last executing test programs:

7.913396361s ago: executing program 1 (id=1924):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60180c02400a000000053582c137153e", 0x23}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYBLOB="000128bd7000fecbdf5c0d000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xb}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x8000000000001de, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000ffff00000000000000040000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200007d18c55932c62572030000008500000006000000554a0800"], &(0x7f0000000480)='syzkaller\x00', 0x6, 0x6e, &(0x7f0000000580)=""/110, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x4, 0x82, 0xffffff80, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x3, 0x1, 0xc, 0x8}, {0x3, 0x1, 0x2, 0xb}, {0x5, 0x4, 0x1, 0x1}], 0x10, 0x1}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000380)='hpfs\x00', 0x2208004, 0x0)

6.880058025s ago: executing program 1 (id=1930):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f00000000c0)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x60d0, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
socket$can_j1939(0x1d, 0x2, 0x7)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x11c4, 0x10, 0x0, 0x16}, 0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r1, 0x3512, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x8de, &(0x7f0000000640)={0x0, 0x1b7, 0x800, 0x1, 0x28a}, &(0x7f0000000440)=<r3=>0x0, &(0x7f0000000540)=<r4=>0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000feffffff000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7070000000000008500000086000000850000005000000095", @ANYRESOCT, @ANYRESOCT=r0, @ANYRESDEC=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r7 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000080)={r8, 0x0, {0x0, 0x0, 0x0, 0x8, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}})
syz_open_dev$loop(&(0x7f0000000040), 0xffff, 0x20080)
r9 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_off}, {@xino_on}]})
setsockopt$inet6_int(r9, 0x29, 0x2, &(0x7f0000000040)=0x10040a4, 0x4)
sendmmsg$inet6(r9, &(0x7f00000002c0)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x40, @local}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r9, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0xdb30}], 0x1, 0x40002042, 0x0)
ioctl$LOOP_CLR_FD(r7, 0x4c01)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0xe, 0x0, &(0x7f0000000580)="e02742e8680d85ff9782762f86dd", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})

6.588487447s ago: executing program 1 (id=1933):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000ee10ae8980d5d202880aa427b914a90000000000af00c0ff000000009500000000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0x33)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x0, 0x7, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_REAPURBNDELAY(r4, 0x4004550d, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x0, &(0x7f0000000400), &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12)
ioctl$KVM_GET_PIT(r5, 0xc048ae65, &(0x7f0000000080))
socket$kcm(0x10, 0x2, 0x0)

5.113666851s ago: executing program 2 (id=1939):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000000000000000000000850000002e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1a, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000030000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x3}, 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0xfe, 0x0, &(0x7f0000000440)=""/254, 0x2f00, 0x0, 0xcc, 0x13c, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a9", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5", 0x2, 0x0, 0x10000}, 0x4c)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r2 = gettid()
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000940)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_subtree(r4, 0x0, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
tkill(r2, 0x11)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x1, r6})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000800)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000880)=""/68})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000a40))
ioctl$VHOST_SET_VRING_ERR(r5, 0x4008af22, &(0x7f00000002c0)={0x1, r6})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

5.102755441s ago: executing program 3 (id=1940):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000020a28000000000a0101007ca7005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000173797a30000000000900030073797a32000000001400000011000100"], 0x7c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x11, 0x3, 0x0)
r4 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r4)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00')
writev(r5, &(0x7f0000000680)=[{&(0x7f0000000540)="0de85c85ad6951e1e9e850", 0xb}, {&(0x7f0000000300)="adeed000d9b2393ccb", 0x9}, {&(0x7f0000000580)="383078dc90127edd92bb0861d1252123206f4f56cf5813bd593fa2647d8b0d178475c81ccaae1d3fe28b662aaaf32b7f4fd92fde9e062a3e61c71861499a9dcbd629135407a7", 0x46}, {&(0x7f00000006c0)="1fc9cef47edc0f9168950001ba102240005f8657d4ce8aad7d6699635af020076099867f0b72534f48e1f6ff11de4f44f9253a1da46c713b233cacd70c395f327785eaaa4b49404f8a4dc0b4b96140d637d3bd5b60418d8f8e18f9d145264ed00443728f7b2c632f93083a084b7b81d6097a76f664ffddb63d7acff5", 0x7c}, {&(0x7f0000000e80)="c8180b13625f033ee24214dabcf545d5f46f947d983211957cfbeedb27d1106a9911cff156102b57f3ac220b04f7db2c70cd57e3638e51ae5243d09fe1c6768f7cf41abd7f55f0fd27242ae81454264df2a3b1403fcd9f6066a53298429cbdac0d65c443c9a42e2539319a1dd409ff836b5f91d0ac7c6f0e1c5dda1cc7a77b020f213ebb0412edd26004857ac699f54ee87eb447a1ffd450961320566621401b8f8b6b29001659a8b2d3502c49afe3aa128da3318cd39162e71fc87034f7100671b0098bfdbe3b3340c260f0c8360ffbbe6e224a45a65a7348416192a8bf31d21463a7c21d49b685946b94e65fb72b58035d62d08ccb2d0cdea078298fdc91f575eae4e130968f4895a468b300d9b794d12c65d7ddfb0f80d1771f1e4d4112ffd95530dd2474c40cf8403829ef53184bae20f6d48edf786052b5f153d81339e4b59465eff19cdfca417a88eaace29ded3bd1be0819dc8b7fa8e44a6c073dc2eb813a118eb3a01fa116d413ef81d81858dc4771bb24876c6d68fde11456dce68f8a8b2485dc4ce745f9146687fb26b4555dbe4e0a6730582502d8e0168c45778709f1e0856dc223f5c0e66af0af7ade995b31efe9b50e2edd1e7bf01bda67eec63578b84e24b852e13c17fe67775f3672ce891253259b89125c53176798dff88c1b873c17c821b6ebdbdd41624db8e271d373e9fe96ebd36402fa04f74150d833b89de4e1dbff1e7c55bf96773b6d2cd6ee9b2501869d08ca6cd25140c03939e90c57171022263b5f0b1e37d4d8af81e837ac138c3d6602549b1039096f16a1e850f292854fba43a8f35beff99f53940fee300a5b54f1799607bc4a7d1bdba3650547e520681d1b6ec1bcbe07614d12b65a16b7aac1c4369c9c05af3ac09242b26aac39c7cc4fdf601a8a09e50c3208575de16f87142dfb3989cab3484e72b53149777bcd5f582d804a2dc0f56bb3926a2bbb311f530d23899af37fad8c6c27ecff1f75b98de333680eb898c424daea5926c74964cb94c66e3e1633c50ef36145940d451665126dea17e2cdde018d2ee00acfcfde169d724dfefc34a8848dd472fc3e9cea15ef94863753264da725faeac05cce70b46d61069c1d30ca6e4c749d87f72622bfc2d0488dccc21977cf35f7582fa15cb77c9a84a06cb1df930a82964cde6f31d5f4eb96bf30f799c19b6ea546b2c21f517cc721486b857ed6304909f9d2113bf1e33a0f3b70704a57d37075926b1ec21c779dece5e1db0b48744deb0c8bf3dc1f85d02edcd42f9f8ed9ddf1d26180c7a745b031150bdde1f94516beecc2d16124f4f73cb411b4602bec5ff102078095aaebd7d5649599c8322d9e14a43c4ae5bf73ae3a5eaee20085a5c5033470db9a40fa509b65f0cdefa00b6974e54a4d25b0b2dabf83a59e2fecc348be03e217ad46bd3870c2f8f85a23781538d1ea543da03992333369ede32262272fa3ec2852f843cdb201276e01b496eb306378aaf328064e9d1e9a84a829a4be4227994b4bbe49d42d9ba4335af96f5c507f95466a7e6d677662e2cfff98767b550a36dd051ca958ee91c32738e99acf26422a949e1e6ff91ce1dee3c1eb020637a41ed397d9f9ada6e18db1308490bd7ccca97b41e958d7a80b1cb5b3bbca5d84981f18304221da6c3f16de9fb52fc22ee365e6cf82eaeda38d05057c358d5404eff71d25539d8afff9ff8ed03bcf526539e728e8b2c5599992229cfb1544e4f92a5be60ba9f60f4a3f0ee9a392c85830b06d38a7ea1f5a6b266ed6d921a963c65655d16153abec638a36eeeda1a1f492367faf7705743d829d83ed640db6e240f3020aa84bc4c32d26b2167a50494f264f19a5b5352cabdb6b9aec93db9fef11f8acdc7688ee758db45260939b8bea524f6dafb05d2c33eb10698234e8274f661f4f735d07f1ba6673968b538d6de87894a620f2f5b12f8f41b811cf5de4858f82119a480b7f76953a11a8520d5fa08d2fcb41925aaa423a73a4a62800b98715ab6e0633bd83dd7715bdfc49be3d61a9620750ed242db7999c37af9f3a24d508e1a684374c490c350f1283dcad7e974ed600320f098dadc6706a49e5a3ab44e4d058aa45604fb23e7a6d2ee56f6230f0851d3705917a24ec1f6ead777d70b92b913035dfed9a5170760450cf1f3868508827b6f5564be8a0743e971ad90193f69ab6145a62dd4aa217374b1f92acca877c3de8ca1bf9fe21dc09b29b1f154d84972ab3e6b086c711cc39898d9f4413d55c45d28d2862aef83253824c56e449ed35661af66e969cf5e409c3a5adfd5f2051748d13979a24edd06079aeb6b59c8c65bcf81836c26331b7afb9c6654915e8082d05c24f591d9530beb9d2f6cca2c8267b1600db2ed7dddfa6fea0975d0a07aaf2d885a025fa3f5ae4bc94bf39936be0400d6d977d1b495dc46f993a094b18327544a2a74566ed13f3d46fdeb3b63c6da9980b09b6348f53219bce756028108e4c99939d37f8be5b2f21e9afcde7c8109d4e79266be66402fd0e63a73f9e9d907700b7cada3edf757c81855d733c5747a64d0993e04be2a0030fd2e92c66ccdec39ec61fbb76ddc4b432616476a6f5e2624891c02b443d2fc5ac45637845fdf1cfd29d060bf1ee80a212ab36020b692a2ea7263815c6382f214024ee4a777f6ce4dd206bac183a78d16dd15b903d53235b1dd8d75ac74ba0e6dacaf805dceca50a722e44e29ececba3439565555a0d95e4a38db1c4e7d2e79052555de01ef135d62b742c0e1ae84661dbe7c7e7c32a571d4fe0765b8c6dd5e5374a01a8b227110033021ec60d5c016e93cd7dbf99ce29cdbe50221edaa0ffbc45e1cf7f40e607af3cf2b54bf1a733f9499c88fd76d47e957f57177aae0e7b5778df2710774ad0608b73a7de04829bb29d48877c47804415af4c00d7104ef1f9582e04f4c213587ab6569741a7bb4ce9e9b27e2d1136248808fe16d1faf04af399a2c494672b121a68da0ce51863acdd3c2ab51da3d62e27afbf38587b68f2d07131e39f539491e124fd7121b53b77c63b1a2582411136813e40fdb64e3071c4f1ff7d2617b9900b2639d2d67ca4545381fadf458a731659f123b40cf36a075531e2da792ab7536871ccf05fbd1a256adda83aa7ce535850cd990ac904fef1090788e42708159ee531e67a9b485ccd4f93edff9e3417e40a196ac482f7c40cbb34f81693a8a1fb2e900eaa40b30a5fb98e3cad714867611daf17218d29d14e329ae1f9920520c6571a1f7d12ba09f238ec3819ba7b578adece22f0c22761460b4bd752d3947af588b8579267c42341c66837e1ba302fbdf085bf0dcbd0fadce7b85f13a73da082be1ca6360f8f55206cdc4970ab5d77c961938f45f24a1b60ba40e46953bb344e2ede7a9a7637f0e57356cfa520f69a3bdfebb8debd03553e869825468b4e1fd4d4475efc739313e4a4255676231bfa1cd99de6641613ac690198e57225437b43e8f7f72ea6fa730c1a0067e5e5e255e5fb8eaae1b698ec3b668eccf3b1273b383670384623037dd05fda6319217a2b71bcbe094142e6e942a8198bf3db8ada2257395d4c6351c3684f50994d71a03d869fbc41d391129b9bb10eec1ccc637d3d8c91dc263c756f33291961c8bcbc5d3e1537917a097f8fee2a82ede0cbe28d58bde0ede9fd1f29d0dad8c997eca1be47b4d9da756d07c4df86a737b722a038dff9e33b0bff7303f42683405d897bbc3502153421e51d0bac984b045ae7f52ed855d43a6d4a75e5cdfe03c860b1d3ff49fe7bdf51aac429e93da15ac367334e14f13683f985784f3f2839175257c273a8ddd35e30f764dd067d47e9ebde4f2e1485b3a9cc7d7ac089a62b4d0316fc71a3f3a82f4fa90fed447e4ce406387a743709f800cb97f10fb27780b34e34c35dbc77776dee94537541c15e588a31db0b3797f590dfbde63b3cc4a2f9d07d4fa134137aee6a40cd591999322b127828f4a6f86caca090ab3705795a4993eb20bbcd0a269ca52b3a67793ab2fd89d0d25b426ffcb22dc3664ddf8118828c15e3c7987128a56fe1c22ce404d2ef5d3f8d9dedd7c2831b2878677d6ec255a9ff8901558e1105c834d0c1358e077dd363a9411350229346dbee104398d065bed63f800ca778c5fd95acbcf019d6569cf52bc98801550e4616ce06ef52758315f497f03f9ab1434fc97f5537f8874cbe90f74532c483096dc04c8449e3c6b7944856198fa714f99c1698db7bca8a95a1bf4a4ba0816d43a6869af4609a4df205fdd2b55422c1d7bdcfed30964b9cc73f9d53983204d673e181a7381a6617d57ca52bf8e4d57e59a7f36a503dd5aa151e14f9928a2b0aa89465b4da731a011711f5ce0eef34a24e62397ce69d93454dfaba2659f23e436cbfa8a80bc6549ecb1e03fc431700783df414ada9f6f80d0c5d17f0051ed2ce7408c0a52a7c359e2061fd7c143ca91995142dc314198c5adf220c7dc78ee76a38413ea303ea4eefd03990c0e8574be29d9dc66bdc3bc686b130a063973eed9462c21cbe7c96c9e36d423db4727d61dcca7b4edaad8d968a2ca5b62c76ea23d5bc42c2cd737bbb39e5d63a4c2d4748f9a4ee8acbf91d95e7209f8a772e6f64e2814412fc66d97e93eb4675be94491b61beed6baf833102f5115a384ce7a68aa6ba5d351e2d58cf63ee1f0210fc750562066a455fadb6615002b3cbd43f7d987f4ad721b3f4f66823ae2c1a859c85325a5951a452f858c0fe084f8b6a0517e7356ee654482f5e1e479381be17e3d169ab3100131eeacc25ac28fcfa0f34da0c9158fbdb4fea6d99f2de89acb8241899c038b4d519bec4ae61b1998af1220ca956b926bf65c88d73d5edcb43c84bd1b58310637ca61d3e9d4c79a10cec025754fd0f6103134a5e534813c61467fc08669204438549a38169b840accfdaa14a40e4f7f3f4b5571c50ec332b2fb78205fb289ef01383020282380d48807c607e69db3f80dd9b0f92eefaa5f6de0a84d6e729df16f0ceec7fafd42fe1713e47969f2aa7d5bb719ed6a7850a06f1298b8157cdf584dc8a5526e01c217e174742c1f90fcfc7b7caa9917d19e54b09e564e791921b616ffc2ebf80fec46d7665251ef37601e0ec98b393a6b203052240be28d9bff23dd484df7afbe68730d55649e7a7dc8cb3a84b3851e4fb28ce28f2f3095866384b662b8cc018ae10f2833f424f2341559e69b08dd8c6c572a76798e157aff8b9f3a3a6035cd2c0d0a8f29cbb89152143b90c876d71dc696b7c9d4f0403d092f2230eac0a436b5fa62ab61986ced7da9bc4e8afc5d9208a193e29e4174b63d6f824b608cee4762f0f40a9f6466a70336add94176e51f253719d0868d3ac60077805ebb9d6d6199f2b465a7548716b49ecfcd56d65b6631c176d95e4bca9726aa6f5af69fe3560d32bc1326814af571410b7515006105fc5f35ccb458f8aba9dfe5a92b0e83f789eb86fc33854c9ca13d62e5dd5d6ad526c443a2c0baf417fb2636c8f6fcab588b80d3c520ae649ce941c285c01ddafdee9068941d1cb4f49ae47d21356019aa1e7aef4a2686f8c89a33d5aff5a21f5e3c6db2b7820c575aa7c93f9f061094ed7ce15fd126db0c98c1ede0d3bd20422a465428ec0d56d2434462256d7f654931e0566658cd2291194288dce73f91aa33549e952e3da321f8f0f8f71dea774743ad223a3304cf0c1a11dfcb88a7f9542b964fb5209f4c8fbed8097e683b2550b9e6bf47e8a0bc027aa6f687b1935172a1f2c663fae577eae046f8d714578eecf6fa3c8e747372f", 0x1000}], 0x5)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb0800450000280000000000059078ac141400e000000100000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="68000000907809f1"], 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(generic-gcm-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000500000005000000003000000000000000400008d"], 0x0, 0x6b, 0x0, 0x1}, 0x28)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c000000030601080000000000000000030000080500010007000000f85e44d4d8ab38be406b639013fcb1eafd0555ec8fa703c3faf02e5eb98cd457512d62ae874ad7a533c2c3e056f9bf1532684e73ecbee93e87db56508927df1b409028c523924324200816788d52aaf5fd27bf7692b650923fac95fc6725de96a8a61a0f086009099f1dbd"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x44084)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newlink={0x74, 0x10, 0x400, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x74, 0x0, 0x1810, 0x55007}, [@IFLA_LINKINFO={0x54, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x3c, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PROTECT={0x5, 0x6, 0x1}, @IFLA_BRPORT_BCAST_FLOOD={0x5, 0x1e, 0x1}, @IFLA_BRPORT_PROTECT={0x5, 0x6, 0x1}, @IFLA_BRPORT_MCAST_FLOOD={0x5, 0x1b, 0x1}, @IFLA_BRPORT_VLAN_TUNNEL={0x5}, @IFLA_BRPORT_MCAST_TO_UCAST={0x5}, @IFLA_BRPORT_BACKUP_PORT={0x8}]}}}]}, 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x0)
unshare(0x40020000)

4.932001026s ago: executing program 0 (id=1941):
socket$can_raw(0x1d, 0x3, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000100)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2}, 0x94)
mq_open(0x0, 0x80, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000200)=ANY=[])
r1 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, 0x0)
socket$netlink(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x8)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0x2, 0x5, 0x7, 0x3, 0x1, {0x400000080001, 0xff, 0x20ff, 0x8, 0xe, 0xd615, 0x9, 0x3, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x6}}, {0x0, 0x13}}}, 0xa0)
r3 = openat$cdrom(0xffffff9c, &(0x7f0000000480), 0x2800, 0x0)
ioctl$CDROM_MEDIA_CHANGED(r3, 0x5325, 0x7)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080), 0x7f03)

4.173013847s ago: executing program 1 (id=1942):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x24}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4051}}], 0x2, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
socket$inet6(0xa, 0x3, 0xfa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
connect$unix(r4, &(0x7f00000005c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

4.101947832s ago: executing program 2 (id=1943):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_IOEVENTFD(r2, 0x40a0ae49, &(0x7f0000000080)={0x5})
ioctl$F2FS_IOC_COMPRESS_FILE(r0, 0xf518, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x1100, 0x1fe00})

3.937495881s ago: executing program 0 (id=1944):
socket$nl_route(0x10, 0x3, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3, 0x0, 0x401], 0xeeee8000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 2)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, 0x0, 0x20008040)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x700000000000000, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

3.7760357s ago: executing program 2 (id=1945):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x2)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pselect6(0x32, &(0x7f0000000100)={0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x10000000000, 0x1000000002, 0x0, 0x0, 0x6}, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000300)=[<r3=>0x0], &(0x7f0000000140), 0x1, r2})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a98000000060a0b040000000000000000020000006c000480680001800a000100696e6e65720000005800028008000240000000840800034000030007080004400000000f0800014000000000340005800c0001007061796c6f6164002400028008000340000000b908000240000000040880014000000014080004400000004b0900010073797a30000000000900020073797a32"], 0xc0}}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0xa, 0x4e24, 0x6, @mcast2, 0xf}, 0x1c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x4, 0x6}, 0x50)
bpf$BPF_GET_MAP_INFO(0x4, &(0x7f00000001c0)={r6, 0x58, &(0x7f0000000140)}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002ac0)=@o_path={&(0x7f0000002a80)='./file0\x00', r6, 0x4000, r0}, 0x14)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x1, r8, 0x1, 0x1, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r7, 0xc01064c8, &(0x7f0000000380)={0x3, 0x0, &(0x7f0000000340)=[0x0, <r9=>0x0, 0x0]})
futex_waitv(&(0x7f0000001fc0)=[{0x1, &(0x7f00000003c0)=0xff, 0x2}, {0x1, &(0x7f0000000400)=0x7, 0x82}, {0xffffffff, &(0x7f0000000440)=0x8, 0x2}, {0x9, &(0x7f0000000480)=0x81, 0x82}, {0xaea60b8, &(0x7f00000004c0)=0x7, 0x82}, {0x9, &(0x7f0000000500)=0xe, 0x2}, {0xd, &(0x7f0000000540)=0x60c7, 0x82}, {0x5, &(0x7f0000000580)=0xfa71, 0x82}, {0x4, &(0x7f00000005c0)=0x3, 0x2}, {0x0, &(0x7f0000000640)=0x7, 0x2}, {0x10001, &(0x7f0000000680)=0x353, 0x82}, {0x0, &(0x7f00000006c0)=0xffff, 0x2}, {0x1, &(0x7f0000000700)=0x4, 0x82}, {0x8, &(0x7f0000000740)=0x9, 0x82}, {0x400, &(0x7f0000000780)=0x7, 0x2}, {0x0, &(0x7f00000007c0)=0x7, 0x82}, {0x2, &(0x7f0000000800)=0x2, 0x2}, {0x5, &(0x7f0000000840)=0x4, 0x82}, {0x9, &(0x7f0000000880)=0x89, 0x82}, {0x200, &(0x7f00000008c0)=0x9, 0x82}, {0x4, &(0x7f0000000900)=0x80000001, 0x82}, {0x5, &(0x7f0000000940)=0x1, 0x82}, {0x4, &(0x7f0000000980)=0x5, 0x2}, {0x7, &(0x7f00000009c0)=0x3, 0x82}, {0x80000000, &(0x7f0000000a00), 0x82}, {0x8, &(0x7f0000000a40)=0xfffffffffffffffa, 0x2}, {0x9, &(0x7f0000000a80), 0x82}, {0xfffffffffffff73e, &(0x7f0000000ac0)=0x57, 0x2}, {0x6, &(0x7f0000000b00)=0x5, 0x82}, {0x80000000, &(0x7f0000000b40)=0x81, 0x82}, {0x7, &(0x7f0000000b80)=0x3, 0x2}, {0x6, &(0x7f0000000bc0)=0x7, 0x82}, {0x63, &(0x7f0000000c00)=0x9, 0x82}, {0x8, &(0x7f0000000c40)=0x4, 0x2}, {0x8, &(0x7f0000000c80)=0xa, 0x82}, {0x8, &(0x7f0000000cc0)=0x100, 0x82}, {0x8, &(0x7f0000000d00)=0x9, 0x2}, {0x7, &(0x7f0000000d40)=0xa, 0x2}, {0x400, &(0x7f0000000d80)=0x3, 0x2}, {0x1ff, &(0x7f0000000dc0)=0x3, 0x2}, {0x5, &(0x7f0000000e00)=0x8, 0x82}, {0x9, &(0x7f0000000e40), 0x82}, {0x0, &(0x7f0000000e80)=0x3, 0x2}, {0xf, &(0x7f0000000ec0)=0x80000000, 0x2}, {0x8, &(0x7f0000000f00)=0x7, 0x2}, {0x2, &(0x7f0000000f40)=0x1, 0x82}, {0x7, &(0x7f0000000f80)=0x9, 0x2}, {0x6, &(0x7f0000000fc0)=0x7, 0x2}, {0x8, &(0x7f0000001000)=0x5, 0x2}, {0x7, &(0x7f0000001040)=0x9, 0x82}, {0xfffffffffffffff9, &(0x7f0000001080)=0x6a2800, 0x2}, {0x40000000000, &(0x7f00000010c0)=0x4, 0x2}, {0x8, &(0x7f0000001100)=0x3}, {0xffff, &(0x7f0000001140)=0x8, 0x82}, {0x7fffffffffffffff, &(0x7f0000001180)=0x7, 0x82}, {0x7, &(0x7f00000011c0)=0x8, 0x82}, {0x7ff, &(0x7f0000001200)=0x2, 0x2}, {0x8001, &(0x7f0000001240)=0xfff, 0x82}, {0xfffffffffffffff9, &(0x7f0000001280)=0x1916b7ac, 0x82}, {0xd2, &(0x7f00000012c0)=0x84f, 0x2}, {0x8, &(0x7f0000001300)=0x3, 0x2}, {0x2000, &(0x7f0000001340)=0x4, 0x2}, {0x8, &(0x7f0000001380)=0xffd, 0x82}, {0x7, &(0x7f00000013c0)=0x93, 0x2}, {0x2, &(0x7f0000001400)=0x1, 0x82}, {0x9, &(0x7f0000001440)=0x7, 0x82}, {0x27, &(0x7f0000001480)=0xe00000, 0x2}, {0x8, &(0x7f00000014c0)=0x4, 0x82}, {0x8, &(0x7f0000001500)=0x7fffffff, 0x2}, {0x4, &(0x7f0000001540)=0x81, 0x2}, {0x800, &(0x7f0000001580)=0x7, 0x2}, {0xffff, &(0x7f00000015c0)=0x1ff, 0x2}, {0x101, &(0x7f0000001600)=0x100, 0x2}, {0x7, &(0x7f0000001640)=0x9, 0x2}, {0xa3c2, &(0x7f0000001680)=0x6, 0x86}, {0xffff, &(0x7f00000016c0), 0x82}, {0x100, &(0x7f0000001700)=0x7, 0x82}, {0x0, &(0x7f0000001740)=0x94, 0x82}, {0x6, &(0x7f0000001780)=0x7, 0x82}, {0x2ff1, &(0x7f00000017c0)=0x4e4, 0x4}, {0x7, &(0x7f0000001800)=0x3, 0x2}, {0xfff, &(0x7f0000001840)=0x2, 0x2}, {0x4, &(0x7f0000001880)=0x400, 0x2}, {0x1, &(0x7f00000018c0)=0xf, 0x2}, {0x8f9, &(0x7f0000001900)=0x7, 0x2}, {0x7, &(0x7f0000001940)=0x6, 0x82}, {0x84, &(0x7f0000001980)=0x1, 0x2}, {0xfaa, &(0x7f00000019c0)=0x9, 0x2}, {0x5, &(0x7f0000001a00)=0x7fffffffffffffff, 0x82}, {0x5, &(0x7f0000001a40)=0x9, 0x2}, {0x6, &(0x7f0000001a80)=0x2, 0x2}, {0x5, &(0x7f0000001ac0)=0x7, 0x82}, {0x2, &(0x7f0000001b00)=0xa8, 0x82}, {0xd9, &(0x7f0000001b40)=0x5, 0x82}, {0x4, &(0x7f0000001b80), 0x2}, {0x1, &(0x7f0000001bc0)=0x9, 0x46b3c862e4ee0d0b}, {0x1, &(0x7f0000001c00)=0x2, 0x2}, {0x7a, &(0x7f0000001c40)=0x8000, 0x2}, {0x80000001, &(0x7f0000001c80)=0x226e, 0x2}, {0x80000000, &(0x7f0000001cc0), 0x2}, {0x8, &(0x7f0000001d00)=0xb, 0x2}, {0x7, &(0x7f0000001d40)=0x106d, 0x82}, {0x8000000000000001, &(0x7f0000001d80)}, {0x3, &(0x7f0000001dc0)=0xffffffffffffffff, 0x2}, {0x4f3, &(0x7f0000001e00)=0x1, 0x2}, {0x8000000000000001, &(0x7f0000001e40)=0x4, 0x2}, {0x1, &(0x7f0000001e80)=0xb51, 0x82}, {0x7, &(0x7f0000001ec0)=0x9cf3, 0x83}, {0x8ab, &(0x7f0000001f00)=0xfff, 0x82}, {0x1, &(0x7f0000001f40)=0x4, 0x2}, {0x4, &(0x7f0000001f80)=0x3, 0x2}], 0x6f, 0x0, &(0x7f0000002a40)={0x0, 0x989680}, 0x1)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000140)={0x401, 0x3, &(0x7f0000000180)=[r8, r8, r9], &(0x7f0000000600)=[0x2], &(0x7f0000000040)=[r3, r3], &(0x7f0000000580), 0x0, 0x400000})

3.574195867s ago: executing program 0 (id=1946):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3.573933163s ago: executing program 0 (id=1947):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r2, r2, 0x2f, 0x2000, 0x4}, 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x4c, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
syz_clone(0x1010000, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
sendfile(r7, r7, 0x0, 0x40008)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})

3.221609479s ago: executing program 3 (id=1948):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60180c02400a000000053582c137153e370248078000f01700d1bd", 0x2e}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="000128bd7000fecbdf5c0d000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xb}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x8000000000001de, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r6, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000ffff00000000000000040000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200007d18c55932c62572030000008500000006000000554a0800"], &(0x7f0000000480)='syzkaller\x00', 0x6, 0x6e, &(0x7f0000000580)=""/110, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x4, 0x82, 0xffffff80, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x3, 0x1, 0xc, 0x8}, {0x3, 0x1, 0x2, 0xb}, {0x5, 0x4, 0x1, 0x1}], 0x10, 0x1}, 0x94)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000380)='hpfs\x00', 0x2208004, 0x0)
sched_getattr(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r8, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r8, 0x400448c9, 0x0)

2.780895652s ago: executing program 2 (id=1949):
syz_io_uring_setup(0x438, &(0x7f0000000400)={0x0, 0xc459, 0x8, 0x2, 0x3c9}, &(0x7f0000000040), &(0x7f0000000a40))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mlockall(0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect$cdc_ncm(0x5, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x11, 0xf0, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x0, 0x3, 0x3}, {0x6, 0x24, 0x1a, 0x401, 0x29}}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x8, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x1d, 0x2, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x26, 0x0, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r3, 0x41015500, 0x0)
r4 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmctl$SHM_LOCK(r4, 0xb)
shmat(r4, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
shmctl$SHM_UNLOCK(r4, 0xc)
ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0186405, &(0x7f0000000140)={0x3ff, 0x4dd6, {<r5=>0x0}, {0xee00}, 0x10000})
ioprio_get$pid(0x2, r5)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz1\x00', 0x200002, 0x0)
r7 = openat$cgroup_type(r6, &(0x7f0000000100), 0x2, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r8, 0x800000000000)
syz_open_dev$radio(&(0x7f0000000200), 0x1, 0x2)
read(r7, &(0x7f0000000040)=""/146, 0x92)
getdents64(r0, &(0x7f00000005c0)=""/130, 0x82)
read$FUSE(r0, &(0x7f0000000c80)={0x2020, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}, 0x2020)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRESOCT=r9, @ANYRES64=r0, @ANYRESHEX=r0], 0x50)

2.536689786s ago: executing program 1 (id=1950):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000ee10ae8980d5d202880aa427b914a90000000000af00c0ff000000009500000000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0x33)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x0, 0x7, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_REAPURBNDELAY(r4, 0x4004550d, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x0, &(0x7f0000000400), &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12)
ioctl$KVM_GET_PIT(r5, 0xc048ae65, &(0x7f0000000080))
socket$kcm(0x10, 0x2, 0x0)

2.383496311s ago: executing program 0 (id=1951):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60180c02400a000000053582c137153e", 0x23}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYBLOB="000128bd7000fecbdf5c0d000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xb}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x8000000000001de, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000ffff00000000000000040000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200007d18c55932c62572030000008500000006000000554a0800"], &(0x7f0000000480)='syzkaller\x00', 0x6, 0x6e, &(0x7f0000000580)=""/110, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x4, 0x82, 0xffffff80, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x3, 0x1, 0xc, 0x8}, {0x3, 0x1, 0x2, 0xb}, {0x5, 0x4, 0x1, 0x1}], 0x10, 0x1}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000380)='hpfs\x00', 0x2208004, 0x0)

2.140767004s ago: executing program 3 (id=1952):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
connect$l2tp6(r1, &(0x7f0000000240)={0xa, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x20}, 0xa}, 0x20)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000480)={'veth1_macvtap\x00', {0x2, 0x0, @empty=0xcf050000}})
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000180)={0x1a, 0x0, 0x1, 0x8, 0x0, 0x0, @remote}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x3eb1, &(0x7f0000000080)={0x0, 0x8003fde, 0xc00, 0x10, 0x147})
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
preadv(r6, &(0x7f0000001cc0)=[{&(0x7f0000000200)=""/130, 0x82}], 0x1, 0x0, 0x7f)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x82)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x2, {0x3, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x1000, {0x0, 0x0, 0x20, 0xfffffffffffffffd, 0xf5, 0x0, 0x0, 0x0, 0x7, 0x2000, 0x2, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000200)={0x7, @vbi={0x1, 0x4, 0xdee, 0x30395056, [0x1000008, 0x7], [0x16, 0x1005], 0x2}})

1.467374799s ago: executing program 0 (id=1953):
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d2200000000000001090224000100000000090400000103000000092100000001220500090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a140000001000010000000000000000000084000a789a5260ad5e3ad67f"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185)

1.179479438s ago: executing program 3 (id=1954):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

1.006652362s ago: executing program 2 (id=1955):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x808, 0x0, 0xffffffffffffffff, 0x6}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="6d706f04ca3d62697f643d7374617469632c000000000000"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

287.60818ms ago: executing program 3 (id=1956):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./bus\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xa)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000300)={[{@uid={'uid', 0x3d, r2}}]})
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r4 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
bind$netlink(r7, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r7, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r8, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x44}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r12, r12, 0x2f, 0x2000, 0x4}, 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()

205.400257ms ago: executing program 1 (id=1957):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60180c02400a000000053582c137153e", 0x23}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="000128bd7000fecbdf5c0d000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xb}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x8000000000001de, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r6, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000ffff00000000000000040000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200007d18c55932c62572030000008500000006000000554a0800"], &(0x7f0000000480)='syzkaller\x00', 0x6, 0x6e, &(0x7f0000000580)=""/110, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x4, 0x82, 0xffffff80, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x3, 0x1, 0xc, 0x8}, {0x3, 0x1, 0x2, 0xb}, {0x5, 0x4, 0x1, 0x1}], 0x10, 0x1}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000380)='hpfs\x00', 0x2208004, 0x0)

184.092924ms ago: executing program 3 (id=1958):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000200000000000000000000008500000041000000850000001100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000200)="486f1a56ea51f3d32b7d88c6b907", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x4c)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x52, 0x2, 0x7, {0xfff7, 0x2}, {0x1, 0x3}, @ramp={0xfff, 0x7f, {0x866, 0x4, 0x515, 0x2}}})
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x822f01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8)
r6 = socket$inet6(0xa, 0x3, 0x5)
r7 = socket$l2tp6(0xa, 0x2, 0x73)
dup2(r7, r6)
setsockopt$inet6_int(r6, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r6, &(0x7f00000002c0)=[{{&(0x7f0000000340)=@l2tp6={0xa, 0x500, 0x80000, @dev, 0x0, 0x1}, 0x80, 0x0}, 0x5b4}], 0x1, 0x850)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3, 0x0, 0x401], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8000000, 0xe6e60002, 0x8, 0x8, 0xb, 0xe6, 0x40, 0xff, 0x0, 0x81, 0x80}, {0x5000, 0xf000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x16, 0x0, 0x2, 0x87}, {0xdddd1000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa3, 0x5, 0x5}, {0x1, 0xeeef0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0x8080000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x6, 0x9, 0xf7, 0x97}, {0xeeefa000, 0xdddd0000, 0x0, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x0, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4400003c7d834c087527eb00060a030400000000000000000a0000050900010073797a310000000018000480140001800b0001007461726765740000040000000000000001797a3200000000140000001100010000000000dec3803ae5a64895cd25d4ecbfe34a7d3c0ee49c924d8abf764e9468d1f0b2abd5266b70e5f0dad744e6dbe46dde68bf2fb5092cae57e25f16ee11d59b779926309cbb78fa78"], 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)

0s ago: executing program 2 (id=1959):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x20000, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'vlan0\x00', 0x400}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112}) (async)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'syzkaller0\x00', 0x400}) (async)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0}) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) (async)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r5, 0x3f00) (async)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r3], 0x20}}, 0x0)

kernel console output (not intermixed with test programs):

.constprop.0+0x2e8/0x1510
[  442.707027][T12652]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  442.707042][T12652]  ? __lock_acquire+0x622/0x1c90
[  442.707066][T12652]  tun_get_user+0x149c/0x3cc0
[  442.707083][T12652]  ? __pfx_tun_get_user+0x10/0x10
[  442.707096][T12652]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  442.707118][T12652]  ? find_held_lock+0x2b/0x80
[  442.707130][T12652]  ? tun_get+0x191/0x370
[  442.707151][T12652]  tun_chr_write_iter+0xdc/0x210
[  442.707163][T12652]  vfs_write+0x7d3/0x11d0
[  442.707176][T12652]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  442.707189][T12652]  ? __pfx_vfs_write+0x10/0x10
[  442.707200][T12652]  ? find_held_lock+0x2b/0x80
[  442.707220][T12652]  ksys_write+0x12a/0x250
[  442.707231][T12652]  ? __pfx_ksys_write+0x10/0x10
[  442.707245][T12652]  ? rcu_is_watching+0x12/0xc0
[  442.707258][T12652]  __do_fast_syscall_32+0x7c/0x300
[  442.707274][T12652]  do_fast_syscall_32+0x32/0x80
[  442.707287][T12652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  442.707301][T12652] RIP: 0023:0xf709d579
[  442.707310][T12652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  442.707321][T12652] RSP: 002b:00000000f548d520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  442.707331][T12652] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800009c0
[  442.707338][T12652] RDX: 0000000000000046 RSI: 00000000f7435ff4 RDI: 0000000000000000
[  442.707344][T12652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  442.707354][T12652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  442.707361][T12652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  442.707374][T12652]  </TASK>
[  443.306955][ T1332] usb 42-1: device descriptor read/8, error -110
[  443.432051][T12664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1618'.
[  443.492785][  T841] vhci_hcd: vhci_device speed not set
[  444.560493][ T1332] usb usb42-port1: attempt power cycle
[  445.026422][T12691] FAULT_INJECTION: forcing a failure.
[  445.026422][T12691] name failslab, interval 1, probability 0, space 0, times 0
[  445.030249][T12691] CPU: 0 UID: 0 PID: 12691 Comm: syz.0.1625 Not tainted syzkaller #0 PREEMPT(full) 
[  445.030264][T12691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.030271][T12691] Call Trace:
[  445.030275][T12691]  <TASK>
[  445.030279][T12691]  dump_stack_lvl+0x16c/0x1f0
[  445.030296][T12691]  should_fail_ex+0x512/0x640
[  445.030314][T12691]  ? fs_reclaim_acquire+0xae/0x150
[  445.030334][T12691]  should_failslab+0xc2/0x120
[  445.030352][T12691]  __kmalloc_noprof+0xdd/0x880
[  445.030373][T12691]  ? tomoyo_encode2+0x100/0x3e0
[  445.030390][T12691]  ? tomoyo_encode2+0x100/0x3e0
[  445.030401][T12691]  tomoyo_encode2+0x100/0x3e0
[  445.030415][T12691]  tomoyo_encode+0x29/0x50
[  445.030427][T12691]  tomoyo_realpath_from_path+0x18f/0x6e0
[  445.030441][T12691]  ? tomoyo_profile+0x47/0x60
[  445.030457][T12691]  tomoyo_path_number_perm+0x245/0x580
[  445.030474][T12691]  ? tomoyo_path_number_perm+0x237/0x580
[  445.030493][T12691]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  445.030525][T12691]  ? find_held_lock+0x2b/0x80
[  445.030537][T12691]  ? hook_file_ioctl_common+0x145/0x410
[  445.030551][T12691]  ? __fget_files+0x20e/0x3c0
[  445.030565][T12691]  security_file_ioctl_compat+0x9b/0x240
[  445.030577][T12691]  __ia32_compat_sys_ioctl+0xc3/0x370
[  445.030596][T12691]  __do_fast_syscall_32+0x7c/0x300
[  445.030611][T12691]  do_fast_syscall_32+0x32/0x80
[  445.030624][T12691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.030638][T12691] RIP: 0023:0xf7f84579
[  445.030647][T12691] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  445.030658][T12691] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  445.030668][T12691] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  445.030675][T12691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  445.030685][T12691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  445.030692][T12691] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  445.030698][T12691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  445.030718][T12691]  </TASK>
[  445.030729][T12691] ERROR: Out of memory at tomoyo_realpath_from_path.
[  445.334419][ T1332] usb usb42-port1: unable to enumerate USB device
[  445.726008][T12709] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1630'.
[  448.857809][T12754] loop5: detected capacity change from 0 to 7
[  448.860449][    C3] blk_print_req_error: 80 callbacks suppressed
[  448.860459][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.865327][    C3] buffer_io_error: 80 callbacks suppressed
[  448.865335][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.869993][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.873144][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.875887][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.879623][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.890292][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.893445][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.896140][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.899087][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.901959][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.905470][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.908506][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.911466][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.915038][T12754] ldm_validate_partition_table(): Disk read failed.
[  448.917527][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.920443][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.923230][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.926309][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.929922][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  448.932742][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  448.941052][T12754] Dev loop5: unable to read RDB block 0
[  448.943699][T12754]  loop5: unable to read partition table
[  448.945862][T12754] loop5: partition table beyond EOD, truncated
[  448.947932][T12754] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  448.958868][T12754] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  449.140032][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  449.800483][T12768] FAULT_INJECTION: forcing a failure.
[  449.800483][T12768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.804647][T12768] CPU: 0 UID: 0 PID: 12768 Comm: syz.1.1644 Not tainted syzkaller #0 PREEMPT(full) 
[  449.804662][T12768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.804669][T12768] Call Trace:
[  449.804674][T12768]  <TASK>
[  449.804679][T12768]  dump_stack_lvl+0x16c/0x1f0
[  449.804695][T12768]  should_fail_ex+0x512/0x640
[  449.804715][T12768]  _copy_from_iter+0x29f/0x1720
[  449.804736][T12768]  ? __pfx__copy_from_iter+0x10/0x10
[  449.804753][T12768]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  449.804774][T12768]  copy_page_from_iter+0xde/0x180
[  449.804793][T12768]  tun_build_skb.constprop.0+0x2e8/0x1510
[  449.804810][T12768]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  449.804825][T12768]  ? __lock_acquire+0x622/0x1c90
[  449.804850][T12768]  tun_get_user+0x149c/0x3cc0
[  449.804867][T12768]  ? __pfx_tun_get_user+0x10/0x10
[  449.804879][T12768]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  449.804902][T12768]  ? find_held_lock+0x2b/0x80
[  449.804913][T12768]  ? tun_get+0x191/0x370
[  449.804934][T12768]  tun_chr_write_iter+0xdc/0x210
[  449.804946][T12768]  vfs_write+0x7d3/0x11d0
[  449.804959][T12768]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  449.804971][T12768]  ? __pfx_vfs_write+0x10/0x10
[  449.804982][T12768]  ? find_held_lock+0x2b/0x80
[  449.805001][T12768]  ksys_write+0x12a/0x250
[  449.805013][T12768]  ? __pfx_ksys_write+0x10/0x10
[  449.805026][T12768]  ? rcu_is_watching+0x12/0xc0
[  449.805040][T12768]  __do_fast_syscall_32+0x7c/0x300
[  449.805054][T12768]  do_fast_syscall_32+0x32/0x80
[  449.805068][T12768]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.805082][T12768] RIP: 0023:0xf7f57579
[  449.805090][T12768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.805101][T12768] RSP: 002b:00000000f5446520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  449.805112][T12768] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000580
[  449.805118][T12768] RDX: 000000000000001a RSI: 00000000f73e5ff4 RDI: 0000000000000000
[  449.805124][T12768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.805130][T12768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.805137][T12768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.805150][T12768]  </TASK>
[  450.938666][   T40] audit: type=1326 audit(1761765746.463:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12788 comm="syz.0.1650" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f84579 code=0x0
[  451.064211][T12792] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  451.066900][T12792] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  451.069424][T12792] vhci_hcd vhci_hcd.0: Device attached
[  451.191043][T12797] loop5: detected capacity change from 0 to 7
[  451.195356][T12797] ldm_validate_partition_table(): Disk read failed.
[  451.198576][T12797] Dev loop5: unable to read RDB block 0
[  451.202452][T12797]  loop5: unable to read partition table
[  451.205173][T12797] loop5: partition table beyond EOD, truncated
[  451.208052][T12797] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  451.220084][T12797] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  451.372092][ T1332] usb 37-1: new high-speed USB device number 3 using vhci_hcd
[  451.391650][T12803] loop5: detected capacity change from 0 to 7
[  451.396172][T12803] ldm_validate_partition_table(): Disk read failed.
[  451.399535][T12803] Dev loop5: unable to read RDB block 0
[  451.402711][T12803]  loop5: unable to read partition table
[  451.405530][T12803] loop5: partition table beyond EOD, truncated
[  451.408432][T12803] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  451.416413][T12803] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  451.500962][ T5348] ldm_validate_partition_table(): Disk read failed.
[  451.507812][ T5348] Dev loop5: unable to read RDB block 0
[  451.533738][ T5348]  loop5: unable to read partition table
[  451.535677][ T5348] loop5: partition table beyond EOD, truncated
[  452.704795][T12793] vhci_hcd: connection reset by peer
[  452.708446][   T13] vhci_hcd: stop threads
[  452.714641][   T13] vhci_hcd: release socket
[  452.726580][   T13] vhci_hcd: disconnect device
[  453.250060][T12835] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1662'.
[  453.260978][T12835] netlink: 'syz.1.1662': attribute type 1 has an invalid length.
[  453.265062][T12835] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1662'.
[  453.336410][T12841] FAULT_INJECTION: forcing a failure.
[  453.336410][T12841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.341053][T12841] CPU: 3 UID: 0 PID: 12841 Comm: syz.3.1663 Not tainted syzkaller #0 PREEMPT(full) 
[  453.341071][T12841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.341078][T12841] Call Trace:
[  453.341081][T12841]  <TASK>
[  453.341086][T12841]  dump_stack_lvl+0x16c/0x1f0
[  453.341102][T12841]  should_fail_ex+0x512/0x640
[  453.341122][T12841]  save_fsave_header+0x14c/0x2f0
[  453.341137][T12841]  ? __pfx_save_fsave_header+0x10/0x10
[  453.341157][T12841]  ? copy_fpstate_to_sigframe+0x2c3/0xaf0
[  453.341172][T12841]  ? rcu_is_watching+0x12/0xc0
[  453.341183][T12841]  ? __local_bh_enable_ip+0xa4/0x120
[  453.341198][T12841]  copy_fpstate_to_sigframe+0x77c/0xaf0
[  453.341215][T12841]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  453.341230][T12841]  ? posixtimer_deliver_signal+0x105/0x6b0
[  453.341250][T12841]  ? posixtimer_deliver_signal+0x1c7/0x6b0
[  453.341266][T12841]  ? x86_task_fpu+0x5f/0x90
[  453.341280][T12841]  get_sigframe+0x4a8/0x9c0
[  453.341294][T12841]  ? __pfx_get_sigframe+0x10/0x10
[  453.341308][T12841]  ? _raw_spin_unlock_irq+0x23/0x50
[  453.341319][T12841]  ? siginfo_layout+0x177/0x290
[  453.341332][T12841]  ia32_setup_rt_frame+0xe3/0xb30
[  453.341376][T12841]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  453.341398][T12841]  arch_do_signal_or_restart+0x471/0x790
[  453.341412][T12841]  ? __fget_files+0x20e/0x3c0
[  453.341423][T12841]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  453.341441][T12841]  ? __pfx_ksys_write+0x10/0x10
[  453.341456][T12841]  exit_to_user_mode_loop+0x85/0x130
[  453.341473][T12841]  __do_fast_syscall_32+0x240/0x300
[  453.341488][T12841]  do_fast_syscall_32+0x32/0x80
[  453.341501][T12841]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  453.341516][T12841] RIP: 0023:0xf70cd579
[  453.341526][T12841] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  453.341542][T12841] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  453.341563][T12841] RAX: fffffffffffffffc RBX: 0000000000000004 RCX: 0000000080000380
[  453.341572][T12841] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  453.341580][T12841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  453.341588][T12841] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  453.341596][T12841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  453.341616][T12841]  </TASK>
[  453.510360][T12848] FAULT_INJECTION: forcing a failure.
[  453.510360][T12848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.515294][T12848] CPU: 2 UID: 0 PID: 12848 Comm: syz.2.1666 Not tainted syzkaller #0 PREEMPT(full) 
[  453.515318][T12848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.515329][T12848] Call Trace:
[  453.515335][T12848]  <TASK>
[  453.515342][T12848]  dump_stack_lvl+0x16c/0x1f0
[  453.515367][T12848]  should_fail_ex+0x512/0x640
[  453.515398][T12848]  strncpy_from_user+0x3b/0x2e0
[  453.515425][T12848]  getname_flags.part.0+0x8f/0x550
[  453.515454][T12848]  getname_flags+0x93/0xf0
[  453.515472][T12848]  do_sys_openat2+0xb8/0x1d0
[  453.515496][T12848]  ? __pfx_do_sys_openat2+0x10/0x10
[  453.515523][T12848]  ? __fget_files+0x20e/0x3c0
[  453.515539][T12848]  ? handle_mm_fault+0x200/0xd10
[  453.515570][T12848]  __ia32_compat_sys_openat+0x16d/0x210
[  453.515596][T12848]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  453.515621][T12848]  ? ksys_write+0x1ac/0x250
[  453.515644][T12848]  ? rcu_is_watching+0x12/0xc0
[  453.515667][T12848]  __do_fast_syscall_32+0x7c/0x300
[  453.515690][T12848]  do_fast_syscall_32+0x32/0x80
[  453.515711][T12848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  453.515732][T12848] RIP: 0023:0xf709d579
[  453.515745][T12848] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  453.515763][T12848] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  453.515780][T12848] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000100
[  453.515791][T12848] RDX: 0000000000430601 RSI: 0000000000000010 RDI: 0000000000000000
[  453.515801][T12848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  453.515812][T12848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  453.515822][T12848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  453.515848][T12848]  </TASK>
[  453.951485][T12862] overlayfs: failed lookup in lower (newroot/420, name='bus', err=-40): overlapping layers
[  454.344725][T12851] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  454.346836][T12851] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  454.349504][T12851] vhci_hcd vhci_hcd.0: Device attached
[  454.359216][T12864] vhci_hcd: connection closed
[  454.359575][T12433] vhci_hcd: stop threads
[  454.363807][T12433] vhci_hcd: release socket
[  454.369834][T12433] vhci_hcd: disconnect device
[  454.493162][T12873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1672'.
[  455.200088][T12883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1673'.
[  456.856070][ T1332] vhci_hcd: vhci_device speed not set
[  456.952057][T12935] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  456.952440][T12939] kAFS: unparsable volume name
[  456.987384][T12941] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1689'.
[  458.132139][T12965] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1695'.
[  458.629108][T12982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1704'.
[  459.173081][T12988] netlink: 'syz.2.1697': attribute type 2 has an invalid length.
[  459.175744][T12988] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1697'.
[  459.180475][T12988] netlink: 'syz.2.1697': attribute type 2 has an invalid length.
[  459.183214][T12988] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1697'.
[  459.195580][T12989] netlink: 'syz.0.1698': attribute type 2 has an invalid length.
[  459.200891][T12989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1698'.
[  459.207131][T12989] FAULT_INJECTION: forcing a failure.
[  459.207131][T12989] name failslab, interval 1, probability 0, space 0, times 0
[  459.216043][T12989] CPU: 2 UID: 0 PID: 12989 Comm: syz.0.1698 Not tainted syzkaller #0 PREEMPT(full) 
[  459.216069][T12989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  459.216076][T12989] Call Trace:
[  459.216080][T12989]  <TASK>
[  459.216084][T12989]  dump_stack_lvl+0x16c/0x1f0
[  459.216101][T12989]  should_fail_ex+0x512/0x640
[  459.216118][T12989]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  459.216132][T12989]  should_failslab+0xc2/0x120
[  459.216147][T12989]  kmem_cache_alloc_node_noprof+0x78/0x770
[  459.216159][T12989]  ? __alloc_skb+0x2b2/0x380
[  459.216178][T12989]  ? __alloc_skb+0x2b2/0x380
[  459.216194][T12989]  ? __pfx_netlink_insert+0x10/0x10
[  459.216204][T12989]  __alloc_skb+0x2b2/0x380
[  459.216220][T12989]  ? __pfx___alloc_skb+0x10/0x10
[  459.216242][T12989]  ? netlink_autobind.isra.0+0x158/0x370
[  459.216257][T12989]  netlink_alloc_large_skb+0x69/0x140
[  459.216269][T12989]  netlink_sendmsg+0x698/0xdd0
[  459.216283][T12989]  ? __pfx_netlink_sendmsg+0x10/0x10
[  459.216296][T12989]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  459.216315][T12989]  ____sys_sendmsg+0xa98/0xc70
[  459.216328][T12989]  ? btrfs_free_reserved_data_space_noquota+0x440/0x7c0
[  459.216346][T12989]  ? __pfx_____sys_sendmsg+0x10/0x10
[  459.216359][T12989]  ? get_compat_msghdr+0x11a/0x170
[  459.216384][T12989]  ___sys_sendmsg+0x134/0x1d0
[  459.216395][T12989]  ? __pfx____sys_sendmsg+0x10/0x10
[  459.216412][T12989]  ? find_held_lock+0x2b/0x80
[  459.216433][T12989]  __sys_sendmsg+0x16d/0x220
[  459.216443][T12989]  ? __pfx___sys_sendmsg+0x10/0x10
[  459.216460][T12989]  ? rcu_is_watching+0x12/0xc0
[  459.216474][T12989]  __do_fast_syscall_32+0x7c/0x300
[  459.216489][T12989]  do_fast_syscall_32+0x32/0x80
[  459.216502][T12989]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  459.216516][T12989] RIP: 0023:0xf7f84579
[  459.216525][T12989] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  459.216536][T12989] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  459.216547][T12989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  459.216553][T12989] RDX: 0000000004040800 RSI: 0000000000000000 RDI: 0000000000000000
[  459.216559][T12989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  459.216565][T12989] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  459.216571][T12989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.216585][T12989]  </TASK>
[  459.908471][T13012] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1706'.
[  460.449544][T13019] loop5: detected capacity change from 0 to 7
[  460.452829][    C1] blk_print_req_error: 60 callbacks suppressed
[  460.452843][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.459003][    C1] buffer_io_error: 60 callbacks suppressed
[  460.459012][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.464752][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.468794][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.472712][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.475448][T13021] syz.3.1708 uses obsolete (PF_INET,SOCK_PACKET)
[  460.476499][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.479209][T13021] syzkaller1: entered promiscuous mode
[  460.482443][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.483432][T13021] syzkaller1: entered allmulticast mode
[  460.486453][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.492799][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.496570][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.499788][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.503187][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.506748][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.510491][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.513517][T13019] ldm_validate_partition_table(): Disk read failed.
[  460.516914][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.520015][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.523368][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.526974][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.530461][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  460.534579][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  460.537615][T13019] Dev loop5: unable to read RDB block 0
[  460.540005][T13019]  loop5: unable to read partition table
[  460.542476][T13019] loop5: partition table beyond EOD, truncated
[  460.545156][T13019] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  460.557064][T13019] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  460.622632][T13026] FAULT_INJECTION: forcing a failure.
[  460.622632][T13026] name failslab, interval 1, probability 0, space 0, times 0
[  460.627760][T13026] CPU: 0 UID: 0 PID: 13026 Comm: syz.3.1710 Not tainted syzkaller #0 PREEMPT(full) 
[  460.627777][T13026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.627784][T13026] Call Trace:
[  460.627788][T13026]  <TASK>
[  460.627793][T13026]  dump_stack_lvl+0x16c/0x1f0
[  460.627809][T13026]  should_fail_ex+0x512/0x640
[  460.627826][T13026]  ? __kmalloc_noprof+0xca/0x880
[  460.627845][T13026]  should_failslab+0xc2/0x120
[  460.627861][T13026]  __kmalloc_noprof+0xdd/0x880
[  460.627878][T13026]  ? bpf_test_init.isra.0+0x88/0x130
[  460.627898][T13026]  ? bpf_test_init.isra.0+0x88/0x130
[  460.627914][T13026]  bpf_test_init.isra.0+0x88/0x130
[  460.627932][T13026]  bpf_prog_test_run_xdp+0x66f/0x1660
[  460.627947][T13026]  ? __fget_files+0x204/0x3c0
[  460.627959][T13026]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  460.627972][T13026]  ? __might_fault+0xb0/0x190
[  460.628638][T13026]  ? fput+0x9b/0xd0
[  460.628655][T13026]  ? __bpf_prog_get+0x97/0x2a0
[  460.628740][T13026]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  460.628760][T13026]  __sys_bpf+0x1035/0x4980
[  460.628777][T13026]  ? __pfx___sys_bpf+0x10/0x10
[  460.628788][T13026]  ? find_held_lock+0x2b/0x80
[  460.628804][T13026]  ? find_held_lock+0x2b/0x80
[  460.628819][T13026]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  460.628842][T13026]  ? fput+0x9b/0xd0
[  460.628858][T13026]  ? ksys_write+0x1ac/0x250
[  460.628870][T13026]  ? __pfx_ksys_write+0x10/0x10
[  460.628885][T13026]  __ia32_sys_bpf+0x76/0xe0
[  460.628897][T13026]  __do_fast_syscall_32+0x7c/0x300
[  460.628914][T13026]  do_fast_syscall_32+0x32/0x80
[  460.628929][T13026]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.628946][T13026] RIP: 0023:0xf70cd579
[  460.628956][T13026] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.628968][T13026] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  460.628979][T13026] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  460.628987][T13026] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  460.628993][T13026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  460.628999][T13026] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  460.629006][T13026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.629020][T13026]  </TASK>
[  460.772449][T13030] tipc: Started in network mode
[  460.774675][T13030] tipc: Node identity 4, cluster identity 4711
[  460.776979][T13030] tipc: Node number set to 4
[  460.833526][T13035] syzkaller1: entered promiscuous mode
[  460.835371][T13035] syzkaller1: entered allmulticast mode
[  460.838317][T13035] FAULT_INJECTION: forcing a failure.
[  460.838317][T13035] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.842522][T13035] CPU: 1 UID: 0 PID: 13035 Comm: syz.0.1713 Not tainted syzkaller #0 PREEMPT(full) 
[  460.842542][T13035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.842551][T13035] Call Trace:
[  460.842557][T13035]  <TASK>
[  460.842563][T13035]  dump_stack_lvl+0x16c/0x1f0
[  460.842583][T13035]  should_fail_ex+0x512/0x640
[  460.842609][T13035]  _copy_from_iter+0x29f/0x1720
[  460.842634][T13035]  ? __lock_acquire+0x622/0x1c90
[  460.842653][T13035]  ? __pfx__copy_from_iter+0x10/0x10
[  460.842670][T13035]  ? _parse_integer_limit+0x17f/0x1d0
[  460.842689][T13035]  tun_get_user+0x3c7/0x3cc0
[  460.842708][T13035]  ? __pfx_tun_get_user+0x10/0x10
[  460.842725][T13035]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  460.842757][T13035]  ? find_held_lock+0x2b/0x80
[  460.842777][T13035]  ? tun_get+0x191/0x370
[  460.842806][T13035]  tun_chr_write_iter+0xdc/0x210
[  460.842827][T13035]  vfs_write+0x7d3/0x11d0
[  460.842846][T13035]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  460.842863][T13035]  ? __pfx_vfs_write+0x10/0x10
[  460.842874][T13035]  ? find_held_lock+0x2b/0x80
[  460.842893][T13035]  ksys_write+0x12a/0x250
[  460.842905][T13035]  ? __pfx_ksys_write+0x10/0x10
[  460.842918][T13035]  ? rcu_is_watching+0x12/0xc0
[  460.842947][T13035]  __do_fast_syscall_32+0x7c/0x300
[  460.842963][T13035]  do_fast_syscall_32+0x32/0x80
[  460.842976][T13035]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.842991][T13035] RIP: 0023:0xf7f84579
[  460.843000][T13035] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.843010][T13035] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  460.843021][T13035] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  460.843031][T13035] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  460.843041][T13035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  460.843050][T13035] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  460.843060][T13035] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.843085][T13035]  </TASK>
[  462.226585][T13054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1714'.
[  462.628490][T13063] FAULT_INJECTION: forcing a failure.
[  462.628490][T13063] name failslab, interval 1, probability 0, space 0, times 0
[  462.632924][T13063] CPU: 1 UID: 0 PID: 13063 Comm: syz.2.1719 Not tainted syzkaller #0 PREEMPT(full) 
[  462.632941][T13063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  462.632948][T13063] Call Trace:
[  462.632952][T13063]  <TASK>
[  462.632957][T13063]  dump_stack_lvl+0x16c/0x1f0
[  462.632975][T13063]  should_fail_ex+0x512/0x640
[  462.632993][T13063]  ? __kmalloc_noprof+0xca/0x880
[  462.633013][T13063]  should_failslab+0xc2/0x120
[  462.633029][T13063]  __kmalloc_noprof+0xdd/0x880
[  462.633047][T13063]  ? alloc_pipe_info+0x1ec/0x590
[  462.633063][T13063]  ? alloc_pipe_info+0x1ec/0x590
[  462.633076][T13063]  alloc_pipe_info+0x1ec/0x590
[  462.633090][T13063]  splice_direct_to_actor+0x77d/0xa30
[  462.633103][T13063]  ? __pfx_direct_splice_actor+0x10/0x10
[  462.633115][T13063]  ? __pfx_aa_file_perm+0x10/0x10
[  462.633129][T13063]  ? find_held_lock+0x2b/0x80
[  462.633141][T13063]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  462.633151][T13063]  ? get_pid_task+0xfc/0x250
[  462.633171][T13063]  do_splice_direct+0x174/0x240
[  462.633182][T13063]  ? __pfx_do_splice_direct+0x10/0x10
[  462.633193][T13063]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  462.633213][T13063]  ? bpf_lsm_file_permission+0x9/0x10
[  462.633343][T13063]  ? security_file_permission+0x71/0x210
[  462.633359][T13063]  ? rw_verify_area+0xcf/0x6c0
[  462.633372][T13063]  do_sendfile+0xb06/0xe50
[  462.633387][T13063]  ? __pfx_do_sendfile+0x10/0x10
[  462.633399][T13063]  ? __fget_files+0x20e/0x3c0
[  462.633414][T13063]  __ia32_compat_sys_sendfile+0x1e5/0x220
[  462.633430][T13063]  ? ksys_write+0x1ac/0x250
[  462.633442][T13063]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  462.633462][T13063]  ? rcu_is_watching+0x12/0xc0
[  462.633477][T13063]  __do_fast_syscall_32+0x7c/0x300
[  462.633494][T13063]  do_fast_syscall_32+0x32/0x80
[  462.633507][T13063]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  462.633522][T13063] RIP: 0023:0xf709d579
[  462.633533][T13063] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  462.633545][T13063] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  462.633556][T13063] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000004
[  462.633563][T13063] RDX: 0000000000000000 RSI: 00000000000053d2 RDI: 0000000000000000
[  462.633569][T13063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  462.633576][T13063] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  462.633582][T13063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  462.633596][T13063]  </TASK>
[  463.463135][T13080] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  463.481888][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  463.484834][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  463.529977][T13084] netlink: 'syz.0.1725': attribute type 21 has an invalid length.
[  463.533052][T13084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1725'.
[  463.804808][T13087] loop5: detected capacity change from 0 to 7
[  463.809616][T13087] ldm_validate_partition_table(): Disk read failed.
[  463.812258][T13087] Dev loop5: unable to read RDB block 0
[  463.815087][T13087]  loop5: unable to read partition table
[  463.819690][T13087] loop5: partition table beyond EOD, truncated
[  463.822716][T13087] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  463.847977][T13087] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  464.175438][ T5348] ldm_validate_partition_table(): Disk read failed.
[  464.195593][ T5348] Dev loop5: unable to read RDB block 0
[  464.197912][ T5348]  loop5: unable to read partition table
[  464.199941][ T5348] loop5: partition table beyond EOD, truncated
[  464.376043][T13093] kAFS: unparsable volume name
[  464.471517][T13099] loop5: detected capacity change from 0 to 7
[  464.475464][T13099] ldm_validate_partition_table(): Disk read failed.
[  464.479025][T13099] Dev loop5: unable to read RDB block 0
[  464.481941][T13099]  loop5: unable to read partition table
[  464.484376][T13099] loop5: partition table beyond EOD, truncated
[  464.489836][T13099] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  464.511465][T13099] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  464.524712][ T5348] ldm_validate_partition_table(): Disk read failed.
[  464.528088][ T5348] Dev loop5: unable to read RDB block 0
[  464.530817][ T5348]  loop5: unable to read partition table
[  464.534465][ T5348] loop5: partition table beyond EOD, truncated
[  464.681823][T13106] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1732'.
[  465.141659][  T841] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  465.335579][  T841] usb 7-1: config 0 has an invalid interface number: 204 but max is 0
[  465.344536][  T841] usb 7-1: config 0 has no interface number 0
[  465.351125][  T841] usb 7-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[  465.355096][  T841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.358225][  T841] usb 7-1: Product: syz
[  465.359972][  T841] usb 7-1: Manufacturer: syz
[  465.361774][  T841] usb 7-1: SerialNumber: syz
[  465.654542][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  465.696488][  T841] usb 7-1: config 0 descriptor??
[  465.707180][  T841] ems_usb 7-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[  465.713432][  T841] ems_usb 7-1:0.204: probe with driver ems_usb failed with error -22
[  466.196511][ T5977] usb 7-1: USB disconnect, device number 10
[  466.380685][T13134] loop5: detected capacity change from 0 to 7
[  466.384287][    C0] blk_print_req_error: 80 callbacks suppressed
[  466.384296][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.390099][    C0] buffer_io_error: 80 callbacks suppressed
[  466.390110][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.396388][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.399494][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.404254][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.407535][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.411651][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.415732][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.419044][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.423100][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.426836][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.430861][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.434456][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.437764][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.440636][T13134] ldm_validate_partition_table(): Disk read failed.
[  466.442612][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.445171][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.448036][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.450748][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.453324][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  466.456227][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  466.458821][T13134] Dev loop5: unable to read RDB block 0
[  466.460869][T13134]  loop5: unable to read partition table
[  466.462745][T13134] loop5: partition table beyond EOD, truncated
[  466.465083][T13134] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  466.475431][T13134] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  466.485306][ T5348] ldm_validate_partition_table(): Disk read failed.
[  466.488882][ T5348] Dev loop5: unable to read RDB block 0
[  466.491674][ T5348]  loop5: unable to read partition table
[  466.493977][ T5348] loop5: partition table beyond EOD, truncated
[  466.641295][T13146] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1743'.
[  467.703206][T13165] usb 1-1: USB disconnect, device number 2
[  467.755641][T12433] bond0: (slave bond_slave_0): interface is now down
[  467.758525][T12433] bond0: (slave bond_slave_1): interface is now down
[  467.770973][T12433] bond0: now running without any active interface!
[  467.903473][T13174] loop5: detected capacity change from 0 to 7
[  467.908864][T13174] ldm_validate_partition_table(): Disk read failed.
[  467.913336][T13174] Dev loop5: unable to read RDB block 0
[  467.916446][T13174]  loop5: unable to read partition table
[  467.919257][T13174] loop5: partition table beyond EOD, truncated
[  467.922071][T13174] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  467.937573][T13174] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  468.036134][T13176] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1751'.
[  468.043770][T13176] netlink: 'syz.0.1751': attribute type 1 has an invalid length.
[  468.046699][T13176] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1751'.
[  468.138671][ T6227] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  468.172194][T13182] loop5: detected capacity change from 0 to 7
[  468.175915][T13182] ldm_validate_partition_table(): Disk read failed.
[  468.179913][T13182] Dev loop5: unable to read RDB block 0
[  468.184780][T13182]  loop5: unable to read partition table
[  468.187051][T13182] loop5: partition table beyond EOD, truncated
[  468.189158][T13182] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  468.196883][T13182] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  468.305854][ T6227] usb 8-1: Using ep0 maxpacket: 8
[  468.311962][ T6227] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  468.315417][ T6227] usb 8-1: config 0 has no interface number 0
[  468.318576][ T6227] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  468.323131][ T6227] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  468.328488][ T6227] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  468.333150][ T6227] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  468.339889][ T6227] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  468.342831][ T6227] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.352681][ T6227] usb 8-1: config 0 descriptor??
[  468.372727][ T6227] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  468.474063][T13190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1755'.
[  468.578662][T13172] FAULT_INJECTION: forcing a failure.
[  468.578662][T13172] name failslab, interval 1, probability 0, space 0, times 0
[  468.583293][T13172] CPU: 1 UID: 0 PID: 13172 Comm: syz.3.1749 Not tainted syzkaller #0 PREEMPT(full) 
[  468.583316][T13172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  468.583326][T13172] Call Trace:
[  468.583332][T13172]  <TASK>
[  468.583338][T13172]  dump_stack_lvl+0x16c/0x1f0
[  468.583360][T13172]  should_fail_ex+0x512/0x640
[  468.583384][T13172]  ? __kmalloc_noprof+0xca/0x880
[  468.583427][T13172]  should_failslab+0xc2/0x120
[  468.583448][T13172]  __kmalloc_noprof+0xdd/0x880
[  468.583473][T13172]  ? do_sys_poll+0x24a/0xdf0
[  468.583491][T13172]  ? do_sys_poll+0x24a/0xdf0
[  468.583505][T13172]  do_sys_poll+0x24a/0xdf0
[  468.583520][T13172]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  468.583541][T13172]  ? is_bpf_text_address+0x94/0x1a0
[  468.583565][T13172]  ? __kernel_text_address+0xd/0x40
[  468.583583][T13172]  ? __pfx_do_sys_poll+0x10/0x10
[  468.583663][T13172]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  468.583686][T13172]  ? set_compat_user_sigmask+0x213/0x2a0
[  468.583704][T13172]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  468.583722][T13172]  ? __fget_files+0x20e/0x3c0
[  468.583742][T13172]  __ia32_compat_sys_ppoll_time32+0x248/0x2c0
[  468.583761][T13172]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[  468.583779][T13172]  ? ksys_write+0x1ac/0x250
[  468.583796][T13172]  ? __pfx_ksys_write+0x10/0x10
[  468.583816][T13172]  ? rcu_is_watching+0x12/0xc0
[  468.583837][T13172]  __do_fast_syscall_32+0x7c/0x300
[  468.583859][T13172]  do_fast_syscall_32+0x32/0x80
[  468.583878][T13172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  468.583898][T13172] RIP: 0023:0xf70cd579
[  468.583910][T13172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  468.583926][T13172] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000135
[  468.583942][T13172] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 00000000000000dc
[  468.583953][T13172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  468.583963][T13172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  468.583972][T13172] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  468.583982][T13172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  468.584004][T13172]  </TASK>
[  468.588788][T13192] capability: warning: `syz.1.1756' uses 32-bit capabilities (legacy support in use)
[  468.597337][ T8211] usb 8-1: USB disconnect, device number 16
[  468.692823][ T8211] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  468.971100][T13210] FAULT_INJECTION: forcing a failure.
[  468.971100][T13210] name failslab, interval 1, probability 0, space 0, times 0
[  468.975280][T13210] CPU: 0 UID: 0 PID: 13210 Comm: syz.1.1757 Not tainted syzkaller #0 PREEMPT(full) 
[  468.975296][T13210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  468.975303][T13210] Call Trace:
[  468.975308][T13210]  <TASK>
[  468.975313][T13210]  dump_stack_lvl+0x16c/0x1f0
[  468.975330][T13210]  should_fail_ex+0x512/0x640
[  468.975349][T13210]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[  468.975364][T13210]  should_failslab+0xc2/0x120
[  468.975379][T13210]  __kvmalloc_node_noprof+0x141/0x9c0
[  468.975393][T13210]  ? traverse.part.0.constprop.0+0x397/0x650
[  468.975415][T13210]  ? traverse.part.0.constprop.0+0x397/0x650
[  468.975432][T13210]  traverse.part.0.constprop.0+0x397/0x650
[  468.975454][T13210]  seq_lseek+0x2bb/0x450
[  468.975474][T13210]  ksys_lseek+0xf3/0x1b0
[  468.975486][T13210]  __do_fast_syscall_32+0x7c/0x300
[  468.975501][T13210]  do_fast_syscall_32+0x32/0x80
[  468.975520][T13210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  468.975540][T13210] RIP: 0023:0xf7f57579
[  468.975550][T13210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  468.975565][T13210] RSP: 002b:00000000f540455c EFLAGS: 00000296 ORIG_RAX: 0000000000000013
[  468.975582][T13210] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000002004
[  468.975593][T13210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  468.975602][T13210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  468.975611][T13210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  468.975621][T13210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  468.975645][T13210]  </TASK>
[  469.250268][T13224] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1761'.
[  469.255950][T13224] netlink: 'syz.1.1761': attribute type 1 has an invalid length.
[  469.259751][T13224] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1761'.
[  469.444525][T13232] loop5: detected capacity change from 0 to 7
[  469.449075][T13232] ldm_validate_partition_table(): Disk read failed.
[  469.460907][T13232] Dev loop5: unable to read RDB block 0
[  469.464626][T13232]  loop5: unable to read partition table
[  469.466939][T13232] loop5: partition table beyond EOD, truncated
[  469.469284][T13232] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  469.490827][T13232] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  469.705176][T13244] sctp: [Deprecated]: syz.1.1766 (pid 13244) Use of int in max_burst socket option deprecated.
[  469.705176][T13244] Use struct sctp_assoc_value instead
[  469.824187][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[  469.829867][T13251] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  469.935981][T13253] netlink: 'syz.2.1768': attribute type 21 has an invalid length.
[  469.938509][T13253] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1768'.
[  471.497066][T13269] loop5: detected capacity change from 0 to 7
[  471.501052][ T7470] ldm_validate_partition_table(): Disk read failed.
[  471.504079][ T7470] Dev loop5: unable to read RDB block 0
[  471.506338][ T7470]  loop5: unable to read partition table
[  471.508324][ T7470] loop5: partition table beyond EOD, truncated
[  471.511736][T13269] ldm_validate_partition_table(): Disk read failed.
[  471.516228][T13269] Dev loop5: unable to read RDB block 0
[  471.519195][T13269]  loop5: unable to read partition table
[  471.521856][T13269] loop5: partition table beyond EOD, truncated
[  471.524421][T13269] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  471.533950][T13269] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  471.665716][T13273] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1774'.
[  471.670151][T13273] netlink: 'syz.3.1774': attribute type 1 has an invalid length.
[  471.672595][T13273] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1774'.
[  471.879291][T13282] netlink: 'syz.3.1778': attribute type 10 has an invalid length.
[  471.881802][T13282] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1778'.
[  471.885008][T13282] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  471.888628][T13282] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  471.984601][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[  471.987362][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  472.241892][T13282] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  472.406078][T13293] loop5: detected capacity change from 0 to 7
[  472.408541][    C3] blk_print_req_error: 120 callbacks suppressed
[  472.408551][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.413500][    C3] buffer_io_error: 120 callbacks suppressed
[  472.413509][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.421197][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.424541][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.427474][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.430552][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.436056][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.439012][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.442283][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.445307][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.449352][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.453520][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.464228][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.468454][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.472279][T13293] ldm_validate_partition_table(): Disk read failed.
[  472.493334][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.497619][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.511680][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.515236][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.528681][T13295] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  472.535322][T13293] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  472.538397][T13293] Buffer I/O error on dev loop5, logical block 0, async page read
[  472.542924][T13293] Dev loop5: unable to read RDB block 0
[  472.544900][T13293]  loop5: unable to read partition table
[  472.546869][T13293] loop5: partition table beyond EOD, truncated
[  472.552795][T13293] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  472.912545][T13312] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1786'.
[  472.916821][T13312] netlink: 'syz.3.1786': attribute type 1 has an invalid length.
[  472.919251][T13312] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1786'.
[  473.105822][ T8211] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  473.267663][ T8211] usb 5-1: config 0 has an invalid interface number: 204 but max is 0
[  473.271142][ T8211] usb 5-1: config 0 has no interface number 0
[  473.275676][ T8211] usb 5-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[  473.279881][ T8211] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.283172][ T8211] usb 5-1: Product: syz
[  473.284976][ T8211] usb 5-1: Manufacturer: syz
[  473.286917][ T8211] usb 5-1: SerialNumber: syz
[  473.292182][ T8211] usb 5-1: config 0 descriptor??
[  473.296562][ T8211] ems_usb 5-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[  473.301763][ T8211] ems_usb 5-1:0.204: probe with driver ems_usb failed with error -22
[  473.351710][ T8104] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  473.512128][ T8104] usb 8-1: Using ep0 maxpacket: 8
[  473.518465][ T8104] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  473.521134][ T8104] usb 8-1: config 0 has no interface number 0
[  473.533609][ T8104] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  473.536954][ T8104] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  473.544147][ T8104] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  473.554866][ T8104] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  473.560113][ T8104] usb 8-1: New USB device found, idVendor=0f11, idProduct=10c0, bcdDevice=fc.6a
[  473.574067][ T8104] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.585763][ T8104] usb 8-1: config 0 descriptor??
[  473.705448][  T841] usb 5-1: USB disconnect, device number 15
[  473.808162][ T8104] usb 8-1: USB disconnect, device number 17
[  474.411269][T13326] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  474.414957][   T75] Bluetooth: hci4: Frame reassembly failed (-84)
[  474.479462][T13330] netlink: 'syz.3.1790': attribute type 21 has an invalid length.
[  474.482448][T13330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1790'.
[  474.495947][T13331] FAULT_INJECTION: forcing a failure.
[  474.495947][T13331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.500059][T13331] CPU: 3 UID: 0 PID: 13331 Comm: syz.0.1798 Not tainted syzkaller #0 PREEMPT(full) 
[  474.500076][T13331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  474.500086][T13331] Call Trace:
[  474.500093][T13331]  <TASK>
[  474.500100][T13331]  dump_stack_lvl+0x16c/0x1f0
[  474.500125][T13331]  should_fail_ex+0x512/0x640
[  474.500154][T13331]  strncpy_from_user+0x3b/0x2e0
[  474.500182][T13331]  getname_flags.part.0+0x8f/0x550
[  474.500202][T13331]  getname_flags+0x93/0xf0
[  474.500214][T13331]  do_sys_openat2+0xb8/0x1d0
[  474.500230][T13331]  ? __pfx_do_sys_openat2+0x10/0x10
[  474.500247][T13331]  ? __fget_files+0x20e/0x3c0
[  474.500257][T13331]  ? handle_mm_fault+0x200/0xd10
[  474.500278][T13331]  __ia32_sys_creat+0xcb/0x120
[  474.500295][T13331]  ? __pfx___ia32_sys_creat+0x10/0x10
[  474.500311][T13331]  ? __pfx_ksys_write+0x10/0x10
[  474.500324][T13331]  ? rcu_is_watching+0x12/0xc0
[  474.500336][T13331]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  474.500350][T13331]  ? lockdep_hardirqs_on+0x7c/0x110
[  474.500362][T13331]  __do_fast_syscall_32+0x7c/0x300
[  474.500377][T13331]  do_fast_syscall_32+0x32/0x80
[  474.500390][T13331]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.500404][T13331] RIP: 0023:0xf7f84579
[  474.500413][T13331] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  474.500432][T13331] RSP: 002b:00000000f545555c EFLAGS: 00000296 ORIG_RAX: 0000000000000008
[  474.500443][T13331] RAX: ffffffffffffffda RBX: 0000000080000180 RCX: 0000000000000000
[  474.500450][T13331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  474.500456][T13331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  474.500462][T13331] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  474.500468][T13331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.500481][T13331]  </TASK>
[  474.712263][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1791'.
[  475.082775][T13341] FAULT_INJECTION: forcing a failure.
[  475.082775][T13341] name failslab, interval 1, probability 0, space 0, times 0
[  475.088516][T13341] CPU: 1 UID: 0 PID: 13341 Comm: syz.1.1792 Not tainted syzkaller #0 PREEMPT(full) 
[  475.088532][T13341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  475.088539][T13341] Call Trace:
[  475.088543][T13341]  <TASK>
[  475.088548][T13341]  dump_stack_lvl+0x16c/0x1f0
[  475.088564][T13341]  should_fail_ex+0x512/0x640
[  475.088581][T13341]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  475.088595][T13341]  should_failslab+0xc2/0x120
[  475.088610][T13341]  kmem_cache_alloc_node_noprof+0x78/0x770
[  475.088621][T13341]  ? __alloc_skb+0x2b2/0x380
[  475.088641][T13341]  ? __alloc_skb+0x2b2/0x380
[  475.088657][T13341]  __alloc_skb+0x2b2/0x380
[  475.088674][T13341]  ? __pfx___alloc_skb+0x10/0x10
[  475.088692][T13341]  ? __lock_acquire+0x622/0x1c90
[  475.088710][T13341]  alloc_skb_with_frags+0xe0/0x860
[  475.088725][T13341]  sock_alloc_send_pskb+0x7f9/0x980
[  475.088743][T13341]  ? is_bpf_text_address+0x8a/0x1a0
[  475.088762][T13341]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  475.088779][T13341]  ? __kernel_text_address+0xd/0x40
[  475.088789][T13341]  ? unwind_get_return_address+0x59/0xa0
[  475.088801][T13341]  ? arch_stack_walk+0xa6/0x100
[  475.088817][T13341]  __ip6_append_data+0x2a98/0x4740
[  475.088837][T13341]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  475.088856][T13341]  ? __pfx___ip6_append_data+0x10/0x10
[  475.088872][T13341]  ? __pfx_ip6_mtu+0x10/0x10
[  475.088885][T13341]  ? ip6_setup_cork+0xc51/0x1530
[  475.088901][T13341]  ip6_make_skb+0x2c8/0x3f0
[  475.088918][T13341]  ? ip6_dst_check+0x343/0x950
[  475.088930][T13341]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  475.088944][T13341]  ? __pfx_ip6_make_skb+0x10/0x10
[  475.088960][T13341]  ? find_held_lock+0x2b/0x80
[  475.088974][T13341]  ? sk_dst_check+0x1da/0x540
[  475.088994][T13341]  ? udpv6_sendmsg+0x2365/0x2d30
[  475.089004][T13341]  udpv6_sendmsg+0x2365/0x2d30
[  475.089016][T13341]  ? aa_label_sk_perm+0x195/0x600
[  475.089027][T13341]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  475.089043][T13341]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  475.089058][T13341]  ? is_bpf_text_address+0x8a/0x1a0
[  475.089077][T13341]  ? __kernel_text_address+0xd/0x40
[  475.089087][T13341]  ? __pfx___might_resched+0x10/0x10
[  475.089109][T13341]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  475.089121][T13341]  ? inet6_sendmsg+0x105/0x140
[  475.089132][T13341]  inet6_sendmsg+0x105/0x140
[  475.089170][T13341]  ____sys_sendmsg+0x705/0xc70
[  475.089185][T13341]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.089198][T13341]  ? get_compat_msghdr+0x11a/0x170
[  475.089222][T13341]  ___sys_sendmsg+0x134/0x1d0
[  475.089234][T13341]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.089251][T13341]  ? find_held_lock+0x2b/0x80
[  475.089270][T13341]  __sys_sendmsg+0x16d/0x220
[  475.089280][T13341]  ? __pfx___sys_sendmsg+0x10/0x10
[  475.089297][T13341]  ? rcu_is_watching+0x12/0xc0
[  475.089311][T13341]  __do_fast_syscall_32+0x7c/0x300
[  475.089326][T13341]  do_fast_syscall_32+0x32/0x80
[  475.089339][T13341]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  475.089353][T13341] RIP: 0023:0xf7f57579
[  475.089362][T13341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  475.089373][T13341] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  475.089384][T13341] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001080
[  475.089391][T13341] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  475.089397][T13341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  475.089403][T13341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  475.089409][T13341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  475.089423][T13341]  </TASK>
[  475.628805][ T5984] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  475.789226][ T5984] usb 6-1: Using ep0 maxpacket: 8
[  475.793408][ T5984] usb 6-1: config 0 interface 0 has no altsetting 0
[  475.795735][ T5984] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  475.798743][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.802944][ T5984] usb 6-1: config 0 descriptor??
[  476.196782][T13353] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1796'.
[  476.222484][T13353] netlink: 'syz.2.1796': attribute type 1 has an invalid length.
[  476.225210][T13353] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1796'.
[  476.310163][ T5984] mcp2221 0003:04D8:00DD.0012: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  476.370455][T13348] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  476.543150][    T9] usb 6-1: USB disconnect, device number 17
[  476.603210][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  476.965275][ T5984] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  477.137035][ T5984] usb 8-1: Using ep0 maxpacket: 8
[  477.140609][ T5984] usb 8-1: config 0 interface 0 has no altsetting 0
[  477.143113][ T5984] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  477.146512][ T5984] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.157949][ T5984] usb 8-1: config 0 descriptor??
[  477.596946][ T5984] mcp2221 0003:04D8:00DD.0013: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  477.775210][T13376] FAULT_INJECTION: forcing a failure.
[  477.775210][T13376] name failslab, interval 1, probability 0, space 0, times 0
[  477.781766][T13376] CPU: 0 UID: 0 PID: 13376 Comm: syz.2.1805 Not tainted syzkaller #0 PREEMPT(full) 
[  477.781790][T13376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  477.781801][T13376] Call Trace:
[  477.781807][T13376]  <TASK>
[  477.781813][T13376]  dump_stack_lvl+0x16c/0x1f0
[  477.781837][T13376]  should_fail_ex+0x512/0x640
[  477.781862][T13376]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  477.781882][T13376]  should_failslab+0xc2/0x120
[  477.781906][T13376]  kmem_cache_alloc_node_noprof+0x78/0x770
[  477.781923][T13376]  ? __alloc_skb+0x2b2/0x380
[  477.781954][T13376]  ? __alloc_skb+0x2b2/0x380
[  477.781975][T13376]  ? __pfx_netlink_insert+0x10/0x10
[  477.781991][T13376]  __alloc_skb+0x2b2/0x380
[  477.782016][T13376]  ? __pfx___alloc_skb+0x10/0x10
[  477.782042][T13376]  ? netlink_autobind.isra.0+0x158/0x370
[  477.782066][T13376]  netlink_alloc_large_skb+0x69/0x140
[  477.782086][T13376]  netlink_sendmsg+0x698/0xdd0
[  477.782109][T13376]  ? __pfx_netlink_sendmsg+0x10/0x10
[  477.782129][T13376]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  477.782159][T13376]  ____sys_sendmsg+0xa98/0xc70
[  477.782184][T13376]  ? __pfx_____sys_sendmsg+0x10/0x10
[  477.782203][T13376]  ? get_compat_msghdr+0x11a/0x170
[  477.782241][T13376]  ___sys_sendmsg+0x134/0x1d0
[  477.782259][T13376]  ? __pfx____sys_sendmsg+0x10/0x10
[  477.782288][T13376]  ? find_held_lock+0x2b/0x80
[  477.782323][T13376]  __sys_sendmsg+0x16d/0x220
[  477.782340][T13376]  ? __pfx___sys_sendmsg+0x10/0x10
[  477.782373][T13376]  ? rcu_is_watching+0x12/0xc0
[  477.782396][T13376]  __do_fast_syscall_32+0x7c/0x300
[  477.782419][T13376]  do_fast_syscall_32+0x32/0x80
[  477.782439][T13376]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  477.782460][T13376] RIP: 0023:0xf709d579
[  477.782474][T13376] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  477.782490][T13376] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  477.782507][T13376] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  477.782518][T13376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  477.782528][T13376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  477.782538][T13376] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  477.782547][T13376] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  477.782570][T13376]  </TASK>
[  477.805878][T13364] FAULT_INJECTION: forcing a failure.
[  477.805878][T13364] name failslab, interval 1, probability 0, space 0, times 0
[  477.875526][T13364] CPU: 3 UID: 0 PID: 13364 Comm: syz.3.1800 Not tainted syzkaller #0 PREEMPT(full) 
[  477.875542][T13364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  477.875548][T13364] Call Trace:
[  477.875552][T13364]  <TASK>
[  477.875556][T13364]  dump_stack_lvl+0x16c/0x1f0
[  477.875573][T13364]  should_fail_ex+0x512/0x640
[  477.875590][T13364]  ? fs_reclaim_acquire+0xae/0x150
[  477.875619][T13364]  should_failslab+0xc2/0x120
[  477.875635][T13364]  __kmalloc_noprof+0xdd/0x880
[  477.875654][T13364]  ? tomoyo_encode2+0x100/0x3e0
[  477.875669][T13364]  ? tomoyo_encode2+0x100/0x3e0
[  477.875680][T13364]  tomoyo_encode2+0x100/0x3e0
[  477.875694][T13364]  tomoyo_encode+0x29/0x50
[  477.875706][T13364]  tomoyo_realpath_from_path+0x18f/0x6e0
[  477.875722][T13364]  tomoyo_path_number_perm+0x245/0x580
[  477.875740][T13364]  ? tomoyo_path_number_perm+0x237/0x580
[  477.875759][T13364]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  477.875792][T13364]  ? find_held_lock+0x2b/0x80
[  477.875804][T13364]  ? hook_file_ioctl_common+0x145/0x410
[  477.875818][T13364]  ? __fget_files+0x20e/0x3c0
[  477.875832][T13364]  security_file_ioctl_compat+0x9b/0x240
[  477.875844][T13364]  __ia32_compat_sys_ioctl+0xc3/0x370
[  477.875863][T13364]  __do_fast_syscall_32+0x7c/0x300
[  477.875879][T13364]  do_fast_syscall_32+0x32/0x80
[  477.875892][T13364]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  477.875906][T13364] RIP: 0023:0xf70cd579
[  477.875915][T13364] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  477.875926][T13364] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  477.875936][T13364] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720
[  477.875942][T13364] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  477.875948][T13364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  477.875954][T13364] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  477.875960][T13364] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  477.875975][T13364]  </TASK>
[  477.876020][T13364] ERROR: Out of memory at tomoyo_realpath_from_path.
[  477.948887][ T8211] usb 8-1: USB disconnect, device number 18
[  478.294036][T13387] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1808'.
[  478.308573][T13387] netlink: 'syz.1.1808': attribute type 1 has an invalid length.
[  478.311722][T13387] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1808'.
[  478.672927][T13396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1810'.
[  479.081981][  T841] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  479.255159][  T841] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  479.257703][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  479.261509][  T841] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  479.266720][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  479.270993][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  479.279551][  T841] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  479.281961][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  479.286024][  T841] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  479.290938][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  479.295480][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  479.300184][  T841] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  479.302682][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  479.306334][ T5984] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  479.307606][  T841] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  479.308068][T13411] FAULT_INJECTION: forcing a failure.
[  479.308068][T13411] name failslab, interval 1, probability 0, space 0, times 0
[  479.308113][T13411] CPU: 1 UID: 0 PID: 13411 Comm: syz.1.1814 Not tainted syzkaller #0 PREEMPT(full) 
[  479.308133][T13411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  479.308142][T13411] Call Trace:
[  479.308148][T13411]  <TASK>
[  479.308155][T13411]  dump_stack_lvl+0x16c/0x1f0
[  479.308178][T13411]  should_fail_ex+0x512/0x640
[  479.308202][T13411]  ? __kmalloc_cache_noprof+0x5f/0x780
[  479.308230][T13411]  should_failslab+0xc2/0x120
[  479.308252][T13411]  __kmalloc_cache_noprof+0x72/0x780
[  479.308277][T13411]  ? aa_label_sk_perm+0x195/0x600
[  479.308299][T13411]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  479.308321][T13411]  ? _parse_integer_limit+0x17f/0x1d0
[  479.308344][T13411]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  479.308366][T13411]  tcp_sendmsg_fastopen+0x24d/0x750
[  479.308393][T13411]  tcp_sendmsg_locked+0x2438/0x42e0
[  479.308422][T13411]  ? __lock_acquire+0xb8a/0x1c90
[  479.308451][T13411]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  479.308474][T13411]  ? do_raw_spin_lock+0x12c/0x2b0
[  479.308499][T13411]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  479.308529][T13411]  ? __local_bh_enable_ip+0xa4/0x120
[  479.308551][T13411]  tcp_sendmsg+0x2e/0x50
[  479.308570][T13411]  ? __pfx_tcp_sendmsg+0x10/0x10
[  479.308591][T13411]  inet6_sendmsg+0xb9/0x140
[  479.308610][T13411]  __sys_sendto+0x376/0x520
[  479.308635][T13411]  ? __pfx___sys_sendto+0x10/0x10
[  479.308677][T13411]  ? ksys_write+0x1ac/0x250
[  479.308694][T13411]  ? __pfx_ksys_write+0x10/0x10
[  479.308714][T13411]  __ia32_sys_sendto+0xdd/0x1b0
[  479.308736][T13411]  ? lockdep_hardirqs_on+0x7c/0x110
[  479.308754][T13411]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  479.308774][T13411]  __do_fast_syscall_32+0x7c/0x300
[  479.308811][T13411]  do_fast_syscall_32+0x32/0x80
[  479.308832][T13411]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  479.308852][T13411] RIP: 0023:0xf7f57579
[  479.308865][T13411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  479.308881][T13411] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  479.308896][T13411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  479.308906][T13411] RDX: 0000000000000000 RSI: 0000000022004001 RDI: 0000000080b63fe4
[  479.308916][T13411] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  479.308925][T13411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  479.308934][T13411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  479.308957][T13411]  </TASK>
[  479.405924][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  479.409526][  T841] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  479.415600][  T841] usb 7-1: string descriptor 0 read error: -22
[  479.417672][  T841] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  479.420519][  T841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.427934][  T841] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  479.468325][ T5984] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  479.472630][ T5984] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  479.478219][ T5984] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  479.481379][ T5984] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.488440][ T5984] usb 5-1: config 0 descriptor??
[  479.493768][ T5984] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  479.526011][T13413] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1815'.
[  479.643730][T13401] FAULT_INJECTION: forcing a failure.
[  479.643730][T13401] name failslab, interval 1, probability 0, space 0, times 0
[  479.649872][T13401] CPU: 0 UID: 0 PID: 13401 Comm: syz.2.1812 Not tainted syzkaller #0 PREEMPT(full) 
[  479.649897][T13401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  479.649908][T13401] Call Trace:
[  479.649914][T13401]  <TASK>
[  479.649920][T13401]  dump_stack_lvl+0x16c/0x1f0
[  479.649946][T13401]  should_fail_ex+0x512/0x640
[  479.649972][T13401]  ? __kmalloc_cache_noprof+0x5f/0x780
[  479.650001][T13401]  should_failslab+0xc2/0x120
[  479.650025][T13401]  __kmalloc_cache_noprof+0x72/0x780
[  479.650051][T13401]  ? dummy_urb_enqueue+0xa3/0x920
[  479.650081][T13401]  ? dummy_urb_enqueue+0xa3/0x920
[  479.650103][T13401]  dummy_urb_enqueue+0xa3/0x920
[  479.650123][T13401]  ? usb_hcd_map_urb_for_dma+0x359/0x1360
[  479.650150][T13401]  usb_hcd_submit_urb+0x25b/0x1c60
[  479.650181][T13401]  ? find_held_lock+0x2b/0x80
[  479.650203][T13401]  usb_submit_urb+0x89f/0x1990
[  479.650235][T13401]  adu_write+0x7fd/0xee0
[  479.650270][T13401]  ? __pfx_adu_write+0x10/0x10
[  479.650295][T13401]  ? __pfx_default_wake_function+0x10/0x10
[  479.650316][T13401]  ? bpf_lsm_file_permission+0x9/0x10
[  479.650337][T13401]  ? security_file_permission+0x71/0x210
[  479.650358][T13401]  ? rw_verify_area+0xcf/0x6c0
[  479.650378][T13401]  ? __pfx_adu_write+0x10/0x10
[  479.650399][T13401]  vfs_writev+0x5df/0xde0
[  479.650424][T13401]  ? __pfx_vfs_writev+0x10/0x10
[  479.650442][T13401]  ? find_held_lock+0x2b/0x80
[  479.650476][T13401]  ? __fget_files+0x20e/0x3c0
[  479.650493][T13401]  ? __fget_files+0x120/0x3c0
[  479.650536][T13401]  ? do_writev+0x132/0x340
[  479.650552][T13401]  do_writev+0x132/0x340
[  479.650570][T13401]  ? __pfx_do_writev+0x10/0x10
[  479.650590][T13401]  ? rcu_is_watching+0x12/0xc0
[  479.650615][T13401]  __do_fast_syscall_32+0x7c/0x300
[  479.650639][T13401]  do_fast_syscall_32+0x32/0x80
[  479.650660][T13401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  479.650683][T13401] RIP: 0023:0xf709d579
[  479.650698][T13401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  479.650715][T13401] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  479.650734][T13401] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001ac0
[  479.650745][T13401] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  479.650755][T13401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  479.650765][T13401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  479.650776][T13401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  479.650803][T13401]  </TASK>
[  479.650866][T13401] usb 7-1: Couldn't submit interrupt_out_urb -12
[  479.761770][  T841] usb 7-1: USB disconnect, device number 11
[  481.369700][T13443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1822'.
[  482.064841][ T6004] usb 5-1: USB disconnect, device number 16
[  483.657456][ T8104] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  483.819235][ T8104] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  483.822505][ T8104] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  483.826878][ T8104] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  483.830345][ T8104] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.834691][ T8104] usb 7-1: config 0 descriptor??
[  483.838628][ T8104] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  484.072356][T13484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1833'.
[  484.832934][T13495] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  484.835304][T13495] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  484.839108][T13495] vhci_hcd vhci_hcd.0: Device attached
[  485.122037][ T8211] usb 38-1: SetAddress Request (6) to port 0
[  485.124553][ T8211] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  485.455394][T13496] vhci_hcd: connection reset by peer
[  485.458361][   T12] vhci_hcd: stop threads
[  485.460153][   T12] vhci_hcd: release socket
[  485.462425][   T12] vhci_hcd: disconnect device
[  486.067987][T13500] FAULT_INJECTION: forcing a failure.
[  486.067987][T13500] name failslab, interval 1, probability 0, space 0, times 0
[  486.072780][T13500] CPU: 1 UID: 0 PID: 13500 Comm: syz.0.1835 Not tainted syzkaller #0 PREEMPT(full) 
[  486.072796][T13500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.072802][T13500] Call Trace:
[  486.072806][T13500]  <TASK>
[  486.072812][T13500]  dump_stack_lvl+0x16c/0x1f0
[  486.072835][T13500]  should_fail_ex+0x512/0x640
[  486.072862][T13500]  ? fs_reclaim_acquire+0xae/0x150
[  486.072888][T13500]  should_failslab+0xc2/0x120
[  486.072913][T13500]  __kmalloc_noprof+0xdd/0x880
[  486.072937][T13500]  ? tomoyo_encode2+0x100/0x3e0
[  486.072952][T13500]  ? tomoyo_encode2+0x100/0x3e0
[  486.072970][T13500]  tomoyo_encode2+0x100/0x3e0
[  486.072984][T13500]  tomoyo_encode+0x29/0x50
[  486.072995][T13500]  tomoyo_realpath_from_path+0x18f/0x6e0
[  486.073012][T13500]  tomoyo_path_number_perm+0x245/0x580
[  486.073030][T13500]  ? tomoyo_path_number_perm+0x237/0x580
[  486.073083][T13500]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  486.073115][T13500]  ? find_held_lock+0x2b/0x80
[  486.073127][T13500]  ? hook_file_ioctl_common+0x145/0x410
[  486.073142][T13500]  ? __fget_files+0x20e/0x3c0
[  486.073157][T13500]  security_file_ioctl_compat+0x9b/0x240
[  486.073170][T13500]  __ia32_compat_sys_ioctl+0xc3/0x370
[  486.073189][T13500]  __do_fast_syscall_32+0x7c/0x300
[  486.073204][T13500]  do_fast_syscall_32+0x32/0x80
[  486.073219][T13500]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.073233][T13500] RIP: 0023:0xf7f84579
[  486.073242][T13500] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.073253][T13500] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  486.073263][T13500] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c4c03d16
[  486.073270][T13500] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  486.073277][T13500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.073283][T13500] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.073289][T13500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.073303][T13500]  </TASK>
[  486.073315][T13500] ERROR: Out of memory at tomoyo_realpath_from_path.
[  486.179681][T13502] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1836'.
[  486.187150][T13502] netlink: 'syz.0.1836': attribute type 1 has an invalid length.
[  486.190700][T13502] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1836'.
[  486.642210][   T24] usb 7-1: USB disconnect, device number 12
[  486.649181][T13510] FAULT_INJECTION: forcing a failure.
[  486.649181][T13510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.656956][T13510] CPU: 3 UID: 0 PID: 13510 Comm: syz.3.1838 Not tainted syzkaller #0 PREEMPT(full) 
[  486.656994][T13510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.657005][T13510] Call Trace:
[  486.657019][T13510]  <TASK>
[  486.657025][T13510]  dump_stack_lvl+0x16c/0x1f0
[  486.657072][T13510]  should_fail_ex+0x512/0x640
[  486.657100][T13510]  _copy_from_user+0x2e/0xd0
[  486.657127][T13510]  kstrtouint_from_user+0xd6/0x1d0
[  486.657148][T13510]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  486.657169][T13510]  ? __lock_acquire+0xb8a/0x1c90
[  486.657201][T13510]  proc_fail_nth_write+0x83/0x220
[  486.657222][T13510]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  486.657248][T13510]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  486.657265][T13510]  vfs_write+0x2a0/0x11d0
[  486.657290][T13510]  ? __pfx_vfs_write+0x10/0x10
[  486.657306][T13510]  ? find_held_lock+0x2b/0x80
[  486.657329][T13510]  ? __fget_files+0x20e/0x3c0
[  486.657355][T13510]  ksys_write+0x12a/0x250
[  486.657373][T13510]  ? __pfx_ksys_write+0x10/0x10
[  486.657394][T13510]  ? rcu_is_watching+0x12/0xc0
[  486.657417][T13510]  __do_fast_syscall_32+0x7c/0x300
[  486.657438][T13510]  do_fast_syscall_32+0x32/0x80
[  486.657458][T13510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.657480][T13510] RIP: 0023:0xf70cd579
[  486.657494][T13510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.657510][T13510] RSP: 002b:00000000f54bd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  486.657528][T13510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54bd620
[  486.657538][T13510] RDX: 0000000000000001 RSI: 00000000f7465ff4 RDI: 0000000000000000
[  486.657546][T13510] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  486.657556][T13510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.657566][T13510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.657591][T13510]  </TASK>
[  486.682568][T13512] FAULT_INJECTION: forcing a failure.
[  486.682568][T13512] name failslab, interval 1, probability 0, space 0, times 0
[  486.751245][T13512] CPU: 3 UID: 0 PID: 13512 Comm: syz.2.1839 Not tainted syzkaller #0 PREEMPT(full) 
[  486.751269][T13512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.751278][T13512] Call Trace:
[  486.751285][T13512]  <TASK>
[  486.751292][T13512]  dump_stack_lvl+0x16c/0x1f0
[  486.751317][T13512]  should_fail_ex+0x512/0x640
[  486.751341][T13512]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  486.751363][T13512]  should_failslab+0xc2/0x120
[  486.751384][T13512]  kmem_cache_alloc_node_noprof+0x78/0x770
[  486.751399][T13512]  ? __alloc_skb+0x2b2/0x380
[  486.751429][T13512]  ? __alloc_skb+0x2b2/0x380
[  486.751452][T13512]  __alloc_skb+0x2b2/0x380
[  486.751476][T13512]  ? __pfx___alloc_skb+0x10/0x10
[  486.751500][T13512]  ? __kernel_text_address+0xd/0x40
[  486.751515][T13512]  ? __pfx___might_resched+0x10/0x10
[  486.751538][T13512]  netlink_alloc_large_skb+0x69/0x140
[  486.751558][T13512]  netlink_sendmsg+0x698/0xdd0
[  486.751581][T13512]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.751601][T13512]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  486.751647][T13512]  ____sys_sendmsg+0xa98/0xc70
[  486.751671][T13512]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.751691][T13512]  ? get_compat_msghdr+0x11a/0x170
[  486.751729][T13512]  ___sys_sendmsg+0x134/0x1d0
[  486.751745][T13512]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.751776][T13512]  ? find_held_lock+0x2b/0x80
[  486.751812][T13512]  __sys_sendmsg+0x16d/0x220
[  486.751830][T13512]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.751856][T13512]  ? rcu_is_watching+0x12/0xc0
[  486.751878][T13512]  __do_fast_syscall_32+0x7c/0x300
[  486.751901][T13512]  do_fast_syscall_32+0x32/0x80
[  486.751921][T13512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.751942][T13512] RIP: 0023:0xf709d579
[  486.751957][T13512] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.751971][T13512] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  486.751987][T13512] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[  486.751998][T13512] RDX: 0000000024000840 RSI: 0000000000000000 RDI: 0000000000000000
[  486.752013][T13512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.752023][T13512] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.752033][T13512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.752056][T13512]  </TASK>
[  486.878950][T13519] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1841'.
[  486.895822][T13519] netlink: 'syz.2.1841': attribute type 1 has an invalid length.
[  486.899281][T13519] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1841'.
[  486.930379][T13522] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1842'.
[  486.935358][T13522] netlink: 'syz.1.1842': attribute type 1 has an invalid length.
[  486.938129][T13522] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1842'.
[  487.606014][T13535] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1845'.
[  487.610434][T13535] netlink: 'syz.0.1845': attribute type 1 has an invalid length.
[  487.613203][T13535] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1845'.
[  487.853277][T13545] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  487.855947][   T75] Bluetooth: hci4: Frame reassembly failed (-84)
[  488.922865][T13561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1858'.
[  490.029236][T13546] Bluetooth: hci4: command 0x1003 tx timeout
[  490.029510][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  490.542769][ T8211] usb 38-1: device descriptor read/8, error -110
[  490.960838][ T8211] usb usb38-port1: attempt power cycle
[  491.088763][T13592] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1856'.
[  491.103803][T13592] netlink: 'syz.0.1856': attribute type 1 has an invalid length.
[  491.106261][T13592] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1856'.
[  491.289367][T13598] FAULT_INJECTION: forcing a failure.
[  491.289367][T13598] name failslab, interval 1, probability 0, space 0, times 0
[  491.293444][T13598] CPU: 2 UID: 0 PID: 13598 Comm: syz.0.1859 Not tainted syzkaller #0 PREEMPT(full) 
[  491.293460][T13598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  491.293467][T13598] Call Trace:
[  491.293471][T13598]  <TASK>
[  491.293475][T13598]  dump_stack_lvl+0x16c/0x1f0
[  491.293492][T13598]  should_fail_ex+0x512/0x640
[  491.293510][T13598]  ? __kmalloc_noprof+0xca/0x880
[  491.293529][T13598]  should_failslab+0xc2/0x120
[  491.293545][T13598]  __kmalloc_noprof+0xdd/0x880
[  491.293562][T13598]  ? bpf_test_init.isra.0+0x88/0x130
[  491.293582][T13598]  ? bpf_test_init.isra.0+0x88/0x130
[  491.293597][T13598]  bpf_test_init.isra.0+0x88/0x130
[  491.293615][T13598]  bpf_prog_test_run_skb+0x261/0x2290
[  491.293628][T13598]  ? __fget_files+0x204/0x3c0
[  491.293641][T13598]  ? __fget_files+0x20e/0x3c0
[  491.293651][T13598]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  491.293664][T13598]  ? fput+0x9b/0xd0
[  491.293680][T13598]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  491.293691][T13598]  __sys_bpf+0x1035/0x4980
[  491.293706][T13598]  ? __pfx___sys_bpf+0x10/0x10
[  491.293716][T13598]  ? find_held_lock+0x2b/0x80
[  491.293731][T13598]  ? find_held_lock+0x2b/0x80
[  491.293746][T13598]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  491.293768][T13598]  ? fput+0x9b/0xd0
[  491.293782][T13598]  ? ksys_write+0x1ac/0x250
[  491.293794][T13598]  ? __pfx_ksys_write+0x10/0x10
[  491.293808][T13598]  __ia32_sys_bpf+0x76/0xe0
[  491.293820][T13598]  __do_fast_syscall_32+0x7c/0x300
[  491.293835][T13598]  do_fast_syscall_32+0x32/0x80
[  491.293852][T13598]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  491.293866][T13598] RIP: 0023:0xf7f84579
[  491.293876][T13598] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  491.293886][T13598] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  491.293897][T13598] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  491.293904][T13598] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  491.293913][T13598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  491.293919][T13598] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  491.293925][T13598] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  491.293943][T13598]  </TASK>
[  491.394722][T13603] openvswitch: netlink: Port -1 exceeds max allowable 65535
[  491.611936][ T8211] usb usb38-port1: unable to enumerate USB device
[  492.120251][T13616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1862'.
[  492.126158][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[  492.129220][T13615] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  493.113879][T13632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'.
[  493.191978][T13634] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1867'.
[  493.198144][T13634] netlink: 'syz.2.1867': attribute type 1 has an invalid length.
[  493.201447][T13634] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1867'.
[  493.686284][    T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  493.899513][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.904370][    T9] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  493.907581][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.950686][    T9] usb 5-1: config 0 descriptor??
[  494.001965][    T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  494.085613][T13652] FAULT_INJECTION: forcing a failure.
[  494.085613][T13652] name failslab, interval 1, probability 0, space 0, times 0
[  494.090454][T13652] CPU: 3 UID: 0 PID: 13652 Comm: syz.3.1872 Not tainted syzkaller #0 PREEMPT(full) 
[  494.090472][T13652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  494.090478][T13652] Call Trace:
[  494.090485][T13652]  <TASK>
[  494.090490][T13652]  dump_stack_lvl+0x16c/0x1f0
[  494.090510][T13652]  should_fail_ex+0x512/0x640
[  494.090529][T13652]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  494.090544][T13652]  should_failslab+0xc2/0x120
[  494.090560][T13652]  kmem_cache_alloc_node_noprof+0x78/0x770
[  494.090572][T13652]  ? __alloc_skb+0x2b2/0x380
[  494.090593][T13652]  ? __alloc_skb+0x2b2/0x380
[  494.090609][T13652]  __alloc_skb+0x2b2/0x380
[  494.090626][T13652]  ? __pfx___alloc_skb+0x10/0x10
[  494.090644][T13652]  ? __pfx___might_resched+0x10/0x10
[  494.090660][T13652]  netlink_alloc_large_skb+0x69/0x140
[  494.090675][T13652]  netlink_sendmsg+0x698/0xdd0
[  494.090689][T13652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  494.090702][T13652]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  494.090722][T13652]  ____sys_sendmsg+0xa98/0xc70
[  494.090738][T13652]  ? __pfx_____sys_sendmsg+0x10/0x10
[  494.090751][T13652]  ? get_compat_msghdr+0x11a/0x170
[  494.090782][T13652]  ___sys_sendmsg+0x134/0x1d0
[  494.090794][T13652]  ? __pfx____sys_sendmsg+0x10/0x10
[  494.090811][T13652]  ? find_held_lock+0x2b/0x80
[  494.090833][T13652]  __sys_sendmsg+0x16d/0x220
[  494.090843][T13652]  ? __pfx___sys_sendmsg+0x10/0x10
[  494.090860][T13652]  ? rcu_is_watching+0x12/0xc0
[  494.090874][T13652]  __do_fast_syscall_32+0x7c/0x300
[  494.090891][T13652]  do_fast_syscall_32+0x32/0x80
[  494.090908][T13652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  494.090923][T13652] RIP: 0023:0xf70cd579
[  494.090933][T13652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  494.090944][T13652] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  494.090955][T13652] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  494.090962][T13652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  494.090968][T13652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  494.090974][T13652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  494.090981][T13652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  494.090994][T13652]  </TASK>
[  494.305342][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  494.306511][T13546] Bluetooth: hci4: command 0x1003 tx timeout
[  495.551087][   T40] audit: type=1326 audit(1761765788.191:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13675 comm="syz.1.1878" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f57579 code=0x0
[  496.661201][ T5991] usb 5-1: USB disconnect, device number 17
[  496.712206][T13695] input: syz0 as /devices/virtual/input/input39
[  496.757579][T13697] loop5: detected capacity change from 0 to 7
[  496.765512][    C0] blk_print_req_error: 5 callbacks suppressed
[  496.765527][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.772119][    C0] buffer_io_error: 5 callbacks suppressed
[  496.772134][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.784765][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.788920][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.795711][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.799524][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.808131][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.811999][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.815852][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.819278][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.822897][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.826602][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.830934][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.831776][T13702] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  496.834872][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.837165][T13702] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  496.840582][T13697] ldm_validate_partition_table(): Disk read failed.
[  496.846144][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.846806][T13702] vhci_hcd vhci_hcd.0: Device attached
[  496.849327][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.849583][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.856526][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.859587][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  496.862628][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  496.866172][T13697] Dev loop5: unable to read RDB block 0
[  496.868778][T13697]  loop5: unable to read partition table
[  496.871033][T13697] loop5: partition table beyond EOD, truncated
[  496.874064][T13705] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  496.876173][T13697] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  497.384209][ T8211] usb 42-1: SetAddress Request (14) to port 0
[  497.386257][ T8211] usb 42-1: new SuperSpeed USB device number 14 using vhci_hcd
[  497.679726][T13703] vhci_hcd: connection reset by peer
[  497.682345][T12433] vhci_hcd: stop threads
[  497.683875][T12433] vhci_hcd: release socket
[  497.685988][T12433] vhci_hcd: disconnect device
[  498.663209][T13730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1891'.
[  498.670444][T13730] netlink: 'syz.0.1891': attribute type 1 has an invalid length.
[  498.671596][T13727] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1890'.
[  498.672877][T13730] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1891'.
[  498.679296][T13727] team0: left allmulticast mode
[  498.681081][T13727] team_slave_0: left allmulticast mode
[  498.682918][T13727] team_slave_1: left allmulticast mode
[  498.685825][T13727] bridge0: port 3(team0) entered disabled state
[  498.697532][T13727] bridge_slave_1: left promiscuous mode
[  498.701855][T13727] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.715845][T13727] bridge_slave_0: left allmulticast mode
[  498.717900][T13727] bridge_slave_0: left promiscuous mode
[  498.720991][T13727] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.961177][T13739] loop5: detected capacity change from 0 to 7
[  498.965356][T13739] ldm_validate_partition_table(): Disk read failed.
[  498.974661][T13739] Dev loop5: unable to read RDB block 0
[  498.978314][T13739]  loop5: unable to read partition table
[  498.981179][T13739] loop5: partition table beyond EOD, truncated
[  498.984117][T13739] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  498.994258][T13739] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  499.088591][T13741] loop5: detected capacity change from 0 to 7
[  499.099372][T13741] ldm_validate_partition_table(): Disk read failed.
[  499.102887][T13741] Dev loop5: unable to read RDB block 0
[  499.107152][T13741]  loop5: unable to read partition table
[  499.109906][T13741] loop5: partition table beyond EOD, truncated
[  499.113079][T13741] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  499.127027][T13741] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  499.140060][ T5991] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  499.147642][ T5348] ldm_validate_partition_table(): Disk read failed.
[  499.156244][ T5348] Dev loop5: unable to read RDB block 0
[  499.158533][ T5348]  loop5: unable to read partition table
[  499.161202][ T5348] loop5: partition table beyond EOD, truncated
[  499.299011][ T5991] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  499.303051][ T5991] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  499.306230][ T5991] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.310755][ T5991] usb 7-1: config 0 descriptor??
[  499.317202][ T5991] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  499.415375][  T841] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  499.588248][  T841] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  499.591825][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  499.596435][  T841] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  499.600726][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  499.604202][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  499.610327][  T841] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  499.613706][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  499.617627][  T841] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  499.621445][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  499.625007][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  499.630700][  T841] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  499.635608][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  499.669347][  T841] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  499.674504][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  499.679109][  T841] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  499.685430][  T841] usb 6-1: string descriptor 0 read error: -22
[  499.687669][  T841] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  499.691191][  T841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.701512][  T841] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  501.532967][T13764] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  501.595532][T13766] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  502.108645][  T841] usb 7-1: USB disconnect, device number 13
[  502.250005][T13772] loop5: detected capacity change from 0 to 7
[  502.255295][    C0] blk_print_req_error: 65 callbacks suppressed
[  502.255304][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.261112][    C0] buffer_io_error: 65 callbacks suppressed
[  502.261120][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.265919][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.268767][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.271471][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.274741][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.277790][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.281771][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.285226][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.288183][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.291477][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.294428][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.297093][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.300038][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.302674][ T7470] ldm_validate_partition_table(): Disk read failed.
[  502.305397][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.309220][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.312879][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.316671][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.320136][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  502.324043][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  502.327620][ T7470] Dev loop5: unable to read RDB block 0
[  502.330201][ T7470]  loop5: unable to read partition table
[  502.332128][ T7470] loop5: partition table beyond EOD, truncated
[  502.336483][T13772] ldm_validate_partition_table(): Disk read failed.
[  502.339009][T13772] Dev loop5: unable to read RDB block 0
[  502.341248][T13772]  loop5: unable to read partition table
[  502.343171][T13772] loop5: partition table beyond EOD, truncated
[  502.345410][T13772] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  502.354619][T13772] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  502.423152][   T40] audit: type=1326 audit(1761765794.627:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13774 comm="syz.2.1904" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709d579 code=0x0
[  502.772450][ T8211] usb 42-1: device descriptor read/8, error -110
[  503.200336][ T8211] usb usb42-port1: attempt power cycle
[  503.520322][T13780] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1905'.
[  503.713114][T13767] Bluetooth: hci4: command 0x1003 tx timeout
[  503.713315][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  503.769596][T13783] loop5: detected capacity change from 0 to 7
[  503.773686][T13783] ldm_validate_partition_table(): Disk read failed.
[  503.776221][T13783] Dev loop5: unable to read RDB block 0
[  503.779069][T13783]  loop5: unable to read partition table
[  503.781339][T13783] loop5: partition table beyond EOD, truncated
[  503.786128][T13783] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  503.797863][T13783] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  503.801270][T13546] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  503.805328][ T8211] usb usb42-port1: unable to enumerate USB device
[  503.884142][T13794] FAULT_INJECTION: forcing a failure.
[  503.884142][T13794] name failslab, interval 1, probability 0, space 0, times 0
[  503.888361][T13794] CPU: 3 UID: 0 PID: 13794 Comm: syz.0.1910 Not tainted syzkaller #0 PREEMPT(full) 
[  503.888377][T13794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  503.888384][T13794] Call Trace:
[  503.888388][T13794]  <TASK>
[  503.888393][T13794]  dump_stack_lvl+0x16c/0x1f0
[  503.888410][T13794]  should_fail_ex+0x512/0x640
[  503.888430][T13794]  should_failslab+0xc2/0x120
[  503.888446][T13794]  kmem_cache_alloc_noprof+0x75/0x6e0
[  503.888460][T13794]  ? dst_alloc+0x99/0x1a0
[  503.888487][T13794]  ? dst_alloc+0x99/0x1a0
[  503.888506][T13794]  dst_alloc+0x99/0x1a0
[  503.888531][T13794]  rt_dst_alloc+0x35/0x3a0
[  503.888551][T13794]  ip_route_output_key_hash_rcu+0x87a/0x28e0
[  503.888577][T13794]  ip_route_output_key_hash+0x10f/0x2b0
[  503.888594][T13794]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  503.888610][T13794]  ? __pfx_tomoyo_audit_inet_log+0x10/0x10
[  503.888629][T13794]  tcp_v4_connect+0x821/0x1c10
[  503.888650][T13794]  ? __pfx_tcp_v4_connect+0x10/0x10
[  503.888666][T13794]  ? __lock_acquire+0xb8a/0x1c90
[  503.888684][T13794]  __inet_stream_connect+0x915/0xf50
[  503.888704][T13794]  ? __pfx___inet_stream_connect+0x10/0x10
[  503.888719][T13794]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  503.888739][T13794]  ? __pfx_inet_stream_connect+0x10/0x10
[  503.888755][T13794]  ? __local_bh_enable_ip+0xa4/0x120
[  503.888770][T13794]  ? __pfx_inet_stream_connect+0x10/0x10
[  503.888785][T13794]  inet_stream_connect+0x57/0xa0
[  503.888802][T13794]  __sys_connect_file+0x141/0x1a0
[  503.888820][T13794]  __sys_connect+0x13b/0x160
[  503.888837][T13794]  ? __pfx___sys_connect+0x10/0x10
[  503.888858][T13794]  ? __pfx_ksys_write+0x10/0x10
[  503.888897][T13794]  __ia32_sys_connect+0x71/0xb0
[  503.888915][T13794]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  503.888929][T13794]  __do_fast_syscall_32+0x7c/0x300
[  503.888946][T13794]  do_fast_syscall_32+0x32/0x80
[  503.888959][T13794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  503.888973][T13794] RIP: 0023:0xf7f84579
[  503.888982][T13794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  503.888993][T13794] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  503.889004][T13794] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  503.889010][T13794] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  503.889017][T13794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  503.889023][T13794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  503.889029][T13794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  503.889043][T13794]  </TASK>
[  504.002786][T13799] input: syz0 as /devices/virtual/input/input40
[  504.014390][ T5943] Bluetooth: hci4: sending frame failed (-49)
[  504.017733][T13546] Bluetooth: hci4: Entering manufacturer mode failed (-49)
[  504.134610][T13803] loop5: detected capacity change from 0 to 7
[  504.137718][T13803] ldm_validate_partition_table(): Disk read failed.
[  504.140310][T13803] Dev loop5: unable to read RDB block 0
[  504.142564][T13803]  loop5: unable to read partition table
[  504.144257][T13803] loop5: partition table beyond EOD, truncated
[  504.146055][T13803] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  504.152848][T13803] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  504.218585][ T5348] ldm_validate_partition_table(): Disk read failed.
[  504.222825][ T5348] Dev loop5: unable to read RDB block 0
[  504.227598][ T5348]  loop5: unable to read partition table
[  504.229533][ T5348] loop5: partition table beyond EOD, truncated
[  504.312363][ T5991] usb 6-1: USB disconnect, device number 18
[  504.327230][T13809] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  504.380997][T12444] Bluetooth: hci4: Frame reassembly failed (-84)
[  505.615659][T13821] netlink: 'syz.3.1917': attribute type 1 has an invalid length.
[  506.074874][T13827] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1919'.
[  506.078332][T13827] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1919'.
[  506.535656][T13546] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  506.535679][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[  507.329681][T13850] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1926'.
[  507.334872][T13850] netlink: 'syz.0.1926': attribute type 1 has an invalid length.
[  507.338674][T13850] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1926'.
[  507.479883][T13854] input: syz0 as /devices/virtual/input/input41
[  507.493269][T13854] FAULT_INJECTION: forcing a failure.
[  507.493269][T13854] name failslab, interval 1, probability 0, space 0, times 0
[  507.497338][T13854] CPU: 0 UID: 0 PID: 13854 Comm: syz.0.1927 Not tainted syzkaller #0 PREEMPT(full) 
[  507.497353][T13854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.497361][T13854] Call Trace:
[  507.497365][T13854]  <TASK>
[  507.497369][T13854]  dump_stack_lvl+0x16c/0x1f0
[  507.497397][T13854]  should_fail_ex+0x512/0x640
[  507.497415][T13854]  ? fs_reclaim_acquire+0xae/0x150
[  507.497432][T13854]  should_failslab+0xc2/0x120
[  507.497448][T13854]  __kmalloc_noprof+0xdd/0x880
[  507.497466][T13854]  ? tomoyo_encode2+0x100/0x3e0
[  507.497481][T13854]  ? tomoyo_encode2+0x100/0x3e0
[  507.497493][T13854]  tomoyo_encode2+0x100/0x3e0
[  507.497506][T13854]  tomoyo_encode+0x29/0x50
[  507.497518][T13854]  tomoyo_realpath_from_path+0x18f/0x6e0
[  507.497535][T13854]  tomoyo_path_number_perm+0x245/0x580
[  507.497552][T13854]  ? tomoyo_path_number_perm+0x237/0x580
[  507.497571][T13854]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  507.497604][T13854]  ? find_held_lock+0x2b/0x80
[  507.497616][T13854]  ? hook_file_ioctl_common+0x145/0x410
[  507.497630][T13854]  ? __fget_files+0x20e/0x3c0
[  507.497644][T13854]  security_file_ioctl_compat+0x9b/0x240
[  507.497657][T13854]  __ia32_compat_sys_ioctl+0xc3/0x370
[  507.497676][T13854]  __do_fast_syscall_32+0x7c/0x300
[  507.497692][T13854]  do_fast_syscall_32+0x32/0x80
[  507.497705][T13854]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.497719][T13854] RIP: 0023:0xf7f84579
[  507.497727][T13854] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  507.497738][T13854] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  507.497749][T13854] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005412
[  507.497756][T13854] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  507.497762][T13854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  507.497768][T13854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  507.497774][T13854] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.497788][T13854]  </TASK>
[  507.504673][T12444] Bluetooth: hci4: Frame reassembly failed (-84)
[  507.509125][T13854] ERROR: Out of memory at tomoyo_realpath_from_path.
[  507.809573][T13860] loop5: detected capacity change from 0 to 7
[  507.813949][    C0] blk_print_req_error: 80 callbacks suppressed
[  507.813959][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.819269][    C0] buffer_io_error: 80 callbacks suppressed
[  507.819279][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.867867][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.870798][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.884313][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.887217][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.894807][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.897771][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.901682][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.904763][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.909409][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.912280][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.921587][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.924534][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.927776][T13860] ldm_validate_partition_table(): Disk read failed.
[  507.933205][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.936922][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.940242][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.943163][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.944902][T13866] : entered promiscuous mode
[  507.946439][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  507.949371][T13866] FAULT_INJECTION: forcing a failure.
[  507.949371][T13866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.950468][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  507.955898][T13866] CPU: 0 UID: 0 PID: 13866 Comm: syz.2.1931 Not tainted syzkaller #0 PREEMPT(full) 
[  507.955921][T13866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.955932][T13866] Call Trace:
[  507.955939][T13866]  <TASK>
[  507.955947][T13866]  dump_stack_lvl+0x16c/0x1f0
[  507.955971][T13866]  should_fail_ex+0x512/0x640
[  507.956002][T13866]  _copy_from_user+0x2e/0xd0
[  507.956030][T13866]  move_addr_to_kernel+0x65/0x170
[  507.956054][T13866]  __get_compat_msghdr+0x3f1/0x4d0
[  507.956084][T13866]  get_compat_msghdr+0xd2/0x170
[  507.956110][T13866]  ? __pfx_get_compat_msghdr+0x10/0x10
[  507.956139][T13866]  ? __pfx__kstrtoull+0x10/0x10
[  507.956165][T13866]  ___sys_sendmsg+0x1ae/0x1d0
[  507.956185][T13866]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.956200][T13866]  ? __lock_acquire+0x622/0x1c90
[  507.956258][T13866]  __sys_sendmmsg+0x2f9/0x420
[  507.956278][T13866]  ? __pfx___sys_sendmmsg+0x10/0x10
[  507.956305][T13866]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  507.956337][T13866]  ? fput+0x9b/0xd0
[  507.956361][T13866]  ? ksys_write+0x1ac/0x250
[  507.956377][T13866]  ? __pfx_ksys_write+0x10/0x10
[  507.956397][T13866]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  507.956426][T13866]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  507.956449][T13866]  __do_fast_syscall_32+0x7c/0x300
[  507.956488][T13866]  do_fast_syscall_32+0x32/0x80
[  507.956509][T13866]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.956531][T13866] RIP: 0023:0xf709d579
[  507.956545][T13866] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  507.956562][T13866] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  507.956578][T13866] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002240
[  507.956589][T13866] RDX: 0000000000000001 RSI: 0000000004000000 RDI: 0000000000000000
[  507.956599][T13866] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  507.956608][T13866] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  507.956618][T13866] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.956643][T13866]  </TASK>
[  507.964207][T13867] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  507.967419][T13860] Dev loop5: unable to read RDB block 0
[  508.001445][T13869] netlink: 'syz.2.1932': attribute type 1 has an invalid length.
[  508.003335][T13860]  loop5: unable to read partition table
[  508.042858][T13860] loop5: partition table beyond EOD, truncated
[  508.044792][T13860] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  508.177094][T13873] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  508.181358][   T46] Bluetooth: hci5: Frame reassembly failed (-84)
[  509.016428][T13881] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1935'.
[  509.044983][T13881] netlink: 'syz.2.1935': attribute type 1 has an invalid length.
[  509.047482][T13881] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1935'.
[  509.710615][T13767] Bluetooth: hci4: command 0xfc11 tx timeout
[  509.712760][ T5943] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  510.384098][T13546] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  510.813266][T13915] FAULT_INJECTION: forcing a failure.
[  510.813266][T13915] name failslab, interval 1, probability 0, space 0, times 0
[  510.818633][T13915] CPU: 2 UID: 0 PID: 13915 Comm: syz.0.1944 Not tainted syzkaller #0 PREEMPT(full) 
[  510.818657][T13915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  510.818667][T13915] Call Trace:
[  510.818674][T13915]  <TASK>
[  510.818681][T13915]  dump_stack_lvl+0x16c/0x1f0
[  510.818706][T13915]  should_fail_ex+0x512/0x640
[  510.818732][T13915]  ? fs_reclaim_acquire+0xae/0x150
[  510.818757][T13915]  should_failslab+0xc2/0x120
[  510.818781][T13915]  __kmalloc_noprof+0xdd/0x880
[  510.818809][T13915]  ? tomoyo_encode2+0x100/0x3e0
[  510.818833][T13915]  ? tomoyo_encode2+0x100/0x3e0
[  510.818848][T13915]  tomoyo_encode2+0x100/0x3e0
[  510.818870][T13915]  tomoyo_encode+0x29/0x50
[  510.818889][T13915]  tomoyo_realpath_from_path+0x18f/0x6e0
[  510.818911][T13915]  ? tomoyo_profile+0x47/0x60
[  510.818936][T13915]  tomoyo_path_number_perm+0x245/0x580
[  510.818962][T13915]  ? tomoyo_path_number_perm+0x237/0x580
[  510.818991][T13915]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  510.819052][T13915]  ? find_held_lock+0x2b/0x80
[  510.819070][T13915]  ? hook_file_ioctl_common+0x145/0x410
[  510.819094][T13915]  ? __fget_files+0x20e/0x3c0
[  510.819117][T13915]  security_file_ioctl_compat+0x9b/0x240
[  510.819137][T13915]  __ia32_compat_sys_ioctl+0xc3/0x370
[  510.819166][T13915]  __do_fast_syscall_32+0x7c/0x300
[  510.819191][T13915]  do_fast_syscall_32+0x32/0x80
[  510.819212][T13915]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  510.819234][T13915] RIP: 0023:0xf7f84579
[  510.819248][T13915] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  510.819264][T13915] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  510.819281][T13915] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  510.819292][T13915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  510.819302][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  510.819312][T13915] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  510.819322][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  510.819348][T13915]  </TASK>
[  510.819368][T13915] ERROR: Out of memory at tomoyo_realpath_from_path.
[  512.210093][T13940] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  512.213249][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[  512.843469][  T841] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  513.101606][  T841] usb 7-1: unable to get BOS descriptor or descriptor too short
[  513.105493][  T841] usb 7-1: unable to read config index 0 descriptor/start: -71
[  513.108216][  T841] usb 7-1: can't read configurations, error -71
[  513.537856][ T8104] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  513.764404][ T8104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  513.767541][ T8104] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  513.770584][ T8104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.778497][ T8104] usb 5-1: config 0 descriptor??
[  513.781947][ T8104] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  513.814334][T13959] tmpfs: Unknown parameter 'mpo�'
[  514.403726][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[  514.408301][T13546] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  514.448263][T13963] netlink: 'syz.3.1956': attribute type 10 has an invalid length.
[  514.463690][T13963] 8021q: adding VLAN 0 to HW filter on device bond2
[  514.484030][T13963] bond_slave_0: entered promiscuous mode
[  514.486039][T13963] bond_slave_1: entered promiscuous mode
[  514.488541][T13963] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  514.494555][T13963] bond2: (slave macvlan3): Enslaving as a backup interface with a down link
[  514.748968][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  515.564118][T13980] FAULT_INJECTION: forcing a failure.
[  515.564118][T13980] name failslab, interval 1, probability 0, space 0, times 0
[  515.569693][T13980] CPU: 0 UID: 0 PID: 13980 Comm: syz.1.1960 Not tainted syzkaller #0 PREEMPT(full) 
[  515.569716][T13980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  515.569726][T13980] Call Trace:
[  515.569734][T13980]  <TASK>
[  515.569741][T13980]  dump_stack_lvl+0x16c/0x1f0
[  515.569767][T13980]  should_fail_ex+0x512/0x640
[  515.569806][T13980]  ? fs_reclaim_acquire+0xae/0x150
[  515.569831][T13980]  should_failslab+0xc2/0x120
[  515.569854][T13980]  __kmalloc_noprof+0xdd/0x880
[  515.569880][T13980]  ? tomoyo_encode2+0x100/0x3e0
[  515.569904][T13980]  ? tomoyo_encode2+0x100/0x3e0
[  515.569922][T13980]  tomoyo_encode2+0x100/0x3e0
[  515.569944][T13980]  tomoyo_encode+0x29/0x50
[  515.569962][T13980]  tomoyo_realpath_from_path+0x18f/0x6e0
[  515.569984][T13980]  ? tomoyo_profile+0x47/0x60
[  515.570008][T13980]  tomoyo_path_number_perm+0x245/0x580
[  515.570033][T13980]  ? tomoyo_path_number_perm+0x237/0x580
[  515.570062][T13980]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  515.570108][T13980]  ? find_held_lock+0x2b/0x80
[  515.570126][T13980]  ? hook_file_ioctl_common+0x145/0x410
[  515.570148][T13980]  ? __fget_files+0x20e/0x3c0
[  515.570169][T13980]  security_file_ioctl_compat+0x9b/0x240
[  515.570190][T13980]  __ia32_compat_sys_ioctl+0xc3/0x370
[  515.570219][T13980]  __do_fast_syscall_32+0x7c/0x300
[  515.570244][T13980]  do_fast_syscall_32+0x32/0x80
[  515.570266][T13980]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  515.570289][T13980] RIP: 0023:0xf7f57579
[  515.570304][T13980] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  515.570319][T13980] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  515.570336][T13980] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  515.570346][T13980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  515.570354][T13980] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  515.570364][T13980] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  515.570373][T13980] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  515.570393][T13980]  </TASK>
[  515.570413][T13980] ERROR: Out of memory at tomoyo_realpath_from_path.
[  515.675224][T13980] kvm: requested 130742 ns i8254 timer period limited to 200000 ns
[  515.682582][T13980] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  515.697315][T13980] kvm: requested 134933 ns i8254 timer period limited to 200000 ns
[  515.705775][T13980] kvm: requested 23466 ns i8254 timer period limited to 200000 ns
[  515.712214][T13980] kvm: requested 82133 ns i8254 timer period limited to 200000 ns
[  515.717415][T13980] kvm: requested 191085 ns i8254 timer period limited to 200000 ns
[  515.724303][T13980] kvm: requested 56990 ns i8254 timer period limited to 200000 ns
[  516.505582][ T8104] usb 5-1: USB disconnect, device number 18
[  531.626298][ T1416] ==================================================================
[  531.628988][ T1416] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630
[  531.631291][ T1416] Read of size 1 at addr ffff88804c187490 by task aoe_tx0/1416
[  531.634247][ T1416] 
[  531.635655][ T1416] CPU: 2 UID: 0 PID: 1416 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) 
[  531.635670][ T1416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  531.635676][ T1416] Call Trace:
[  531.635681][ T1416]  <TASK>
[  531.635685][ T1416]  dump_stack_lvl+0x116/0x1f0
[  531.635700][ T1416]  print_report+0xcd/0x630
[  531.635715][ T1416]  ? __virt_addr_valid+0x81/0x610
[  531.635729][ T1416]  ? __phys_addr+0xe8/0x180
[  531.635743][ T1416]  ? handle_tx+0x5dc/0x630
[  531.635754][ T1416]  kasan_report+0xe0/0x110
[  531.635768][ T1416]  ? handle_tx+0x5dc/0x630
[  531.635780][ T1416]  handle_tx+0x5dc/0x630
[  531.635792][ T1416]  dev_hard_start_xmit+0x97/0x740
[  531.635810][ T1416]  __dev_queue_xmit+0xa46/0x4490
[  531.635826][ T1416]  ? lockdep_hardirqs_on+0x7c/0x110
[  531.635838][ T1416]  ? finish_task_switch.isra.0+0x221/0xc10
[  531.635851][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.635863][ T1416]  ? __pfx___dev_queue_xmit+0x10/0x10
[  531.635878][ T1416]  ? __schedule+0x11a3/0x5de0
[  531.635890][ T1416]  ? __lock_acquire+0xb8a/0x1c90
[  531.635905][ T1416]  ? __lock_acquire+0xb8a/0x1c90
[  531.635921][ T1416]  ? do_raw_spin_lock+0x12c/0x2b0
[  531.635941][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.635953][ T1416]  tx+0xcc/0x190
[  531.635969][ T1416]  ? __pfx_tx+0x10/0x10
[  531.635982][ T1416]  kthread+0x1e4/0x3e0
[  531.635995][ T1416]  ? find_held_lock+0x2b/0x80
[  531.636006][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.636019][ T1416]  ? __pfx_default_wake_function+0x10/0x10
[  531.636031][ T1416]  ? lockdep_hardirqs_on+0x7c/0x110
[  531.636042][ T1416]  ? __kthread_parkme+0x19e/0x250
[  531.636056][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.636069][ T1416]  kthread+0x3c5/0x780
[  531.636085][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.636114][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.636125][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.636144][ T1416]  ret_from_fork+0x675/0x7d0
[  531.636163][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.636179][ T1416]  ret_from_fork_asm+0x1a/0x30
[  531.636198][ T1416]  </TASK>
[  531.636202][ T1416] 
[  531.699200][ T1416] Allocated by task 9387:
[  531.700629][ T1416]  kasan_save_stack+0x33/0x60
[  531.702123][ T1416]  kasan_save_track+0x14/0x30
[  531.703631][ T1416]  __kasan_kmalloc+0xaa/0xb0
[  531.705120][ T1416]  alloc_tty_struct+0x96/0x8c0
[  531.706652][ T1416]  tty_init_dev.part.0+0x1e/0x500
[  531.708259][ T1416]  tty_open+0xa4f/0xf90
[  531.709612][ T1416]  chrdev_open+0x234/0x6a0
[  531.711107][ T1416]  do_dentry_open+0x982/0x1530
[  531.712652][ T1416]  vfs_open+0x82/0x3f0
[  531.713980][ T1416]  path_openat+0x1de4/0x2cb0
[  531.715605][ T1416]  do_filp_open+0x20b/0x470
[  531.717140][ T1416]  do_sys_openat2+0x11b/0x1d0
[  531.718677][ T1416]  __ia32_compat_sys_openat+0x16d/0x210
[  531.720493][ T1416]  __do_fast_syscall_32+0x7c/0x300
[  531.722155][ T1416]  do_fast_syscall_32+0x32/0x80
[  531.723723][ T1416]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  531.725757][ T1416] 
[  531.726544][ T1416] Freed by task 8211:
[  531.727831][ T1416]  kasan_save_stack+0x33/0x60
[  531.729352][ T1416]  kasan_save_track+0x14/0x30
[  531.730856][ T1416]  __kasan_save_free_info+0x3b/0x60
[  531.732501][ T1416]  __kasan_slab_free+0x5f/0x80
[  531.734100][ T1416]  kfree+0x2b8/0x6d0
[  531.735343][ T1416]  process_one_work+0x9cf/0x1b70
[  531.736898][ T1416]  worker_thread+0x6c8/0xf10
[  531.738311][ T1416]  kthread+0x3c5/0x780
[  531.739577][ T1416]  ret_from_fork+0x675/0x7d0
[  531.741109][ T1416]  ret_from_fork_asm+0x1a/0x30
[  531.742614][ T1416] 
[  531.743371][ T1416] Last potentially related work creation:
[  531.745103][ T1416]  kasan_save_stack+0x33/0x60
[  531.746611][ T1416]  kasan_record_aux_stack+0xa7/0xc0
[  531.748208][ T1416]  insert_work+0x36/0x230
[  531.749548][ T1416]  __queue_work+0x97e/0x1160
[  531.750971][ T1416]  queue_work_on+0x1a4/0x1f0
[  531.752386][ T1416]  release_tty+0x4de/0x5d0
[  531.753837][ T1416]  tty_release_struct+0xb7/0xe0
[  531.755315][ T1416]  tty_release+0xe2d/0x1430
[  531.756718][ T1416]  __fput+0x402/0xb70
[  531.757954][ T1416]  task_work_run+0x150/0x240
[  531.759402][ T1416]  do_exit+0x86f/0x2bf0
[  531.760769][ T1416]  do_group_exit+0xd3/0x2a0
[  531.762208][ T1416]  get_signal+0x2671/0x26d0
[  531.763626][ T1416]  arch_do_signal_or_restart+0x8f/0x790
[  531.765345][ T1416]  irqentry_exit_to_user_mode+0x176/0x310
[  531.767116][ T1416]  asm_exc_page_fault+0x26/0x30
[  531.768654][ T1416] 
[  531.769416][ T1416] The buggy address belongs to the object at ffff88804c187000
[  531.769416][ T1416]  which belongs to the cache kmalloc-cg-2k of size 2048
[  531.773762][ T1416] The buggy address is located 1168 bytes inside of
[  531.773762][ T1416]  freed 2048-byte region [ffff88804c187000, ffff88804c187800)
[  531.778032][ T1416] 
[  531.778832][ T1416] The buggy address belongs to the physical page:
[  531.781053][ T1416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804c182000 pfn:0x4c180
[  531.784188][ T1416] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  531.786886][ T1416] memcg:ffff88804964c981
[  531.788233][ T1416] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  531.790952][ T1416] page_type: f5(slab)
[  531.792244][ T1416] raw: 04fff00000000240 ffff88801b44c140 ffffea0001b0f010 ffffea0001b14410
[  531.795008][ T1416] raw: ffff88804c182000 0000000000080007 00000000f5000000 ffff88804964c981
[  531.797787][ T1416] head: 04fff00000000240 ffff88801b44c140 ffffea0001b0f010 ffffea0001b14410
[  531.800543][ T1416] head: ffff88804c182000 0000000000080007 00000000f5000000 ffff88804964c981
[  531.803276][ T1416] head: 04fff00000000003 ffffea0001306001 00000000ffffffff 00000000ffffffff
[  531.806018][ T1416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  531.808746][ T1416] page dumped because: kasan: bad access detected
[  531.810795][ T1416] page_owner tracks the page as allocated
[  531.812595][ T1416] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9353, tgid 9351 (syz.0.786), ts 251925658410, free_ts 251904899053
[  531.820073][ T1416]  post_alloc_hook+0x1c0/0x230
[  531.821675][ T1416]  get_page_from_freelist+0x10a3/0x3a30
[  531.823534][ T1416]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  531.825449][ T1416]  alloc_pages_mpol+0x1fb/0x550
[  531.827022][ T1416]  new_slab+0x24a/0x360
[  531.828359][ T1416]  ___slab_alloc+0xdae/0x1a60
[  531.829875][ T1416]  __slab_alloc.constprop.0+0x63/0x110
[  531.831659][ T1416]  __kmalloc_cache_noprof+0x477/0x780
[  531.833366][ T1416]  copy_verifier_state+0xc0c/0x1030
[  531.835022][ T1416]  push_stack+0x1ca/0x370
[  531.836813][ T1416]  check_cond_jmp_op+0xaf5/0x7490
[  531.838485][ T1416]  do_check_common+0xa20a/0xb550
[  531.840260][ T1416]  bpf_check+0x8805/0xbdd0
[  531.841732][ T1416]  bpf_prog_load+0x112e/0x2850
[  531.843252][ T1416]  __sys_bpf+0x3e72/0x4980
[  531.844859][ T1416]  __ia32_sys_bpf+0x76/0xe0
[  531.846319][ T1416] page last free pid 9353 tgid 9351 stack trace:
[  531.848298][ T1416]  __free_frozen_pages+0x7df/0x1160
[  531.849943][ T1416]  __put_partials+0x130/0x170
[  531.851444][ T1416]  qlist_free_all+0x4d/0x120
[  531.852915][ T1416]  kasan_quarantine_reduce+0x195/0x1e0
[  531.854600][ T1416]  __kasan_slab_alloc+0x69/0x90
[  531.856092][ T1416]  __kmalloc_cache_noprof+0x274/0x780
[  531.857721][ T1416]  do_check_common+0x4d58/0xb550
[  531.859249][ T1416]  bpf_check+0x8805/0xbdd0
[  531.860622][ T1416]  bpf_prog_load+0x112e/0x2850
[  531.862156][ T1416]  __sys_bpf+0x3e72/0x4980
[  531.863583][ T1416]  __ia32_sys_bpf+0x76/0xe0
[  531.865066][ T1416]  __do_fast_syscall_32+0x7c/0x300
[  531.866714][ T1416]  do_fast_syscall_32+0x32/0x80
[  531.868262][ T1416]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  531.870321][ T1416] 
[  531.871102][ T1416] Memory state around the buggy address:
[  531.872824][ T1416]  ffff88804c187380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  531.875355][ T1416]  ffff88804c187400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  531.877897][ T1416] >ffff88804c187480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  531.880442][ T1416]                          ^
[  531.881949][ T1416]  ffff88804c187500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  531.884493][ T1416]  ffff88804c187580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  531.887037][ T1416] ==================================================================
[  531.889656][ T1416] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  531.891966][ T1416] CPU: 2 UID: 0 PID: 1416 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) 
[  531.894577][ T1416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  531.897882][ T1416] Call Trace:
[  531.898956][ T1416]  <TASK>
[  531.899919][ T1416]  dump_stack_lvl+0x3d/0x1f0
[  531.901442][ T1416]  vpanic+0x640/0x6f0
[  531.902744][ T1416]  panic+0xca/0xd0
[  531.903965][ T1416]  ? __pfx_panic+0x10/0x10
[  531.905441][ T1416]  ? check_panic_on_warn+0x1f/0xb0
[  531.907160][ T1416]  check_panic_on_warn+0xab/0xb0
[  531.908748][ T1416]  end_report+0x107/0x170
[  531.910164][ T1416]  kasan_report+0xee/0x110
[  531.911596][ T1416]  ? handle_tx+0x5dc/0x630
[  531.913043][ T1416]  handle_tx+0x5dc/0x630
[  531.914397][ T1416]  dev_hard_start_xmit+0x97/0x740
[  531.916034][ T1416]  __dev_queue_xmit+0xa46/0x4490
[  531.917630][ T1416]  ? lockdep_hardirqs_on+0x7c/0x110
[  531.919291][ T1416]  ? finish_task_switch.isra.0+0x221/0xc10
[  531.921184][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.922729][ T1416]  ? __pfx___dev_queue_xmit+0x10/0x10
[  531.924445][ T1416]  ? __schedule+0x11a3/0x5de0
[  531.925970][ T1416]  ? __lock_acquire+0xb8a/0x1c90
[  531.927555][ T1416]  ? __lock_acquire+0xb8a/0x1c90
[  531.929159][ T1416]  ? do_raw_spin_lock+0x12c/0x2b0
[  531.930794][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.932331][ T1416]  tx+0xcc/0x190
[  531.933506][ T1416]  ? __pfx_tx+0x10/0x10
[  531.934847][ T1416]  kthread+0x1e4/0x3e0
[  531.936150][ T1416]  ? find_held_lock+0x2b/0x80
[  531.937688][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.939160][ T1416]  ? __pfx_default_wake_function+0x10/0x10
[  531.941072][ T1416]  ? lockdep_hardirqs_on+0x7c/0x110
[  531.942744][ T1416]  ? __kthread_parkme+0x19e/0x250
[  531.944362][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.945863][ T1416]  kthread+0x3c5/0x780
[  531.947179][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.948676][ T1416]  ? rcu_is_watching+0x12/0xc0
[  531.950225][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.951713][ T1416]  ret_from_fork+0x675/0x7d0
[  531.953200][ T1416]  ? __pfx_kthread+0x10/0x10
[  531.954690][ T1416]  ret_from_fork_asm+0x1a/0x30
[  531.956241][ T1416]  </TASK>
[  531.958051][ T1416] Kernel Offset: disabled
[  531.959445][ T1416] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:23:56  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90032566000 RCX=ffffffff8211689f RDX=ffff8880209e0000
RSI=ffffffff821168ae RDI=0000000000000007 RBP=0000000070f26067 RSP=ffffc90023c777b8
R8 =0000000000000007 R9 =0000000000000043 R10=0000000000000043 R11=0000000000000001
R12=ffff888000000000 R13=000ffffffffff000 R14=0000000000000043 R15=0000000000000000
RIP=ffffffff81bc6b81 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097810000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73e5000 CR3=000000000b63c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000046 RBX=ffffffff8e3c42e0 RCX=00000000ef9d33e4 RDX=0000000000000000
RSI=ffffffff8da0195d RDI=ffffffff8bf073c0 RBP=0000000000000002 RSP=ffffc90023847470
R8 =0ac0d5affe09d4ff R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81986552 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097910000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73e4fe8 CR3=00000000255d1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85267010 RDI=ffffffff9adc2da0 RBP=ffffffff9adc2d60 RSP=ffffc90007b6f3f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000031343154
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35b8606 R15=dffffc0000000000
RIP=ffffffff85267037 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff888097a10000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000024000000000 0000000500000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000862b41 RBX=0000000000000003 RCX=ffffffff8b5d22a9 RDX=0000000000000000
RSI=ffffffff8da2729e RDI=ffffffff8bf073c0 RBP=ffffed10037eb000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf58000 R14=ffffffff90822cd0 R15=0000000000000000
RIP=ffffffff8b5d0d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097b10000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080009b40 CR3=0000000065faf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a5fd521dbd02be56 d7e33a1035c2108b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6bc5e5dc9bdd4d81 b800f8a490852169
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 503c382dd9fb3403 4fe33df60474e3f5
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 40d34e485f316905 bfe00c3e7005fb78
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000006540
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a16f80cf0bce43f5 f9aa3b0ec4fc2075
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a3df9a89c874644 d69d5d77257b558b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4ac55d921dcd92ff 6545c78ca8ffdbbf
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 83c2f4b1dbec23a5 49d4a03efe158385
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aabc7956aff0a7cc 9f26291d220fe8dd
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9620f9c48d3559a0 07f18c8f5ddc7386
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000