last executing test programs:

6m46.551924698s ago: executing program 0 (id=3286):
syz_emit_vhci(&(0x7f0000005240)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
socket(0xa, 0x3, 0x3a)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, &(0x7f0000000000)={0x184a, 0xa, [{0x2}, {0xa}, {0x5, 0x1}, {0x4}, {0x6, 0x1}, {0x6, 0x1}, {0xb}, {0xc, 0x1}, {0x3, 0x1}, {0xe}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
r5 = memfd_secret(0x0)
ppoll(&(0x7f0000000100)=[{r5, 0x200}], 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={[0x10000, 0x7f55]}, 0x8)
unshare(0x40020000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20040800)
sched_setaffinity(0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(0x0, 0x0)

6m45.601674306s ago: executing program 0 (id=3288):
setfsgid(0xee00)
setresgid(0x0, 0x0, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
ftruncate(r0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file3\x00', 0x105042, 0x0)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000300)='./file3\x00', &(0x7f0000000200)='f2fs\x00', 0x0, &(0x7f0000000380)='acl')
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000000)={0x1})

6m45.311963448s ago: executing program 3 (id=3291):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0xb, 0x0, 0x8, 0x2, 0x1, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}, {0x2000, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x7, 0x8, 0x0, 0xfc}, {0x3000, 0xd000, 0xe, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee0000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c, 0x10}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x10, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x20}, {0x8080000, 0x3000, 0x4, 0x0, 0x0, 0x1, 0x10, 0xa, 0x26, 0x0, 0x0, 0x1}, {0x80ac000, 0x2000}, {0x8080000}, 0xddf8ffdb, 0x0, 0x8080000, 0xf0, 0xa, 0xdd00, 0x0, [0xe, 0x0, 0x1]})
ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r1=>0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000001c0))
timer_create(0x7, 0x0, &(0x7f0000000200)=<r2=>0x0)
timer_gettime(r2, &(0x7f00000002c0))
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, r1, 0x8000000000000003, {}, 0xfd}, 0x18)
close(0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f00000008c0), 0x103000, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x1, 0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @empty}, {0x11, 0x7c, 0x0, @multicast2}}}}}, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x34, 0x1, 0x470bd2b, 0x25dbdbfe, {0x4}, [@typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x5, 0x0, 0x0, @uid}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040050}, 0x24000080)

6m45.134635817s ago: executing program 0 (id=3292):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) (fail_nth: 5)

6m44.672694624s ago: executing program 0 (id=3293):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x15e)
lstat(&(0x7f0000002f00)='./bus\x00', &(0x7f0000002f40))

6m44.593382764s ago: executing program 0 (id=3295):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000140))

6m44.592510005s ago: executing program 3 (id=3296):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2}, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r4=>0x0})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)={0x1c, r3, 0x1, 0x70bd29, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0)

6m44.153943813s ago: executing program 0 (id=3299):
mount$9p_virtio(&(0x7f0000001a80), &(0x7f0000001ac0)='.\x00', &(0x7f0000001b00), 0x10000, 0x0)

6m44.056710819s ago: executing program 32 (id=3299):
mount$9p_virtio(&(0x7f0000001a80), &(0x7f0000001ac0)='.\x00', &(0x7f0000001b00), 0x10000, 0x0)

6m43.696432757s ago: executing program 3 (id=3302):
r0 = syz_open_dev$dri(&(0x7f0000000280), 0x0, 0x400)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f00000002c0)=0x7)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r2, 0xae44, 0x2)

6m43.513915646s ago: executing program 3 (id=3304):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x15e)
lstat(&(0x7f0000002f00)='./bus\x00', &(0x7f0000002f40))

6m43.453508544s ago: executing program 3 (id=3306):
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
open_by_handle_at(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="1c0000004e0000000900000000000000090000c200000000000700000000000000125a0000"], 0x1110a0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0x4, {}, 0xfd}, 0x18)
r5 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r5, 0xc04c560f, &(0x7f00000000c0)=@overlay={0xfffffff9, 0xd, 0x4, 0x0, 0x8, {0x77359400, <r6=>0x0}, {0x3, 0x2, 0x7, 0x6, 0x3, 0xdd, "8000e0c0"}, 0x9, 0x3, {}, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00679800000000000000", @ANYRES32=r6, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES8=r4, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x15, &(0x7f0000000680)={0x3, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x1f}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$inet(0x2, 0x3, 0x33)
openat2$dir(0xffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000180)={0x80100, 0x101, 0x4}, 0x18)
mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0xe4)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000200100000000000000000000000000000000000000007fa29da26f000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000000000000000000000000000000000004000000000000000200000000000000090000000000000000000000000000000000000084000500ac1414aa0000000000000000000000000000000033000000000000007f0000010000000000000000000000000000000001030000000000000000000000000000ac1e0101000000000000000000000000000000003300000000000000fe8000000000"], 0x13c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
socket(0x1e, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

6m42.673758875s ago: executing program 3 (id=3308):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)=@base={0x9, 0x1, 0x9, 0x7fc}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e3793dba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007df3a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff18e0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a00643416d7e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a203c991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r1}, 0x38)
io_setup(0x2279, &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, 0x0)

6m42.60658935s ago: executing program 33 (id=3308):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)=@base={0x9, 0x1, 0x9, 0x7fc}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e3793dba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007df3a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff18e0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a00643416d7e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a203c991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r1}, 0x38)
io_setup(0x2279, &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, 0x0)

5.590309075s ago: executing program 5 (id=5679):
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001140)='/proc/locks\x00', 0x0, 0x0)
read$watch_queue(r0, &(0x7f0000000140)=""/4096, 0x1000)
creat(&(0x7f0000000040)='./file0/bus\x00', 0x0)
r1 = openat$iommufd(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$getflags(r1, 0x40a)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r4 = openat$6lowpan_control(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:10 2', 0x1b)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000300)=ANY=[], &(0x7f00000012c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000000)=0x1)
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000140)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800d600000000000000000000001800950000146fa53d312e3f0000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fcdbdf251200000008000300", @ANYRES32=r7, @ANYBLOB="0a000600080211d90a0b7b0008001180040002"], 0x30}, 0x1, 0x0, 0x0, 0x8001}, 0x488d4)
r8 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000040)={0x0, <r9=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x2c, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r9}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}, @nested={0x5, 0x1, 0x0, 0x1, [@generic="99"]}]}, 0x2c}], 0x1}, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000400)={0x0, <r10=>0x0}, &(0x7f0000000440)=0xc)
mount$9p_tcp(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0), 0x20, &(0x7f0000001180)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@mmap}, {@cachetag={'cachetag', 0x3d, '*'}}, {@nodevmap}], [{@euid_eq={'euid', 0x3d, r9}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@euid_eq={'euid', 0x3d, r9}}, {@smackfstransmute={'smackfstransmute', 0x3d, '(\\{q[-:-##G'}}, {@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@euid_gt={'euid>', r10}}]}})
socket$inet_mptcp(0x2, 0x1, 0x106)

5.231416523s ago: executing program 5 (id=5684):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000070000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058d"], 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x2000000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioprio_set$uid(0x0, 0x0, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001b00)={&(0x7f0000002240)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c0013d305000000030000000000000f02000000bf3d0b0000000000000f02000000d8100000511eca5ad0ccb5b4aa05a88b82d6defa94da639ccc92f9fe7d7e"], 0x0, 0x39, 0x0, 0x1, 0x10}, 0x28)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/timers\x00', 0x0, 0x0)
r6 = syz_open_dev$radio(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_DQEVENT(r6, 0x80785659, &(0x7f00000000c0)={0x0, @frame_sync})
read$FUSE(r5, &(0x7f0000000200)={0x2020}, 0x2020)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r7, &(0x7f0000000000)="240000001a005f0214f9f407000904001f0000000000000500000000080004000100", 0x22)
write$char_usb(r3, &(0x7f0000000000)="1e", 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x3a, 0x0)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r8, &(0x7f0000001300)='7', 0x1)
write$char_usb(r8, &(0x7f0000000bc0)="be", 0x1)
syz_usb_disconnect(r1)

1.896983715s ago: executing program 4 (id=5702):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000040)=0x4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r8)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x789d2d, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x1, 0x4, 0x9, 0x4cca}, {0x6, 0x1, 0x5, 0x10, 0x7, 0x312}, 0x3, 0x10, 0xd1d}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xa89d84ea6e694e0f}, @TCA_TBF_BURST={0x8, 0x6, 0xb1a}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r11, {0x0, 0x9}, {0xffe6, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x1, 0x80000406, 0x1, 0xfdffffff, 0x9}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r8, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.869638143s ago: executing program 5 (id=5706):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x224202, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b80))
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4c001)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="b8000000190001000000000000000000fc010000000000000000000000000000ac1414aa00003c4cd17a49eae9013c00000000000000b5000000000005000000000a00000000000000b45dec53bd372adcc885d5211ea9d3606d8041964b1364b8bc69b4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ad00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a0000000000000000000000804000000000000000000800000000000000000000000004000500"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b80)=ANY=[@ANYBLOB="ec0000002100010000000000fefffffffc020000000000000000000000000000fc020000000000000000000000000001fffc0000000000000a00e08000000000", @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB], 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="3e0f00d5260f01c80f01df66b90004000066b8fd00c0fe66ba000000000f30362ef001ac070026640fc75f5e0f005700ea41003001652e0fb315ea666bd400", 0x3f}], 0x1, 0x15, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
r8 = open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r8, 0xd3fc6000)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000fed000/0x1000)=nil, 0x1000}, 0x4})
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x14)
r9 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000002c0)={'lo\x00', &(0x7f0000000200)=@ethtool_flash={0x33, 0x5, './file0\x00'}})
ioctl$UI_DEV_SETUP(r7, 0x405c5503, &(0x7f0000000480)={{0x4, 0x0, 0xfffc, 0x805}, 'syz0\x00', 0x40})
ioctl$UI_DEV_CREATE(r7, 0x5501)
write$input_event(r7, &(0x7f0000000000)={{0x77359400}, 0x15, 0xfffd}, 0x10)
r10 = socket$packet(0x11, 0x3, 0x300)
dup(r1)
fcntl$dupfd(r0, 0x406, r10)

1.798021711s ago: executing program 1 (id=5707):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0xc040)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3c}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @tunnel={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_KEY={0x0, 0x1, 0x1, 0x0, 0x1}, @NFTA_TUNNEL_DREG={0x0, 0x2, 0x1, 0x0, 0xe}, @NFTA_TUNNEL_KEY, @NFTA_TUNNEL_MODE={0x0, 0x3, 0x1, 0x0, 0x3}, @NFTA_TUNNEL_MODE={0x0, 0x3, 0x1, 0x0, 0x1}, @NFTA_TUNNEL_MODE={0x0, 0x3, 0x1, 0x0, 0x1}, @NFTA_TUNNEL_MODE, @NFTA_TUNNEL_DREG={0x0, 0x2, 0x1, 0x0, 0x9}, @NFTA_TUNNEL_KEY={0x0, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r1, &(0x7f0000000280)=ANY=[], 0xfce1)

1.691206027s ago: executing program 1 (id=5708):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
r1 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0x41}, 0xc1a0}, 0x20) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8) (async)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00') (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008001000004"], 0x50)
r4 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB="59c61dcd", @ANYBLOB="ce26298b9f6ef642ab411860880e07d27754f56ff37443f78409d2765937a35d27688e187289dd2c12d1bccb4d3f6d4d8ceea7a9616fea49b9c577497b3c0f05a9e77877578fa4f8bece2aa598f5954d5963f18f9af4ca310c992bd3b5013995e727dc03fde3a20dc32e11d0f36dc8922a5fe301e929904b42534f46950584b347707c164fdfc0a08ac5c62385078c746a1e151aad0ad589b86157534e218c7ddb6d47cc8c404e7006138323944b72c9cdf41ad2e244f400642dd6be5cf8c108d8714c683a5132790acb542c8ad7180765c645cbca100000009a68e4654d0925e3f4294d135a36f7757d3dde040b79373b1de31f88188338d02dcc0e20e2c17ae982ceeeea4bea33313abe27f1c538e1683bf0123e0843ffb198f8bbdb0e6347583c78a22e7d9561f4fcc5e1fe4fc480192b9bbd5d4e34ca3664d296ff5b5b209c4f245f5f7010cf31d76e00fa7ae0f06be2fad89e3b386b7ff1bc5504ed524852", @ANYBLOB="010020080009000a00000000"], 0x34}, 0x1, 0x0, 0x0, 0x90}, 0x20000084) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYRES64=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r8 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f00000001c0)) (async)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000100)=0x2c) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x18) (async)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="10000000161401060008800000000000c112233ed7d9e1ed3c90f20900d378"], 0x10}}, 0x0)
open_tree(r2, &(0x7f00000002c0)='./control\x00', 0xc0800) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48) (async)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)

1.690887305s ago: executing program 1 (id=5709):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10020})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x4, 0x0)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r5, &(0x7f00000003c0)=[{&(0x7f0000000480)}, {&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab41bdf031bdcaca63b9856f15d16d909ca3d83d93e22b370e9df36dc459b8791e09e4a38e1f0f3c7de180ffe20ac20e80f97e9e54415f6ff5999b3c974ec962a60", 0x50}], 0x2, 0x4000001, 0x0)
sendfile(r4, r5, 0x0, 0x8000fb00)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.618491226s ago: executing program 5 (id=5710):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000580), 0x8000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)={0x400, 0x78, 0xa00, 0x600, 0x1800, 0x8, 0x0, 0x1, {0x3ff, 0x10001, 0x1}, {0x1c9, 0x7, 0xfffffffd}, {0xc7}, {0x3, 0x100, 0x1}, 0x0, 0x1dd, 0x6, 0x200, 0x0, 0x8, 0x0, 0x10000, 0xa1fb, 0x101, 0x80000003, 0x5, 0xfbaebe444cba4e0a, 0x2, 0x2, 0x2})

1.609961299s ago: executing program 5 (id=5711):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xb}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x8000000000001de, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000ffff00000000000000040000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200007d18c55932c62572030000008500000006000000554a0800"], &(0x7f0000000480)='syzkaller\x00', 0x6, 0x6e, &(0x7f0000000580)=""/110, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x4, 0x2, 0xffffff80, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x3, 0x1, 0xc, 0x8}, {0x3, 0x1, 0x2, 0xb}, {0x5, 0x4, 0x1, 0x1}], 0x10, 0x1}, 0x94)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000380)='hpfs\x00', 0x2208004, 0x0)
sched_getattr(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$net_dm(&(0x7f0000000300), r7)
sendmsg$NET_DM_CMD_START(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r5, 0x400448c9, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

1.190015378s ago: executing program 2 (id=5714):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10020})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff0006}]})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x4, &(0x7f0000000180)={0x80, 0xc7})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsmount(0xffffffffffffffff, 0x0, 0x70)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r5, &(0x7f00000003c0)=[{&(0x7f0000000480)}, {&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab41bdf031bdcaca63b9856f15d16d909ca3d83d93e22b370e9df36dc459b8791e09e4a38e1f0f3c7de180ffe20ac20e80f97e9e54415f6ff5999b3c974ec962a60", 0x50}], 0x2, 0x4000001, 0x0)
sendfile(r4, r5, 0x0, 0x8000fb00)
socketpair(0x23, 0x2, 0x1, &(0x7f0000000040))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

991.635046ms ago: executing program 4 (id=5715):
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001140)='/proc/locks\x00', 0x0, 0x0)
read$watch_queue(r0, &(0x7f0000000140)=""/4096, 0x1000)
creat(&(0x7f0000000040)='./file0/bus\x00', 0x0)
r1 = openat$iommufd(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$getflags(r1, 0x40a)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r4 = openat$6lowpan_control(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:10 2', 0x1b)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f00000012c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000000)=0x1)
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000140)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800d600000000000000000000001800950000146fa53d312e3f0000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fcdbdf251200000008000300", @ANYRES32=r7, @ANYBLOB="0a000600080211d90a0b7b0008001180040002"], 0x30}, 0x1, 0x0, 0x0, 0x8001}, 0x488d4)
r8 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000040)={0x0, <r9=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x2c, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r9}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}, @nested={0x5, 0x1, 0x0, 0x1, [@generic="99"]}]}, 0x2c}], 0x1}, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000400)={0x0, <r10=>0x0}, &(0x7f0000000440)=0xc)
mount$9p_tcp(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0), 0x20, &(0x7f0000001180)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@mmap}, {@cachetag={'cachetag', 0x3d, '*'}}, {@nodevmap}], [{@euid_eq={'euid', 0x3d, r9}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@euid_eq={'euid', 0x3d, r9}}, {@smackfstransmute={'smackfstransmute', 0x3d, '(\\{q[-:-##G'}}, {@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@euid_gt={'euid>', r10}}]}})
socket$inet_mptcp(0x2, 0x1, 0x106)

693.738794ms ago: executing program 4 (id=5716):
inotify_rm_watch(0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, 0x0, 0x0)

692.956988ms ago: executing program 4 (id=5717):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000580), 0x8000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)={0x400, 0x78, 0xa00, 0x600, 0x1800, 0x8, 0x0, 0x1, {0x3ff, 0x10001, 0x1}, {0x1c9, 0x7, 0xfffffffd}, {0xc7}, {0x3, 0x100, 0x1}, 0x0, 0x1dd, 0x6, 0x200, 0x0, 0x8, 0x0, 0x10000, 0xa1fb, 0x101, 0x80000003, 0x5, 0xfbaebe444cba4e0a, 0x2, 0x2, 0x2}) (fail_nth: 1)

629.104524ms ago: executing program 4 (id=5718):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x224202, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b80))
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4c001)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="b8000000190001000000000000000000fc010000000000000000000000000000ac1414aa00003c4cd17a49eae9013c00000000000000b5000000000005000000000a00000000000000b45dec53bd372adcc885d5211ea9d3606d8041964b1364b8bc69b4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ad00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a0000000000000000000000804000000000000000000800000000000000000000000004000500"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b80)=ANY=[@ANYBLOB="ec0000002100010000000000fefffffffc020000000000000000000000000000fc020000000000000000000000000001fffc0000000000000a00e08000000000", @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB], 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="3e0f00d5260f01c80f01df66b90004000066b8fd00c0fe66ba000000000f30362ef001ac070026640fc75f5e0f005700ea41003001652e0fb315ea666bd400", 0x3f}], 0x1, 0x15, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
r8 = open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r8, 0xd3fc6000)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000fed000/0x1000)=nil, 0x1000}, 0x4})
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x14)
r9 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000002c0)={'lo\x00', &(0x7f0000000200)=@ethtool_flash={0x33, 0x5, './file0\x00'}})
ioctl$UI_DEV_SETUP(r7, 0x405c5503, &(0x7f0000000480)={{0x4, 0x0, 0xfffc, 0x805}, 'syz0\x00', 0x40})
ioctl$UI_DEV_CREATE(r7, 0x5501)
write$input_event(r7, &(0x7f0000000000)={{0x77359400}, 0x15, 0xfffd}, 0x10)
r10 = socket$packet(0x11, 0x3, 0x300)
dup(r1)
fcntl$dupfd(r0, 0x406, r10)

551.467602ms ago: executing program 5 (id=5719):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
r1 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)={0x0, 0x22, 0x5, {0x5, 0xc, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r0)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000140)={0x0, 0x9, 0x6, &(0x7f00000000c0)={0x20, "0f5dbf9b3c00000000c4f5f9c6974700510000000000000000000200"}})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = fanotify_init(0x200, 0x40000)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x4}, 0x8)
sendto$inet6(r5, &(0x7f0000000240)='\f', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x100}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000400)={0x0, 0x0, 0x200}, 0x8)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r6, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r6, 0x65, 0x5, &(0x7f0000000000)=0x1, 0x4)
r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r7)
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
unshare(0x22020400)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
migrate_pages(r8, 0x5, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x272)
fanotify_mark(r4, 0x1, 0x8000018, r3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x8, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x4, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x90, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x3, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8002, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x3038, 0x3e7, 0xb, 0x5, 0x4, 0x2, 0x3, 0x20000008, 0x200004, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x3, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x7ff, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
vmsplice(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)

489.642313ms ago: executing program 1 (id=5720):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='./file0\x00')
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = epoll_create1(0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'xfrm0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[@ANYBLOB="3400000010000300"/20, @ANYRES32=r5, @ANYBLOB="df7f0200000000002300120000040002805d0d6d98f85837501fb3e93a55c67e9f40c7ddcc97d889175810d7b15945321b74c99aa69320be7fa456a4ffa572a5902da05b38462bcb3e51a374b77309ccba66c01df9692c2a4b7b1762c913e8c3a89f37dcf9d48e3b5f6b38734b5a47c97bb45b7d0d49bbad7433a4845e83b1e87ce35303bcd504cabb1fd4"], 0x34}, 0x1, 0x2}, 0x20004080)
setsockopt$inet_group_source_req(r3, 0x0, 0x2f, &(0x7f00000015c0)={0x2, {{0x2, 0x0, @broadcast}}, {{0x2, 0xffff, @local}}}, 0x104)
ioctl$FS_IOC_SETFLAGS(r2, 0x40088a01, &(0x7f0000000000)=0x1000)
r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x7b9, &(0x7f0000000280))
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r7, &(0x7f0000000040)={0xa0000000})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000340)={0xa000001c})
syz_fuse_handle_req(r0, &(0x7f0000004300)="d5c2280baf4e05cfa1d1112770cf43a123827586f0f2675b130041ff58ba6533ea7947f2f65b1d458fe88a96133ea3927f41fa6976fad8c967c88679769ee674b80debcd1ec6ce1eb490888bd66a52141fa82f51882b22a8e36ff462b51560307cd0048156800ad137f359719a9c5d6ad6a8c999984f22461c4ca6614ca4cbbd5e9103a3459228e3bd35e3c1cd5f2a83fbefafe7c5a39617ba1d856f37977da077ffcf4d52f5bb3feffa9e100b0279cb635a61ae9f5f4491bb1c9f04c041818a1ae9a25cbca38c4b4754a8be4f52db20ca464b3b4faf0ea8ff193b414e7b7a4ec8aec2e77adc43d09c62d37fc0aa6296a56a9445f264a245d41e77de43c2694cc5885ebd454a3b78b60172e3e6a2fd79efa8b5fbbe827512aa0656920858da51616244ad32e53ed039a270c042662bc966a8fa05e23a51c76585a6f753e57c63b5a1dd11c4ce8773702c5c759471b79ee9bed600d99853afda9b675f071bdf6ff4eb99cb1ae0128ac1f8132f9b7bef82221276395e59f1323c9f9f6bb937a9db0bc2088670ffc3e6233ba73d4e324df7bc866e84e82ab707ab8aadd593913dd3533cddb396e804a63155ad6911962bc49bad21faba90b5570b62d98eb5328214a7198b36ea6df9a72dc248311040e01539112e1d6bcb4ed9d7fb70d22768ec6603e4727b6ed2616eb9108524985ccd70f1361f68b1fb7088829acdd59ec5af9e84409737f0d852a3c55993cb7398b5640c458bc036115b86de7b8e68f1cff882ee5707040571c3e5c9602c773459cfecad4917d8ba2902bd64a676e2c6e507d06dbc806c13c0fd18175087440ce7d7300dfe745b8e98ac63b400e449a3f2518c6112c9864fde68f580ebc2d72e4bbd03f16a7289be813c258b02f76ce901afdafc69046c947c9e801ac635b2a95cca291c052c7f8149c92aaeaab41edb34a70604a7538c4bb6486b983416843fe6a65d7b828d66deb991e71526b7627e71c6a795a02e787bc561ec4b65d4742a129c59bc71b323850cb416f3d32494d6dbfe3ea73cb473b093ae0b0ebbbd3e3251ece756b3cc381f05ea1b8c3f7fbcbb16fc446fc084725e6c3a608221aad8d8179112f9e5ee3697346a0dc0645e530df523cf4daea14764c25da2da863adebaccefc2c83a9257b3131ac2fe04a27bf3aea8979b6f3091b4fef99e203725368d297bad3b020273d0b606d2368e2ecb0776349cb86bbcbaa5c910636527e3cbeca06b4135170d8808c5f113fcd77ecb2f099d1e663617a46ffc5275c8fcc339d315ca1583f66fe7a7e6430405c0be889826c07fcafa17f04e08bc39570a1f499092d390c5dba82d259f652307ff941e9f1f569a48144da846f14452df295553de6ef4e9ba0cd98dd16cf89d8bead08eacd4eea71cc5f8232349f2d8519b1172c724d3bbc415c19c9e679b5a96bc9051cf6f243f243366622023ab1b7039a89152e7db97f291bb3f0213c445c25caf5f0a5a2b382c841cd8a490dc97d008966e94ed0b5ce07bcc0c13b39c349e4b596147a633f3a73ab6012a1582d3d283293bd7c01f99cdbad8e18d24867c39ed0dc3fc3cc800edd23af24b225acb2cca5aa264bcda40e1432cf2cc0050efdff48fd49ae4225a983d1b12facbaaba73294eb225fff64a677d0ed2cd71bab61b3fde8a1fdae638d2036283a8a4ff5a548d05cb706f56ce7e3f55a688fa6c70393c53c33be11f34a38f61f80c8e94e50fc9d7c3695d234705bb9e0b2a8316cf54d7963f548d49f153bf796d0970ed1264c19d79eb77fd0aad4844796cec73a08206b9eca76f2ad76318a20d52e7d3338eac40d03775cca0c2b29a451cb10bc141289c2703198e7137200a360463000fab97d0da72a7b4e8aadfa8a2e559a7d06bf49d6d4a932cb29994ef7ca0c1beabf05b898bb2338e89a67373d50614300f13523fe451d4058e5a522d364ec884099ee3c6e6db8d4ec1e5dc08d127b6301a308a1d6798878c28ef828b91b529a22b7519d249a189a7eb942b94ce26148ea8bf16a44261cd9691ba980ec2d0c710dbee41756cb39b88213ad5763239ae7636e983580c41a40b0f3a3af9fa6f995ed1981d073f63a623554bb01869bdfda190bc8d9507cc067b897e1c5f0d087cf8dfcb171169541fa3cce7c3a620544c74f2d3234935a0acf6c804c43992812925cbaaa24f497e7a00efb20c45c7acb80adb3322cbe0f08d1015b40f5ae1366003ebea977b7b95f803487d10aedca3fd018cfa7b267dae604ed0ada202cbebd731f86b7c6764911d4ff0c75a318ee43b1b556781ac58fbd773b2bd0dd693f9b12fa149bbe392cb2d6bf72015912f4a120e47654d42d14107c67b4502b5ad62044d0022c7f8b255a3e46da4bb8f9e44515e4076ce7b1aefd57c4e264b2cbee4a9e8612ce8517b028067644c927a9ce7564449c8fb0471a87b9b76f374c7c2559379a3004326bdc91be5ec52672dc5fac0883ec527f2a1248601bb9267c3123568b815b90b40ba06c250e3068dee2d7fc232141eaaa130443a5775d049464ec454a7c980d9eebaa4f67a75075a6bc28ded9a5f07fe658a2b9eafa37f14055155409d1aa50be6343d13d515d0531b84644d2f58c280d6d008dee95607f67eb74c900f664d97f411f4ac6afc18f11b6fb75e78b3ff25680ed3bbf5b20969678475b86faa02a751e4cec87735645753f245047371c9e6e2e7ab5a9ea3182b4c96934a21b9df3628b478f5ef705aeda49a0609d4b8f5bf34424581557d029438306002fd4e9cff5a2d4e7d5e23c2992032d314b8fbb46ccda250070fc1b679c9c8646c5fe22d8fe2e0fff73d8153fc46ef7885aeaa2d1eabbe455544d46fdef8e3ef9debfe589870942bcc7196e62736e927c311782b5e4da2889d530a7c1550bff4909d2055941655cbcc5c924a477c80fc3b8a904cd9e62f5fb005b5b00154db5becbe327c0f3ec8314ef3fb5397b99c5332306023005d2dfb70d3ea2aefababd019ae16d304c083e38997cc94bdeb746fc151849c98dc2a23554e6fe789d3aba8bf4e31133c7f93a3cdcd884271dfdd2c45be398a5349ef5d08456178dfafa31cb4c607f09394d71b3405b3d615c7c59c125db88f72380140345d24c56094711dd833221d6b7c5864d049585605c1301c31982d19e403b601b797fe99d0bbfe30d647a913da72b4c5306f6123e7c572828308a9a8f4c686d07125d0006229c2e890ff7d3c354dde61ccd3b26069a81a98e112e61a930f253d607cda5023f002a09df6b1371638d9661c5a06bed166434f07120ad21476de8ad47296af4b449d581cddc74f9be42a84596fb0634f330a856216a9b32b080c8b66e9f51a758b9ca2e1215ddfe633714ca512032f6547217b1a60fcdb27ac8a04bc7851718b38607bc92c13118a323c3221bad99a8639762abcc4a08654da9938aeb301c55546f5ae7f61439dd883a1b2dede156a57c805ab12337d5381a2fb25b32916a8827fc4de8e2ecc70eeebeb01659d6bf88055477b863fb897d5db275a0c222d261e7df79474858b721e57747fe8997faaf36f5f175b23dd3c5efb2b93fb5824da18d635cd7027a3b0b1c87e7c90a5681682b8a7c47dc82fdd3f329c7b60270100dec8ccdd310245b92f4b0bd9a92e1f2a5733b1b91966be15a4761b06f6fe3b05b60ee7964b4d028257c2210ca88031db0590190d3714c1b6ec86e2821dca03db2fc0c9f0ad9800d1773c8037e9b38c7eb7c99618b731e0526f8453c7e1bb67cffcc2d96cc297e1f917b13dd7dda2a8b12191ed107c1e076ffd4965b9415f830be97935cac23a87f07e26354273c2663c7ef19a27dfe08543fa057e1285c909051602981f5929078214058684bc80bed493f6ef853012cb654d180e414fd484f5cb2cfd06c9b753f417697ff42794649e05fcaa3d53ad0fdfbb0db57dc549115e59978b14dd621370d136176098af2f39a2de72482a29b616e8b308b3d9b46ac9abf3d57ff89fe59b5a97966cc4b97d06c20ee4fd765e1c2abce54dc271a7c7efe656648800c27a9988583b4b76572222cb28916b9ff5f6f649de93923179809405c879a90cb450f604cbe8af55cf2a6d844a59ab0393b394e09c79e1b3c403af6eba69330f6969f78a49eb7022e77a39363f11e07fcc69f670f63c11497352f3f5bfea0aee446da35428cebe28f1c2d23ef3ff97e16ceeb2f88ab19b2b69dcdcc81b947b483cc06c776c52232489f86f4c377eb38056042e2e9e0943fc0ef1490df472b9b244235598894a2ffc296f0a2e4257baca6a3ea8cfb1a22ea8295ab9e5faaa2a9e964ae7625dbf945cdbb369265f429d475ab69413cc5bcb89af57b1b966bd0076f799a401d4b46e5045aceb1ef36e5bbfb037bb7681f2a38ef1df9b84baa3598201d13a813165355bf052bb5e456dc0abdefed995b4eb37a39b313af800f6029243a6a7bec75a23389a90034cac8df6713b919028a14649d756d0093550278aad494de2dfeb76220fd3ee5be31f73839ace7f0d6da650e26f5ded30471ed55d2e814fc1b89102e5917b4e58840ecc211eaffa5a2937abeb882ccdf29308e3ac30e23d66ee79c29b4fb7e793a55e344cac298e30f1ca3333df8b58f43126a3404aa4bf13dbfb05efd7b9b4219efd428c8f7f345884640d19f5515abcce05f315f00e65d9aa8022890a23da45ede06f455d66e0c96bbf7e9cc74eddca999a51174b4784eba8a9ebed13415de6bd0f160443d43b78181cfa381313a54e25f6751a38f290e5972ff7f70692e18c4737af2a7f6d4eac52ea594a22be4fd00fac1484e6d2d4d3196b49212b49598f5bc77b34d8a3633cf7212c869557d6eb27bf0d0a02555d9318194e9de9c9730ac72daee7cad6c2d4b248a8744515670766a8f1c739917fb859d98974532477989f4c24345f120f5320fdb8d8d56fa6ff2511e701bab399513cecb3e740e3761d02685a765f5267554d0f9243b51620197adc3b561b59c58f334307220db357c1121d7dbf593898b5d2c505f333445c084a6cbc6a7e5252724c83fcee85e304534780a01e7ecceb2ef53ffb6bc6cb9051b1400493ce55d62c01e972fff3cc7d0b68a2dd4d263c9191df1b629e323797f570083f122db3df6abb6fd6c4a351bb7500c7241e4392ac76e04259968e517a43e907cb0b0533d6750b9587a1a5d852639c6b789d333e848e3ad66cbf19c5ee5a641036cb7a858f822f657dec36cc134d6c1a629cfce1f1e24dbb73d09fba04f53b2c6309d71d92211a1f08535244eefcbb52e095626bcc78b950db1cb8facc3660fa705dceef155b00aef3291367ffcea06b5abe588bbdcea2637761308dc65509798b6a494dae4a75c1922c1234248dbfcabfaab3088a0dad09a135a45d75105314020f3ba8901dc39ee624a32e9f863ff55844974b44e57b30302cd0c349f3cc091befd5665f918c298ba89454fb811ce573e41f27490853a52abd6144e85d77de88c3f2e5506c8de40a3957e65936f3b294ce92610b63cec888cb16fe0e8a7af3dd142da96b57f602cc64ba69966724584c2872e5fc42348a324ff082a3ecfded82c3e5b7292d3726c4800176acab6a7a1479a0b5fea79f299e90ffdb1b3843e2349b8f8dc7881145b3796380474c2ceb57e27726c9e50b746a2b12a214fea9cfd6c668363fe6e402710665118928fedb2f4900322b0c7d2c348881ea52278dae765c14b51fd5e8f000602aa3978d83b76056410c2260931e35d841793c8a36b191f93c33c0e4e6367ef45a1cf5145d774861224afbb11a7b77bb94492ec49827f713f8309d80d22e17701046e04c5b277f7b423cbbada01e6d40beb56e755e583b8f3de4b67c4b5ac83771b805fa7af49de2fc8b9a223293d83e7eb4eea3a3af1d1221e5d458e7cab60eaf1b51550a1b125ce018d76096f16d922f4aba48a728ec1b7d4812fe2ca789261b6d8e0c8edb3ba9007649084899c4f6b7986c1cb4a98d412c801fb91675ee42e2bb511bff6700772d3c03a7cb6adb41cbddc33053f8f65c164e9bd47b931510046506b169216d0a04edc479bc51c28acc536ced3834a7a9ce8fb55b72fa186a559437bf41f04b733e05986c915bc19f1b2f99d3bae6c13873d32e3c809b71881c3075f8dd1746f36409ac7934c25236ee2752560fcdd5175037a6fc5f0da58a229418ce30f3e64f9eb6ff3fe4498f47fdd69ceac5e792c8c9f087316f334b7f75e3432d3f1d03ee97c8f16485ec906c94e6c9580f7d03d98a8da85ec118b77c6c1d3b2e99fbf4b45e66cb4f8817f786d1f90e1e5e250be8c240a9648a219a02e62acbd72d1b0c0b42c75065a35664ea6a03cb05ea179f2e8e50e3d7ed53d31cdc10cf5fce48781fa338e3ee819f410540f045cb0edd7b2d219993faaa97cf95aa6144e889a02069421291d05eade30693a751039fece452c22d1afba081d1c40178fed7684cae475fcc365484118a184670cd7aa2758bdb01058ea9b244d5241f627bc5be11c9395e3cb839b0eac7842a312e1fc8b4ddae2aa4ef907ca5c9b847785051323e16d5497c4424289496277475bba67da750fa05bd8be730e4aabaeb94641fa2263dd3d4eb511b4fa40b8cf8b16d7aded1163f2258add79b04e1eb888afa27d057de2523863fc2da38d44cc69ae2d455900eede5fce69d7e9f8707cdb2456a45dda14d257eee4982f86259b855a0293068aa4aeff9439bc06c8ed5a370fe46fa88fa9bb92872166ac69152d1cbb4720eec5b9a057890cbb838aef12091454fe721395b46f9fa29ec1829fedf65aaec1176bb9eb15511bd77e7d4fe7321b3e0dfda95e5c90c3663956477885d6d94b280f58edbc77e864dca73536cd4988bcde2a3edb91704ad59148d85a001e393cebdb56ee088fa1033cdc6fbcbea30e2974035bfe29cee1eace13e30950bb4658886dae7e565ffd7b71e41feecbcac35fd97c81a8fff9d2a1d43f183c6e984671e06645eb0a60228d1b6c12c28bc6eaa4b9125c57b48ced2e199ed3acf12dbe10af4a56f2f5dca829fd07fc3f7e0de6913c73be0ada3e43bcbe70de784de699d0b51d7a56a3eacaf5d7dcd77d73cfb82e04633574213e05dc98850d822bc6dc90dc3fd6184296287342e2243fe6f0cf94e6d02a1b900d0c718e2afbe7fea2fafa375f209fb9cef5d844b861a1029aa3dd7081e81fe6501bbb413dcd23e013f279ef87e082335ade324b7688054992ccc63fbf9153213ab6d07ed0b79945d19639aaa5dd10e53aafe57f1e323300246cb1d6ede1eb1f319ca6fe1b0cc8e733b34818425888110b6eabe2db302310d0a8bcdd5342146b29c535cc9a95a455c8926d77323a31b948d47dc611815a329654a252fd09dbcec5f3cd8bc7e465759eb8e72ff6fd4ef1f375e4e8762a58148622d14480b7bb9aca2eeab3367a7376c9c85e6ba1735e56a2fcc6baf92c8d21942883f318eab7a568fc7ff01885a7089aa7661b15d73799bc0b8f8ce6a3b61adb6949965a223850b6825616c036e099952e04fde7cf086b5e76d45b86ab78b322f9af580173f2e798a39df7cade0d365c9d46d3fb36970f8a99d7b20a1b275afff852126f21ac24ca8c34deb49ba511f4d9edb4f56941aaaa477253f9bfc9a25a2694bbbe3b917074dd4eb6f1be20395ac33dd932a7ccf0604d64257b5af3faf271c145c190a528e471a7f23a53b5f9ea1bd0cc36410e9c538e91dd01d162edde856087b60dcba2042e65b6ae7b81787bd3308db9eb025b6fd930a9eb74a30883b83cfa8be5270dd3ee3408db7f7b136adebb3ee30f0e0b8835a0ded325363e4a2991cafd4a73483954c0f5d3358b25780608fa48f3f527c7e617ec12eb017df33f5088676d8bc476da251e608394e3d8fc0883fd4d1804f8e07f5e12ffa4ee80365a88abf29936bf1b255539fef95f5cf3bebcd26817edb28e7b6adf4851dcfe8aa1aa097f67c51557326ccf9c46ee2780d491e87774324d4dcf26f2e472a5e199b0cdef01094ea72bd5ad5fe1be6c9d545df3dc5de550665d220718a2c0baed2833cfb1428e2d1c2b9ea1e29f4b07fd6c51492643d4000716cd1e8a4f9d58b6b04b805d8962495323fd62949b17348418201664c6f2f651f99d73f8d17bb5e52dba2e6f94fa33f816d74bb6a45bd6cbdbd07f530406227c8fd11f390e805bbc17bc0e81076a27c0be023b64777afec0a7a0c3f53f03bc2ca72ae2873d68217a1a6905f414c2cb1b9561dfd07850a026da5f5775a66f8f3a6bc29b48c8a81b06ba30994ba8e7e233e3a3a5d886767ea6de91fbfc0a594c2375d62e71c7209d87d0f6c7a79a0d80da328e93f08650ec745495c771410913d094e4190075b7225761172eb420c82ab493548f6de38e17d3e687a89ce77c67c58b875c48c8a4d1664cbc6f67df357e040444fcd515d92d5823fc3ef6485208b6f3eda8cd09ea3b004f7eb06ac268ae8c3bf571aa3f619222a47540f9af340c80c587f7226e3d715b18c3ee41f64777d3a0a09f32190ad67922f6ecc63c956a715c3c42a6aaaf5e588d119210083ceaa414820b62fef87a678cd3f24f8fa3cdb6629b041cd7555974313f56d1b0e117ea925dc95e18b5d3f4ba9812f1067022945c3f5d547370d45853c4db3c9ca4436d7e649e1ac3ec02f9c1e9139849b46027d4b276cb0eb4b09848999f466f528290e47ba9540ceca89390db3fcbacb1d566e22e917f01f4442bd4dd0d350d057ffdf5b3549ca559901e6ff5147bdc25c11b23f1678f02c20e4e2e6f339b262e2b82eae0b15b4227f1d514f99ec78fbcf80c8f6f243536f2d7a809de05ae5e1d676fe950ad3513f801bbe4d16737def4b5ec4b62f8562cd5432bd372645202edeb286662d7e8d0dadac5b91c903c2756bdc4f5a7c931f2c3f7feace2b83f5459a196000e2ed1e1b2accaa9d637d5e408340161331c4b0047bf2ab31d317bb1c8f6e1b3d52f9f240bd971a447942dd4b73301781656aad9ce9b01aed907b7eb3a78397b97e601b04a4cb028d327ef32cf20c34e8dad9c9b1f981ab5c06a2b0271852e2a1016ee460d8568391c9ece5a2b8f29cbc6f2d6cc2e66c30c96df548e67dd6ad8c1ff09dfa22b2e8b2c52a3948c4febb0910c2d34c0604a5ef930cd53be69a4bed9c9ee057178ece02a6b4df4624191590952888bdfafd2dbeca128d500872a8b236fba9623672c4dc15f56a761ee0c54026112fc464f72d3039587f009b94930dac0dbe444a939b38c0f5bce7aa366bfc2bb909db231178228846f71a56ab219e28cef1b102c1bfadbe8f0916d10a573b8cb38cc2cc2ec496a410a4e82847006d2ed4bac927a63a00416d0bfce59cc69aaf78ddc9566f23582999a655c8ad3b217486fb5a037ce089baf344d55bbd475be4e90b10e92c9c1bae3202c2d63355549f0ac95058724fea81ff9cec027e7b93e2cee43af81c6978fee5faf6216118785251b8ca023115b2f87d5d4b10c29aa3616628ab40a8ef36668ef57d7f9be505eabc01947ca222362818a71b3d63e5725a4d8a2c619b1867f70daa07703360d026d6f65247330be1ba84ddaaa7779591ca261beda4f4c094af65c5c276fe3bfb89f067c8c54af67e78f61bdc114ed4aa869c3adf282d7a8e7272579e9fd9e47611e0dc89f97561110e0141c69b1fa114e27b3d1e2c825ea008a370e08cd0a0610edef20cdd8a7cda0922fff046edfd2ff391a10ffce5dd6045619ce9af6b03f4193d858a76b201ed5beb0f11321707b7b593b23adaee4a0c0caf39dfeebcbd2948030435dc94ca00990c728502ec4686194f0f454304a422023c1b2c5b1ebbcd8cd50fa2d11361e3bbdc306e2739e27de300eda27b1c1ea62d773104cea77c18037c6bcc76423621b45abbe789b384bfdfb46efa1627ff29d9d840bf6e1f05e7e13fae6383e42ce153dcb062fa0cefd0fe9298ddbe77fd78d7036b5a815504b48267203da08ca685bfe8ae89c031074bbe5d3d6dcc6a3a8a8a4d3102765c3b714867f4516df62f214351b97bb8b5697a9f9a9dd78627342b239c524a3943d1d70f8cdd7391f05e7395731a8fc05210c6733ea256040bbbb53389229b84dafaaa3db1d5eca2971d9e550149461f1a672eae2319a99beed48934520666bc54b63085a744b5fc9a9b089b16c50ae945f74adcd4c5d064a12a6e103ef59bcc035a755ad31836eb7d04e5900d3800c822b96b466a9f6611f46b8a7d6131f91c625a5604de5bf01e5ca5d99a714c8dc1160260010f8d55f9125ee453b61c911bdf0824caa804c76d6512802875c5433de9b2e8b6c579a67fec5d2bc64ed3d1c313854221b75c9a0ed42af6f5354e7b1d1bf8661baa1261e68fc20d14b5652d25a536f208bff2b90fefa163a232696e655bcf95bed39355ec865e272fed582aae18858f5096ece40b9108efb00147f9c2ced59bfe2a79826851850ed95b35908dfb4d9ab7da0668a1fa8933ac4f6534e9598481477791fd1a1c269011ac9fe81f0491790e8aac121ffc00e38a7619a1855e6899abc2c670375a3ba4ac0cf652da89a70628cee1a35ae17b3490102e3c88ca324d06fcf6e76ccb16d2a9cbf4161812e2c7758d73631024190fe9b71935de6968b289d3503b497f3f4b6306446ae9c312f8f1c63c1f7e62652173d9ed48cb128815bd44a12061f9b73fbdc6674ab9e0d01807f7bcfa0aa59168420e5ad8b72d7b576e273a1d229934fce2867689a41cb17767cf9defe1a96515a677ba08e10e187a3ce2f1d78e6b43b0d46c36163a1967b203df4f53379ee98422e973ab5c090adff21b5cc84fc78358021f681a0f0fd744f687e4f6c295470bf8f548d2d3dc841481dd51db9124cacde83bc9fef44a3e69e1cb28579d897f3013ac6133395328247fdcc152e5563678258936576196ced017c79bb6a4ea501a44cb25e5af1697afbdb3abb316837470ffdbe985ac3967334a90731602d3fac4f5c2758f04ec9c161a7cf330b7c7549fb62e6c15d07a7203c94edd3a8141c91b2029d6a90b14322337e6610822d9d7bff58c10d9c6cff71822f6456a421a65fdaa5d2c793f256a4e7a39f0d85d65fb95479eff79345c0615c9bbb4fb3324f9360b70dc709b0200042e8461b8cee9ce30beab3e276df48f41f001262fc14153f9764e13b50397442e00d7b11266bde10a3b7f83818086ff0015409679e4472d9e0215804fa9d21cebfa5cb5099cf88750cbeaaf58c2743f2746ea4cb73760ba88a07b91b68553716d563af5d7702219d0c600916dc54242d825c6d68320baf234a39f0b9ea9e6a4a72c4d5829b2f28508f54b33c7e0394a43fe23e7940d9b04bbe790d903a2d2c979e0ea79931b934d094fa2d5948c05cf278c341d788f2061ff617c9fa4700b1e1f0fbfa1b8c42848f2ea01cd318a8748c3336622ead25527ddbcd8a12ba3a5183f4419deb13558ed0ec99e73448c21ede0dbee9c01fc7675e54c60d4dee29c0f8fe81af6fe7b726f5d3c50dac634aefbf1ca6aa4df1b340a4109acf30939f6094c8591218729788111bfde98cd96d4b04b25bcd1bcb7f826241995573bae00", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fchownat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100)
setxattr(&(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x2)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r8, &(0x7f00000003c0)=""/4096, 0x1000)

488.595338ms ago: executing program 1 (id=5721):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b15, &(0x7f0000000000)={'wlan0\x00'})
socket(0x10, 0x803, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x2a0601, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)={0x14, 0x0, 0x3, 0x401, 0x70bd29, 0x25dfdbfb, {0x55453f98eb4361e8, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x10}, [@ldst={0x6, 0x2, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)=0x6)
read$dsp(r1, &(0x7f00000011c0)=""/4117, 0x200021d5)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000003c0)={<r4=>0xffffffffffffffff}, 0x2, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r4, 0xb9}}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x2)
socket$vsock_stream(0x28, 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCDFWD(r6, 0xb101, 0x0)
name_to_handle_at(r5, &(0x7f0000000240)='./mnt\x00', &(0x7f0000000200)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x0, 0x6e6, 0x4, 0xaf, 0x98, 0x7}}, &(0x7f00000002c0), 0x400)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000000)=0x120204, 0x4)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000004340)=""/102376, 0x18fe8)

488.212603ms ago: executing program 4 (id=5728):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10020})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x4, 0x0)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r5, &(0x7f00000003c0)=[{&(0x7f0000000480)}, {&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab41bdf031bdcaca63b9856f15d16d909ca3d83d93e22b370e9df36dc459b8791e09e4a38e1f0f3c7de180ffe20ac20e80f97e9e54415f6ff5999b3c974ec962a60", 0x50}], 0x2, 0x4000001, 0x0)
sendfile(r4, r5, 0x0, 0x8000fb00)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

230.87795ms ago: executing program 2 (id=5722):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000500000085000000d000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000740)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0xa7}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_EMATCHES={0x38, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x3}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0xe, 0x2}, {0x9, 0x8}}}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x400c040}, 0x0) (fail_nth: 7)

119.211612ms ago: executing program 2 (id=5723):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r3, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x573, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffdfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x92, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1], 0x1, 0x400})
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r5 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r5, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)

31.396564ms ago: executing program 2 (id=5724):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x573, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffdfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x92, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1], 0x1, 0x400})

30.78033ms ago: executing program 2 (id=5725):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x7e, 0x120, 0x120, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {0x2}, {}, {}]}, @func={0x0, 0x0, 0x0, 0xc, 0x1}, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1, 0x1}}, @decl_tag={0xd, 0x0, 0x0, 0x11, 0x3, 0x5}, @int={0xc, 0x0, 0x0, 0x1, 0x0, 0x4b, 0x0, 0x30}, @fwd={0xf}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x1, 0xffffffff}}, @enum64={0xc, 0x5, 0x0, 0x13, 0x0, 0xd, [{0x10, 0x7, 0x9}, {0xf, 0x2, 0x6}, {0x1, 0x2}, {0x3, 0x23cc, 0xfffffffb}, {0x9, 0x9, 0x4}]}]}}, 0x0, 0x13a}, 0x28)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value=0xf6}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x0, 0x4b, 0x5, 0x0, 0x34400, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5}, 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x1b, &(0x7f0000000900)=@framed={{}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1000}}, @map_val={0x18, 0x6, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xffffffff}, @map_fd={0x18, 0x9, 0x1, 0x0, r1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @jmp={0x5, 0x1, 0x1845d7cc7e4604e1, 0x8, 0x1, 0xffffffffffffffe0, 0x8}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0xfffffff9}, 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r2, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4800000010000104000000006088732100000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c0002800800010000000020"], 0x48}}, 0x0)
r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f00000001c0)=[{{0x2, 0x0, 0x1}, {0x4, 0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x2}}, {{0x4, 0x1, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x1, 0x1}, {0x0, 0x0, 0x1}}, {{0x2}, {0x4, 0x0, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x2}}, {{0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}], 0x40)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="ff0700080300000000000000fe020010857f05000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r8, 0xc0505405, &(0x7f0000000140)={0x1})
write$qrtrtun(r5, &(0x7f0000000380)="ca091cc2e088", 0xffe3)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850f3a"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

9.7323ms ago: executing program 2 (id=5726):
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
syz_emit_vhci(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$audio1(0xffffff9c, &(0x7f00000002c0), 0x840, 0x0)
ioctl$SNDCTL_DSP_SETDUPLEX(r1, 0x5016, 0x0)
syz_emit_vhci(&(0x7f0000002880)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x30}, "0332e8e8d7fb38e26dfa809e595ca2d9e76fd5125803a6b60bd15201879248cf54e9ace84af3effedd1ab5533a498e7e"}, 0x34)
getsockopt(0xffffffffffffffff, 0x8, 0x7, &(0x7f0000002900)=""/35, &(0x7f0000002940)=0x23)
ioctl$KVM_CAP_HYPERV_SEND_IPI(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002980))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002a00)={'ip6tnl0\x00'})
fsopen(&(0x7f0000002a40)='gadgetfs\x00', 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x19f6, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x309}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES8=r2], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0})
sendto$isdn(r5, &(0x7f0000000480)={0x9, 0xe015, "39728ecad786a8245b6b2015adb60b0fd62bfd1e666c1fc746265e0a789eeb82f83a2ab44eea50c2668936a5a25822c7184cd0dbdf479a8352712dcd360843fc415b44550b9e43cebca7ea2966cb9daeaf1c7ab8a3bcd04180ac365cc6c1312c8094ed8abe9b6c67c264196be446f46c8d051022a9eab9c397953318f7182a8a4dffe708ec7dac9c46fbb8bcba658c0ad03d4d479ccc1e04c40f084407a2e2cb231f38f856a0e5ee8529559724260d229c903ef636fa75e076c55d9409ff5bd6066eb598919468332a81fc5a8ebf04db7855af962fa183e7a566e12466a64588da8d9da5f0d75011f16dcc8df6cebaae3a12873c3e15fc64bdc221a5403f6e457505c7f024d48af278821ac37f47ba18cf44d56f09524f6c42464582d2e8f04420a8671fc0aa885ff4c5fa158a767c0708c2bd8c36a1a30561ff7144ffafea9d21c8a19ae7bc1aa5f811bccac8802b0a7c3cc6c52a95b39b99861f59fcf0235721b8b22e1079fa95e7a26f178ac440d61d911bab77c5f0965153eaa305bfdd57fcefb4ac740f2e474caa5eca95f6426f95f0652d58146a12271ae201d493308dfb46042fcd5d94a3f6de78465829d369dd91886e4da6ade39e6abad879582c54199454c642fcac9a6e4f0f8488e19b70798dbda3982bff6ca8a64b97dee101aa5b664cf3fa81155fb3824d434185d5243f524192cba7085b4338d4e1affa0eec89771f13d996067440281a74f375009911d5064a9cd503b34f885c2680d99b51776b6409d86e8240073da5ab05c539cda6d8fba96e03b5145fe2ed605bdf55257d019f1cf1e282782adbdd3cf78f6c7905cc7e95549efeea14b3f94d6cfe79657d0a069e4bd2b90e07ba9ccd0f08fff9831ed7189a2f4140bb45ade7b67647381148456996c788561f87f88cfb2887f6a3ccca93f40f9381b87a7794d3d9f284cad94670cc9ce226ba114448cc7242e0a975ffa7ec9e9f144f2d3a3f088a5553fdca1b460ab90e7048b8d59e1f6dc4ba5a2ab6feb1fcbf442fa168079cb26be9706096a92145c74667616305fc6aebd2e8a9aee8c01986d96fbbc654e62451f843774b9733b0968e8598d0f807bc1cab7dc86e560e4e777d399ebd24734f4b0607c76d98df04092d344be3eae585b414a6260293ab5b5627a7e8610c524a4d145b447deb81bf14a6822b6fe42e158e8f37053dde31ed473f3a4c811d7c66d5e27eccbda369de90766c2e777995261749a9537a0ff19a3ffc554d3c6fb6ff4d20a2ea3e97c3238e3506b65b385e327d4ffaced47c0a39cce95690ccf83ce6c5a8bf4567b14f0eb48c9375444015fee46fc0919e70067f387cadda6a4139efca63995ba30f21e73387b7bf44c503486073e51875920cfa4f5fc4325cdb5efdc5c0a90ed72b0edf440cee8e6bfdfddf2100d9d58defbe8b58ee604a6238992df7e719ecd97c4654bc7db8e7021f7eb98d2e89cbe5983ee19434f8407149503411363fd28eb152bbe8e5cc492345050fbfc593c46b06c3de70b1d37fe2c1cce72f107bf31afc15c0ba09a9f42ba392276f8c669cd649938a1b58de560d1fde3d021707571917753861886855c074937cffe6b7851759786c92e0ffc954f75230778eb40e5c527e73db4639fbf94234efcdf3f89e94ad9b7838ed17f416b617b357fb509aebc55f8cb2f7c533cdc387a95fcb743ddabb504ef9c83f8dc3b03e8f646179c72fea43bf8e3f3649a77a4939e94d8271743e3f6228efcc64a7fa3b4a8171bc2b810c5a94516ee7bcbf5703e5f3688d73a2cc3aa161fd8765233fd6f064ecda1f46598ba0b21200a5932fabdb0da15d1994c51be6680caaf3260aa9d40d8bf9a412ef514c51dcedcddf90b714ee6b61f6d040ae12ff18873550c0f870f92f252a6e8d4b8b24d8133785df2bb7b918b92adbda169c9a2ac5704912c8e41fb203b13309f92918a0f1af4e14dbfae87fdf75ad2765ecb59b27257934c4df8206ae251df65e819ac62be2b33a7c07441eb5b7a207aed59a822e9b084b8c81042837768a156cb01eba1987d845cca6438f008e781db3a6ccec434651492a5d8bde9732e0449ae1c466f6b60658d755d80eb5f4d7208582bce38c73b85d7a97598c38c1083761cd982ea5289c052db99a7c4090a78c45277ea7ffb3b5fb3ec98eb3aef525f2dbee2df473cba6383dba5f247d79904cd9c31d5fec6ae7cc1e753fa7fd0128b6ad4e6d20cbefb929520a48f2a46f371eeaa0ab150f49a93d8d7cd5987a3921de1ff21feda7f3334e9f1a71d205b3192c19a47a8522766f1e0c229fd30592a6222fd2195211c78fc8cb5613a87ee94a71ea8e5e10e162f89e49ed3128516e2600e34ed282e44a6b7e4483a416cb192ce0d4cf336e460ea38022ac17bf11d0b3b7c869de43775a3f9b72fb0e6ac40ebf1d9f8808fd1026a6b682cebd4ae61aa5ed55152f344204bbe4c529434263ae8b59b12cc1c32f4bae59884ee48d1c1247569360c9f5df86b5ec4d478b522acc6ea4af99bbb022bcdfb4b884b4ea162b560619f71e43dbcc773ca59d9403f089b07540d5b76d81367ce4c7a21cd9ecad64d40c670354a994e4310508c3c118713f6718d53e3a8572eaf474d37b041d257b92b33b0f93d2cea1ac2381e5620c1c055b8081f0a653ca320a3e04074cf24c0da4cdcbb67a2bb6a51afa1ac3fcec9957c10898dec34637d2399cd8e10d4d90d99bbe3c6b4bdec0f2b0b33858931e22aed413e3675ab8350a63ef3db3ca4039a6776cf9a847a5cbedce38dcc4d0e9edabc9536393a4b3c16c077f91ae111cf818b947b828f9ac5e3b82b16b4e9dbf93410bda0bb05659bb397fc44730f26881a5eadb4bf3eca5e3862b60cd6d9a44be19f52b2ee2f891e7d1426e516fc2c8b5e2db54ce54d437fb01ab5bfb13b5798f4809ade5e4628a2c15a19a307c2c35d1cd4b57053bae24888e533aa0b0d1cdc3cee957c94b90c761f15ec85f94fb8221a9a135b004e462227717ae0e4fbc94c5b2c1b931e30f4687cadf76b1349358310ee14aae766372f90270c59e2885c68299e668ea2ba3e41282c49039c1c0fd144f051076b8aab2ff612444e4cb857c84afc33c6a527a9587fe802d88d0d2cc4000cec733d00e4deb83aa7e6110b97e5966bf1ce67ecabd14eafaf0d7afc9629010da9c6db6a46c4389385e93392cfb666a0347a5c80a5ba5fc856fe3949f0ce694255aac8e94a1c53a7d03685dfb0c946179b90fb939fb4963a8d8788c7e6bf876e25f0a715a52d183433e7cbc33d187d282635ccb64fbdeb1837a1846facf1f7c9e1edd1927674611dbcadd73dfdbc02b7e7718c96bfad2e117a21f2ecce3141a614920be2a167c4e3fa653b1bfc8f1c5583bf06026a041d6309c62f966e7ebcccbb9d875bedbbdc46f7c0bb4251c08a74eb6021bf79aeedeca12e17715322a57a64e6b3ed437c94388cc53fada323d7c68da4fb03d1d9df4d5f8c0e8e9abf81762ff4cfd25493634220212ebdcefd29b8150b7d924d880f5c1ae85ad02058bfe338bd260a980632fe414b4d49b63ba5219727b30fcdc3e7d25113fa086bdd4022840b3f1a7ca4e55afbec876b3c1bbbba708c10646c9ac292abab7339e35b20cce7261565e05e8179b859d49766c16c2ca45f2ae251bbfd803d4ec8ed92ce941193a8c5578c2376163efc8b6068e112a57a9cf3473e2a0c5d522fbd0dc6080ab07c96a046f4e80fd42e40fb9728bfd0a458f2c185012e7bfbd9015167974aacc19268fc59822a1ed312cb01872f530f479b19e3affeaf15e5ea0f838eaf7ea53fe54f1b03f7f2942186bc3b345d90013ae6f99fc053629280be7614f7dfbdbdfb219de33135f95b4a2e3477c7dae5ebad093e25b43ac1315abd336a6430efeb3e62fc61b4c1ddbf0bb60d70a73859f72671db67645bb0327bf1ed675d2b0b3bf638f2b25e3fb3e63c10adcc51c0b6c983e92922d862ec9cf82388f9b42f3c28a82dad9d054324d56a78bca70b1f89b7228b4f12c1473f0e308733466ac077cf15e37fb971b69a4f736960e198a4096ec89bf0396b11dbfbcd0468368c3ec223684043764d5391d1ec93e80f6dc70c2fa641682a400b8b229d6bb718e246b02e06a4f01876b21962afd3a4d49e701472c2f76f2f3c177d325674a73aae79172ce1357cbc5a246fbcc293c14d813ab2368cb161d5caa126140e43799909759f3625dcf2ec412828569ce5e9821186fc0331aa27a05d35536c55005ddae64687b2a73a909a03701718392b6885cc34cb64c69e84bbdb53bfca5039cd7ec3c9ddc45c1d35b8bae0fff8cf41319b0a70f2d1c9ab240694381f0135b82f2c6711522cf978b8fb776bc63ebd195236b8a148f44da3ab4fda8d5270f052c38cd763df7cefefb149bad77a2d5f7bd47cfca67599564da68f87459e7ca08763695d65e42be2c3cb0aa6000736f7a99bd362a7ea8c93f460b7e2d826247d880721f2b8f7c906dc66de1aae8cf4eae7304e8fb3b2dcd255dfe27a22bfa99ffeac92675d0426167bbcc6bb6f8d837142f017938f8bcc978e38b3fa8420cd1ef240df03994562a32361b8cab2b10a325f4f10b1c946438f28ae87ed7f94142f9e4751296c23bda5aaa681327754268f2001d4fa3955df4db11e4088a2860d0248bef7353ada0b5a15b998b3dde7d1510c7501cc63db18ab55acf61c1d7380a73556297ac82eedf3578e553c8d83592f7a3fe7074cfcff36279e6d3648ad20ebf083b667a88c87574a056001b84c6e26fdc37ac5215b05febb4715a57b19f62f3ce321a807e27bc258fff4cf4b2bca9d4e53c53a043f68151bf6a36d929cff6a70934ff2aed092ba318165fb07bd80ad3a3f02317c602a5455ff381549bcbd8c2e3dab1ef772c8c0521f519914623312f0e0353660bbdcc206a517d8976b5a97e9897c4665a2f40ceb0476178c660d510701be960fc8fbb40b4db1b445e55e65e968315771e74cf88f41153a06d243f7d472d5c13ddef6b504d9e298afb9aaab365ab04e11664714ca7d7864f86f58a0d3864021e77166bcbbeb8439d9e1f624caa57e776b9a00f59e31fe1e4464106690c777a066db60982b07db9a9ff9e8698d45163d9eff9439c6c191dd5d60d64c54864ffb230d5315ebf5e0b3b172aca7f46c9744a2f5b7132473f1f69563d93750d7fd929ad9ac16e65f842cde4c6182bc7abad69c3128e0ce176e0f33c15a18bca75bf14b931e3655715bf35d88add370c7066610f9500a05afaa0f9f770c3950ab3a418490d90666e19697378112ba866a3dab2a9caea08d014b27efce530423bcfc2430e236e86d92e75e3db0d3956828f4679dd8dfd81ad96850414ac0359637f7e51a4ec9a2c861bb47f9b062429466da32c563e56271cb854226232aed9b5dee3fd9ddfdc54d7e67fc85b58e5af1a289d9774a148a2e74b636fae4244573eb6737bdbf292994262f6db25893bebde1f0d3d414711b3eac3a42eec689087b524f4f837e4d5558075a44635a631efb4bbb8ac53e6768cf74a9ceab92c3b91cf638fb1fbba10cc02a801f7a160b1e9d8a42c5c188cd03954b9c11b0377bdbb2a37207d38b67507f3b4db6bc54bd4a9c731f047dc2fa584bb573043fbbbf9ba6eb8c37c116e80b512b4515298596492c72433234005321f66ba0e1b3022e511e4b9441da82b1ba97206eddc4ef28c3a773bf9af4d39c7869c39def0bce5e1dd46a6a70d7b83d25c752fea21d0ed6ee733146ef67d31f1bc21a0adfba2cd36322c99d4aeea235ec0789a41cad70cb047717a453e"}, 0x1008, 0x0, &(0x7f0000000000)={0x22, 0x9, 0x7, 0xb, 0x4}, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
ioctl$sock_inet6_tcp_SIOCINQ(r6, 0x541b, 0x0)
r7 = msgget$private(0x0, 0x3ac)
r8 = epoll_create1(0x80000)
r9 = fcntl$dupfd(r8, 0x2, 0xffffffffffffffff)
r10 = fanotify_init(0x10, 0x1000)
fanotify_mark(r10, 0x90, 0x8100000, r9, 0x0)
msgrcv(r7, 0x0, 0x0, 0xe4b43f0e2aa28c96, 0x2000)

0s ago: executing program 1 (id=5727):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0x20400, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGCHAN(r1, 0x80047437, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'c6xdigio\x00', [0x805, 0x3, 0x2f03, 0xc8, 0x88d7, 0x8e, 0x1007, 0x4, 0x1005, 0x6, 0xffffffff, 0x7, 0x10000008, 0x4, 0x40, 0x1, 0x8, 0xdc2, 0x9, 0x8a, 0x108, 0x3, 0x6, 0xa, 0x5, 0x1, 0x8001, 0xe, 0x4, 0x400002, 0x2]})

kernel console output (not intermixed with test programs):

=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.656179][   T40] audit: type=1326 audit(2000000230.519:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.663543][   T40] audit: type=1326 audit(2000000230.519:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.672215][   T40] audit: type=1326 audit(2000000230.519:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.679457][   T40] audit: type=1326 audit(2000000230.519:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.687444][   T40] audit: type=1326 audit(2000000230.519:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25628 comm="syz.5.5246" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1192.771651][T25633] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[ 1192.774044][T25633] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1192.777649][T25633] vhci_hcd vhci_hcd.0: Device attached
[ 1192.778579][ T5957] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1192.790772][T25633] batman_adv: batadv0: Adding interface: gretap1
[ 1192.792997][T25633] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1192.803431][T25633] batman_adv: batadv0: Interface activated: gretap1
[ 1193.014319][T16627] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[ 1193.153370][T25649] vhci_hcd: connection reset by peer
[ 1193.156183][ T7075] vhci_hcd: stop threads
[ 1193.158239][ T7075] vhci_hcd: release socket
[ 1193.161201][ T7075] vhci_hcd: disconnect device
[ 1193.471539][T25653] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1194.374193][T15096] usb 6-1: new high-speed USB device number 119 using dummy_hcd
[ 1194.450061][T25667] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1194.511042][T15096] usb 6-1: device descriptor read/64, error -71
[ 1194.764161][T15096] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[ 1194.894562][T15096] usb 6-1: device descriptor read/64, error -71
[ 1195.004671][T15096] usb usb6-port1: attempt power cycle
[ 1195.594923][T15096] usb 6-1: new high-speed USB device number 121 using dummy_hcd
[ 1195.615090][T15096] usb 6-1: device descriptor read/8, error -71
[ 1195.854245][T15096] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[ 1195.874918][T15096] usb 6-1: device descriptor read/8, error -71
[ 1195.879578][T25705] netlink: 'syz.4.5264': attribute type 3 has an invalid length.
[ 1195.882723][T25705] netlink: 'syz.4.5264': attribute type 1 has an invalid length.
[ 1195.911494][T25694] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1195.975649][T25705] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1195.982656][T25705] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[ 1195.985395][T25705] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1195.988364][T25705] vhci_hcd vhci_hcd.0: Device attached
[ 1195.988364][T15096] usb usb6-port1: unable to enumerate USB device
[ 1196.003524][T25705] batman_adv: batadv0: Adding interface: gretap1
[ 1196.006174][T25705] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1196.016128][T25705] batman_adv: batadv0: Interface activated: gretap1
[ 1196.254297][  T839] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[ 1196.469776][T25714] vhci_hcd: connection reset by peer
[ 1196.472434][ T7075] vhci_hcd: stop threads
[ 1196.474441][ T7075] vhci_hcd: release socket
[ 1196.477110][ T7075] vhci_hcd: disconnect device
[ 1196.824287][ T5958] usb 10-1: new high-speed USB device number 43 using dummy_hcd
[ 1196.923228][T25729] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1196.928016][T25729] syzkaller0: entered promiscuous mode
[ 1196.930159][T25729] syzkaller0: entered allmulticast mode
[ 1196.938691][T25729] tipc: Resetting bearer <eth:syzkaller0>
[ 1196.984149][ T5958] usb 10-1: Using ep0 maxpacket: 32
[ 1196.988813][ T5958] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1196.992783][ T5958] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1196.997589][ T5958] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1197.002016][ T5958] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1197.008355][ T5958] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1197.013925][ T5958] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1197.017101][ T5958] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1197.019824][ T5958] usb 10-1: Product: syz
[ 1197.021161][ T5958] usb 10-1: Manufacturer: syz
[ 1197.022768][ T5958] usb 10-1: SerialNumber: syz
[ 1197.026135][ T5958] usb 10-1: config 0 descriptor??
[ 1197.029365][ T5958] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1197.035233][ T5958] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1197.235943][T25737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5274'.
[ 1197.241810][T25725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1197.244972][T25725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1197.502868][T15096] usb 10-1: USB disconnect, device number 43
[ 1197.535989][T15096] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1197.582561][T25743] input: syz0 as /devices/virtual/input/input119
[ 1197.683030][T25726] tipc: Resetting bearer <eth:syzkaller0>
[ 1197.699595][T25726] tipc: Disabling bearer <eth:syzkaller0>
[ 1198.438855][T16627] vhci_hcd: vhci_device speed not set
[ 1198.525936][T25764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5279'.
[ 1198.608091][T25769] input: syz0 as /devices/virtual/input/input120
[ 1198.812066][T25759] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1198.967216][T25777] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5283'.
[ 1198.999731][T25773] netfs: Couldn't get user pages (rc=-14)
[ 1199.036172][T25780] input: syz0 as /devices/virtual/input/input121
[ 1199.682600][T25794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1199.685963][T25794] syzkaller0: entered promiscuous mode
[ 1199.687926][T25794] syzkaller0: entered allmulticast mode
[ 1199.696333][T25794] tipc: Resetting bearer <eth:syzkaller0>
[ 1200.437092][T25788] tipc: Resetting bearer <eth:syzkaller0>
[ 1200.448943][T25788] tipc: Disabling bearer <eth:syzkaller0>
[ 1200.576126][T25804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5290'.
[ 1200.650988][T25812] input: syz0 as /devices/virtual/input/input122
[ 1200.651131][T25809] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5292'.
[ 1200.728880][T25814] input: syz0 as /devices/virtual/input/input123
[ 1201.264145][T15096] usb 9-1: new full-speed USB device number 35 using dummy_hcd
[ 1201.344220][  T839] vhci_hcd: vhci_device speed not set
[ 1201.417657][T15096] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1201.420956][T15096] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1201.426363][T15096] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[ 1201.430439][T15096] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1201.434803][T15096] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.440275][T25827] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1201.443571][T15096] hub 9-1:1.0: bad descriptor, ignoring hub
[ 1201.446213][T15096] hub 9-1:1.0: probe with driver hub failed with error -5
[ 1201.449322][T15096] cdc_wdm 9-1:1.0: skipping garbage
[ 1201.451653][T15096] cdc_wdm 9-1:1.0: skipping garbage
[ 1201.455954][T15096] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1201.458037][T15096] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1201.764338][T16627] usb 9-1: USB disconnect, device number 35
[ 1201.819014][T25840] FAULT_INJECTION: forcing a failure.
[ 1201.819014][T25840] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.822812][T25840] CPU: 2 UID: 0 PID: 25840 Comm: syz.1.5300 Not tainted syzkaller #0 PREEMPT(full) 
[ 1201.822834][T25840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1201.822841][T25840] Call Trace:
[ 1201.822846][T25840]  <TASK>
[ 1201.822851][T25840]  dump_stack_lvl+0x16c/0x1f0
[ 1201.822868][T25840]  should_fail_ex+0x512/0x640
[ 1201.822885][T25840]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[ 1201.822899][T25840]  should_failslab+0xc2/0x120
[ 1201.822915][T25840]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1201.822939][T25840]  ? vm_area_dup+0x27/0x8d0
[ 1201.822953][T25840]  ? vm_area_dup+0x27/0x8d0
[ 1201.822962][T25840]  vm_area_dup+0x27/0x8d0
[ 1201.822973][T25840]  __split_vma+0x18e/0x1070
[ 1201.822987][T25840]  ? __pfx___split_vma+0x10/0x10
[ 1201.822997][T25840]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1201.823018][T25840]  vms_gather_munmap_vmas+0x3aa/0x1340
[ 1201.823032][T25840]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 1201.823045][T25840]  ? mas_walk+0x6f5/0x980
[ 1201.823061][T25840]  __mmap_region+0x434/0x27a0
[ 1201.823074][T25840]  ? __pfx___mmap_region+0x10/0x10
[ 1201.823087][T25840]  ? find_held_lock+0x2b/0x80
[ 1201.823101][T25840]  ? is_bpf_text_address+0x8a/0x1a0
[ 1201.823127][T25840]  ? __lock_acquire+0x62e/0x1ce0
[ 1201.823145][T25840]  ? __lock_acquire+0xb97/0x1ce0
[ 1201.823160][T25840]  ? _parse_integer_limit+0x17f/0x1d0
[ 1201.823191][T25840]  ? __lock_acquire+0xb97/0x1ce0
[ 1201.823211][T25840]  mmap_region+0x1ab/0x3f0
[ 1201.823223][T25840]  ? __get_unmapped_area+0x267/0x440
[ 1201.823239][T25840]  do_mmap+0xa3e/0x1210
[ 1201.823256][T25840]  ? __pfx_do_mmap+0x10/0x10
[ 1201.823271][T25840]  ? __pfx_down_write_killable+0x10/0x10
[ 1201.823289][T25840]  vm_mmap_pgoff+0x29e/0x470
[ 1201.823306][T25840]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1201.823324][T25840]  ? __fget_files+0x20e/0x3c0
[ 1201.823338][T25840]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1201.823353][T25840]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 1201.823368][T25840]  __do_fast_syscall_32+0x7c/0x300
[ 1201.823383][T25840]  do_fast_syscall_32+0x32/0x80
[ 1201.823396][T25840]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1201.823410][T25840] RIP: 0023:0xf707e579
[ 1201.823420][T25840] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1201.823430][T25840] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 1201.823442][T25840] RAX: ffffffffffffffda RBX: 0000000080ffb000 RCX: 0000000000002000
[ 1201.823448][T25840] RDX: 0000000002000001 RSI: 0000000000000013 RDI: 0000000000000005
[ 1201.823455][T25840] RBP: 0000000000100300 R08: 0000000000000000 R09: 0000000000000000
[ 1201.823461][T25840] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1201.823467][T25840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1201.823481][T25840]  </TASK>
[ 1202.115003][ T5958] usb 10-1: new high-speed USB device number 44 using dummy_hcd
[ 1202.185909][T25856] FAULT_INJECTION: forcing a failure.
[ 1202.185909][T25856] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1202.190563][T25856] CPU: 0 UID: 0 PID: 25856 Comm: syz.2.5306 Not tainted syzkaller #0 PREEMPT(full) 
[ 1202.190585][T25856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1202.190595][T25856] Call Trace:
[ 1202.190602][T25856]  <TASK>
[ 1202.190608][T25856]  dump_stack_lvl+0x16c/0x1f0
[ 1202.190633][T25856]  should_fail_ex+0x512/0x640
[ 1202.190658][T25856]  _copy_to_user+0x32/0xd0
[ 1202.190683][T25856]  simple_read_from_buffer+0xcb/0x170
[ 1202.190711][T25856]  proc_fail_nth_read+0x197/0x240
[ 1202.190730][T25856]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1202.190748][T25856]  ? rw_verify_area+0xcf/0x6c0
[ 1202.190764][T25856]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1202.190781][T25856]  vfs_read+0x1e1/0xcf0
[ 1202.190803][T25856]  ? __pfx_vfs_read+0x10/0x10
[ 1202.190818][T25856]  ? find_held_lock+0x2b/0x80
[ 1202.190849][T25856]  ? __fget_files+0x20e/0x3c0
[ 1202.190864][T25856]  ? set_task_ioprio+0x200/0x670
[ 1202.190893][T25856]  ksys_read+0x12a/0x250
[ 1202.190909][T25856]  ? __pfx_ksys_read+0x10/0x10
[ 1202.190928][T25856]  ? rcu_is_watching+0x12/0xc0
[ 1202.190951][T25856]  __do_fast_syscall_32+0x7c/0x300
[ 1202.190973][T25856]  do_fast_syscall_32+0x32/0x80
[ 1202.190991][T25856]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1202.191011][T25856] RIP: 0023:0xf7f36579
[ 1202.191023][T25856] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1202.191039][T25856] RSP: 002b:00000000f5426590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1202.191055][T25856] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5426620
[ 1202.191065][T25856] RDX: 000000000000000f RSI: 00000000f73c5ff4 RDI: 0000000000000000
[ 1202.191074][T25856] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1202.191083][T25856] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1202.191092][T25856] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1202.191113][T25856]  </TASK>
[ 1202.271278][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1202.294240][ T5958] usb 10-1: Using ep0 maxpacket: 16
[ 1202.297942][ T5958] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1202.301961][ T5958] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1202.305381][ T5958] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1202.309199][ T5958] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.318221][ T5958] usb 10-1: config 0 descriptor??
[ 1202.531576][T11972] usb 10-1: USB disconnect, device number 44
[ 1202.594292][ T5958] usb 7-1: new full-speed USB device number 122 using dummy_hcd
[ 1202.746523][ T5958] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1202.750491][ T5958] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1202.754454][ T5958] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1202.758886][ T5958] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1202.762332][ T5958] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1202.771405][ T5958] usb 7-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1202.775439][ T5958] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1202.778871][ T5958] usb 7-1: Product: syz
[ 1202.780877][ T5958] usb 7-1: Manufacturer: syz
[ 1202.783222][ T5958] usb 7-1: SerialNumber: syz
[ 1202.789306][ T5958] usb 7-1: config 0 descriptor??
[ 1202.793796][ T5958] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input124
[ 1202.830465][T25857] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1202.901379][   T40] kauditd_printk_skb: 95 callbacks suppressed
[ 1202.901390][   T40] audit: type=1326 audit(2000000246.801:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25867 comm="syz.1.5310" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[ 1203.046452][T25870] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5308'.
[ 1203.054999][  T839] usb 7-1: USB disconnect, device number 122
[ 1203.069816][T25872] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5311'.
[ 1203.150557][T25875] input: syz0 as /devices/virtual/input/input125
[ 1203.657879][T25893] fuse: Bad value for 'fd'
[ 1203.811167][T25893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5316'.
[ 1204.641356][T25900] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1204.732368][T25915] fuse: Unknown parameter 'roXhF'xRVZ0000t¤æ'
[ 1205.729580][T25943] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5328'.
[ 1206.509838][T25952] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1206.702878][T25963] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1206.705648][T25963] syzkaller0: entered promiscuous mode
[ 1206.707402][T25963] syzkaller0: entered allmulticast mode
[ 1206.710674][T25963] tipc: Resetting bearer <eth:syzkaller0>
[ 1206.713064][T25961] tipc: Resetting bearer <eth:syzkaller0>
[ 1206.723233][T25961] tipc: Disabling bearer <eth:syzkaller0>
[ 1207.744132][  T839] usb 10-1: new high-speed USB device number 45 using dummy_hcd
[ 1207.909242][  T839] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1207.917580][  T839] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1207.920746][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.926830][  T839] usb 10-1: config 0 descriptor??
[ 1208.135032][  T839] usbhid 10-1:0.0: can't add hid device: -71
[ 1208.136932][  T839] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1208.147987][  T839] usb 10-1: USB disconnect, device number 45
[ 1208.634101][   T54] usb 10-1: new high-speed USB device number 46 using dummy_hcd
[ 1208.794284][   T54] usb 10-1: Using ep0 maxpacket: 32
[ 1208.798381][   T54] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1208.801757][   T54] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1208.807719][   T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1208.811341][   T54] usb 10-1: config 0 descriptor??
[ 1208.814482][   T54] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1208.817985][   T54] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1208.958688][T26005] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1208.964264][T26005] syzkaller0: entered promiscuous mode
[ 1208.966426][T26005] syzkaller0: entered allmulticast mode
[ 1209.115592][   T54] usb 10-1: USB disconnect, device number 46
[ 1209.118759][   T54] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1209.254180][T14287] usb 9-1: new full-speed USB device number 36 using dummy_hcd
[ 1209.374155][   T29] usb 6-1: new full-speed USB device number 123 using dummy_hcd
[ 1209.384247][T14287] usb 9-1: device descriptor read/64, error -71
[ 1209.535471][   T29] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1209.538610][   T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1209.541341][   T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1209.544495][   T29] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1209.547271][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1209.552319][   T29] hub 6-1:1.0: bad descriptor, ignoring hub
[ 1209.554394][   T29] hub 6-1:1.0: probe with driver hub failed with error -5
[ 1209.556799][   T29] cdc_wdm 6-1:1.0: skipping garbage
[ 1209.558437][   T29] cdc_wdm 6-1:1.0: skipping garbage
[ 1209.560083][   T29] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1209.624107][T14287] usb 9-1: new full-speed USB device number 37 using dummy_hcd
[ 1209.640733][T25999] tipc: Resetting bearer <eth:syzkaller0>
[ 1209.672442][T25999] tipc: Disabling bearer <eth:syzkaller0>
[ 1209.764209][T14287] usb 9-1: device descriptor read/64, error -71
[ 1209.864262][   T29] usb 6-1: USB disconnect, device number 123
[ 1209.884320][T14287] usb usb9-port1: attempt power cycle
[ 1210.160185][T26032] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(13)
[ 1210.162208][T26032] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1210.164682][T26032] vhci_hcd vhci_hcd.0: Device attached
[ 1210.171627][   T29] usb 7-1: new full-speed USB device number 123 using dummy_hcd
[ 1210.254748][T14287] usb 9-1: new full-speed USB device number 38 using dummy_hcd
[ 1210.287170][T14287] usb 9-1: device descriptor read/8, error -71
[ 1210.424278][T26020] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[ 1210.524571][T14287] usb 9-1: new full-speed USB device number 39 using dummy_hcd
[ 1210.546331][T14287] usb 9-1: device descriptor read/8, error -71
[ 1210.655591][T14287] usb usb9-port1: unable to enumerate USB device
[ 1210.971580][T26033] vhci_hcd: connection reset by peer
[ 1210.977128][T14590] vhci_hcd: stop threads
[ 1210.978634][T14590] vhci_hcd: release socket
[ 1210.980092][T14590] vhci_hcd: disconnect device
[ 1211.849744][T26057] input: syz0 as /devices/virtual/input/input126
[ 1212.229678][T26066] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1212.889833][   T29] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1212.893763][   T29] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 1212.896338][   T29] usb 7-1: can't read configurations, error -71
[ 1212.929250][T26069] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1213.214712][T26085] FAULT_INJECTION: forcing a failure.
[ 1213.214712][T26085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1213.219676][T26085] CPU: 1 UID: 0 PID: 26085 Comm: syz.4.5365 Not tainted syzkaller #0 PREEMPT(full) 
[ 1213.219690][T26085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1213.219698][T26085] Call Trace:
[ 1213.219702][T26085]  <TASK>
[ 1213.219707][T26085]  dump_stack_lvl+0x16c/0x1f0
[ 1213.219724][T26085]  should_fail_ex+0x512/0x640
[ 1213.219741][T26085]  strncpy_from_user+0x3b/0x2e0
[ 1213.219758][T26085]  strncpy_from_user_nofault+0x7f/0x180
[ 1213.219773][T26085]  bpf_probe_read_user_str+0x26/0x70
[ 1213.219791][T26085]  bpf_prog_7f11bb5dfa26a882+0x43/0x49
[ 1213.219801][T26085]  bpf_trace_run2+0x239/0x590
[ 1213.219812][T26085]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 1213.219824][T26085]  ? tomoyo_realpath_from_path+0xb5/0x6e0
[ 1213.219837][T26085]  ? __lock_acquire+0xb97/0x1ce0
[ 1213.219856][T26085]  kfree+0x236/0x6d0
[ 1213.219869][T26085]  ? tomoyo_realpath_from_path+0xb5/0x6e0
[ 1213.219881][T26085]  tomoyo_realpath_from_path+0xb5/0x6e0
[ 1213.219894][T26085]  ? tomoyo_profile+0x47/0x60
[ 1213.219910][T26085]  tomoyo_path_number_perm+0x245/0x580
[ 1213.219925][T26085]  ? tomoyo_path_number_perm+0x237/0x580
[ 1213.219943][T26085]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1213.219973][T26085]  ? find_held_lock+0x2b/0x80
[ 1213.219985][T26085]  ? hook_file_ioctl_common+0x145/0x410
[ 1213.219999][T26085]  ? __fget_files+0x20e/0x3c0
[ 1213.220013][T26085]  security_file_ioctl_compat+0x9b/0x240
[ 1213.220025][T26085]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1213.220044][T26085]  __do_fast_syscall_32+0x7c/0x300
[ 1213.220063][T26085]  do_fast_syscall_32+0x32/0x80
[ 1213.220076][T26085]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1213.220091][T26085] RIP: 0023:0xf7ff4579
[ 1213.220099][T26085] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1213.220110][T26085] RSP: 002b:00000000f54c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1213.220121][T26085] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000005101
[ 1213.220127][T26085] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1213.220133][T26085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1213.220139][T26085] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1213.220145][T26085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1213.220158][T26085]  </TASK>
[ 1213.233453][   T40] audit: type=1326 audit(2000000257.131:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.307919][   T40] audit: type=1326 audit(2000000257.131:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.316816][   T40] audit: type=1326 audit(2000000257.131:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.325844][   T40] audit: type=1326 audit(2000000257.131:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.336038][   T40] audit: type=1326 audit(2000000257.211:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.337074][T26096] input: syz0 as /devices/virtual/input/input127
[ 1213.350973][   T40] audit: type=1326 audit(2000000257.231:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.359592][   T40] audit: type=1326 audit(2000000257.231:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.367684][   T40] audit: type=1326 audit(2000000257.231:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.378240][   T40] audit: type=1326 audit(2000000257.231:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.385422][   T40] audit: type=1326 audit(2000000257.231:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26087 comm="syz.5.5368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1213.783575][T26115] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1214.554229][  T839] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[ 1214.707062][  T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1214.712096][  T839] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1215.146030][  T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1215.149748][  T839] usb 6-1: config 0 descriptor??
[ 1215.355903][  T839] usbhid 6-1:0.0: can't add hid device: -71
[ 1215.357851][  T839] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1215.361990][  T839] usb 6-1: USB disconnect, device number 124
[ 1215.370787][T26138] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1215.457603][T26151] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5383'.
[ 1215.504168][T26020] vhci_hcd: vhci_device speed not set
[ 1215.814186][  T839] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[ 1215.877250][T26168] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1215.974095][  T839] usb 6-1: Using ep0 maxpacket: 32
[ 1215.979090][  T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1215.982973][  T839] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1215.986755][  T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1215.990646][  T839] usb 6-1: config 0 descriptor??
[ 1215.994304][  T839] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1215.997873][  T839] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1216.253592][  T839] usb 6-1: USB disconnect, device number 125
[ 1216.257406][  T839] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[ 1216.578915][T26172] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1216.946285][T26191] FAULT_INJECTION: forcing a failure.
[ 1216.946285][T26191] name failslab, interval 1, probability 0, space 0, times 0
[ 1216.951401][T26191] CPU: 1 UID: 0 PID: 26191 Comm: syz.2.5395 Not tainted syzkaller #0 PREEMPT(full) 
[ 1216.951424][T26191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1216.951435][T26191] Call Trace:
[ 1216.951456][T26191]  <TASK>
[ 1216.951464][T26191]  dump_stack_lvl+0x16c/0x1f0
[ 1216.951491][T26191]  should_fail_ex+0x512/0x640
[ 1216.951514][T26191]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1216.951537][T26191]  should_failslab+0xc2/0x120
[ 1216.951561][T26191]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1216.951580][T26191]  ? __alloc_skb+0x2b2/0x380
[ 1216.951608][T26191]  ? __alloc_skb+0x2b2/0x380
[ 1216.951630][T26191]  __alloc_skb+0x2b2/0x380
[ 1216.951652][T26191]  ? __pfx___alloc_skb+0x10/0x10
[ 1216.951676][T26191]  ? __kernel_text_address+0xd/0x40
[ 1216.951696][T26191]  ? __pfx___might_resched+0x10/0x10
[ 1216.951722][T26191]  netlink_alloc_large_skb+0x69/0x140
[ 1216.951750][T26191]  netlink_sendmsg+0x698/0xdd0
[ 1216.951781][T26191]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1216.951815][T26191]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1216.951844][T26191]  ____sys_sendmsg+0xa95/0xc70
[ 1216.951865][T26191]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1216.951883][T26191]  ? get_compat_msghdr+0x11a/0x170
[ 1216.951917][T26191]  ___sys_sendmsg+0x134/0x1d0
[ 1216.951944][T26191]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1216.951981][T26191]  ? find_held_lock+0x2b/0x80
[ 1216.952017][T26191]  __sys_sendmsg+0x16d/0x220
[ 1216.952043][T26191]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1216.952078][T26191]  ? rcu_is_watching+0x12/0xc0
[ 1216.952103][T26191]  __do_fast_syscall_32+0x7c/0x300
[ 1216.952127][T26191]  do_fast_syscall_32+0x32/0x80
[ 1216.952149][T26191]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1216.952171][T26191] RIP: 0023:0xf7f36579
[ 1216.952184][T26191] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1216.952200][T26191] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1216.952217][T26191] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000200
[ 1216.952227][T26191] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1216.952237][T26191] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1216.952247][T26191] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1216.952257][T26191] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1216.952279][T26191]  </TASK>
[ 1217.454675][T26196] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1218.304106][  T839] usb 10-1: new high-speed USB device number 47 using dummy_hcd
[ 1218.314912][T26224] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1218.319680][T26224] tipc: Resetting bearer <eth:syzkaller0>
[ 1218.455553][  T839] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1218.459016][  T839] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1218.461860][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1218.465625][  T839] usb 10-1: config 0 descriptor??
[ 1218.503982][T26228] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5403'.
[ 1218.562640][T26230] syzkaller1: entered promiscuous mode
[ 1218.564519][T26230] syzkaller1: entered allmulticast mode
[ 1218.671004][  T839] usbhid 10-1:0.0: can't add hid device: -71
[ 1218.673062][  T839] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1218.676741][  T839] usb 10-1: USB disconnect, device number 47
[ 1218.732670][T26223] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1218.870317][T26220] tipc: Disabling bearer <eth:syzkaller0>
[ 1219.194203][  T839] usb 10-1: new high-speed USB device number 48 using dummy_hcd
[ 1219.354167][  T839] usb 10-1: Using ep0 maxpacket: 32
[ 1219.362150][  T839] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1219.366775][  T839] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1219.370531][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1219.375636][  T839] usb 10-1: config 0 descriptor??
[ 1219.379883][  T839] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1219.384968][  T839] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1219.644758][  T839] usb 10-1: USB disconnect, device number 48
[ 1219.648134][  T839] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1219.807790][T26252] netlink: 'syz.4.5409': attribute type 1 has an invalid length.
[ 1219.827921][T26252] 8021q: adding VLAN 0 to HW filter on device bond16
[ 1219.838098][T26252] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5409'.
[ 1219.840321][T26255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5410'.
[ 1219.906128][T26260] input: syz0 as /devices/virtual/input/input128
[ 1221.077848][T26297] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1221.080742][T26297] syzkaller0: entered promiscuous mode
[ 1221.082604][T26297] syzkaller0: entered allmulticast mode
[ 1221.160756][T26281] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1221.179688][T26301] binder: 26299:26301 ioctl c0189375 80000140 returned -22
[ 1221.816098][T26291] tipc: Resetting bearer <eth:syzkaller0>
[ 1221.853388][T26291] tipc: Disabling bearer <eth:syzkaller0>
[ 1222.124236][  T839] kernel write not supported for file /media0 (pid: 839 comm: kworker/3:2)
[ 1222.721684][ T5957] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1222.725020][ T5957] CPU: 2 UID: 0 PID: 5957 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 1222.725046][ T5957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1222.725054][ T5957] Workqueue: hci4 hci_rx_work
[ 1222.725071][ T5957] Call Trace:
[ 1222.725076][ T5957]  <TASK>
[ 1222.725081][ T5957]  dump_stack_lvl+0x16c/0x1f0
[ 1222.725097][ T5957]  sysfs_warn_dup+0x7f/0xa0
[ 1222.725113][ T5957]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1222.725128][ T5957]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1222.725142][ T5957]  ? find_held_lock+0x2b/0x80
[ 1222.725158][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[ 1222.725171][ T5957]  kobject_add_internal+0x2c4/0x9b0
[ 1222.725191][ T5957]  kobject_add+0x16e/0x240
[ 1222.725207][ T5957]  ? __pfx_kobject_add+0x10/0x10
[ 1222.725226][ T5957]  ? kobject_put+0xab/0x5a0
[ 1222.725244][ T5957]  device_add+0x288/0x1aa0
[ 1222.725285][ T5957]  ? __pfx_dev_set_name+0x10/0x10
[ 1222.725302][ T5957]  ? __pfx_device_add+0x10/0x10
[ 1222.725316][ T5957]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1222.725335][ T5957]  hci_conn_add_sysfs+0x17e/0x230
[ 1222.725351][ T5957]  le_conn_complete_evt+0x1260/0x2150
[ 1222.725368][ T5957]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1222.725381][ T5957]  ? hci_event_packet+0x459/0x11c0
[ 1222.725399][ T5957]  hci_le_conn_complete_evt+0x23c/0x370
[ 1222.725417][ T5957]  hci_le_meta_evt+0x357/0x5e0
[ 1222.725432][ T5957]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1222.725461][ T5957]  hci_event_packet+0x685/0x11c0
[ 1222.725475][ T5957]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1222.725490][ T5957]  ? __pfx_hci_event_packet+0x10/0x10
[ 1222.725504][ T5957]  ? kcov_remote_start+0x3c9/0x6d0
[ 1222.725517][ T5957]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1222.725535][ T5957]  hci_rx_work+0x2c5/0x16b0
[ 1222.725549][ T5957]  ? rcu_is_watching+0x12/0xc0
[ 1222.725567][ T5957]  process_one_work+0x9cc/0x1b70
[ 1222.725586][ T5957]  ? __pfx_process_one_work+0x10/0x10
[ 1222.725601][ T5957]  ? assign_work+0x1a0/0x250
[ 1222.725613][ T5957]  worker_thread+0x6c8/0xf10
[ 1222.725631][ T5957]  ? __pfx_worker_thread+0x10/0x10
[ 1222.725643][ T5957]  kthread+0x3c5/0x780
[ 1222.725654][ T5957]  ? __pfx_kthread+0x10/0x10
[ 1222.725665][ T5957]  ? rcu_is_watching+0x12/0xc0
[ 1222.725678][ T5957]  ? __pfx_kthread+0x10/0x10
[ 1222.725689][ T5957]  ret_from_fork+0x56a/0x730
[ 1222.725700][ T5957]  ? __pfx_kthread+0x10/0x10
[ 1222.725710][ T5957]  ret_from_fork_asm+0x1a/0x30
[ 1222.725732][ T5957]  </TASK>
[ 1222.725819][ T5957] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1222.806419][ T5957] Bluetooth: hci4: failed to register connection device
[ 1223.984952][T26355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5437'.
[ 1224.060331][T26358] input: syz0 as /devices/virtual/input/input129
[ 1224.434170][T26369] FAULT_INJECTION: forcing a failure.
[ 1224.434170][T26369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1224.439885][T26369] CPU: 3 UID: 0 PID: 26369 Comm: syz.2.5441 Not tainted syzkaller #0 PREEMPT(full) 
[ 1224.439908][T26369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1224.439918][T26369] Call Trace:
[ 1224.439924][T26369]  <TASK>
[ 1224.439931][T26369]  dump_stack_lvl+0x16c/0x1f0
[ 1224.439957][T26369]  should_fail_ex+0x512/0x640
[ 1224.439984][T26369]  _copy_from_user+0x2e/0xd0
[ 1224.440010][T26369]  get_compat_msghdr+0xa7/0x170
[ 1224.440035][T26369]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1224.440066][T26369]  ___sys_sendmsg+0x1ae/0x1d0
[ 1224.440093][T26369]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1224.440128][T26369]  ? find_held_lock+0x2b/0x80
[ 1224.440164][T26369]  __sys_sendmsg+0x16d/0x220
[ 1224.440189][T26369]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1224.440223][T26369]  ? rcu_is_watching+0x12/0xc0
[ 1224.440247][T26369]  __do_fast_syscall_32+0x7c/0x300
[ 1224.440270][T26369]  do_fast_syscall_32+0x32/0x80
[ 1224.440291][T26369]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1224.440312][T26369] RIP: 0023:0xf7f36579
[ 1224.440325][T26369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1224.440341][T26369] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1224.440357][T26369] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340
[ 1224.440369][T26369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1224.440378][T26369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1224.440386][T26369] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1224.440395][T26369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1224.440418][T26369]  </TASK>
[ 1224.669382][T26377] syzkaller0: entered promiscuous mode
[ 1224.671536][T26377] syzkaller0: entered allmulticast mode
[ 1225.197992][T26383] FAULT_INJECTION: forcing a failure.
[ 1225.197992][T26383] name failslab, interval 1, probability 0, space 0, times 0
[ 1225.202137][T26383] CPU: 3 UID: 0 PID: 26383 Comm: syz.4.5444 Not tainted syzkaller #0 PREEMPT(full) 
[ 1225.202151][T26383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1225.202158][T26383] Call Trace:
[ 1225.202162][T26383]  <TASK>
[ 1225.202166][T26383]  dump_stack_lvl+0x16c/0x1f0
[ 1225.202184][T26383]  should_fail_ex+0x512/0x640
[ 1225.202200][T26383]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1225.202213][T26383]  should_failslab+0xc2/0x120
[ 1225.202228][T26383]  __kmalloc_cache_noprof+0x72/0x780
[ 1225.202239][T26383]  ? alloc_fs_context+0x57/0x9c0
[ 1225.202255][T26383]  ? alloc_fs_context+0x57/0x9c0
[ 1225.202268][T26383]  alloc_fs_context+0x57/0x9c0
[ 1225.202284][T26383]  path_mount+0xe1b/0x23a0
[ 1225.202300][T26383]  ? __pfx_path_mount+0x10/0x10
[ 1225.202314][T26383]  ? kmem_cache_free+0x2d4/0x6c0
[ 1225.202327][T26383]  ? putname+0x154/0x1a0
[ 1225.202350][T26383]  ? putname+0x154/0x1a0
[ 1225.202371][T26383]  ? __ia32_sys_mount+0x291/0x310
[ 1225.202389][T26383]  __ia32_sys_mount+0x291/0x310
[ 1225.202408][T26383]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1225.202428][T26383]  ? rcu_is_watching+0x12/0xc0
[ 1225.202450][T26383]  __do_fast_syscall_32+0x7c/0x300
[ 1225.202472][T26383]  do_fast_syscall_32+0x32/0x80
[ 1225.202492][T26383]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1225.202511][T26383] RIP: 0023:0xf7ff4579
[ 1225.202524][T26383] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1225.202556][T26383] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1225.202573][T26383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000400
[ 1225.202583][T26383] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000080000040
[ 1225.202593][T26383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1225.202602][T26383] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1225.202611][T26383] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1225.202632][T26383]  </TASK>
[ 1225.615341][T15096] usb 9-1: new full-speed USB device number 40 using dummy_hcd
[ 1225.619716][T26395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5447'.
[ 1225.689664][T26408] input: syz0 as /devices/virtual/input/input130
[ 1225.768990][T26410] netlink: 'syz.1.5448': attribute type 16 has an invalid length.
[ 1225.771484][T26410] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.5448'.
[ 1226.054161][  T839] usb 10-1: new high-speed USB device number 49 using dummy_hcd
[ 1226.364693][  T839] usb 10-1: too many configurations: 9, using maximum allowed: 8
[ 1226.368716][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.372217][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.376475][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.380129][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.383535][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.388133][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.391623][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.395326][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.399546][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.403073][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.406625][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.410702][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.414282][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.417706][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.421951][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.425082][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.427961][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.431431][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.434509][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.437420][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.440746][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.443695][  T839] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1226.446631][  T839] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1226.450051][  T839] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1226.453927][  T839] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1226.456888][  T839] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1226.459563][  T839] usb 10-1: Product: syz
[ 1226.460899][  T839] usb 10-1: Manufacturer: syz
[ 1226.462388][  T839] usb 10-1: SerialNumber: syz
[ 1226.465334][  T839] usb 10-1: config 0 descriptor??
[ 1226.469562][  T839] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0
[ 1226.538084][T26425] fuse: Bad value for 'fd'
[ 1226.788695][T26420] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1227.014590][T26438] syzkaller0: entered promiscuous mode
[ 1227.016475][T26438] syzkaller0: entered allmulticast mode
[ 1227.060530][T26441] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5458'.
[ 1227.232931][T26442] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1227.235241][T26442] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1227.237545][T26442] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1227.240036][T26442] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[ 1227.242304][T26442] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[ 1227.244761][T26442] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1227.246897][T26442] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1227.249246][T26442] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1227.251403][T26442] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[ 1227.253629][T26442] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1227.255870][T26442] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1227.258058][T26442] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1227.260238][T26442] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1227.262509][T26442] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1227.265124][T26442] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1227.267664][T26442] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[ 1227.270119][T26442] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1227.272288][T26442] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1227.274765][T26442] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1227.276878][T26442] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1227.279086][T26442] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[ 1227.524192][   T54] usb 6-1: new full-speed USB device number 126 using dummy_hcd
[ 1227.690783][   T54] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1227.693939][   T54] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1227.698246][   T54] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1227.701269][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1227.924176][   T54] usb 6-1: GET_CAPABILITIES returned 0
[ 1227.925985][   T54] usbtmc 6-1:16.0: can't read capabilities
[ 1228.128308][  T839] usb 6-1: USB disconnect, device number 126
[ 1228.312028][ T6029] usb 10-1: USB disconnect, device number 49
[ 1228.315491][ T6029] yurex 10-1:0.0: USB YUREX #0 now disconnected
[ 1228.324738][T15096] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1228.336339][T15096] usb 9-1: unable to read config index 0 descriptor/start: -71
[ 1228.338754][T15096] usb 9-1: can't read configurations, error -71
[ 1228.522346][T26459] tipc: Cannot configure node identity twice
[ 1228.556771][T26457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5462'.
[ 1228.560515][T26457] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5462'.
[ 1228.731663][T26465] fuse: Bad value for 'fd'
[ 1228.991443][T26474] nfs: Unknown parameter ''
[ 1228.994146][   T40] kauditd_printk_skb: 13 callbacks suppressed
[ 1228.994157][   T40] audit: type=1326 audit(2000000272.891:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.013941][   T40] audit: type=1326 audit(2000000272.891:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.022796][T26476] FAULT_INJECTION: forcing a failure.
[ 1229.022796][T26476] name failslab, interval 1, probability 0, space 0, times 0
[ 1229.023871][   T40] audit: type=1326 audit(2000000272.891:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.028351][T26476] CPU: 2 UID: 0 PID: 26476 Comm: syz.1.5468 Not tainted syzkaller #0 PREEMPT(full) 
[ 1229.028366][T26476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1229.028373][T26476] Call Trace:
[ 1229.028377][T26476]  <TASK>
[ 1229.028382][T26476]  dump_stack_lvl+0x16c/0x1f0
[ 1229.028400][T26476]  should_fail_ex+0x512/0x640
[ 1229.028415][T26476]  ? fs_reclaim_acquire+0xae/0x150
[ 1229.028433][T26476]  should_failslab+0xc2/0x120
[ 1229.028449][T26476]  __kmalloc_noprof+0xdd/0x880
[ 1229.028459][T26476]  ? tomoyo_encode2+0x100/0x3e0
[ 1229.028474][T26476]  ? tomoyo_encode2+0x100/0x3e0
[ 1229.028484][T26476]  tomoyo_encode2+0x100/0x3e0
[ 1229.028497][T26476]  tomoyo_encode+0x29/0x50
[ 1229.028508][T26476]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1229.028524][T26476]  tomoyo_path_perm+0x274/0x460
[ 1229.028540][T26476]  ? tomoyo_path_perm+0x260/0x460
[ 1229.028557][T26476]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1229.028604][T26476]  ? hook_file_truncate+0xc7/0x250
[ 1229.028618][T26476]  security_file_truncate+0x84/0x1e0
[ 1229.028630][T26476]  do_ftruncate+0x218/0x970
[ 1229.028645][T26476]  ? __pfx_do_ftruncate+0x10/0x10
[ 1229.028663][T26476]  do_sys_ftruncate+0x61/0xb0
[ 1229.028677][T26476]  __ia32_compat_sys_ftruncate+0x5b/0x80
[ 1229.028690][T26476]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1229.028704][T26476]  __do_fast_syscall_32+0x7c/0x300
[ 1229.028719][T26476]  do_fast_syscall_32+0x32/0x80
[ 1229.028732][T26476]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1229.028746][T26476] RIP: 0023:0xf707e579
[ 1229.028755][T26476] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1229.028765][T26476] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 000000000000005d
[ 1229.028776][T26476] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000003292e291
[ 1229.028782][T26476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1229.028788][T26476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1229.028795][T26476] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1229.028801][T26476] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1229.028814][T26476]  </TASK>
[ 1229.028824][T26476] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1229.035379][   T40] audit: type=1326 audit(2000000272.891:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.042728][   T40] audit: type=1326 audit(2000000272.891:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.121125][   T40] audit: type=1326 audit(2000000272.891:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.128202][   T40] audit: type=1326 audit(2000000272.891:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.135238][   T40] audit: type=1326 audit(2000000272.891:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.141981][   T40] audit: type=1326 audit(2000000272.891:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.148954][   T40] audit: type=1326 audit(2000000272.891:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26473 comm="syz.5.5467" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1229.204718][T26482] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[ 1229.206794][T26482] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1229.209322][T26482] vhci_hcd vhci_hcd.0: Device attached
[ 1229.242972][T26482] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1229.390480][T26488] overlay: Unknown parameter 'dont_hash'
[ 1229.404078][T26488] macsec0: entered promiscuous mode
[ 1229.406181][T26488] macsec0: entered allmulticast mode
[ 1229.408864][T26491] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5473'.
[ 1229.409917][T26488] veth1_macvtap: entered allmulticast mode
[ 1229.415529][T26488] macsec0: left promiscuous mode
[ 1229.417777][T26488] macsec0: left allmulticast mode
[ 1229.419502][T26488] veth1_macvtap: left allmulticast mode
[ 1229.448191][T26491] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5473'.
[ 1229.563804][  T839] usb 39-1: new low-speed USB device number 6 using vhci_hcd
[ 1229.972245][T26483] vhci_hcd: connection reset by peer
[ 1229.975430][T14618] vhci_hcd: stop threads
[ 1229.978538][T14618] vhci_hcd: release socket
[ 1229.980805][T14618] vhci_hcd: disconnect device
[ 1230.506400][T26505] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5478'.
[ 1230.646077][T26518] fuse: Bad value for 'fd'
[ 1230.968608][T26530] EXT4-fs (sr0): unable to read superblock
[ 1231.244788][T26542] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[ 1231.246897][T26542] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1231.249372][T26542] vhci_hcd vhci_hcd.0: Device attached
[ 1231.254629][T26542] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13)
[ 1231.256738][T26542] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1231.259165][T26542] vhci_hcd vhci_hcd.0: Device attached
[ 1231.264663][T26542] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1231.268655][T26542] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(20)
[ 1231.270759][T26542] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1231.273246][T26542] vhci_hcd vhci_hcd.0: Device attached
[ 1231.277794][T26542] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(22)
[ 1231.279995][T26542] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1231.282490][T26542] vhci_hcd vhci_hcd.0: Device attached
[ 1231.285028][T26542] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1231.294473][T26542] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(26)
[ 1231.296559][T26542] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1231.300135][T26542] vhci_hcd vhci_hcd.0: Device attached
[ 1231.302412][T26542] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1231.308664][T26551] vhci_hcd: connection closed
[ 1231.308727][T26549] vhci_hcd: connection closed
[ 1231.309451][T26547] vhci_hcd: connection closed
[ 1231.310419][T26545] vhci_hcd: connection closed
[ 1231.319319][T26554] vhci_hcd: connection closed
[ 1231.324103][T14590] vhci_hcd: stop threads
[ 1231.326965][T14590] vhci_hcd: release socket
[ 1231.328352][T14590] vhci_hcd: disconnect device
[ 1231.331539][T14590] vhci_hcd: stop threads
[ 1231.332992][T14590] vhci_hcd: release socket
[ 1231.334528][T14590] vhci_hcd: disconnect device
[ 1231.343260][T14590] vhci_hcd: stop threads
[ 1231.344958][T14590] vhci_hcd: release socket
[ 1231.346587][T14590] vhci_hcd: disconnect device
[ 1231.348211][T14590] vhci_hcd: stop threads
[ 1231.349601][T14590] vhci_hcd: release socket
[ 1231.351261][T14590] vhci_hcd: disconnect device
[ 1231.352929][T14590] vhci_hcd: stop threads
[ 1231.365458][T14590] vhci_hcd: release socket
[ 1231.367156][T14590] vhci_hcd: disconnect device
[ 1231.367756][T26558] fuse: Bad value for 'fd'
[ 1231.410678][T26559] comedi comedi0: dt2815: I/O port conflict (0x4f27,2)
[ 1231.838869][T26569] afs: Bad value for 'flock'
[ 1232.661700][T26595] vlan1: entered allmulticast mode
[ 1232.663851][T26595] veth0_to_bond: entered allmulticast mode
[ 1232.754162][T26598] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5499'.
[ 1232.761900][T26585] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1232.771587][T26598] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5499'.
[ 1232.887012][T26605] input: syz1 as /devices/virtual/input/input131
[ 1233.073766][T26620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5515'.
[ 1233.236840][ T6029] libceph: connect (1)[c::]:6789 error -101
[ 1233.238824][ T6029] libceph: mon0 (1)[c::]:6789 connect error
[ 1233.250761][T26628] afs: Bad value for 'flock'
[ 1233.386828][T26624] ceph: No mds server is up or the cluster is laggy
[ 1233.702854][T26640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5511'.
[ 1234.259902][T26663] 9pnet_fd: Insufficient options for proto=fd
[ 1234.307150][T26665] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1234.697206][T26685] 9pnet_fd: Insufficient options for proto=fd
[ 1234.705539][  T839] vhci_hcd: vhci_device speed not set
[ 1234.922689][T26696] syzkaller0: entered promiscuous mode
[ 1234.925053][T26696] syzkaller0: entered allmulticast mode
[ 1234.993103][T26699] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1235.434161][ T5958] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 1235.690265][T26719] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5537'.
[ 1235.696142][ T5958] usb 9-1: config index 0 descriptor too short (expected 45, got 36)
[ 1235.699135][ T5958] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1235.706559][ T5958] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1235.711032][ T5958] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1235.715751][ T5958] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1235.723473][ T5958] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1235.727453][ T5958] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.732162][ T5958] usb 9-1: config 0 descriptor??
[ 1235.735756][T26708] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1235.779412][T26722] input: syz0 as /devices/virtual/input/input132
[ 1235.997963][T26734] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5541'.
[ 1236.028730][T26735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5540'.
[ 1236.032149][T26735] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5540'.
[ 1236.043609][T26735] bridge0: port 1(vlan2) entered blocking state
[ 1236.046241][T26735] bridge0: port 1(vlan2) entered disabled state
[ 1236.048434][T26735] vlan2: entered allmulticast mode
[ 1236.051076][T26735] vlan2: entered promiscuous mode
[ 1236.082494][T26736] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1236.084858][T26736] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1236.087154][T26736] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1236.089441][T26736] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[ 1236.091663][T26736] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[ 1236.094082][T26736] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1236.096192][T26736] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1236.098523][T26736] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1236.100657][T26736] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[ 1236.102970][T26736] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1236.105356][T26736] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1236.107454][T26736] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1236.109608][T26736] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1236.111889][T26736] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1236.114702][T26736] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1236.117519][T26736] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[ 1236.119918][T26736] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1236.122168][T26736] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1236.125073][T26736] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1236.127378][T26736] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1236.129555][T26736] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[ 1236.366040][ T5958] hid_parser_main: 12 callbacks suppressed
[ 1236.366056][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.370165][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.372283][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.374507][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.376635][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.378780][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.380900][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.383040][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.384112][   T54] usb 7-1: new full-speed USB device number 125 using dummy_hcd
[ 1236.385281][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.389893][ T5958] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1236.399594][ T5958] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1236.404910][ T5958] usb 9-1: USB disconnect, device number 42
[ 1236.483989][T26741] FAULT_INJECTION: forcing a failure.
[ 1236.483989][T26741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1236.488001][T26741] CPU: 1 UID: 0 PID: 26741 Comm: syz.1.5542 Not tainted syzkaller #0 PREEMPT(full) 
[ 1236.488028][T26741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1236.488035][T26741] Call Trace:
[ 1236.488040][T26741]  <TASK>
[ 1236.488044][T26741]  dump_stack_lvl+0x16c/0x1f0
[ 1236.488064][T26741]  should_fail_ex+0x512/0x640
[ 1236.488082][T26741]  _copy_to_user+0x32/0xd0
[ 1236.488099][T26741]  simple_read_from_buffer+0xcb/0x170
[ 1236.488119][T26741]  proc_fail_nth_read+0x197/0x240
[ 1236.488133][T26741]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1236.488146][T26741]  ? rw_verify_area+0xcf/0x6c0
[ 1236.488157][T26741]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1236.488169][T26741]  vfs_read+0x1e1/0xcf0
[ 1236.488184][T26741]  ? __pfx_vfs_read+0x10/0x10
[ 1236.488195][T26741]  ? find_held_lock+0x2b/0x80
[ 1236.488212][T26741]  ? __fget_files+0x20e/0x3c0
[ 1236.488228][T26741]  ksys_read+0x12a/0x250
[ 1236.488240][T26741]  ? __pfx_ksys_read+0x10/0x10
[ 1236.488251][T26741]  ? fput+0x9b/0xd0
[ 1236.488266][T26741]  ? rcu_is_watching+0x12/0xc0
[ 1236.488281][T26741]  __do_fast_syscall_32+0x7c/0x300
[ 1236.488296][T26741]  do_fast_syscall_32+0x32/0x80
[ 1236.488310][T26741]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1236.488323][T26741] RIP: 0023:0xf707e579
[ 1236.488332][T26741] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1236.488342][T26741] RSP: 002b:00000000f542c590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1236.488353][T26741] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f542c620
[ 1236.488360][T26741] RDX: 000000000000000f RSI: 00000000f7415ff4 RDI: 0000000000000000
[ 1236.488366][T26741] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1236.488372][T26741] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1236.488378][T26741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1236.488391][T26741]  </TASK>
[ 1236.666172][   T54] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1236.669317][   T54] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1236.673393][   T54] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1236.677555][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1236.927293][T26755] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5547'.
[ 1236.944283][   T54] usb 7-1: GET_CAPABILITIES returned 0
[ 1236.954211][   T54] usbtmc 7-1:16.0: can't read capabilities
[ 1237.006963][T26759] input: syz0 as /devices/virtual/input/input133
[ 1237.142491][T15096] usb 7-1: USB disconnect, device number 125
[ 1237.254493][T14287] usb 6-1: new high-speed USB device number 127 using dummy_hcd
[ 1237.341745][T26770] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[ 1237.344228][T26770] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1237.347203][T26770] vhci_hcd vhci_hcd.0: Device attached
[ 1237.353461][T26770] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1237.418018][T14287] usb 6-1: too many configurations: 9, using maximum allowed: 8
[ 1237.425082][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.429324][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.433888][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.441005][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.445187][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.449825][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.455290][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.459412][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.464293][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.469962][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.475118][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.479953][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.490045][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.494416][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.500030][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.506031][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.510160][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.514174][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.521053][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.525026][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.528952][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.539043][T14287] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1237.543638][T14287] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1237.547874][T14287] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1237.566824][T14287] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1237.570401][T14287] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1237.575204][T14287] usb 6-1: Product: syz
[ 1237.577046][T14287] usb 6-1: Manufacturer: syz
[ 1237.579068][T14287] usb 6-1: SerialNumber: syz
[ 1237.584418][ T6029] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[ 1237.609049][T14287] usb 6-1: config 0 descriptor??
[ 1237.649860][T14287] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[ 1238.448876][T26771] vhci_hcd: connection reset by peer
[ 1238.453695][T14618] vhci_hcd: stop threads
[ 1238.455778][T14618] vhci_hcd: release socket
[ 1238.457764][T14618] vhci_hcd: disconnect device
[ 1238.698972][T26782] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1238.777172][T26787] FAULT_INJECTION: forcing a failure.
[ 1238.777172][T26787] name failslab, interval 1, probability 0, space 0, times 0
[ 1238.781186][T26787] CPU: 2 UID: 0 PID: 26787 Comm: syz.5.5553 Not tainted syzkaller #0 PREEMPT(full) 
[ 1238.781200][T26787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1238.781207][T26787] Call Trace:
[ 1238.781223][T26787]  <TASK>
[ 1238.781229][T26787]  dump_stack_lvl+0x16c/0x1f0
[ 1238.781247][T26787]  should_fail_ex+0x512/0x640
[ 1238.781263][T26787]  ? fs_reclaim_acquire+0xae/0x150
[ 1238.781280][T26787]  should_failslab+0xc2/0x120
[ 1238.781296][T26787]  __kmalloc_noprof+0xdd/0x880
[ 1238.781307][T26787]  ? tomoyo_encode2+0x100/0x3e0
[ 1238.781321][T26787]  ? tomoyo_encode2+0x100/0x3e0
[ 1238.781332][T26787]  tomoyo_encode2+0x100/0x3e0
[ 1238.781346][T26787]  tomoyo_encode+0x29/0x50
[ 1238.781357][T26787]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1238.781373][T26787]  tomoyo_path_number_perm+0x245/0x580
[ 1238.781390][T26787]  ? tomoyo_path_number_perm+0x237/0x580
[ 1238.781408][T26787]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1238.781439][T26787]  ? find_held_lock+0x2b/0x80
[ 1238.781452][T26787]  ? hook_file_ioctl_common+0x145/0x410
[ 1238.781466][T26787]  ? __fget_files+0x20e/0x3c0
[ 1238.781481][T26787]  security_file_ioctl_compat+0x9b/0x240
[ 1238.781493][T26787]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1238.781512][T26787]  __do_fast_syscall_32+0x7c/0x300
[ 1238.781532][T26787]  do_fast_syscall_32+0x32/0x80
[ 1238.781547][T26787]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1238.781560][T26787] RIP: 0023:0xf7f95579
[ 1238.781569][T26787] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1238.781580][T26787] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1238.781590][T26787] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[ 1238.781597][T26787] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1238.781603][T26787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1238.781609][T26787] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1238.781615][T26787] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1238.781629][T26787]  </TASK>
[ 1238.781678][T26787] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1238.955516][T26796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5556'.
[ 1238.959583][T26796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5556'.
[ 1238.964626][T26798] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5557'.
[ 1239.008197][T26802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5558'.
[ 1239.012809][T26802] FAULT_INJECTION: forcing a failure.
[ 1239.012809][T26802] name failslab, interval 1, probability 0, space 0, times 0
[ 1239.018342][T26802] CPU: 0 UID: 0 PID: 26802 Comm: syz.2.5558 Not tainted syzkaller #0 PREEMPT(full) 
[ 1239.018357][T26802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1239.018364][T26802] Call Trace:
[ 1239.018368][T26802]  <TASK>
[ 1239.018372][T26802]  dump_stack_lvl+0x16c/0x1f0
[ 1239.018390][T26802]  should_fail_ex+0x512/0x640
[ 1239.018406][T26802]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1239.018420][T26802]  should_failslab+0xc2/0x120
[ 1239.018436][T26802]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1239.018448][T26802]  ? __alloc_skb+0x2b2/0x380
[ 1239.018466][T26802]  ? __alloc_skb+0x2b2/0x380
[ 1239.018485][T26802]  __alloc_skb+0x2b2/0x380
[ 1239.018499][T26802]  ? __pfx___alloc_skb+0x10/0x10
[ 1239.018514][T26802]  ? __kernel_text_address+0xd/0x40
[ 1239.018540][T26802]  ? __pfx___might_resched+0x10/0x10
[ 1239.018556][T26802]  netlink_alloc_large_skb+0x69/0x140
[ 1239.018574][T26802]  netlink_sendmsg+0x698/0xdd0
[ 1239.018593][T26802]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1239.018611][T26802]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1239.018629][T26802]  ____sys_sendmsg+0xa95/0xc70
[ 1239.018640][T26802]  ? btrfs_extent_same_range+0x200/0x220
[ 1239.018654][T26802]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1239.018666][T26802]  ? get_compat_msghdr+0x11a/0x170
[ 1239.018687][T26802]  ___sys_sendmsg+0x134/0x1d0
[ 1239.018704][T26802]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1239.018727][T26802]  ? find_held_lock+0x2b/0x80
[ 1239.018749][T26802]  __sys_sendmsg+0x16d/0x220
[ 1239.018765][T26802]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1239.018787][T26802]  ? rcu_is_watching+0x12/0xc0
[ 1239.018802][T26802]  __do_fast_syscall_32+0x7c/0x300
[ 1239.018817][T26802]  do_fast_syscall_32+0x32/0x80
[ 1239.018830][T26802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1239.018844][T26802] RIP: 0023:0xf7f36579
[ 1239.018853][T26802] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1239.018864][T26802] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1239.018875][T26802] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[ 1239.018881][T26802] RDX: 0000000004040000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1239.018887][T26802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1239.018893][T26802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1239.018899][T26802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1239.018913][T26802]  </TASK>
[ 1239.120110][T26804] input: syz0 as /devices/virtual/input/input134
[ 1239.192629][T26806] FAULT_INJECTION: forcing a failure.
[ 1239.192629][T26806] name failslab, interval 1, probability 0, space 0, times 0
[ 1239.199596][T26806] CPU: 1 UID: 0 PID: 26806 Comm: syz.2.5559 Not tainted syzkaller #0 PREEMPT(full) 
[ 1239.199612][T26806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1239.199630][T26806] Call Trace:
[ 1239.199636][T26806]  <TASK>
[ 1239.199650][T26806]  dump_stack_lvl+0x16c/0x1f0
[ 1239.199671][T26806]  should_fail_ex+0x512/0x640
[ 1239.199686][T26806]  ? fs_reclaim_acquire+0xae/0x150
[ 1239.199703][T26806]  should_failslab+0xc2/0x120
[ 1239.199719][T26806]  __kmalloc_noprof+0xdd/0x880
[ 1239.199730][T26806]  ? tomoyo_encode2+0x100/0x3e0
[ 1239.199744][T26806]  ? tomoyo_encode2+0x100/0x3e0
[ 1239.199755][T26806]  tomoyo_encode2+0x100/0x3e0
[ 1239.199768][T26806]  tomoyo_encode+0x29/0x50
[ 1239.199779][T26806]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1239.199793][T26806]  ? tomoyo_profile+0x47/0x60
[ 1239.199807][T26806]  tomoyo_path_number_perm+0x245/0x580
[ 1239.199823][T26806]  ? tomoyo_path_number_perm+0x237/0x580
[ 1239.199841][T26806]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1239.199873][T26806]  ? find_held_lock+0x2b/0x80
[ 1239.199886][T26806]  ? hook_file_ioctl_common+0x145/0x410
[ 1239.199901][T26806]  ? __fget_files+0x20e/0x3c0
[ 1239.199915][T26806]  security_file_ioctl_compat+0x9b/0x240
[ 1239.199927][T26806]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1239.199946][T26806]  __do_fast_syscall_32+0x7c/0x300
[ 1239.199961][T26806]  do_fast_syscall_32+0x32/0x80
[ 1239.199974][T26806]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1239.199989][T26806] RIP: 0023:0xf7f36579
[ 1239.199998][T26806] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1239.200008][T26806] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1239.200019][T26806] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[ 1239.200026][T26806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1239.200032][T26806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1239.200038][T26806] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1239.200044][T26806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1239.200057][T26806]  </TASK>
[ 1239.200133][T26806] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1240.213461][  T839] usb 6-1: USB disconnect, device number 127
[ 1240.216837][  T839] yurex 6-1:0.0: USB YUREX #0 now disconnected
[ 1240.427561][T26819] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1240.916032][T26841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5568'.
[ 1241.007877][T26845] input: syz0 as /devices/virtual/input/input135
[ 1241.800401][ T5957] Bluetooth: hci3: unexpected event 0x23 length: 92 > 13
[ 1242.284108][T11972] usb 7-1: new high-speed USB device number 126 using dummy_hcd
[ 1242.465952][T11972] usb 7-1: Using ep0 maxpacket: 32
[ 1242.468988][T11972] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[ 1242.471902][T11972] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1242.479900][T11972] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1242.483342][T11972] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1242.489294][T11972] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1242.493479][T11972] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1242.497041][T11972] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1242.500227][T11972] usb 7-1: Product: syz
[ 1242.501663][T11972] usb 7-1: Manufacturer: syz
[ 1242.503177][T11972] usb 7-1: SerialNumber: syz
[ 1242.507314][T11972] usb 7-1: config 0 descriptor??
[ 1242.511189][T11972] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1242.515162][T11972] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1242.526159][T17152] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1242.532360][T17152] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1242.536194][T17152] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1242.540328][T17152] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1242.545303][T17152] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1242.679180][T14618] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.704253][ T6029] vhci_hcd: vhci_device speed not set
[ 1242.719213][T26868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1242.723119][T26868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1242.744368][ T5958] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1242.778565][T14618] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.847889][T14618] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.859966][T14287] usb 7-1: USB disconnect, device number 126
[ 1242.880920][T14287] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[ 1242.888199][T26879] chnl_net:caif_netlink_parms(): no params data found
[ 1243.014254][T14618] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.020857][T26879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1243.023432][T26879] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1243.026622][T26879] bridge_slave_0: entered allmulticast mode
[ 1243.029842][T26879] bridge_slave_0: entered promiscuous mode
[ 1243.033402][T26879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1243.039259][T26879] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1243.044442][T26879] bridge_slave_1: entered allmulticast mode
[ 1243.048409][T26879] bridge_slave_1: entered promiscuous mode
[ 1243.103453][T26879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1243.109354][T26879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1243.151357][T26879] team0: Port device team_slave_0 added
[ 1243.155294][T26879] team0: Port device team_slave_1 added
[ 1243.195781][T26879] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1243.197856][T26879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.206283][T26879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1243.211769][T26879] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1243.216114][T26879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.226028][T26879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1243.297325][T26879] hsr_slave_0: entered promiscuous mode
[ 1243.300906][T26879] hsr_slave_1: entered promiscuous mode
[ 1243.303259][T26879] debugfs: 'hsr0' already exists in 'hsr'
[ 1243.306147][T26879] Cannot create hsr debugfs directory
[ 1243.328774][T14618] batman_adv: batadv0: Interface deactivated: gretap1
[ 1243.446183][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[ 1243.499462][T14618] batman_adv: batadv0: Removing interface: gretap1
[ 1243.535976][T14618] bond15 (unregistering): (slave geneve3): Releasing backup interface
[ 1243.550772][T14618] bond1 (unregistering): (slave geneve2): Releasing backup interface
[ 1243.694120][ T5958] usb 6-1: Using ep0 maxpacket: 32
[ 1243.742696][T14618] bond0 (unregistering): left promiscuous mode
[ 1243.746227][T14618] bond0 (unregistering): Released all slaves
[ 1243.757809][T14618] bond1 (unregistering): Released all slaves
[ 1243.769723][T14618] bond2 (unregistering): Released all slaves
[ 1243.782236][T14618] bond3 (unregistering): Released all slaves
[ 1243.795244][T14618] bond4 (unregistering): Released all slaves
[ 1243.807959][T14618] bond5 (unregistering): Released all slaves
[ 1243.827145][T14618] bond6 (unregistering): Released all slaves
[ 1243.840040][T14618] bond7 (unregistering): Released all slaves
[ 1243.850120][T14618] bond8 (unregistering): Released all slaves
[ 1243.861278][T14618] bond9 (unregistering): Released all slaves
[ 1243.868451][T14618] bond10 (unregistering): Released all slaves
[ 1243.879071][T14618] bond11 (unregistering): Released all slaves
[ 1243.889956][T14618] bond12 (unregistering): Released all slaves
[ 1243.899023][T14618] bond13 (unregistering): Released all slaves
[ 1243.906798][T14618] bond14 (unregistering): Released all slaves
[ 1243.913713][T14618] bond15 (unregistering): Released all slaves
[ 1244.061363][T14618] bond16 (unregistering): Released all slaves
[ 1244.118291][ T5958] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[ 1244.233362][T14618] tipc: Disabling bearer <eth:syzkaller0>
[ 1244.246233][T14618] tipc: Left network mode
[ 1244.612857][ T5958] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1244.644594][ T5957] Bluetooth: hci1: command tx timeout
[ 1244.699808][T14618] dummy0: left promiscuous mode
[ 1244.705129][T14618] hsr_slave_0: left promiscuous mode
[ 1244.707990][T14618] hsr_slave_1: left promiscuous mode
[ 1244.964569][ T5958] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1244.968684][ T5958] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1244.973261][ T5958] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1244.999322][ T5958] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1245.002355][ T5958] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1245.005090][ T5958] usb 6-1: Product: syz
[ 1245.006509][ T5958] usb 6-1: Manufacturer: syz
[ 1245.008071][ T5958] usb 6-1: SerialNumber: syz
[ 1245.011133][ T5958] usb 6-1: config 0 descriptor??
[ 1245.015380][ T5958] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1245.019426][ T5958] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1245.224327][T26878] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1245.227736][T26878] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1245.395795][T26020] usb 6-1: USB disconnect, device number 2
[ 1245.452944][T26020] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[ 1246.090446][ T5957] Bluetooth: hci4: unexpected event 0x23 length: 92 > 13
[ 1246.602627][T26902] FAULT_INJECTION: forcing a failure.
[ 1246.602627][T26902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1246.609779][T26902] CPU: 3 UID: 0 PID: 26902 Comm: syz.2.5584 Not tainted syzkaller #0 PREEMPT(full) 
[ 1246.609795][T26902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1246.609802][T26902] Call Trace:
[ 1246.609806][T26902]  <TASK>
[ 1246.609811][T26902]  dump_stack_lvl+0x16c/0x1f0
[ 1246.609828][T26902]  should_fail_ex+0x512/0x640
[ 1246.609846][T26902]  _copy_from_iter+0x29f/0x1720
[ 1246.609865][T26902]  ? __pfx__copy_from_iter+0x10/0x10
[ 1246.609881][T26902]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1246.609903][T26902]  copy_page_from_iter+0xde/0x180
[ 1246.609920][T26902]  tun_build_skb.constprop.0+0x2e8/0x1510
[ 1246.609941][T26902]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[ 1246.609959][T26902]  ? __lock_acquire+0x62e/0x1ce0
[ 1246.609984][T26902]  tun_get_user+0x149c/0x3cc0
[ 1246.610005][T26902]  ? __pfx_tun_get_user+0x10/0x10
[ 1246.610020][T26902]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1246.610041][T26902]  ? find_held_lock+0x2b/0x80
[ 1246.610054][T26902]  ? tun_get+0x191/0x370
[ 1246.610070][T26902]  tun_chr_write_iter+0xdc/0x210
[ 1246.610086][T26902]  vfs_write+0x7d3/0x11d0
[ 1246.610099][T26902]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1246.610115][T26902]  ? __pfx_vfs_write+0x10/0x10
[ 1246.610126][T26902]  ? find_held_lock+0x2b/0x80
[ 1246.610147][T26902]  ksys_write+0x12a/0x250
[ 1246.610159][T26902]  ? __pfx_ksys_write+0x10/0x10
[ 1246.610178][T26902]  ? rcu_is_watching+0x12/0xc0
[ 1246.610199][T26902]  __do_fast_syscall_32+0x7c/0x300
[ 1246.610223][T26902]  do_fast_syscall_32+0x32/0x80
[ 1246.610243][T26902]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1246.610262][T26902] RIP: 0023:0xf7f36579
[ 1246.610276][T26902] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1246.610293][T26902] RSP: 002b:00000000f5426520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 1246.610310][T26902] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000000
[ 1246.610318][T26902] RDX: 000000000000003e RSI: 00000000f73c5ff4 RDI: 0000000000000000
[ 1246.610324][T26902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1246.610330][T26902] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1246.610336][T26902] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1246.610350][T26902]  </TASK>
[ 1246.619715][T26879] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1246.678304][T26904] FAULT_INJECTION: forcing a failure.
[ 1246.678304][T26904] name failslab, interval 1, probability 0, space 0, times 0
[ 1246.700591][T26904] CPU: 3 UID: 0 PID: 26904 Comm: syz.2.5585 Not tainted syzkaller #0 PREEMPT(full) 
[ 1246.700609][T26904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1246.700616][T26904] Call Trace:
[ 1246.700620][T26904]  <TASK>
[ 1246.700625][T26904]  dump_stack_lvl+0x16c/0x1f0
[ 1246.700643][T26904]  should_fail_ex+0x512/0x640
[ 1246.700660][T26904]  ? __kmalloc_noprof+0xca/0x880
[ 1246.700673][T26904]  should_failslab+0xc2/0x120
[ 1246.700689][T26904]  __kmalloc_noprof+0xdd/0x880
[ 1246.700700][T26904]  ? io_cache_alloc_new+0x45/0xf0
[ 1246.700719][T26904]  ? io_cache_alloc_new+0x45/0xf0
[ 1246.700738][T26904]  io_cache_alloc_new+0x45/0xf0
[ 1246.700759][T26904]  __io_prep_rw+0x21d/0x1090
[ 1246.700775][T26904]  ? find_held_lock+0x2b/0x80
[ 1246.700799][T26904]  ? __pfx___io_prep_rw+0x10/0x10
[ 1246.700813][T26904]  ? __io_alloc_req_refill+0x18f/0x5e0
[ 1246.700847][T26904]  ? __io_alloc_req_refill+0x33a/0x5e0
[ 1246.700872][T26904]  io_prep_rw+0x76/0x2c0
[ 1246.700882][T26904]  ? __pfx_io_prep_rw+0x10/0x10
[ 1246.700897][T26904]  io_prep_readv+0x20/0xa0
[ 1246.700908][T26904]  io_submit_sqes+0x855/0x2710
[ 1246.700929][T26904]  __do_sys_io_uring_enter+0xd69/0x1630
[ 1246.700946][T26904]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[ 1246.700960][T26904]  ? find_held_lock+0x2b/0x80
[ 1246.700972][T26904]  ? __might_fault+0xe3/0x190
[ 1246.700984][T26904]  ? __might_fault+0xe3/0x190
[ 1246.700995][T26904]  ? __might_fault+0x13b/0x190
[ 1246.701009][T26904]  ? rcu_is_watching+0x12/0xc0
[ 1246.701026][T26904]  __do_fast_syscall_32+0x7c/0x300
[ 1246.701072][T26904]  do_fast_syscall_32+0x32/0x80
[ 1246.701087][T26904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1246.701101][T26904] RIP: 0023:0xf7f36579
[ 1246.701111][T26904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1246.701122][T26904] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[ 1246.701133][T26904] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000847ba
[ 1246.701140][T26904] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000
[ 1246.701147][T26904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1246.701153][T26904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1246.701160][T26904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1246.701174][T26904]  </TASK>
[ 1246.712515][T26879] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1246.724282][ T5957] Bluetooth: hci1: command tx timeout
[ 1246.797983][T26879] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1246.806425][T26879] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1246.898043][T26879] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1246.909477][T26879] 8021q: adding VLAN 0 to HW filter on device team0
[ 1246.914787][T14590] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1246.917153][T14590] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1246.929905][T14590] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1246.932135][T14590] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1247.047277][T26879] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1247.199156][T26879] veth0_vlan: entered promiscuous mode
[ 1247.209440][T26879] veth1_vlan: entered promiscuous mode
[ 1247.235448][T26879] veth0_macvtap: entered promiscuous mode
[ 1247.239380][T26879] veth1_macvtap: entered promiscuous mode
[ 1247.250034][T26879] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1247.258095][T26879] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1247.263738][T14618] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.267405][T14618] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.270163][T14618] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.272880][T14618] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.332581][T14614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1247.336578][T14614] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1247.355617][ T7075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1247.358703][ T7075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1248.353443][T26952] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5593'.
[ 1248.424503][T26955] input: syz0 as /devices/virtual/input/input136
[ 1248.625337][T26961] No source specified
[ 1248.849047][T26971] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5599'.
[ 1248.884195][ T5957] Bluetooth: hci1: command tx timeout
[ 1248.942862][T26976] input: syz0 as /devices/virtual/input/input137
[ 1249.371599][T26987] netlink: 'syz.4.5603': attribute type 2 has an invalid length.
[ 1249.374393][T26987] netlink: 137592 bytes leftover after parsing attributes in process `syz.4.5603'.
[ 1249.601897][T26993] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5605'.
[ 1249.678343][T26998] input: syz0 as /devices/virtual/input/input138
[ 1250.034740][   T54] usb 10-1: new high-speed USB device number 50 using dummy_hcd
[ 1250.108319][T27007] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5608'.
[ 1250.171518][T27010] input: syz0 as /devices/virtual/input/input139
[ 1250.184191][   T54] usb 10-1: Using ep0 maxpacket: 32
[ 1250.190917][   T54] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1250.193871][   T54] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1250.197752][   T54] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1250.201567][   T54] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1250.207046][   T54] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1250.211225][   T54] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1250.215235][   T54] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1250.218744][   T54] usb 10-1: Product: syz
[ 1250.220218][   T54] usb 10-1: Manufacturer: syz
[ 1250.221852][   T54] usb 10-1: SerialNumber: syz
[ 1250.225257][   T54] usb 10-1: config 0 descriptor??
[ 1250.228464][   T54] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1250.232850][   T54] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1250.447298][T27004] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1250.451298][T27004] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1250.866862][T27021] tipc: Started in network mode
[ 1250.868720][T27021] tipc: Node identity 9676ac1660ed, cluster identity 4711
[ 1250.871655][T27021] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1250.887597][T27021] tipc: Resetting bearer <eth:syzkaller0>
[ 1250.954287][ T5957] Bluetooth: hci1: command tx timeout
[ 1250.957767][T27027] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5612'.
[ 1250.960695][T27027] xfrm0: entered promiscuous mode
[ 1250.962700][T27027] xfrm0: entered allmulticast mode
[ 1251.168318][ T6029] usb 10-1: USB disconnect, device number 50
[ 1251.191927][T27016] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1251.738030][T27017] tipc: Disabling bearer <eth:syzkaller0>
[ 1252.184422][ T6029] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1252.370266][T27044] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5618'.
[ 1252.436653][T27047] input: syz0 as /devices/virtual/input/input140
[ 1252.644624][T27055] virtio-fs: tag </dev/md0> not found
[ 1253.241571][   T40] kauditd_printk_skb: 92 callbacks suppressed
[ 1253.241583][   T40] audit: type=1326 audit(2000000297.141:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.252084][   T40] audit: type=1326 audit(2000000297.151:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.264251][   T40] audit: type=1326 audit(2000000297.161:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.272795][   T40] audit: type=1326 audit(2000000297.161:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.289617][   T40] audit: type=1326 audit(2000000297.161:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.300597][   T40] audit: type=1326 audit(2000000297.161:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.317403][   T40] audit: type=1326 audit(2000000297.161:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.327039][   T40] audit: type=1326 audit(2000000297.161:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27060 comm="syz.5.5622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[ 1253.580703][T27076] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1253.890514][T27084] tipc: Resetting bearer <eth:syzkaller0>
[ 1254.216522][   T29] Process accounting resumed
[ 1254.535621][T27071] tipc: Disabling bearer <eth:syzkaller0>
[ 1254.616930][T27098] netlink: 'syz.2.5632': attribute type 1 has an invalid length.
[ 1254.815585][T27104] FAULT_INJECTION: forcing a failure.
[ 1254.815585][T27104] name failslab, interval 1, probability 0, space 0, times 0
[ 1254.820576][T27104] CPU: 0 UID: 0 PID: 27104 Comm: syz.4.5634 Not tainted syzkaller #0 PREEMPT(full) 
[ 1254.820601][T27104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1254.820614][T27104] Call Trace:
[ 1254.820622][T27104]  <TASK>
[ 1254.820631][T27104]  dump_stack_lvl+0x16c/0x1f0
[ 1254.820664][T27104]  should_fail_ex+0x512/0x640
[ 1254.820692][T27104]  ? fs_reclaim_acquire+0xae/0x150
[ 1254.820717][T27104]  should_failslab+0xc2/0x120
[ 1254.820736][T27104]  __kmalloc_noprof+0xdd/0x880
[ 1254.820749][T27104]  ? tomoyo_encode2+0x100/0x3e0
[ 1254.820767][T27104]  ? tomoyo_encode2+0x100/0x3e0
[ 1254.820780][T27104]  tomoyo_encode2+0x100/0x3e0
[ 1254.820796][T27104]  tomoyo_encode+0x29/0x50
[ 1254.820809][T27104]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1254.820825][T27104]  ? tomoyo_profile+0x47/0x60
[ 1254.820843][T27104]  tomoyo_path_number_perm+0x245/0x580
[ 1254.820863][T27104]  ? tomoyo_path_number_perm+0x237/0x580
[ 1254.820884][T27104]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1254.820922][T27104]  ? find_held_lock+0x2b/0x80
[ 1254.820939][T27104]  ? hook_file_ioctl_common+0x145/0x410
[ 1254.820976][T27104]  ? __fget_files+0x20e/0x3c0
[ 1254.820995][T27104]  security_file_ioctl_compat+0x9b/0x240
[ 1254.821010][T27104]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1254.821033][T27104]  __do_fast_syscall_32+0x7c/0x300
[ 1254.821052][T27104]  do_fast_syscall_32+0x32/0x80
[ 1254.821068][T27104]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1254.821084][T27104] RIP: 0023:0xf700e579
[ 1254.821096][T27104] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1254.821109][T27104] RSP: 002b:00000000f53fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1254.821122][T27104] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[ 1254.821130][T27104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1254.821138][T27104] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1254.821145][T27104] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1254.821152][T27104] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1254.821169][T27104]  </TASK>
[ 1254.821182][T27104] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1255.334194][T16627] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[ 1255.484296][T16627] usb 9-1: Using ep0 maxpacket: 32
[ 1255.493125][T16627] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[ 1255.501065][T16627] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1255.505474][T16627] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1255.509172][T16627] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1255.530497][T16627] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1255.534350][T16627] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1255.537150][T16627] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1255.539672][T16627] usb 9-1: Product: syz
[ 1255.551236][T16627] usb 9-1: Manufacturer: syz
[ 1255.552678][T16627] usb 9-1: SerialNumber: syz
[ 1255.555707][T16627] usb 9-1: config 0 descriptor??
[ 1255.558972][T16627] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1255.565259][T16627] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1255.671768][T27113] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1255.761266][T27110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1255.765805][T27110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1256.258170][ T6029] usb 9-1: USB disconnect, device number 43
[ 1256.273260][ T6029] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[ 1256.636028][T27138] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5641'.
[ 1256.715448][T27146] input: syz0 as /devices/virtual/input/input141
[ 1256.810688][T27147] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1256.816408][T27147] tipc: Resetting bearer <eth:syzkaller0>
[ 1257.486585][T27140] tipc: Disabling bearer <eth:syzkaller0>
[ 1257.593068][T27157] openvswitch: netlink: VXLAN extension 0 has unexpected len 5 expected 0
[ 1257.596348][T27157] FAULT_INJECTION: forcing a failure.
[ 1257.596348][T27157] name failslab, interval 1, probability 0, space 0, times 0
[ 1257.600271][T27157] CPU: 0 UID: 0 PID: 27157 Comm: syz.1.5647 Not tainted syzkaller #0 PREEMPT(full) 
[ 1257.600287][T27157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1257.600294][T27157] Call Trace:
[ 1257.600299][T27157]  <TASK>
[ 1257.600303][T27157]  dump_stack_lvl+0x16c/0x1f0
[ 1257.600328][T27157]  should_fail_ex+0x512/0x640
[ 1257.600344][T27157]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1257.600362][T27157]  should_failslab+0xc2/0x120
[ 1257.600378][T27157]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1257.600392][T27157]  ? skb_clone+0x190/0x3f0
[ 1257.600412][T27157]  ? skb_clone+0x190/0x3f0
[ 1257.600427][T27157]  skb_clone+0x190/0x3f0
[ 1257.600444][T27157]  netlink_deliver_tap+0xabd/0xd30
[ 1257.600464][T27157]  netlink_unicast+0x71f/0x870
[ 1257.600483][T27157]  ? __pfx_netlink_unicast+0x10/0x10
[ 1257.600501][T27157]  ? genl_rcv_msg+0x4bb/0x800
[ 1257.600517][T27157]  netlink_ack+0x696/0xb80
[ 1257.600538][T27157]  netlink_rcv_skb+0x332/0x420
[ 1257.600581][T27157]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1257.600612][T27157]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1257.600636][T27157]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1257.600654][T27157]  genl_rcv+0x28/0x40
[ 1257.600664][T27157]  netlink_unicast+0x5a7/0x870
[ 1257.600684][T27157]  ? __pfx_netlink_unicast+0x10/0x10
[ 1257.600707][T27157]  netlink_sendmsg+0x8c8/0xdd0
[ 1257.600727][T27157]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1257.600746][T27157]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1257.600765][T27157]  ____sys_sendmsg+0xa95/0xc70
[ 1257.600779][T27157]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1257.600790][T27157]  ? get_compat_msghdr+0x11a/0x170
[ 1257.600813][T27157]  ___sys_sendmsg+0x134/0x1d0
[ 1257.600831][T27157]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1257.600854][T27157]  ? find_held_lock+0x2b/0x80
[ 1257.600878][T27157]  __sys_sendmsg+0x16d/0x220
[ 1257.600894][T27157]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1257.600917][T27157]  ? rcu_is_watching+0x12/0xc0
[ 1257.600951][T27157]  __do_fast_syscall_32+0x7c/0x300
[ 1257.600968][T27157]  do_fast_syscall_32+0x32/0x80
[ 1257.600982][T27157]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1257.600997][T27157] RIP: 0023:0xf707e579
[ 1257.601006][T27157] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1257.601017][T27157] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1257.601028][T27157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1257.601035][T27157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1257.601041][T27157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1257.601047][T27157] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1257.601054][T27157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1257.601068][T27157]  </TASK>
[ 1258.121769][T27170] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5652'.
[ 1258.124704][T27170] xfrm0: entered promiscuous mode
[ 1258.126275][T27170] xfrm0: entered allmulticast mode
[ 1258.261088][T27175] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5653'.
[ 1258.323437][T27178] input: syz0 as /devices/virtual/input/input142
[ 1259.037543][T27181] input: syz1 as /devices/virtual/input/input143
[ 1259.174175][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1259.290202][T27196] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5659'.
[ 1259.915571][T16627] usb 10-1: new high-speed USB device number 51 using dummy_hcd
[ 1260.064151][T16627] usb 10-1: Using ep0 maxpacket: 32
[ 1260.067214][T16627] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1260.069910][T16627] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1260.073456][T16627] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1260.078177][T16627] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1260.082828][T16627] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1260.086992][T16627] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1260.089789][T16627] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1260.092299][T16627] usb 10-1: Product: syz
[ 1260.093638][T16627] usb 10-1: Manufacturer: syz
[ 1260.095166][T16627] usb 10-1: SerialNumber: syz
[ 1260.098043][T16627] usb 10-1: config 0 descriptor??
[ 1260.101158][T16627] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1260.105306][T16627] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1260.179578][T27229] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5664'.
[ 1260.305708][T27199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1260.309588][T27199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1260.374218][T16627] usb 7-1: new high-speed USB device number 127 using dummy_hcd
[ 1260.538954][T27237] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5666'.
[ 1260.609526][T27241] input: syz0 as /devices/virtual/input/input144
[ 1260.621874][   T54] usb 10-1: USB disconnect, device number 51
[ 1260.685883][   T54] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1261.356475][T16627] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1261.360315][T16627] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1261.363534][T16627] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.368554][T16627] usb 7-1: config 0 descriptor??
[ 1261.576490][T16627] usbhid 7-1:0.0: can't add hid device: -71
[ 1261.578506][T16627] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1261.585181][T16627] usb 7-1: USB disconnect, device number 127
[ 1261.596539][T27260] bond0: entered promiscuous mode
[ 1261.598228][T27260] bond_slave_0: entered promiscuous mode
[ 1261.600588][T27260] bond_slave_1: entered promiscuous mode
[ 1261.603516][T27260] dummy0: entered promiscuous mode
[ 1261.606739][T27260] debugfs: 'hsr1' already exists in 'hsr'
[ 1261.609386][T27260] Cannot create hsr debugfs directory
[ 1261.611979][T27260] hsr1: entered promiscuous mode
[ 1261.614675][T27260] hsr1: entered allmulticast mode
[ 1261.617079][T27260] bond0: entered allmulticast mode
[ 1261.619289][T27260] bond_slave_0: entered allmulticast mode
[ 1261.622223][T27260] bond_slave_1: entered allmulticast mode
[ 1261.625332][T27260] dummy0: entered allmulticast mode
[ 1261.650589][T27262] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5673'.
[ 1262.024141][T16627] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1262.174134][T16627] usb 7-1: Using ep0 maxpacket: 32
[ 1262.177672][T16627] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.181234][T16627] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1262.184469][T16627] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.188333][T16627] usb 7-1: config 0 descriptor??
[ 1262.191530][T16627] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1262.195347][T16627] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1262.404303][T27271] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5683'.
[ 1262.415466][T27271] openvswitch: netlink: VXLAN extension 0 has unexpected len 5 expected 0
[ 1263.478700][T27311] FAULT_INJECTION: forcing a failure.
[ 1263.478700][T27311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1263.483355][T27311] CPU: 2 UID: 0 PID: 27311 Comm: syz.4.5680 Not tainted syzkaller #0 PREEMPT(full) 
[ 1263.483375][T27311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1263.483383][T27311] Call Trace:
[ 1263.483388][T27311]  <TASK>
[ 1263.483394][T27311]  dump_stack_lvl+0x16c/0x1f0
[ 1263.483415][T27311]  should_fail_ex+0x512/0x640
[ 1263.483437][T27311]  _copy_to_user+0x32/0xd0
[ 1263.483457][T27311]  snd_pcm_oss_read2+0x294/0x410
[ 1263.483473][T27311]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[ 1263.483485][T27311]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[ 1263.483506][T27311]  snd_pcm_oss_read+0x5d2/0x760
[ 1263.483540][T27311]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[ 1263.483554][T27311]  vfs_read+0x1e1/0xcf0
[ 1263.483573][T27311]  ? __pfx_vfs_read+0x10/0x10
[ 1263.483585][T27311]  ? find_held_lock+0x2b/0x80
[ 1263.483601][T27311]  ? __fget_files+0x204/0x3c0
[ 1263.483618][T27311]  ? __fget_files+0x20e/0x3c0
[ 1263.483629][T27311]  ? handle_mm_fault+0x200/0xd10
[ 1263.483646][T27311]  ksys_read+0x12a/0x250
[ 1263.483660][T27311]  ? __pfx_ksys_read+0x10/0x10
[ 1263.483691][T27311]  ? rcu_is_watching+0x12/0xc0
[ 1263.483709][T27311]  __do_fast_syscall_32+0x7c/0x300
[ 1263.483727][T27311]  do_fast_syscall_32+0x32/0x80
[ 1263.483742][T27311]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1263.483758][T27311] RIP: 0023:0xf700e579
[ 1263.483769][T27311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1263.483782][T27311] RSP: 002b:00000000f53fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[ 1263.483795][T27311] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800011c0
[ 1263.483802][T27311] RDX: 00000000200021d5 RSI: 0000000000000000 RDI: 0000000000000000
[ 1263.483810][T27311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1263.483817][T27311] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1263.483824][T27311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1263.483840][T27311]  </TASK>
[ 1263.485856][T11972] usb 7-1: USB disconnect, device number 2
[ 1263.614717][T11972] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[ 1263.654730][T27315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5682'.
[ 1263.660362][T27315] xfrm0: entered promiscuous mode
[ 1263.663633][T27315] xfrm0: entered allmulticast mode
[ 1263.904120][T16627] usb 10-1: new high-speed USB device number 52 using dummy_hcd
[ 1264.064088][T16627] usb 10-1: Using ep0 maxpacket: 32
[ 1264.068296][T16627] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1264.071620][T16627] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1264.075540][T16627] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1264.079382][T16627] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1264.085512][T16627] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1264.092382][T16627] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1264.095510][T16627] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1264.098525][T16627] usb 10-1: Product: syz
[ 1264.100118][T16627] usb 10-1: Manufacturer: syz
[ 1264.101745][T16627] usb 10-1: SerialNumber: syz
[ 1264.107479][T16627] usb 10-1: config 0 descriptor??
[ 1264.112467][T16627] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1264.117565][T16627] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1264.168191][T27325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5686'.
[ 1264.172041][T27325] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5686'.
[ 1264.176542][T27325] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5686'.
[ 1264.243457][T27325] input: syz0 as /devices/virtual/input/input145
[ 1264.315827][T27317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1264.318666][T27317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1264.371790][T27333] FAULT_INJECTION: forcing a failure.
[ 1264.371790][T27333] name failslab, interval 1, probability 0, space 0, times 0
[ 1264.376595][T27333] CPU: 0 UID: 0 PID: 27333 Comm: syz.2.5689 Not tainted syzkaller #0 PREEMPT(full) 
[ 1264.376613][T27333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1264.376620][T27333] Call Trace:
[ 1264.376648][T27333]  <TASK>
[ 1264.376655][T27333]  dump_stack_lvl+0x16c/0x1f0
[ 1264.376693][T27333]  should_fail_ex+0x512/0x640
[ 1264.376723][T27333]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[ 1264.376745][T27333]  should_failslab+0xc2/0x120
[ 1264.376772][T27333]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1264.376790][T27333]  ? getname_flags.part.0+0x4c/0x550
[ 1264.376823][T27333]  ? getname_flags.part.0+0x4c/0x550
[ 1264.376847][T27333]  getname_flags.part.0+0x4c/0x550
[ 1264.376886][T27333]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1264.376911][T27333]  getname_flags+0x93/0xf0
[ 1264.376929][T27333]  user_path_at+0x24/0x60
[ 1264.376947][T27333]  do_faccessat+0x139/0xba0
[ 1264.376963][T27333]  ? __pfx_do_faccessat+0x10/0x10
[ 1264.376978][T27333]  ? __pfx_ksys_write+0x10/0x10
[ 1264.376994][T27333]  __ia32_sys_faccessat2+0x95/0x100
[ 1264.377010][T27333]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1264.377026][T27333]  __do_fast_syscall_32+0x7c/0x300
[ 1264.377042][T27333]  do_fast_syscall_32+0x32/0x80
[ 1264.377057][T27333]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1264.377072][T27333] RIP: 0023:0xf7f36579
[ 1264.377082][T27333] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1264.377093][T27333] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 00000000000001b7
[ 1264.377112][T27333] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[ 1264.377119][T27333] RDX: 0000000000000002 RSI: 0000000000001200 RDI: 0000000000000000
[ 1264.377126][T27333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1264.377133][T27333] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1264.377139][T27333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1264.377154][T27333]  </TASK>
[ 1264.465929][T27337] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5687'.
[ 1264.498065][   T54] usb 10-1: USB disconnect, device number 52
[ 1264.514583][   T54] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1264.567060][T27337] input: syz0 as /devices/virtual/input/input146
[ 1265.504516][T27367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5697'.
[ 1265.510163][T27367] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5697'.
[ 1265.513270][T27367] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5697'.
[ 1265.607265][T27371] input: syz0 as /devices/virtual/input/input147
[ 1265.984747][ T6041] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1265.994257][T17152] Bluetooth: hci4: command 0x0406 tx timeout
[ 1266.782384][T27391] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1266.833342][T27383] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1266.944906][T27402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5704'.
[ 1267.022979][T27408] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5706'.
[ 1267.032936][T27408] netlink: 156 bytes leftover after parsing attributes in process `syz.5.5706'.
[ 1267.038965][T27408] netlink: 156 bytes leftover after parsing attributes in process `syz.5.5706'.
[ 1267.152834][T27412] input: syz0 as /devices/virtual/input/input148
[ 1267.175829][T27414] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5707'.
[ 1267.178946][T27414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5707'.
[ 1267.659019][T27431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5712'.
[ 1268.164502][T27448] FAULT_INJECTION: forcing a failure.
[ 1268.164502][T27448] name failslab, interval 1, probability 0, space 0, times 0
[ 1268.168771][T27448] CPU: 2 UID: 0 PID: 27448 Comm: syz.4.5717 Not tainted syzkaller #0 PREEMPT(full) 
[ 1268.168788][T27448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1268.168797][T27448] Call Trace:
[ 1268.168804][T27448]  <TASK>
[ 1268.168811][T27448]  dump_stack_lvl+0x16c/0x1f0
[ 1268.168885][T27448]  should_fail_ex+0x512/0x640
[ 1268.168911][T27448]  ? fs_reclaim_acquire+0xae/0x150
[ 1268.168929][T27448]  should_failslab+0xc2/0x120
[ 1268.168946][T27448]  __kmalloc_noprof+0xdd/0x880
[ 1268.168958][T27448]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1268.168975][T27448]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1268.168986][T27448]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1268.168999][T27448]  ? tomoyo_profile+0x47/0x60
[ 1268.169014][T27448]  tomoyo_path_number_perm+0x245/0x580
[ 1268.169031][T27448]  ? tomoyo_path_number_perm+0x237/0x580
[ 1268.169048][T27448]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1268.169080][T27448]  ? find_held_lock+0x2b/0x80
[ 1268.169094][T27448]  ? hook_file_ioctl_common+0x145/0x410
[ 1268.169109][T27448]  ? __fget_files+0x20e/0x3c0
[ 1268.169124][T27448]  security_file_ioctl_compat+0x9b/0x240
[ 1268.169137][T27448]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1268.169157][T27448]  __do_fast_syscall_32+0x7c/0x300
[ 1268.169173][T27448]  do_fast_syscall_32+0x32/0x80
[ 1268.169187][T27448]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1268.169202][T27448] RIP: 0023:0xf700e579
[ 1268.169212][T27448] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1268.169223][T27448] RSP: 002b:00000000f53fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1268.169235][T27448] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[ 1268.169242][T27448] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[ 1268.169248][T27448] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1268.169254][T27448] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1268.169260][T27448] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1268.169274][T27448]  </TASK>
[ 1268.169280][T27448] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1268.255353][T27429] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1268.284519][T27450] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5718'.
[ 1268.287776][T27450] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5718'.
[ 1268.290663][T27450] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5718'.
[ 1268.360535][T27455] input: syz0 as /devices/virtual/input/input149
[ 1268.594397][   T54] usb 10-1: new high-speed USB device number 53 using dummy_hcd
[ 1268.683703][T27464] FAULT_INJECTION: forcing a failure.
[ 1268.683703][T27464] name failslab, interval 1, probability 0, space 0, times 0
[ 1268.687837][T27464] CPU: 2 UID: 0 PID: 27464 Comm: syz.2.5722 Not tainted syzkaller #0 PREEMPT(full) 
[ 1268.687852][T27464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1268.687859][T27464] Call Trace:
[ 1268.687864][T27464]  <TASK>
[ 1268.687869][T27464]  dump_stack_lvl+0x16c/0x1f0
[ 1268.687886][T27464]  should_fail_ex+0x512/0x640
[ 1268.687902][T27464]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1268.687916][T27464]  should_failslab+0xc2/0x120
[ 1268.687932][T27464]  __kmalloc_cache_noprof+0x72/0x780
[ 1268.687943][T27464]  ? do_raw_read_unlock+0x44/0xe0
[ 1268.687954][T27464]  ? basic_init+0x43/0x1f0
[ 1268.687972][T27464]  ? __pfx_basic_classify+0x10/0x10
[ 1268.687986][T27464]  ? basic_init+0x43/0x1f0
[ 1268.688001][T27464]  basic_init+0x43/0x1f0
[ 1268.688016][T27464]  tc_new_tfilter+0x114a/0x2340
[ 1268.688028][T27464]  ? write_profile+0xd1/0x150
[ 1268.688045][T27464]  ? unwind_get_return_address+0x59/0xa0
[ 1268.688060][T27464]  ? arch_stack_walk+0xa6/0x100
[ 1268.688074][T27464]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1268.688089][T27464]  ? __lock_acquire+0x62e/0x1ce0
[ 1268.688113][T27464]  ? find_held_lock+0x2b/0x80
[ 1268.688126][T27464]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1268.688135][T27464]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1268.688153][T27464]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1268.688164][T27464]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1268.688182][T27464]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1268.688220][T27464]  ? __lock_acquire+0x62e/0x1ce0
[ 1268.688244][T27464]  netlink_rcv_skb+0x158/0x420
[ 1268.688262][T27464]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1268.688280][T27464]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1268.688303][T27464]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1268.688322][T27464]  netlink_unicast+0x5a7/0x870
[ 1268.688341][T27464]  ? __pfx_netlink_unicast+0x10/0x10
[ 1268.688364][T27464]  netlink_sendmsg+0x8c8/0xdd0
[ 1268.688384][T27464]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1268.688402][T27464]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1268.688421][T27464]  ____sys_sendmsg+0xa95/0xc70
[ 1268.688436][T27464]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1268.688447][T27464]  ? get_compat_msghdr+0x11a/0x170
[ 1268.688470][T27464]  ___sys_sendmsg+0x134/0x1d0
[ 1268.688488][T27464]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1268.688511][T27464]  ? find_held_lock+0x2b/0x80
[ 1268.688533][T27464]  __sys_sendmsg+0x16d/0x220
[ 1268.688549][T27464]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1268.688571][T27464]  ? rcu_is_watching+0x12/0xc0
[ 1268.688587][T27464]  __do_fast_syscall_32+0x7c/0x300
[ 1268.688603][T27464]  do_fast_syscall_32+0x32/0x80
[ 1268.688617][T27464]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1268.688632][T27464] RIP: 0023:0xf7f36579
[ 1268.688642][T27464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1268.688653][T27464] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1268.688664][T27464] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000080
[ 1268.688671][T27464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1268.688678][T27464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1268.688685][T27464] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1268.688692][T27464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1268.688708][T27464]  </TASK>
[ 1268.834288][   T54] usb 10-1: Using ep0 maxpacket: 8
[ 1268.837674][   T54] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1268.839839][   T54] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1268.842630][   T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.847444][   T54] usb 10-1: config 0 descriptor??
[ 1268.960385][T27475] comedi comedi2: c6xdigio: I/O port conflict (0x805,3)
[ 1268.963022][T27475] ==================================================================
[ 1268.965648][T27475] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[ 1268.968145][T27475] Read of size 8 at addr ffff8880486c6630 by task syz.1.5727/27475
[ 1268.971838][T27475] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1268.973027][T27475] CPU: 1 UID: 0 PID: 27475 Comm: syz.1.5727 Not tainted syzkaller #0 PREEMPT(full) 
[ 1268.973052][T27475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1268.973065][T27475] Call Trace:
[ 1268.973074][T27475]  <TASK>
[ 1268.973082][T27475]  dump_stack_lvl+0x116/0x1f0
[ 1268.973111][T27475]  print_report+0xcd/0x630
[ 1268.973137][T27475]  ? __virt_addr_valid+0x81/0x610
[ 1268.973164][T27475]  ? __phys_addr+0xe8/0x180
[ 1268.973188][T27475]  ? sysfs_remove_file_ns+0x63/0x70
[ 1268.973207][T27475]  kasan_report+0xe0/0x110
[ 1268.973232][T27475]  ? sysfs_remove_file_ns+0x63/0x70
[ 1268.973256][T27475]  sysfs_remove_file_ns+0x63/0x70
[ 1268.973276][T27475]  driver_remove_file+0x4a/0x60
[ 1268.973307][T27475]  bus_remove_driver+0x224/0x2c0
[ 1268.973334][T27475]  driver_unregister+0x76/0xb0
[ 1268.973354][T27475]  comedi_device_detach_locked+0x12c/0xa50
[ 1268.973381][T27475]  comedi_device_detach+0x67/0xb0
[ 1268.973400][T27475]  comedi_device_attach+0x43d/0x900
[ 1268.973424][T27475]  do_devconfig_ioctl+0x1b1/0x710
[ 1268.973448][T27475]  ? __mutex_lock+0x1c5/0x1060
[ 1268.973468][T27475]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1268.973491][T27475]  ? kasan_save_stack+0x42/0x60
[ 1268.973504][T27475]  ? kasan_save_stack+0x33/0x60
[ 1268.973518][T27475]  ? kasan_save_track+0x14/0x30
[ 1268.973534][T27475]  ? __kasan_save_free_info+0x3b/0x60
[ 1268.973546][T27475]  ? __kasan_slab_free+0x5f/0x80
[ 1268.973560][T27475]  ? kfree+0x2b8/0x6d0
[ 1268.973569][T27475]  ? tomoyo_path_number_perm+0x470/0x580
[ 1268.973587][T27475]  ? security_file_ioctl_compat+0x9b/0x240
[ 1268.973599][T27475]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1268.973613][T27475]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1268.973628][T27475]  ? kasan_quarantine_put+0x10a/0x240
[ 1268.973641][T27475]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1268.973654][T27475]  ? find_held_lock+0x2b/0x80
[ 1268.973667][T27475]  ? tomoyo_path_number_perm+0x295/0x580
[ 1268.973686][T27475]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1268.973703][T27475]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1268.973721][T27475]  comedi_compat_ioctl+0x1d0/0x990
[ 1268.973735][T27475]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1268.973747][T27475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1268.973759][T27475]  ? do_vfs_ioctl+0x128/0x14f0
[ 1268.973776][T27475]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1268.973797][T27475]  ? find_held_lock+0x2b/0x80
[ 1268.973814][T27475]  ? hook_file_ioctl_common+0x145/0x410
[ 1268.973832][T27475]  ? __fget_files+0x20e/0x3c0
[ 1268.973851][T27475]  ? __ia32_compat_sys_openat+0x90/0x210
[ 1268.973871][T27475]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1268.973887][T27475]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1268.973905][T27475]  __do_fast_syscall_32+0x7c/0x300
[ 1268.973919][T27475]  do_fast_syscall_32+0x32/0x80
[ 1268.973932][T27475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1268.974264][T27475] RIP: 0023:0xf707e579
[ 1268.974281][T27475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1268.974296][T27475] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1268.974310][T27475] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[ 1268.974318][T27475] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[ 1268.974327][T27475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1268.974335][T27475] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1268.974343][T27475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1268.974357][T27475]  </TASK>
[ 1268.974362][T27475] 
[ 1269.088528][T27475] Allocated by task 26787:
[ 1269.089954][T27475]  kasan_save_stack+0x33/0x60
[ 1269.091461][T27475]  kasan_save_track+0x14/0x30
[ 1269.092970][T27475]  __kasan_kmalloc+0xaa/0xb0
[ 1269.094463][T27475]  bus_add_driver+0x92/0x690
[ 1269.095976][T27475]  driver_register+0x15c/0x4b0
[ 1269.097521][T27475]  c6xdigio_attach+0xa3/0x4b0
[ 1269.099029][T27475]  comedi_device_attach+0x3b3/0x900
[ 1269.100687][T27475]  do_devconfig_ioctl+0x1b1/0x710
[ 1269.102297][T27475]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1269.104005][T27475]  comedi_compat_ioctl+0x1d0/0x990
[ 1269.105679][T27475]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1269.107406][T27475]  __do_fast_syscall_32+0x7c/0x300
[ 1269.109048][T27475]  do_fast_syscall_32+0x32/0x80
[ 1269.110586][T27475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1269.112571][T27475] 
[ 1269.113355][T27475] Freed by task 27095:
[ 1269.114639][T27475]  kasan_save_stack+0x33/0x60
[ 1269.116198][T27475]  kasan_save_track+0x14/0x30
[ 1269.117701][T27475]  __kasan_save_free_info+0x3b/0x60
[ 1269.119337][T27475]  __kasan_slab_free+0x5f/0x80
[ 1269.120968][T27475]  kfree+0x2b8/0x6d0
[ 1269.122234][T27475]  kobject_put+0x1e7/0x5a0
[ 1269.123740][T27475]  bus_remove_driver+0x16e/0x2c0
[ 1269.125569][T27475]  driver_unregister+0x76/0xb0
[ 1269.127168][T27475]  comedi_device_detach_locked+0x12c/0xa50
[ 1269.129207][T27475]  do_devconfig_ioctl+0x555/0x710
[ 1269.130970][T27475]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1269.132814][T27475]  comedi_compat_ioctl+0x1d0/0x990
[ 1269.134469][T27475]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1269.136180][T27475]  __do_fast_syscall_32+0x7c/0x300
[ 1269.137816][T27475]  do_fast_syscall_32+0x32/0x80
[ 1269.139360][T27475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1269.141340][T27475] 
[ 1269.142106][T27475] The buggy address belongs to the object at ffff8880486c6600
[ 1269.142106][T27475]  which belongs to the cache kmalloc-256 of size 256
[ 1269.146934][T27475] The buggy address is located 48 bytes inside of
[ 1269.146934][T27475]  freed 256-byte region [ffff8880486c6600, ffff8880486c6700)
[ 1269.151138][T27475] 
[ 1269.151907][T27475] The buggy address belongs to the physical page:
[ 1269.153922][T27475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880486c6000 pfn:0x486c6
[ 1269.157055][T27475] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1269.159692][T27475] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[ 1269.162428][T27475] page_type: f5(slab)
[ 1269.163858][T27475] raw: 04fff00000000240 ffff88801b042b40 ffffea00017c2090 ffffea00017d1b90
[ 1269.166867][T27475] raw: ffff8880486c6000 000000000010000a 00000000f5000000 0000000000000000
[ 1269.169576][T27475] head: 04fff00000000240 ffff88801b042b40 ffffea00017c2090 ffffea00017d1b90
[ 1269.172276][T27475] head: ffff8880486c6000 000000000010000a 00000000f5000000 0000000000000000
[ 1269.174982][T27475] head: 04fff00000000001 ffffea000121b181 00000000ffffffff 00000000ffffffff
[ 1269.177698][T27475] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1269.180500][T27475] page dumped because: kasan: bad access detected
[ 1269.182827][T27475] page_owner tracks the page as allocated
[ 1269.184866][T27475] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 21171972278, free_ts 0
[ 1269.191303][T27475]  post_alloc_hook+0x1c0/0x230
[ 1269.192909][T27475]  get_page_from_freelist+0x10a3/0x3a30
[ 1269.194653][T27475]  __alloc_frozen_pages_noprof+0x25f/0x2470
[ 1269.196523][T27475]  alloc_pages_mpol+0x1fb/0x550
[ 1269.198063][T27475]  new_slab+0x24a/0x360
[ 1269.199376][T27475]  ___slab_alloc+0xdc4/0x1ae0
[ 1269.200860][T27475]  __slab_alloc.constprop.0+0x63/0x110
[ 1269.202562][T27475]  __kmalloc_node_track_caller_noprof+0x4db/0x8a0
[ 1269.204559][T27475]  krealloc_node_align_noprof+0x1b6/0x470
[ 1269.206405][T27475]  add_sysfs_param+0xde/0xa10
[ 1269.207894][T27475]  param_sysfs_builtin_init+0x307/0x4c0
[ 1269.209666][T27475]  do_one_initcall+0x120/0x6e0
[ 1269.211190][T27475]  kernel_init_freeable+0x5c2/0x910
[ 1269.212806][T27475]  kernel_init+0x1c/0x2b0
[ 1269.214332][T27475]  ret_from_fork+0x56a/0x730
[ 1269.215826][T27475]  ret_from_fork_asm+0x1a/0x30
[ 1269.217362][T27475] page_owner free stack trace missing
[ 1269.219155][T27475] 
[ 1269.219940][T27475] Memory state around the buggy address:
[ 1269.221656][T27475]  ffff8880486c6500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1269.224521][T27475]  ffff8880486c6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1269.227371][T27475] >ffff8880486c6600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1269.229930][T27475]                                      ^
[ 1269.231681][T27475]  ffff8880486c6680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1269.234186][T27475]  ffff8880486c6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1269.236685][T27475] ==================================================================
[ 1269.258282][T27475] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1269.260746][T27475] CPU: 1 UID: 0 PID: 27475 Comm: syz.1.5727 Not tainted syzkaller #0 PREEMPT(full) 
[ 1269.264078][T27475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1269.267460][T27475] Call Trace:
[ 1269.268545][T27475]  <TASK>
[ 1269.269525][T27475]  dump_stack_lvl+0x3d/0x1f0
[ 1269.271016][T27475]  vpanic+0x640/0x6f0
[ 1269.272323][T27475]  panic+0xca/0xd0
[ 1269.273613][T27475]  ? __pfx_panic+0x10/0x10
[ 1269.275208][T27475]  ? sysfs_remove_file_ns+0x63/0x70
[ 1269.277158][T27475]  ? preempt_schedule_common+0x44/0xc0
[ 1269.279163][T27475]  ? preempt_schedule_thunk+0x16/0x30
[ 1269.280962][T27475]  check_panic_on_warn+0xab/0xb0
[ 1269.282538][T27475]  end_report+0x107/0x170
[ 1269.283899][T27475]  kasan_report+0xee/0x110
[ 1269.285350][T27475]  ? sysfs_remove_file_ns+0x63/0x70
[ 1269.286909][T27475]  sysfs_remove_file_ns+0x63/0x70
[ 1269.288517][T27475]  driver_remove_file+0x4a/0x60
[ 1269.290136][T27475]  bus_remove_driver+0x224/0x2c0
[ 1269.291617][T27475]  driver_unregister+0x76/0xb0
[ 1269.293446][T27475]  comedi_device_detach_locked+0x12c/0xa50
[ 1269.295432][T27475]  comedi_device_detach+0x67/0xb0
[ 1269.297348][T27475]  comedi_device_attach+0x43d/0x900
[ 1269.299207][T27475]  do_devconfig_ioctl+0x1b1/0x710
[ 1269.300976][T27475]  ? __mutex_lock+0x1c5/0x1060
[ 1269.302509][T27475]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1269.304176][T27475]  ? kasan_save_stack+0x42/0x60
[ 1269.305839][T27475]  ? kasan_save_stack+0x33/0x60
[ 1269.307416][T27475]  ? kasan_save_track+0x14/0x30
[ 1269.309134][T27475]  ? __kasan_save_free_info+0x3b/0x60
[ 1269.310985][T27475]  ? __kasan_slab_free+0x5f/0x80
[ 1269.312707][T27475]  ? kfree+0x2b8/0x6d0
[ 1269.314152][T27475]  ? tomoyo_path_number_perm+0x470/0x580
[ 1269.315991][T27475]  ? security_file_ioctl_compat+0x9b/0x240
[ 1269.317873][T27475]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1269.319622][T27475]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1269.321539][T27475]  ? kasan_quarantine_put+0x10a/0x240
[ 1269.323347][T27475]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1269.325158][T27475]  ? find_held_lock+0x2b/0x80
[ 1269.326710][T27475]  ? tomoyo_path_number_perm+0x295/0x580
[ 1269.328555][T27475]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1269.330293][T27475]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1269.332088][T27475]  comedi_compat_ioctl+0x1d0/0x990
[ 1269.333602][T27475]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1269.335314][T27475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1269.337155][T27475]  ? do_vfs_ioctl+0x128/0x14f0
[ 1269.338639][T27475]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1269.340190][T27475]  ? find_held_lock+0x2b/0x80
[ 1269.341626][T27475]  ? hook_file_ioctl_common+0x145/0x410
[ 1269.343512][T27475]  ? __fget_files+0x20e/0x3c0
[ 1269.345390][T27475]  ? __ia32_compat_sys_openat+0x90/0x210
[ 1269.347542][T27475]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1269.349486][T27475]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1269.351195][T27475]  __do_fast_syscall_32+0x7c/0x300
[ 1269.352857][T27475]  do_fast_syscall_32+0x32/0x80
[ 1269.354410][T27475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1269.356406][T27475] RIP: 0023:0xf707e579
[ 1269.357700][T27475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1269.364251][T27475] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1269.367243][T27475] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[ 1269.369667][T27475] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[ 1269.372069][T27475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1269.374448][T27475] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1269.376951][T27475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1269.379421][T27475]  </TASK>
[ 1269.381129][T27475] Kernel Offset: disabled
[ 1269.382600][T27475] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:22:59  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000002 RBX=0000000000000000 RCX=ffffffff81f5ed99 RDX=ffff888012ba0000
RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc90003ade968
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000004 R13=ffffea0001d177c0 R14=0000000000000001 R15=ffff8880404c10c8
RIP=ffffffff81ba8c9c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097c6f000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032423ffc CR3=000000004e019000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85207e15 RDI=ffffffff9ab61060 RBP=ffffffff9ab61020 RSP=ffffc90003b0f178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3430383838666666
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9ab61020 R15=ffffffff85207db0
RIP=ffffffff85207e3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097d6f000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5425cc0 CR3=000000006d12c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000010 RCX=0000000000000030 RDX=1ffff9200071be67
RSI=ffffffff84a7cbaf RDI=0000000000000007 RBP=ffffc900038df330 RSP=ffffc900038df1a0
R8 =0000000000000007 R9 =0000000000000040 R10=0000000000000030 R11=0000000000000000
R12=000000000000ffff R13=ffffc900038df310 R14=ffff8880722f6369 R15=000000000000079f
RIP=ffffffff84a7cbf4 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3b6256c300 ffffffff 00c00000
GS =0000 ffff888097e6f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000556284e46000 CR3=000000004ee67000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001668 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 732f7665642f01ff ffffffffffffffe1 0800030e000000eb 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060101de0008000a 88030002000a8403 0204000a80030008 0002080002080006
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0471b60004005289 840800000201c708 00080249e0003062 6c6c756e2f766564
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f01ffffffffffff ffffe70800030280 021080a2c4940800 0100000008060601
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2494000400048080 080000021ffffffe b8080008004ab400 7265636e65757165
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00013e0800000800 0180800800020800 0280020100000208 060c014ed801c080
ZMM25=cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f cfd8c02fcfd8c02f
ZMM26=0687323506873235 0687323506873235 0687323506873235 0687323506873235 0687323506873235 0687323506873235 0687323506873235 0687323506873235
ZMM27=f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae f1bd03aef1bd03ae
ZMM28=000000d0000000cf 000000ce000000cd 000000cc000000cb 000000ca000000c9 000000c8000000c7 000000c6000000c5 000000c4000000c3 000000c2000000c1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4b2900004b290000 4b2900004b290000 4b2900004b290000 4b2900004b290000 4b2900004b290000 4b2900004b290000 4b2900004b290000 4b2900004b290000
info registers vcpu 3

CPU#3
RAX=0000000001a2c7b1 RBX=0000000000000003 RCX=ffffffff8b4e2a59 RDX=0000000000000000
RSI=ffffffff8d8245c1 RDI=ffffffff8bd04640 RBP=ffffed1003765000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056e6655 R10=ffff88802b7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb28000 R14=ffffffff905ff090 R15=0000000000000000
RIP=ffffffff8b4e157f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097f6f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3c7a44 CR3=000000004ef75000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000