] netlink: 24 bytes leftover after parsing attributes in process `syz.3.919'.
[  255.797399][T10694] syz_tun: left promiscuous mode
[  255.799656][T10694] syz_tun: left allmulticast mode
[  255.803571][T10694] 8021q: adding VLAN 0 to HW filter on device team0
[  255.897724][T10694] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  256.119931][T10710] FAULT_INJECTION: forcing a failure.
[  256.119931][T10710] name failslab, interval 1, probability 0, space 0, times 0
[  256.125745][T10710] CPU: 3 UID: 0 PID: 10710 Comm: syz.4.927 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  256.125771][T10710] Tainted: [L]=SOFTLOCKUP
[  256.125782][T10710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.125792][T10710] Call Trace:
[  256.125799][T10710]  <TASK>
[  256.125806][T10710]  dump_stack_lvl+0x16c/0x1f0
[  256.125837][T10710]  should_fail_ex+0x512/0x640
[  256.125858][T10710]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  256.125884][T10710]  should_failslab+0xc2/0x120
[  256.125911][T10710]  kmem_cache_alloc_node_noprof+0x86/0x800
[  256.125932][T10710]  ? __alloc_skb+0x156/0x410
[  256.125957][T10710]  ? __alloc_skb+0x156/0x410
[  256.125975][T10710]  __alloc_skb+0x156/0x410
[  256.125991][T10710]  ? __alloc_skb+0x35d/0x410
[  256.126009][T10710]  ? __pfx___alloc_skb+0x10/0x10
[  256.126028][T10710]  ? rcu_is_watching+0x12/0xc0
[  256.126055][T10710]  ? nl80211_parse_counter_offsets+0x252/0x2d0
[  256.126088][T10710]  nl80211_tx_mgmt+0x7b0/0xdd0
[  256.126108][T10710]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  256.126125][T10710]  ? __pfx_netdev_run_todo+0x10/0x10
[  256.126169][T10710]  ? nl80211_pre_doit+0x1b0/0xb10
[  256.126194][T10710]  genl_family_rcv_msg_doit+0x209/0x2f0
[  256.126225][T10710]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  256.126253][T10710]  ? genl_get_cmd+0x194/0x580
[  256.126283][T10710]  ? bpf_lsm_capable+0x9/0x10
[  256.126306][T10710]  ? security_capable+0x7e/0x260
[  256.126334][T10710]  ? ns_capable+0xd7/0x110
[  256.126358][T10710]  genl_rcv_msg+0x55c/0x800
[  256.126378][T10710]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.126394][T10710]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  256.126413][T10710]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  256.126429][T10710]  ? __pfx_nl80211_post_doit+0x10/0x10
[  256.126461][T10710]  netlink_rcv_skb+0x158/0x420
[  256.126487][T10710]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.126504][T10710]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  256.126539][T10710]  ? netlink_deliver_tap+0x1ae/0xd30
[  256.126567][T10710]  genl_rcv+0x28/0x40
[  256.126592][T10710]  netlink_unicast+0x5aa/0x870
[  256.126619][T10710]  ? __pfx_netlink_unicast+0x10/0x10
[  256.126667][T10710]  netlink_sendmsg+0x8c8/0xdd0
[  256.126696][T10710]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.126723][T10710]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  256.126756][T10710]  ____sys_sendmsg+0xa5d/0xc30
[  256.126812][T10710]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.126838][T10710]  ? get_compat_msghdr+0x11a/0x170
[  256.126871][T10710]  ___sys_sendmsg+0x134/0x1d0
[  256.126894][T10710]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.126930][T10710]  ? find_held_lock+0x2b/0x80
[  256.126971][T10710]  __sys_sendmsg+0x16d/0x220
[  256.126994][T10710]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.127033][T10710]  __do_fast_syscall_32+0xe8/0x680
[  256.127064][T10710]  do_fast_syscall_32+0x32/0x80
[  256.127091][T10710]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.127114][T10710] RIP: 0023:0xf7fe1579
[  256.127128][T10710] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  256.127145][T10710] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  256.127162][T10710] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080003740
[  256.127173][T10710] RDX: 0000000028004800 RSI: 0000000000000000 RDI: 0000000000000000
[  256.127184][T10710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  256.127194][T10710] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  256.127204][T10710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.127229][T10710]  </TASK>
[  256.964899][T10718] netlink: 56 bytes leftover after parsing attributes in process `syz.4.929'.
[  257.299260][T10738] netlink: 65023 bytes leftover after parsing attributes in process `syz.2.936'.
[  257.354977][T10744] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  258.708234][T10775] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  258.730462][T10777] FAULT_INJECTION: forcing a failure.
[  258.730462][T10777] name failslab, interval 1, probability 0, space 0, times 0
[  258.736668][T10777] CPU: 2 UID: 0 PID: 10777 Comm: syz.4.948 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  258.736694][T10777] Tainted: [L]=SOFTLOCKUP
[  258.736700][T10777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.736709][T10777] Call Trace:
[  258.736715][T10777]  <TASK>
[  258.736722][T10777]  dump_stack_lvl+0x16c/0x1f0
[  258.736751][T10777]  should_fail_ex+0x512/0x640
[  258.736769][T10777]  ? fs_reclaim_acquire+0xae/0x150
[  258.736797][T10777]  should_failslab+0xc2/0x120
[  258.736822][T10777]  __kmalloc_noprof+0xeb/0x910
[  258.736841][T10777]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  258.736868][T10777]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  258.736890][T10777]  tomoyo_realpath_from_path+0xc2/0x6e0
[  258.736914][T10777]  ? tomoyo_profile+0x47/0x60
[  258.736941][T10777]  tomoyo_path_number_perm+0x245/0x580
[  258.736959][T10777]  ? tomoyo_path_number_perm+0x237/0x580
[  258.736980][T10777]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  258.737029][T10777]  ? find_held_lock+0x2b/0x80
[  258.737050][T10777]  ? hook_file_ioctl_common+0x144/0x410
[  258.737076][T10777]  ? __fget_files+0x20e/0x3c0
[  258.737098][T10777]  ? fput+0x70/0xf0
[  258.737118][T10777]  security_file_ioctl_compat+0x9b/0x240
[  258.737140][T10777]  __ia32_compat_sys_ioctl+0xc3/0x370
[  258.737164][T10777]  __do_fast_syscall_32+0xe8/0x680
[  258.737191][T10777]  do_fast_syscall_32+0x32/0x80
[  258.737216][T10777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.737236][T10777] RIP: 0023:0xf7fe1579
[  258.737250][T10777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  258.737264][T10777] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  258.737280][T10777] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0405610
[  258.737291][T10777] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  258.737300][T10777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.737309][T10777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  258.737318][T10777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.737340][T10777]  </TASK>
[  258.737347][T10777] ERROR: Out of memory at tomoyo_realpath_from_path.
[  259.035905][T10786] Cannot find add_set index 2 as target
[  259.655829][T10796] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  259.658762][T10796] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  259.664269][T10796] vhci_hcd vhci_hcd.0: Device attached
[  260.084387][ T5942] usb 44-1: SetAddress Request (6) to port 0
[  260.086496][ T5942] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  260.096547][T10797] vhci_hcd: connection closed
[  260.096755][   T13] vhci_hcd vhci_hcd.3: stop threads
[  260.100924][   T13] vhci_hcd vhci_hcd.3: release socket
[  260.103794][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  260.103874][T10793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  260.110808][T10807] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  260.115612][ T5942] usb 44-1: enqueue for inactive port 0
[  260.319359][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  260.324157][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  260.444837][T10813] openvswitch: netlink: Flow key attr not present in new flow.
[  260.586699][ T5942] usb usb44-port1: attempt power cycle
[  261.147581][ T5942] usb usb44-port1: unable to enumerate USB device
[  261.270038][T10834] netlink: 12 bytes leftover after parsing attributes in process `syz.1.967'.
[  261.282038][T10834] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.678625][T10850] netlink: 24 bytes leftover after parsing attributes in process `syz.1.972'.
[  262.098060][T10863] netlink: 48 bytes leftover after parsing attributes in process `syz.2.970'.
[  262.235236][T10865] netlink: 12 bytes leftover after parsing attributes in process `syz.4.976'.
[  262.331548][T10865] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  262.477216][T10873] 9p: Unknown access argument 00000000004294967295p·4: -22
[  263.048400][T10889] 9p: Bad value for 'source'
[  263.174336][T10891] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input9
[  263.998361][T10902] netlink: 12 bytes leftover after parsing attributes in process `syz.2.987'.
[  264.027377][T10902] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.138851][T10904] FAULT_INJECTION: forcing a failure.
[  264.138851][T10904] name failslab, interval 1, probability 0, space 0, times 0
[  264.143031][T10904] CPU: 2 UID: 0 PID: 10904 Comm: syz.1.989 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  264.143049][T10904] Tainted: [L]=SOFTLOCKUP
[  264.143053][T10904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  264.143059][T10904] Call Trace:
[  264.143063][T10904]  <TASK>
[  264.143068][T10904]  dump_stack_lvl+0x16c/0x1f0
[  264.143088][T10904]  should_fail_ex+0x512/0x640
[  264.143100][T10904]  ? fs_reclaim_acquire+0xae/0x150
[  264.143119][T10904]  should_failslab+0xc2/0x120
[  264.143136][T10904]  __kmalloc_noprof+0xeb/0x910
[  264.143148][T10904]  ? tomoyo_encode2+0x100/0x3e0
[  264.143165][T10904]  ? tomoyo_encode2+0x100/0x3e0
[  264.143179][T10904]  tomoyo_encode2+0x100/0x3e0
[  264.143195][T10904]  tomoyo_encode+0x29/0x50
[  264.143209][T10904]  tomoyo_realpath_from_path+0x18f/0x6e0
[  264.143225][T10904]  ? tomoyo_profile+0x47/0x60
[  264.143243][T10904]  tomoyo_path_number_perm+0x245/0x580
[  264.143255][T10904]  ? tomoyo_path_number_perm+0x237/0x580
[  264.143273][T10904]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  264.143306][T10904]  ? find_held_lock+0x2b/0x80
[  264.143320][T10904]  ? hook_file_ioctl_common+0x144/0x410
[  264.143336][T10904]  ? __fget_files+0x20e/0x3c0
[  264.143351][T10904]  ? fput+0x70/0xf0
[  264.143364][T10904]  security_file_ioctl_compat+0x9b/0x240
[  264.143379][T10904]  __ia32_compat_sys_ioctl+0xc3/0x370
[  264.143394][T10904]  __do_fast_syscall_32+0xe8/0x680
[  264.143413][T10904]  do_fast_syscall_32+0x32/0x80
[  264.143430][T10904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  264.143444][T10904] RIP: 0023:0xf709d579
[  264.143452][T10904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  264.143464][T10904] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  264.143474][T10904] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae46
[  264.143481][T10904] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  264.143487][T10904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  264.143493][T10904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  264.143499][T10904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  264.143513][T10904]  </TASK>
[  264.143522][T10904] ERROR: Out of memory at tomoyo_realpath_from_path.
[  264.452729][T10926] tipc: Started in network mode
[  264.455063][T10926] tipc: Node identity 42415ddf0f04, cluster identity 4711
[  264.458566][T10926] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  264.462354][T10926] syzkaller0: entered promiscuous mode
[  264.464897][T10926] syzkaller0: entered allmulticast mode
[  264.473775][T10926] netlink: 132 bytes leftover after parsing attributes in process `syz.3.998'.
[  264.492049][T10926] tipc: Resetting bearer <eth:syzkaller0>
[  264.500132][T10925] tipc: Resetting bearer <eth:syzkaller0>
[  264.505262][T10928] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1000'.
[  264.516381][T10925] tipc: Disabling bearer <eth:syzkaller0>
[  264.531730][T10928] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.775181][T10945] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  264.777346][T10945] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  264.780289][T10945] vhci_hcd vhci_hcd.0: Device attached
[  264.788545][T10949] binder: 10948:10949 ioctl 5412 0 returned -22
[  264.792010][T10949] binder: 10948:10949 ioctl c0306201 0 returned -14
[  264.862894][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1009'.
[  264.985095][T10954] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  265.005706][   T10] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  265.048217][T10950] overlayfs: missing 'lowerdir'
[  265.050533][T10950] overlay: ./file0 is not a directory
[  265.067836][   T10] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  265.076889][T10946] vhci_hcd: connection closed
[  265.077104][   T46] vhci_hcd vhci_hcd.1: stop threads
[  265.080716][   T46] vhci_hcd vhci_hcd.1: release socket
[  265.082642][   T46] vhci_hcd vhci_hcd.1: disconnect device
[  265.680601][T10969] (syz.4.1013,10969,3):ocfs2_get_sector:1714 ERROR: status = -5
[  265.683368][T10969] (syz.4.1013,10969,3):ocfs2_sb_probe:753 ERROR: status = -5
[  265.686570][T10969] (syz.4.1013,10969,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  265.691902][T10969] (syz.4.1013,10969,3):ocfs2_fill_super:1177 ERROR: status = -5
[  265.730162][T10973] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1015'.
[  265.932112][T10983] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1018'.
[  265.994135][T10983] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  266.454305][T11007] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1025'.
[  266.564197][T11010] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  266.567186][T11010] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  266.571428][T11010] vhci_hcd vhci_hcd.0: Device attached
[  266.846642][ T6107] usb 46-1: SetAddress Request (7) to port 0
[  266.849389][ T6107] usb 46-1: new SuperSpeed USB device number 7 using vhci_hcd
[  266.917328][T11011] vhci_hcd: connection reset by peer
[  266.925791][   T46] vhci_hcd vhci_hcd.4: stop threads
[  266.926135][T10986] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.927594][   T46] vhci_hcd vhci_hcd.4: release socket
[  266.935703][   T46] vhci_hcd vhci_hcd.4: disconnect device
[  266.950880][T11024] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  268.072253][T11061] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  269.288691][T11112] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  270.175962][   T10] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  270.455281][T11153] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1057'.
[  270.462571][T11153] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  270.688331][T11161] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1060'.
[  272.705575][ T6107] usb 46-1: device descriptor read/8, error -110
[  272.820592][T11209] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  273.316020][ T6107] usb usb46-port1: attempt power cycle
[  273.877642][ T6107] usb usb46-port1: unable to enumerate USB device
[  276.260557][T11297] capability: warning: `syz.3.1084' uses deprecated v2 capabilities in a way that may be insecure
[  276.505720][ T5301] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  277.143829][T11331] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  278.529975][   T40] kauditd_printk_skb: 24 callbacks suppressed
[  278.529987][   T40] audit: type=1326 audit(1767259408.191:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.3.1092" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705d579 code=0x0
[  278.637194][T11342] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1093'.
[  279.301860][T11364] serio: Serial port ptm0
[  279.361248][ T5301] Bluetooth: hci3: unexpected event for opcode 0x2024
[  279.534687][T11371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1103'.
[  279.549290][T11371] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  280.216811][T11389] FAULT_INJECTION: forcing a failure.
[  280.216811][T11389] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.221166][T11389] CPU: 1 UID: 0 PID: 11389 Comm: syz.3.1105 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  280.221183][T11389] Tainted: [L]=SOFTLOCKUP
[  280.221187][T11389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.221194][T11389] Call Trace:
[  280.221198][T11389]  <TASK>
[  280.221203][T11389]  dump_stack_lvl+0x16c/0x1f0
[  280.221223][T11389]  should_fail_ex+0x512/0x640
[  280.221239][T11389]  _copy_to_user+0x32/0xd0
[  280.221252][T11389]  simple_read_from_buffer+0xcb/0x170
[  280.221269][T11389]  proc_fail_nth_read+0x197/0x240
[  280.221289][T11389]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.221308][T11389]  ? rw_verify_area+0xcf/0x6c0
[  280.221322][T11389]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.221340][T11389]  vfs_read+0x1e4/0xcf0
[  280.221356][T11389]  ? __pfx___mutex_lock+0x10/0x10
[  280.221375][T11389]  ? __pfx_vfs_read+0x10/0x10
[  280.221389][T11389]  ? find_held_lock+0x2b/0x80
[  280.221407][T11389]  ? __fget_files+0x20e/0x3c0
[  280.221427][T11389]  ksys_read+0x12a/0x250
[  280.221442][T11389]  ? __pfx_ksys_read+0x10/0x10
[  280.221456][T11389]  ? syscall_trace_enter+0x1cb/0x220
[  280.221470][T11389]  ? __bpf_trace_sys_enter+0x37/0x60
[  280.221484][T11389]  ? rcu_is_watching+0x12/0xc0
[  280.221501][T11389]  __do_fast_syscall_32+0xe8/0x680
[  280.221519][T11389]  do_fast_syscall_32+0x32/0x80
[  280.221536][T11389]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.221551][T11389] RIP: 0023:0xf705d579
[  280.221559][T11389] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.221572][T11389] RSP: 002b:00000000f540b590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  280.221588][T11389] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00000000f540b620
[  280.221598][T11389] RDX: 000000000000000f RSI: 00000000f73f6ff4 RDI: 0000000000000000
[  280.221608][T11389] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  280.221618][T11389] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  280.221630][T11389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.221661][T11389]  </TASK>
[  280.936307][T11398] mkiss: ax0: crc mode is auto.
[  280.998777][T11408] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  281.003440][T11408] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  281.008363][T11408] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  281.089308][T11411] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1113'.
[  281.093323][T11411] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1113'.
[  281.642486][T11427] overlayfs: missing 'lowerdir'
[  281.733762][T11427] overlay: ./file0 is not a directory
[  283.287361][T11464] binder: 11463:11464 ioctl c0046209 0 returned -22
[  285.277974][T11511] syzkaller0: entered promiscuous mode
[  285.279823][T11511] syzkaller0: entered allmulticast mode
[  287.489879][T11585] xt_CT: You must specify a L4 protocol and not use inversions on it
[  287.493123][T11585] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1149'.
[  289.314313][ T1330] IPVS: starting estimator thread 0...
[  289.405821][T11627] IPVS: using max 45 ests per chain, 108000 per kthread
[  289.725179][T11654] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  289.729712][T11654] block device autoloading is deprecated and will be removed.
[  289.763648][T11648] can0: slcan on ttyS3.
[  289.882634][T11648] can0 (unregistered): slcan off ttyS3.
[  293.085577][ T1330] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  293.245713][ T1330] usb 8-1: Using ep0 maxpacket: 8
[  293.251130][ T1330] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  293.254807][ T1330] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  293.259239][ T1330] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  293.263631][ T1330] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  293.267759][ T1330] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  293.273078][ T1330] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  293.278358][ T1330] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.490818][ T1330] usb 8-1: GET_CAPABILITIES returned 0
[  293.494426][ T1330] usbtmc 8-1:16.0: can't read capabilities
[  293.542863][T11744] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1182'.
[  293.552105][T11744] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  293.795717][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  293.985573][   T24] usb 6-1: Using ep0 maxpacket: 8
[  293.989389][   T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  293.994180][   T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  294.005566][   T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  294.009851][   T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  294.015465][   T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  294.029750][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.205121][ T6008] usb 8-1: USB disconnect, device number 4
[  294.278648][T11747] lo speed is unknown, defaulting to 1000
[  294.403053][T11763] FAULT_INJECTION: forcing a failure.
[  294.403053][T11763] name failslab, interval 1, probability 0, space 0, times 0
[  294.407442][T11763] CPU: 2 UID: 0 PID: 11763 Comm: syz.2.1186 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  294.407460][T11763] Tainted: [L]=SOFTLOCKUP
[  294.407464][T11763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.407471][T11763] Call Trace:
[  294.407475][T11763]  <TASK>
[  294.407491][T11763]  dump_stack_lvl+0x16c/0x1f0
[  294.407512][T11763]  should_fail_ex+0x512/0x640
[  294.407537][T11763]  ? __kmalloc_noprof+0xca/0x910
[  294.407551][T11763]  should_failslab+0xc2/0x120
[  294.407568][T11763]  __kmalloc_noprof+0xeb/0x910
[  294.407579][T11763]  ? __lock_acquire+0x436/0x2890
[  294.407589][T11763]  ? io_cache_alloc_new+0x45/0xf0
[  294.407609][T11763]  ? io_cache_alloc_new+0x45/0xf0
[  294.407625][T11763]  io_cache_alloc_new+0x45/0xf0
[  294.407642][T11763]  io_rsrc_node_alloc+0x221/0x2b0
[  294.407660][T11763]  io_sqe_buffer_register+0x104/0x2020
[  294.407679][T11763]  ? __lock_acquire+0x436/0x2890
[  294.407695][T11763]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[  294.407721][T11763]  ? iovec_from_user+0xbb/0x140
[  294.407735][T11763]  __io_register_rsrc_update+0x449/0x1110
[  294.407757][T11763]  ? __pfx___io_register_rsrc_update+0x10/0x10
[  294.407774][T11763]  ? find_held_lock+0x2b/0x80
[  294.407787][T11763]  ? __might_fault+0xe3/0x190
[  294.407800][T11763]  ? __might_fault+0xe3/0x190
[  294.407811][T11763]  ? __might_fault+0x13b/0x190
[  294.407828][T11763]  io_register_rsrc_update+0x11b/0x180
[  294.407846][T11763]  ? __pfx_io_register_rsrc_update+0x10/0x10
[  294.407869][T11763]  __do_sys_io_uring_register+0x130c/0x2600
[  294.407889][T11763]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[  294.407905][T11763]  ? __fget_files+0x20e/0x3c0
[  294.407924][T11763]  ? fput+0x70/0xf0
[  294.407935][T11763]  ? ksys_write+0x1ac/0x250
[  294.407950][T11763]  ? __pfx_ksys_write+0x10/0x10
[  294.407965][T11763]  ? do_user_addr_fault+0x843/0x1370
[  294.407982][T11763]  __do_fast_syscall_32+0xe8/0x680
[  294.408001][T11763]  do_fast_syscall_32+0x32/0x80
[  294.408018][T11763]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  294.408032][T11763] RIP: 0023:0xf7f81579
[  294.408041][T11763] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  294.408052][T11763] RSP: 002b:00000000f543455c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab
[  294.408062][T11763] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000010
[  294.408069][T11763] RDX: 00000000800003c0 RSI: 0000000000000020 RDI: 0000000000000000
[  294.408075][T11763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  294.408081][T11763] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  294.408088][T11763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  294.408101][T11763]  </TASK>
[  294.425457][T11759] overlayfs: missing 'lowerdir'
[  294.529577][T11765] overlay: ./file0 is not a directory
[  294.738052][T11747] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  294.740352][T11747] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  294.746670][T11747] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  294.748965][T11747] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  294.754153][T11747] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  294.756505][T11747] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  294.759482][T11747] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  294.762246][T11747] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  294.798936][T11747] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  294.948240][   T24] usb 6-1: usb_control_msg returned -32
[  294.950188][   T24] usbtmc 6-1:16.0: can't read capabilities
[  294.958649][T11747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  294.963116][T11747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.033306][   T10] usb 6-1: USB disconnect, device number 8
[  295.697724][T11783] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1191'.
[  296.795673][ T5946] Bluetooth: hci3: command 0x0406 tx timeout
[  296.798467][ T5946] Bluetooth: hci1: command 0x0406 tx timeout
[  296.825761][ T5956] Bluetooth: hci0: command 0x0406 tx timeout
[  296.837438][ T5301] Bluetooth: hci2: command 0x0c1a tx timeout
[  297.589178][T11817] overlayfs: missing 'lowerdir'
[  297.591566][T11817] overlay: ./file0 is not a directory
[  298.582720][T11847] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  298.737094][T11859] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  298.740045][T11859] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  298.747261][T11859] vhci_hcd vhci_hcd.0: Device attached
[  298.886820][ T5946] Bluetooth: hci0: command 0x0406 tx timeout
[  298.886859][ T5301] Bluetooth: hci2: command 0x0c1a tx timeout
[  298.886901][ T5956] Bluetooth: hci1: command 0x0406 tx timeout
[  298.886924][ T5956] Bluetooth: hci3: command 0x0406 tx timeout
[  299.085556][ T5942] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  299.246551][T11883] overlayfs: missing 'lowerdir'
[  299.254157][T11883] overlay: ./file0 is not a directory
[  299.478723][T11860] vhci_hcd: connection reset by peer
[  299.481335][  T162] vhci_hcd vhci_hcd.4: stop threads
[  299.483365][  T162] vhci_hcd vhci_hcd.4: release socket
[  299.485209][  T162] vhci_hcd vhci_hcd.4: disconnect device
[  299.681308][T11891] netlink: 63 bytes leftover after parsing attributes in process `syz.2.1212'.
[  300.216457][   T10] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  300.365646][   T10] usb 8-1: Using ep0 maxpacket: 32
[  300.366963][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.372124][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.377932][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  300.382265][   T10] usb 8-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  300.390925][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.397099][   T10] usb 8-1: config 0 descriptor??
[  300.822800][T11918] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  300.890057][   T10] hid (null): invalid report_size 829317484
[  300.892456][   T10] hid (null): global environment stack underflow
[  300.903090][   T10] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.0002/input/input14
[  300.955721][ T5301] Bluetooth: hci2: command 0x0c1a tx timeout
[  300.996419][   T10] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.0002/input/input15
[  301.040596][   T10] kye 0003:0458:5011.0002: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0
[  301.138169][T11933] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1222'.
[  301.142749][T11933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1222'.
[  301.949473][    C0] kye 0003:0458:5011.0002: usb_submit_urb(ctrl) failed: -1
[  302.108855][T11945] netlink: 'syz.2.1225': attribute type 1 has an invalid length.
[  302.500404][T11958] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  302.729498][ T6015] usb 8-1: USB disconnect, device number 5
[  303.049731][ T5301] Bluetooth: hci0: unexpected Set CIG Parameters response data
[  303.054030][ T5301] Bluetooth: hci0: unexpected event for opcode 0x2062
[  303.704603][T11985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1234'.
[  304.225674][ T5942] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  304.509874][T11993] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  304.701699][T11996] overlayfs: missing 'lowerdir'
[  304.705177][T11996] overlay: ./file0 is not a directory
[  306.317084][ T5301] Bluetooth: hci3: unexpected event for opcode 0x2016
[  306.360952][T12025] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  306.698676][T12036] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1250'.
[  307.031266][T12043] overlayfs: missing 'lowerdir'
[  307.034519][T12043] overlay: ./file0 is not a directory
[  307.126930][ T5301] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  307.129852][ T5301] Bluetooth: hci0: Injecting HCI hardware error event
[  307.133166][ T5301] Bluetooth: hci0: hardware error 0x00
[  308.034579][T12058] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  308.404302][ T6015] IPVS: starting estimator thread 0...
[  308.500539][T12069] IPVS: using max 44 ests per chain, 105600 per kthread
[  308.777658][T12081] overlayfs: missing 'lowerdir'
[  308.780540][T12081] overlay: ./file0 is not a directory
[  309.195688][ T5301] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  309.682042][T12101] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  309.696218][T12100] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  310.144472][T12108] bond_slave_0: entered promiscuous mode
[  310.146585][T12108] bond_slave_1: entered promiscuous mode
[  310.149031][T12108] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  310.153446][T12108] bond1: (slave macvlan2): making interface the new active one
[  310.159530][T12108] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  310.164960][T12108] bond1: option lacp_rate: mode dependency failed, not supported in mode balance-alb(6)
[  310.169321][T12108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1270'.
[  310.207032][T12120] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1272'.
[  310.325635][ T5301] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  310.328728][ T5301] Bluetooth: hci3: Injecting HCI hardware error event
[  310.333022][ T5301] Bluetooth: hci3: hardware error 0x00
[  312.185035][T12165] overlayfs: missing 'lowerdir'
[  312.189521][T12165] overlay: ./file0 is not a directory
[  312.395677][ T5301] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  312.722383][T12193] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  312.737167][T12193] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  312.740292][T12193] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  312.743102][T12193] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  312.750121][T12193] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  312.758077][T12193] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  312.762957][T12193] kvm: requested 100571 ns i8254 timer period limited to 200000 ns
[  312.797554][T12193] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  312.804578][T12193] kvm: requested 170133 ns i8254 timer period limited to 200000 ns
[  312.808997][T12201] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1289'.
[  313.305781][T12221] netfs: Couldn't get user pages (rc=-14)
[  313.947273][T12240] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1297'.
[  313.985976][T12240] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1297'.
[  313.992203][T12240] xt_bpf: check failed: parse error
[  314.839304][T12273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1302'.
[  314.872022][T12273] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  316.007830][T12318] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1312'.
[  316.020803][T12318] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  316.766834][T12337] FAULT_INJECTION: forcing a failure.
[  316.766834][T12337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.771428][T12337] CPU: 3 UID: 0 PID: 12337 Comm: syz.3.1316 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  316.771446][T12337] Tainted: [L]=SOFTLOCKUP
[  316.771454][T12337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  316.771461][T12337] Call Trace:
[  316.771465][T12337]  <TASK>
[  316.771470][T12337]  dump_stack_lvl+0x16c/0x1f0
[  316.771491][T12337]  should_fail_ex+0x512/0x640
[  316.771505][T12337]  _copy_to_user+0x32/0xd0
[  316.771519][T12337]  binder_ioctl+0x28cf/0x7360
[  316.771620][T12337]  ? tomoyo_path_number_perm+0x18d/0x580
[  316.771638][T12337]  ? __pfx_binder_ioctl+0x10/0x10
[  316.771661][T12337]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  316.771679][T12337]  ? do_vfs_ioctl+0x128/0x14f0
[  316.771693][T12337]  ? __pfx_autoremove_wake_function+0x10/0x10
[  316.771714][T12337]  ? find_held_lock+0x2b/0x80
[  316.771747][T12337]  ? __fget_files+0x20e/0x3c0
[  316.771762][T12337]  ? fput+0x70/0xf0
[  316.771773][T12337]  ? __pfx_binder_ioctl+0x10/0x10
[  316.771789][T12337]  compat_ptr_ioctl+0x6e/0xa0
[  316.771801][T12337]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  316.771814][T12337]  __ia32_compat_sys_ioctl+0x242/0x370
[  316.771829][T12337]  __do_fast_syscall_32+0xe8/0x680
[  316.771847][T12337]  do_fast_syscall_32+0x32/0x80
[  316.771864][T12337]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  316.771878][T12337] RIP: 0023:0xf705d579
[  316.771887][T12337] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  316.771913][T12337] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  316.771925][T12337] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[  316.771932][T12337] RDX: 0000000080000cc0 RSI: 0000000000000000 RDI: 0000000000000000
[  316.771938][T12337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  316.771944][T12337] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  316.771950][T12337] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  316.771964][T12337]  </TASK>
[  316.772033][T12337] binder: 12336:12337 ioctl c0306201 80000cc0 returned -14
[  316.952705][T12351] 9pnet_fd: p9_fd_create_tcp (12351): problem connecting socket to 127.0.0.1
[  317.193337][T12360] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  317.196057][T12360] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  317.207834][T12360] vhci_hcd vhci_hcd.0: Device attached
[  317.229728][T12360] netlink: 'syz.1.1319': attribute type 20 has an invalid length.
[  317.475580][   T10] usb 40-1: SetAddress Request (6) to port 0
[  317.481827][   T10] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[  317.644013][T12364] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1321'.
[  317.786457][T12361] vhci_hcd: connection reset by peer
[  317.788975][ T6183] vhci_hcd vhci_hcd.1: stop threads
[  317.790812][ T6183] vhci_hcd vhci_hcd.1: release socket
[  317.792627][ T6183] vhci_hcd vhci_hcd.1: disconnect device
[  318.891754][T12416] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1330'.
[  319.149522][T12426] overlayfs: missing 'lowerdir'
[  319.151716][T12426] overlay: ./file0 is not a directory
[  319.331121][   T40] audit: type=1326 audit(1767259448.991:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12434 comm="syz.4.1333" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe1579 code=0x0
[  319.394312][T12438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1333'.
[  319.398138][T12438] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1333'.
[  319.961381][T12443] netlink: 'syz.2.1335': attribute type 13 has an invalid length.
[  319.963969][T12443] netlink: 'syz.2.1335': attribute type 27 has an invalid length.
[  320.063063][T12452] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1339'.
[  320.603315][T12467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1344'.
[  320.627110][T12467] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  320.716981][T12468] overlayfs: missing 'lowerdir'
[  320.732691][T12468] overlay: ./file0 is not a directory
[  321.339168][T12477] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1346'.
[  321.590108][T12484] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1349'.
[  321.758352][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  321.769309][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  322.715631][T12503] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1352'.
[  323.155614][ T1415] ==================================================================
[  323.158188][ T1415] BUG: KASAN: slab-use-after-free in handle_tx+0x5a5/0x630
[  323.160510][ T1415] Read of size 8 at addr ffff88802ae99020 by task aoe_tx0/1415
[  323.163978][ T1415] 
[  323.165483][ T1415] CPU: 2 UID: 0 PID: 1415 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  323.165502][ T1415] Tainted: [L]=SOFTLOCKUP
[  323.165506][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.165513][ T1415] Call Trace:
[  323.165518][ T1415]  <TASK>
[  323.165522][ T1415]  dump_stack_lvl+0x116/0x1f0
[  323.165542][ T1415]  print_report+0xcd/0x630
[  323.165559][ T1415]  ? __virt_addr_valid+0x81/0x610
[  323.165576][ T1415]  ? __phys_addr+0xe8/0x180
[  323.165592][ T1415]  ? handle_tx+0x5a5/0x630
[  323.165603][ T1415]  kasan_report+0xe0/0x110
[  323.165619][ T1415]  ? handle_tx+0x5a5/0x630
[  323.165631][ T1415]  handle_tx+0x5a5/0x630
[  323.165644][ T1415]  dev_hard_start_xmit+0x97/0x6e0
[  323.165658][ T1415]  __dev_queue_xmit+0x6d7/0x46b0
[  323.165670][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.165687][ T1415]  ? finish_task_switch.isra.0+0x207/0xbd0
[  323.165703][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  323.165716][ T1415]  ? __lock_acquire+0x436/0x2890
[  323.165726][ T1415]  ? ref_tracker_free+0x37c/0x830
[  323.165741][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  323.165756][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.165771][ T1415]  tx+0xcc/0x190
[  323.165781][ T1415]  ? __pfx_tx+0x10/0x10
[  323.165789][ T1415]  kthread+0x1e4/0x3e0
[  323.165804][ T1415]  ? find_held_lock+0x2b/0x80
[  323.165818][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.165832][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  323.165847][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  323.165864][ T1415]  ? __kthread_parkme+0x19e/0x250
[  323.165880][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.165894][ T1415]  kthread+0x3c5/0x780
[  323.165905][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.165915][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.165930][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.165940][ T1415]  ret_from_fork+0x983/0xb10
[  323.165952][ T1415]  ? __pfx_ret_from_fork+0x10/0x10
[  323.165963][ T1415]  ? __switch_to+0x7af/0x10d0
[  323.165977][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.165987][ T1415]  ret_from_fork_asm+0x1a/0x30
[  323.166007][ T1415]  </TASK>
[  323.166010][ T1415] 
[  323.231840][ T1415] Allocated by task 12482:
[  323.233315][ T1415]  kasan_save_stack+0x33/0x60
[  323.234891][ T1415]  kasan_save_track+0x14/0x30
[  323.236492][ T1415]  __kasan_kmalloc+0xaa/0xb0
[  323.238058][ T1415]  alloc_tty_struct+0x96/0x8c0
[  323.239649][ T1415]  tty_init_dev.part.0+0x1e/0x500
[  323.241289][ T1415]  tty_open+0xa4f/0xf90
[  323.242673][ T1415]  chrdev_open+0x234/0x6a0
[  323.244143][ T1415]  do_dentry_open+0x748/0x1590
[  323.245759][ T1415]  vfs_open+0x82/0x3f0
[  323.247124][ T1415]  path_openat+0x2078/0x3140
[  323.248638][ T1415]  do_filp_open+0x20b/0x470
[  323.250122][ T1415]  do_sys_openat2+0x121/0x290
[  323.251528][ T1415]  __ia32_compat_sys_openat+0x16d/0x210
[  323.253314][ T1415]  __do_fast_syscall_32+0xe8/0x680
[  323.255007][ T1415]  do_fast_syscall_32+0x32/0x80
[  323.256617][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  323.258697][ T1415] 
[  323.259491][ T1415] Freed by task 5942:
[  323.260797][ T1415]  kasan_save_stack+0x33/0x60
[  323.262351][ T1415]  kasan_save_track+0x14/0x30
[  323.263891][ T1415]  kasan_save_free_info+0x3b/0x60
[  323.265531][ T1415]  __kasan_slab_free+0x5f/0x80
[  323.267122][ T1415]  kfree+0x2f8/0x6e0
[  323.268403][ T1415]  process_one_work+0x9ba/0x1b20
[  323.270018][ T1415]  worker_thread+0x6c8/0xf10
[  323.271566][ T1415]  kthread+0x3c5/0x780
[  323.272902][ T1415]  ret_from_fork+0x983/0xb10
[  323.274442][ T1415]  ret_from_fork_asm+0x1a/0x30
[  323.276009][ T1415] 
[  323.276812][ T1415] Last potentially related work creation:
[  323.278685][ T1415]  kasan_save_stack+0x33/0x60
[  323.280222][ T1415]  kasan_record_aux_stack+0xa7/0xc0
[  323.281904][ T1415]  insert_work+0x36/0x230
[  323.283357][ T1415]  __queue_work+0x94f/0x10e0
[  323.284886][ T1415]  queue_work_on+0x1a4/0x1f0
[  323.286440][ T1415]  release_tty+0x4de/0x5d0
[  323.287897][ T1415]  tty_release_struct+0xb7/0xe0
[  323.289512][ T1415]  tty_release+0xe2d/0x1470
[  323.291042][ T1415]  __fput+0x402/0xb70
[  323.292372][ T1415]  task_work_run+0x150/0x240
[  323.293902][ T1415]  exit_to_user_mode_loop+0xfb/0x540
[  323.295625][ T1415]  __do_fast_syscall_32+0x4a4/0x680
[  323.297280][ T1415]  do_fast_syscall_32+0x32/0x80
[  323.298888][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  323.300882][ T1415] 
[  323.301669][ T1415] The buggy address belongs to the object at ffff88802ae99000
[  323.301669][ T1415]  which belongs to the cache kmalloc-cg-2k of size 2048
[  323.306123][ T1415] The buggy address is located 32 bytes inside of
[  323.306123][ T1415]  freed 2048-byte region [ffff88802ae99000, ffff88802ae99800)
[  323.310553][ T1415] 
[  323.311356][ T1415] The buggy address belongs to the physical page:
[  323.313418][ T1415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ae98
[  323.316268][ T1415] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  323.319322][ T1415] memcg:ffff8880244db101
[  323.320666][ T1415] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  323.323200][ T1415] page_type: f5(slab)
[  323.324477][ T1415] raw: 00fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  323.327311][ T1415] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff8880244db101
[  323.329994][ T1415] head: 00fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  323.332739][ T1415] head: 0000000000000000 0000000000080008 00000000f5000000 ffff8880244db101
[  323.335473][ T1415] head: 00fff00000000003 ffffea0000aba601 00000000ffffffff 00000000ffffffff
[  323.338191][ T1415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  323.340912][ T1415] page dumped because: kasan: bad access detected
[  323.343003][ T1415] page_owner tracks the page as allocated
[  323.344794][ T1415] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5949, tgid 5949 (syz-executor), ts 54273832891, free_ts 31566856771
[  323.351552][ T1415]  post_alloc_hook+0x1af/0x220
[  323.353086][ T1415]  get_page_from_freelist+0xd0b/0x31a0
[  323.354880][ T1415]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  323.356822][ T1415]  alloc_pages_mpol+0x1fb/0x550
[  323.358448][ T1415]  new_slab+0x2c3/0x430
[  323.359820][ T1415]  ___slab_alloc+0xe18/0x1c90
[  323.361370][ T1415]  __slab_alloc.constprop.0+0x63/0x110
[  323.363182][ T1415]  __kmalloc_node_track_caller_noprof+0x4d6/0x930
[  323.365239][ T1415]  kmemdup_noprof+0x29/0x60
[  323.366726][ T1415]  __devinet_sysctl_register+0xbc/0x360
[  323.368493][ T1415]  devinet_sysctl_register+0x17b/0x200
[  323.370260][ T1415]  inetdev_init+0x2b8/0x580
[  323.371757][ T1415]  inetdev_event+0xc32/0x1870
[  323.373349][ T1415]  notifier_call_chain+0xbc/0x3e0
[  323.375079][ T1415]  call_netdevice_notifiers_info+0xbe/0x110
[  323.376927][ T1415]  register_netdevice+0x1792/0x21d0
[  323.378631][ T1415] page last free pid 5631 tgid 5631 stack trace:
[  323.380679][ T1415]  __free_frozen_pages+0x7df/0x1170
[  323.382416][ T1415]  __put_partials+0x130/0x170
[  323.383940][ T1415]  qlist_free_all+0x4c/0xf0
[  323.385442][ T1415]  kasan_quarantine_reduce+0x195/0x1e0
[  323.387235][ T1415]  __kasan_slab_alloc+0x69/0x90
[  323.388839][ T1415]  __kmalloc_noprof+0x2f6/0x910
[  323.390425][ T1415]  tomoyo_init_log+0x1385/0x2140
[  323.392027][ T1415]  tomoyo_supervisor+0x302/0x13b0
[  323.393684][ T1415]  tomoyo_path_permission+0x270/0x3b0
[  323.395418][ T1415]  tomoyo_path_perm+0x362/0x460
[  323.396966][ T1415]  security_inode_getattr+0x116/0x290
[  323.398693][ T1415]  vfs_fstat+0x4b/0xe0
[  323.399921][ T1415]  __do_sys_newfstat+0x87/0x100
[  323.401431][ T1415]  do_syscall_64+0xcd/0xf80
[  323.402936][ T1415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.404812][ T1415] 
[  323.405592][ T1415] Memory state around the buggy address:
[  323.407412][ T1415]  ffff88802ae98f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  323.409912][ T1415]  ffff88802ae98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  323.412538][ T1415] >ffff88802ae99000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  323.415110][ T1415]                                ^
[  323.416761][ T1415]  ffff88802ae99080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  323.419300][ T1415]  ffff88802ae99100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  323.421833][ T1415] ==================================================================
[  323.424461][ T1415] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  323.426774][ T1415] CPU: 2 UID: 0 PID: 1415 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  323.430229][ T1415] Tainted: [L]=SOFTLOCKUP
[  323.431677][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.435223][ T1415] Call Trace:
[  323.436357][ T1415]  <TASK>
[  323.437349][ T1415]  dump_stack_lvl+0x3d/0x1f0
[  323.438885][ T1415]  vpanic+0x640/0x6f0
[  323.440204][ T1415]  panic+0xca/0xd0
[  323.441455][ T1415]  ? __pfx_panic+0x10/0x10
[  323.442905][ T1415]  ? check_panic_on_warn+0x1f/0xb0
[  323.444570][ T1415]  check_panic_on_warn+0xab/0xb0
[  323.446377][ T1415]  end_report+0x107/0x160
[  323.448301][ T1415]  kasan_report+0xee/0x110
[  323.449949][ T1415]  ? handle_tx+0x5a5/0x630
[  323.451434][ T1415]  handle_tx+0x5a5/0x630
[  323.452825][ T1415]  dev_hard_start_xmit+0x97/0x6e0
[  323.454468][ T1415]  __dev_queue_xmit+0x6d7/0x46b0
[  323.456050][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.457639][ T1415]  ? finish_task_switch.isra.0+0x207/0xbd0
[  323.459547][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  323.461261][ T1415]  ? __lock_acquire+0x436/0x2890
[  323.462889][ T1415]  ? ref_tracker_free+0x37c/0x830
[  323.464525][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  323.466162][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.467696][ T1415]  tx+0xcc/0x190
[  323.468848][ T1415]  ? __pfx_tx+0x10/0x10
[  323.470212][ T1415]  kthread+0x1e4/0x3e0
[  323.471559][ T1415]  ? find_held_lock+0x2b/0x80
[  323.473089][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.474633][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  323.476505][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  323.478196][ T1415]  ? __kthread_parkme+0x19e/0x250
[  323.479821][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.481309][ T1415]  kthread+0x3c5/0x780
[  323.482669][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.484154][ T1415]  ? rcu_is_watching+0x12/0xc0
[  323.485688][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.487251][ T1415]  ret_from_fork+0x983/0xb10
[  323.488740][ T1415]  ? __pfx_ret_from_fork+0x10/0x10
[  323.490392][ T1415]  ? __switch_to+0x7af/0x10d0
[  323.491926][ T1415]  ? __pfx_kthread+0x10/0x10
[  323.493427][ T1415]  ret_from_fork_asm+0x1a/0x30
[  323.495025][ T1415]  </TASK>
[  323.496820][ T1415] Kernel Offset: disabled
[  323.498272][ T1415] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:24:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff88802320c980
RSI=ffffffff816bac71 RDI=ffffffff8bf2b580 RBP=ffff88804049b540 RSP=ffffc90004487628
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff9088e9d7 R11=ffff88802320d4b0
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b23bd00 R15=ffffed10080936a8
RIP=ffffffff8b755dcf RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000006b2f1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000063400000000 0000001200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=00000000f6479000 RCX=ffffffff8b6c8b96 RDX=ffff888026cd24c0
RSI=00000000f6479000 RDI=0000000000000006 RBP=00000000f6479000 RSP=ffffc90003b17788
R8 =0000000000000006 R9 =00000000f6479000 R10=00000000f6479000 R11=ffff888026cd2ff0
R12=ffffc90003b17a38 R13=ffff888025e043c0 R14=dffffc0000000000 R15=00000000f647afff
RIP=ffffffff8b7893a0 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977fc000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f755c0 CR3=000000004d5f9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000063400000000 0000001200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85301b75 RDI=ffffffff9aed9260 RBP=ffffffff9aed9220 RSP=ffffc90007c2f3d8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000031343154
R12=0000000000000000 R13=000000000000005b R14=ffffffff9aed9220 R15=ffffffff85301b10
RIP=ffffffff85301b9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080001db8 CR3=0000000073ddb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0009000000010000 0000000000000201 0a030000002c0000 0000307a79730001
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000004010a060000 009800000000327a 7973000300090000 0000307a79730001
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 61740001000b8001 00588004005c0000 0000400b00080000 0001000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8860b5b2d42d418 ed4ce8efc1c53d84 ad5f000300308002 0048000074656772
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000010008000e 8002010000000806 06015cae0808000e b0030008000ea803
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000ea0030208 000e98030ad00800 0288030000004002 0008000000005441
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e53000100090b5a 8a066ff5cc39e0a5 a269f09a35551e9f 1441ead2d3581944
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8860b5b2d42d418 ed4ce8efc1c53d84 ad5f000300308002 0048000074656772
ZMM25=dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13 dad86b13dad86b13
ZMM26=5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881 5e0fa8815e0fa881
ZMM27=932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1 932fd0f1932fd0f1
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000 ee0a0000ee0a0000
info registers vcpu 3

CPU#3
RAX=000000000088fe21 RBX=0000000000000003 RCX=ffffffff8b7576d9 RDX=0000000000000000
RSI=ffffffff8daca5cd RDI=ffffffff8bf2b580 RBP=ffffed1003b59000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a673d R10=ffff88802b5339eb R11=ffff88801dac8b30
R12=0000000000000003 R13=ffff88801dac8000 R14=ffffffff9088e9d0 R15=0000000000000000
RIP=ffffffff8b755dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c36ad3b CR3=0000000073ddb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002000000100008 0000000000000004 000c001a00100000 0014010000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000c000000080004 001c000e00000000 0000000000000000 0548000000200000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0161000000004db9 7600000000140000 001c0000000e0014
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000000140000 00280000003c0000 0050000000640000 00780000008c0000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00a4000000bc0000 00d4000000ec0000 01040000011c0000 01340000014c0000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01640000017c0000 0194000001a80000 01c0000001d80000 01ec000002000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0220000002380000 024c000002600000 0274000002880000 02a80000001e0000
ZMM24=a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad a75d2fada75d2fad
ZMM25=f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9 f863bab9f863bab9
ZMM26=3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee 3bd96fee3bd96fee
ZMM27=adc76610adc76610 adc76610adc76610 adc76610adc76610 adc76610adc76610 adc76610adc76610 adc76610adc76610 adc76610adc76610 adc76610adc76610
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=3312000033120000 3312000033120000 3312000033120000 3312000033120000 3312000033120000 3312000033120000 3312000033120000 3312000033120000