last executing test programs:

5.993771409s ago: executing program 2 (id=1091):
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x3631564e, 0x1, 0x6, [{0x0, 0x4}, {0x6, 0x6}, {0x9, 0x3}, {0x9}, {0x0, 0xfffff001}, {0xf747, 0x6}, {0xa4}, {0x4}], 0x40, 0x0, 0x4, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
read$midi(0xffffffffffffffff, &(0x7f0000000000)=""/2, 0x2)
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0,.=/', 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0x0, 0xee01, 0x0)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x29)
r2 = syz_open_procfs(0x0, &(0x7f00000007c0)='map_files\x00')
getdents64(r2, &(0x7f0000001fc0)=""/4086, 0xff6)
socket(0x6, 0x2, 0x1ff)
socket(0x10, 0x803, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = eventfd(0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000380)={r6, 0xfffffffd, 0x2, r6})
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, &(0x7f0000000040))

5.08812312s ago: executing program 2 (id=1094):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x13)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[r0], &(0x7f0000000340)=[{0x4, 0x2, 0x6, 0x8}, {0x0, 0x1, 0xb, 0x8}, {0x5, 0x2, 0xf, 0x2}], 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000006900000000000001000000940fa7c7326ae0366100000007070000b28a4533503319"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
clock_adjtime(0x0, &(0x7f0000000040)={0x37db, 0xf423f, 0xfffffffffffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6})
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000500)={'team0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xac, 0x24, 0xf0b, 0x3f, 0x0, {0x0, 0x0, 0x12, r5, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}]}]}]}}]}, 0xac}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='sys_exit\x00', r7}, 0x10)
exit(0x100000001)

4.006985392s ago: executing program 2 (id=1102):
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$unix(0x1, 0x1, 0x0)
shutdown(r1, 0x6)
sendmsg$kcm(r0, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x80, 0x0}, 0x20040010)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x4}, 0x80, 0x0}, 0x20000000)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x10b, 0x2})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r3, r2, 0x0)
chdir(0x0)
request_key(&(0x7f00000013c0)='big_key\x00', &(0x7f0000001400)={'syz', 0x1}, &(0x7f0000001440)='/\x00', 0xfffffffffffffffe)
add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0x1, 0xfffffffffffffffe)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f00000000c0)={0x8})
copy_file_range(r4, 0x0, r4, 0x0, 0x6, 0x0)
syz_emit_ethernet(0xf87, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60640ca60f510000fc0200000000000000004b9e00000001fe8000000000000000000000000000aa8400000000000000223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d7adfc663f1f9a381b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455896ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71067f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7ccd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6efe921228246792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df740000"], 0x0)
syz_open_dev$vcsu(&(0x7f0000000fc0), 0xff, 0x200000)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x32}, 0x0, @in=@broadcast}}, 0xe4)
r7 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e04004220"], 0x7)
sendmsg$key(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001000)=ANY=[@ANYBLOB="02120000020004080076d00000000068000000"], 0x10}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)

3.95437566s ago: executing program 2 (id=1104):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@private=0xa010100, @in6=@remote}}}, 0x50}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd600a843500140600fe8000000000000000000000000000bbfe8000000000ebff"], 0x0)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000c80))
fcntl$getown(r0, 0x11)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4)
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x5, r6, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_HIDDEN_SSID={0xa, 0x7e, @default_ibss_ssid}, @NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}]}, 0x30}}, 0x0)
write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc)
ioctl$VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000000)={0xb, 0x9, 0x2})
ioctl$VIDIOC_QUERYCTRL(r3, 0xc0445624, &(0x7f00000001c0)={0x0, 0x8, "c27a90f87e8b529151e5d6e23f8ba2572b4a15b2acbe7c0723579f409b54f719", 0xc, 0x7fff, 0x5, 0x6, 0x4})
syz_usb_connect$cdc_ecm(0x0, 0x5b, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x49, 0x1, 0x1, 0x57, 0x60, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@obex={0x5, 0x24, 0x15, 0xa}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x7d7}}], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0xf}}}}}]}}]}}, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="51010000733336088dee1edb23610000000109022d010110000000090407ffecfe03010009cd8d1f0002000000090505020000fcffff09058b1e522a8a66cb2500009c98e613019d20e22b66e68e9f389341d5048445645058d6c7"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r7, 0x0, 0x0)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r9 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000100)={0x0, 0x115000, 0x1})
r10 = openat$cgroup_procs(r9, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r10, r10, 0x0, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
readv(r10, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)
ioctl$EVIOCGMASK(r8, 0x40045b17, 0x0)

2.964537286s ago: executing program 0 (id=1106):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newtaction={0x21c, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x208, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8000002, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0xc, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x178, 0x1c, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffbff, 0x3, 0x3, 0x4, 0x4}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x3eb41399, 0x1, 0x9, 0xfffffffa}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x80000001, 0x2, 0x64, 0x1e3}, 0x1}}]}, {0xea, 0x6, "ad1b0248ad8a4209388b9c61855c422fadefbb58eb24b800cf02fd74b36ef44f34ed419773fdca2552dcfdd194d8f03abba973fb7cade90778a175d30d217879087c0287a740d7e9f1620cf8a3c8b848090060b8f718559203b30d06dab3aa280a92e657df405d9bdade7f24023d116afbe7a31ddb5047d008b3169dbab0dcd638a9017ff0cdfa1205c6d78fa905ea5850777f14b2634f106c074f890bbfe30796e59f01ffbfb84d37946f9ad7f55d945d0c2736288c49b950615f36d38c7d15caabb7223f58ae329a87a751a48c2cb58ae6d89783ff52d722804d1ab0ab80ddd2a04b830eb5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x69afd02e3b7c8b41}}}}]}]}, 0x21c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x256e8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000700)=ANY=[@ANYBLOB="01000000052a19e7c4010000"])
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000480)={{0x1, 0x1, 0x18, r2, {0x1, 0x6}}, './file0\x00'})
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000006000)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}]}, &(0x7f0000005ec0)=0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x20c001, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b00fffffffffffff000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}, 0x1, 0x0, 0x0, 0x90}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$alg(0x26, 0x5, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2.635984478s ago: executing program 1 (id=1108):
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1e, 0xfffffffd, 0x4, 0x37e, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x80, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="10000000040000000800000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r6}, &(0x7f00000008c0), &(0x7f0000000900)=r5}, 0x20)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
syz_80211_inject_frame(0x0, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(0xffffffffffffffff, 0x80006)
r9 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2/custom1\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r8, 0xc0345641, &(0x7f0000000100)={0x4, "456f29335da7747a8e57bdae7695b24ce81600", 0x2, 0x1})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xb0000, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x10001)

2.185362076s ago: executing program 3 (id=1112):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
ioctl$TIOCNXCL(r1, 0x540d)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x48441, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec72007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa749c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068210ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b220e3e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb08000000a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8852a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7124d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856f83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f350d000033cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15f91dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa00002ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f399e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f950e3b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa120800c329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0xfe1d, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000006380)="701199d551c7a23efa6715b9ac18e0bfb23bcddd782f8a2f72dfb32e53aa5e90d00de2424c090a1feb4901c0d3eb1e78204d20882b54a4479caed1799ddf38d7632d9f968b49c26447240df7c1de6833167e238e3db76f849029c7113550b7302935144e22aeacce6724fcf8bd178b3c6133a1abe3a2ed39fea22e8d7d6ac94bd0125996623fc30509eca49ea5fd9e424e4a0e3fa7404b95de01f10e055074195a532b5fcec17b8476b8f77b18f6a186952170e19a61fefbe05e0600b23794035bbb92c0758f9a3843304e9e0829d441cee8b2e578e68d72c632042c86dbd49d0fcec1c09fc97df05a1b3371e4568b1a9fe4d57caa6a05b564c539de33e19dc9f54db1916fc151173cf60c936775135cc98e8aea07e5a76b1088d13139be7fb7416b4ccd5568a4bdf1739abfbab258f7983d1f86d215e40924a8cb6c02394737f138cc09b7b726f80058392b3c177a71f7e17a9f8ba3e982d5615cee4f6d6b378e3b3c1671c41eededcf2c6793185d39531248867d06fe251d4d1a817ecfd5452457587e7162a05014cec1a00654508df2472ecfef5c56063add2ff26de0a9adc53bbd8f6ae14e4a8ed4ac5a32a142aad10a30d954efc229157d51be3d2c60752f9ec02c4abfc9787c21223ed599f67f88e7b9ea804151d07a33856d86ce2e5b6a5ffe313cd5802f0bb61676cfe0574fb3a592e10bf97db01bad6212bc34faf2930d366f22f3cfab7d076e9c9bc0d410732f5cab978829f77c997a2d345f0c7cee6096d9a1cb62083383c4e5d96682a64305b329f2215bbf6ed57bec1cdd4b8181bf85030347b30b16b1814d3de1f8c29f682e9896ef272b61da1976569a42ea8391b7cc672de1e4e9eb1a09062f2d1e725c19b545fbf491cca1fd7f12f2a92e47365594908825ea6f1f0dee6c9c47f59245e084d215a93dffe6485f803e2cb4ba92deba19b1c19e2b47d4f0d1d514c02ce9c9fa46da66de7356e6e2aae9d16cdfe559538701bd294e12750fd6c968c1a9d049a3ce37f8c71baaafa0a89ee5c691e17e1c2943475bbd1ed22a6b24107ca5799ea571886b5e30fdc51cc643f9b1a3de0461a2877df468122b7b085ebb901404eed1d120efaf09830720d430c32fcc06efd13a32c16d27cb37835709a0da65a1460ec02f3d283a38b04bc1ad03917504c653f37011b6dba2466043a7f8ea65563b306e09fc18d04f8fb42fdbabed1051f99e5ae80663216d6d18eb6af60b780d7bbeb10e98f26cba1d54c886e66e8abf296e1eeab9e5046761b8326ae9416b66bc27aa75914a923a8b0f27b4d4382d5f4e973bf80da99538118476fab0249535326a5e033397ff8836245e3d0ca2fb68003bbe65c754ae9fbd7afb0823257e286cd6598626da766993f4dfab0e8d19024ebb066f880d96dd4bb5f5f92bd80ec0b16d797f4a8138ed113f0b14d2d6b763080987bfd2f933dd58f7bd08edcbbcd4b7595064b19371bad169a768d3ea2ed53139909a996bd12cc2ddbacaaf4b1786f06f138c033ba1ac39be5185640a3a64d282e4405e49df51af7f2b18fdb63608e5d24d70202d653db403953e9a8cf89cc65d233eb47a1f3eec2b7503ec1e1c6dfc912784df83fc9c9aa177f7e7e46c0ee71d891317cc7530a0f6ba4a2d2a743ee91c9079aa28ba80547d957dec6b00f16ac06f5d80a8fc1388c9f11f7674a05cf8e58763246f84aeae681fb9e434b54c01999840e71d831a923c538b5b7fff151e4536b2f794f5ac1fd06ca4366a5cd3bcfd5f7f7096fa8457ff9026a1a1d3f98620d0b0ac87f3de3ccbf421ade66aed7aca1e3a1e75c80ddde2151fd4fec0815d4fe4ed9e455019c003e18e74cdb015273f5a0d8e00a6e7caa73210297cbb7779ff708962b51580cd6a7b9f91412d95a219b25ae8c05973d7a4e362020a84d909430a4f9e8f47a56d75c225caa1953b698759cb64893f91b9bc6150ceae91e76e987e12edbefd275fc15b3932b8250c3f37c4e8f1074f341ff1ab17d24c85b21da74cc73c5105267b62a4bddca32e3a92dc8da22f85ca01e097258e6851c13c22d8c96b7551f88bc8b7a59c0c87c59afa52cd8ec645dcf1c69ad215c55d42310ab3a8303253d8a06e5ac33afae53e28843c30ef98fcfb5664513a56e5a2d018fb6672f0ca03d086947eb3655fcf012191c219de5a41c00563b3c5a545431b9d57d8cd52d11dfdff313c1f22c2d067c0bd1cb5ac414ce40d93bb0b04b4f3f51dec81c581e8056939dba953419e427e09327f6ff996f9926135c264a7789f01de021b99fddb21ad6ab3e2b8b539ba6d8de29002dc48d26d9f9d2a7db0f086754d94b9ec0b5fd64310fa6125343bfc83c220fe33187dbfeabf04198b0b854a3e157b52c4c72392b488f2707710220db0573401e8ab101ca2b4a5a77ba27413ab130cdf4cadcf94c37f0576d6bf1a60ee889945167de59590e4b73dbb91bb29f5c22b21d6ad11c2e177933e92b9fa316c2a4e94c7bffda883789728a5f0646e23284514b5da18537d4fd4facf26c1e6943ad86ac4f399c6165950859d2adaff2bf90619253d4ddef06e6d836caad9fb8f1d36ef18b46f54378f3b85c87ba1c1e68606f3cfac4037f903de005f426e10c7b21b4b013517e289c0396cd0f4e3713c052a032f1b808ad8ce2c29e3118de28c7ba92155b772a42f8b4dc9018db4f93ccbdcc77da12298eb2da27eb9f27da19b9d8ceec67b0b05bd0db82d714eb1f674fcc2918795cd933fb72a80b91c4cb2e0e12f2eadad887c068b2cd5d27a1aa6e6ba9b3f50873a58c1102968cd45440a4f159b66aab1360f257d3b66c6a46dab475c201858043ce3bcf0a51276ee49e03534faf00ac8b460f701693e55640680e38ad29b5b041002ceffdb3ce6829492a8b504d2b7e460e2545ee7f98837788323b613a2d63a459152df11f522aab29f9a264cd4a7ec832acfb709409931081c2c9ad0de204a0848f5a5eaffbfc261e0ea6ac237e367a83b8d5d55185745e53f29c3198d3ccb38e8691d3eecd12fc3e493cec844e1895d408f3b81f2ce2955a980e454777427d470a361c86debc45e1cbaf9e79173bfee06a67fe8ad826ee673bf881e5170af80753e98b70b6f10913000a77c318a1e8f5ff5757a8e2731bc4e91e2fdc82b88ce36e7ba6ee58b0c348833c94b9d1c9959a8f75f3ba718beccb957e3cf887109877a1f20de619b02a0f06e685b5430d6c327a3c00a311efb3888f6b187bfb82d5a69e8e971e04e7771b7d8188bba466c21b3b674a756df5a953fa6b5955180877923615ad4bdb8a397670cbdfc2a20bccfd575091ccc86ded3a762c6482381b8ae65a163f59bfa946374467b2f989d1df38cc18dce90f0243084082f7f7711fbba258b6258243f192c7979022ddd81d5914f41b9a3dc17ac2fefde99e7ee822e684eaffdbfee9da824e5c6b6d46c2ce47b0c00dfe690e88d8544a2c1edb63eb3f6e70a848048f0f17ead25dad31f8787910935770587ff5281ce362baaab4d0aa8672e219e5ea0b51448ca3a04537f9d2cfdc234836f72400670531090c93f3e3245d59addf49a965f6856e4d295037d0f4588d74e4fb04df915ed30f9e3e9fd6a03dfcd40c34e6bae186925df346c40aa60f414bf445a691e58727457dc4181c4e2c4e0dc749b2365e455421b4002b7969fa09dc09a61254edfc32dd5552f5c9f8bc61b1c93bbd0be09db5db652eb3519a6660aa14a00001446ff19178a9cae20c18b9cc9b41284b7d93a0d02365c71de0f83725be05bb89d4f308da40418c666e42e53afc686c94cc9162a6d8fda06583705b83d5820a5c451809795f4b7342c70b2eadfa652496d6faf65f8d11ee6ef8445609dd78dd530a7703e6710eabf6ffb277364d7b7c337159dfe6f8c35ab4b37a3b0146d87f55f942d1eb1787a540ed05e8aa26e34d15dc06a3ba103882d45d8c4be48606280091ef07535424583f24dde3fe3bd60427df9bc69618401795c5f78595c68f50aba3ffb66ed0abc3a77921a62f94a508ff15121bd1174759a2abc41ff88f53268dcbcc824cb8c4a8a31b6c07eff5c9d0216bc471f81052bf284424cd04d3b8ff358b5ba631c6e80469e018fd8ebf0c272b7ed5f8ad35ef7bd62d73533f2a80fa8c45e8ed05e82bed5954069582f1483f31fa90c2cb7c5c0e79cdced4a2035a45a71ae8f5e4eef47896bfa9bfa5337ec831a0bcdaf303312abc0edfd807acfca83ce769f2edd09ccd90c7ae69d84ddf1b94faaaa9e1ce9e57c0fb1b4cb507c83e6b316af85ecf1ba9ef9fa35629eb115acdb254b018bde5df5610eb0451a8afbb916ff8157f1dfb67e154f5d44063851e12e2ff8c494bccad68d27c5e3c7e310e211b3256615ae8faae08a8117b7fd1d0a53847a00b96da8e93839c69ed26c8b56004561b18651b2a7e0ff561ff3228b92d033a09bbacf0a59d0ba8e0eceafa9961804ed41026b0396f663108c949ba63d0cc1da999789af2aa693164e1c465ae1ca2a61b76615dfbca026b812a78dcc748d19a0aa106139547536de2af3913ad2d2e3d7e182e6225f7362f709dedb0663644d0c46b13924602fd2043c45543801ca1924e43acde2336c4c89c7348d53825d0983a165397babe990ec427de0968e087f374ea235b04c603d046391d646cfb0c9411c14c7f713d5feb372babf56dafe5bbde0f64312896613f98feb6dd46929c565792910c6a6025aaffb1c930e82899e6e60d47f7c3ad1b49b2aba7ea648f7aeb294f24a5adae2833b95843ef37c9f80a32b7933c2b6ba96c4690d063ee8176a8003b50f7ef780a4be9f7f56a395b0c0a8d6ddff53fca6aef971cb2ff12790d46d4ec604e460f56ebc6cf489a5607d0828c7a454c326bcc1f610996dd54c33ece7732bdbb00979e2254007daf5a91a553d6c365aeb6b0b35b5dd869094518f1a0358e7add9a6a2bf3245446dcf5e181eb029b4317fc362beaaf02d08c6f0ef29a4f843318b440aa27f7b70433518e0ebd9e123230f11eb53e81c5601d3b63815acee14621d4d284e8825993631b77e40288f0c5c50630e71f907aaa64271e6cb0aee1409eed3766393745eb6f0a2dfc8f34283f5e9d320e9f734d80d4d5d2c333d8b4ab9fc8beb8680eba63d65595ea6349f86ade853d517e5d94699ebcea2eb822e0ad62923c56adcdef309c054e899c272e36c8e9347dde9c4d7d138d1c4a9843d93a8d6e0246c91c154dc1102dbb53b82fd55aec4eb778574691294f9e4f709e1354d3dfc5f8360c97d24c4d691959e6ec4dd839009cf021962936cc6dcd1f0f83b41b3bb259a43848c3027ac557c5c05c4ea44d009b24cc6e0ebabdb20f2b847b2635c2657790dc73688e9911a50e10a0d23ee2b6bc2b427093cb7c2318195e9425d788547c97ddbad91d4a69910f62ed536c290af20586600a09995048a86d9c930bd7f3513ad3e5be2a70c8a0bb045bbf63c5b1f002bc701b2384dab626a587cffa1d3640d2b75146f9c56dd6382dfc0fa055dc9f0ea11c2ec0d1622a0c349667ec1be528889a0989d74e92960cc79721c5f8f36bef9c74cc772ea194d12eb82a91291edf6d90658e553c170330a59bd10e2a895c0964c40fb2408b18d4a2ecd57309048260c0ab35c8f347987238215f704f89323ec6dd0bb0cdc401298537d43d40334c76e817006281d8785a8cef78e3d5a6a1f0c0fb37d57b880c2cb220aa84a3a3ec61e4150864c28e448ba5d9b768a19e84d8aa6350cd41c7d02c40ce6bd2d670e9103bc01ffe5e8186fedcc432ec883bafca6046c42e264c19c68dedcafdc6450e2659dd4cffeb2b4b4b33b0b48f4203ee003db4622d396362e03f376463a47fe9e7c9b0b36ca193984448e7b8b108c264d298277e825d56b8a529642dd472eab52158448f4a38b564a2fcfa5b6e1cf2f4b8f3446db0e5ab5344ee08360efd6f2ca32587e3d6a52b30c8f96e16c7d327ae52bb213a54380f5adbe5412b99cce2e15ab3c8aa65583afe52cd1dcb5ab05a82dff53a39e2a311ffcb62d583e1ac9626f02e076900ff47503847bbf0cd71be11e8c4053a8d7edc70cc33c76cd6f62c6fce060ebc580326ebc44c878b86d35b1c43a8854e57f311fed2aefaad972e99d481607cbf9e266b11b7089ea694d363710aa664f6ec5c2ba0868290ef7eaed1dfe81333493ee37e01ea22dc01e7fe6179da945887fab1fa46cfb669f686f4b994ca739632fb3ede7173910166572a60ab3c685d7c3f9fc9acf6e86ebf3105856a328d7134b8ebee562b828cc046ef74e04b91624e289a816dd24f800633617e2dd89ea17eee89965657909d6c0bc0fd71d92330bb78a15b41d650b95833fe140a65b4021b0fc21e4778d7e4e181765bf19276e2997bc7823722f934f9d74fd8d32ce98f118885492eb762849b8cd51875c374ea8e97b284288ef0725d29dc512ba24e42ca76a4721d165804c587605225c48215c10cd31c0b9ea1220a849b55bbecfeee5e319f9b8426f3fe7aed1050d89b6e6c2d8d623784a6feecdbe6d82fea6921a6c788b4d4763d75fb84b51540c290d34b18c4c6ffaac41acd5135bbeac35defaccd4a78f685fc997dc2981589923f3dc45384c31efac241fce43cc80370d6fc784bdac116c889cb1b5b477cb55fda89519f6af505b4e4195d7a969bfdab4a18de523943d5cca183041f48375f7e6b9d00cea851ec86959ef501007baae53b99d6ad5d0c49af8abe197a610652e6928d228468668ab370ecf5c9646c3b8d59d6f62cd2312c25241d54a316da4481c66147300723d88e0cbf989398fc01bb9b4b58b123b2e35d11ed174a30517aa3e6d388a70275ff5df25783ae827a41acd99d3c7b1937c17ed8ac6c8cbadf2e35b11738d0f1439f56f6fc87e027733740f6a2c77d2cc4b26fdc52efaa4da4ea08aece5c2436552590a9f4d2d28ad1750ed8af9f931beba2b3f75b96542480c83e7be32e04b05c77d934f74704f121ea0b02bbed6279efd4c60360e891b7a0391e174be354a7f671ad4b1aaa89fa195c9d631dc29082d906efe7b09b6578f805c83fa2a0d914239aa5831b798b1401dc19f1f1d00c0d86d3601797055c2b7126d74d8916164d26b94087f96d5a8fe660957413c1eb7056bcb645fdad4cb8d95c771ebc152ec753aefe74b413880495082d2077d035b99d8a301eaa1b9454966deadedbf6c1627ef4b9bddb454b48445bd057e8ee887910bd7825e7490514ee6bd423cc36b8329b6ef4680d9643cc83b24b1f4038b1564a6256c98b9814b53ff90ac5e1215f2fa0ed31604eb00986aed09c46f198d2c8b8623be8beca6a32dcf74990ee709c7637f7315519561aff8a4ca52d5a315f944be09edd23722415520a85696ed96ac4b1747bb4e04ccf79e79aa23fce036c197c7caf1346af6faf3aebfd60be2687577273dafab511c11153bb63b7ec6ffb520ab9874ef0de11909da41b57c65554cf1c71a5a2148b32142ee20dc3b5d4e0d763ff331ba344b4c745364b1ed5b32ce0861b90cf937833d8a674a68ffd0e4e629d20508178d36bcf641363ba21468887a6141fcf13ab2c1fff7b9974b58953ddbc1e8f77c755a641ab3afe6d8a7d56eef3d42e552bb0ad71406bb5ab29f918e96ec09301bcb0bd2e111588bc66803fe53ec87f06521f3100c6fb84461ea24512130e0f2e8798e05af152b76fdfa89b48c80664936c5d4cd48479d0e6cd6989c447a6cfedc19610fa1db00dcc563b32a333a2e79b550399a75ca2f12830ec063f772140dea49a8a7453e049609bf239c13f1d26a3f6192a412449c49d005132730a267b2691094651e9823746e5e11047c9e3ee8e8605df437aa8a6c74528df44a3e275068ab642e25d3d0949b71a8ce749013a5dc62d3ede13d29958e16635f5f765f3515b08e13bee6eb44920c62271fd32b36c0af3e77d9b8e05659a3d540f6b063bb6c46fc69d36d6b9228acbc68a870ca678e511e58cb230af022f65fdadabaa1a2c02786986ddb77a61c048b07c986d45472544b542263e35f09c9c39cd6f6ed71921f673c77ea1da604ce004b416ccbbea73c2d134b6d1baa05e5811bc06303c4bdc71623b3058adad2d75ac15233c1edd74156294ac68df4df507817d158a6c632369c8d9905768e249901ba72cb8819f9ebe113954f0373b096ecaf2337b05d56e605bf7487ddab30d9cc76a6a4b8b847cbc08c0ae8ebf918845855c3868b111f0ba1b214e001215a0bffd80b91fa765435a202a7d0f7cc74d23240953f82470fd25dc79ba0143477f78cda879c260a8632c1a44e7422690a91c183d3b8481a44a1c948511a6d5dbcaeefc608100a840320683f58f349a7f077b933a79ba1849cd99e92ab30d5f74b54c4673c94c79bd944651000b744767701eab5d9ce8eebe1a9104295599f867471523efe18f3dfac45e06734318268ff9a0bdc0d2963483301a147c6fa53f352da5471580349567fc89f2b296f603c796366f0ae5c64ddb8e213373aa251535ce34ecb0358490be82647a8fc524ad77849ea22eb52be709287f19128c1c6006e394b78308980e7232bb34d0711964981c97511f113a295d1a8da62680bc5b05ccbae8b8ff2ff416159a5177c44f284301a6ef74a1f9fe5bffddde841ab67008b986f463168a9c2a9a2766f0b38eae4398b1ebc7dee4e8f1b1a98df3d72e990c71c963e2111a1307aa19501f2dc87e1b049a33a052f61732f674e8e132888e51998452ec3bb417de76fc680d0d5c5630eafb423dd9cc9dd4c685723f7ebfbd783d9290a8904044f9b2021eafa76aff82949b149ef61d36025a8aeb4d4a0c3ab15bb02b44cd891f199525a6c6bd1ea75e9b1b52e2cfaa50a7d06600c07a1b0ea46624b968117b0d7310437369b1e025a1d208025c2f1cadb2a4f62be931af84ea679952c8fb71165adbf9b3cfe436bcbe6ef540bdc334e3dae3a4e675392ec6821dc8bc844b3017ad628d22528f500a500d5e280e436b93278fee63f1cf2d2171e31d5e0c3d33998d0a1107237451f17977747927de2c6ffa8af62eaf6e9e41bbe0602c56136a7965adca7a3c8286b011420725ac4ad22c13b1c53aae1f3fde1ecaf22aeccffa6b5a8d269f65e0af4fcb74cd9db6d4603515044366220e50a3d5a9a8a3bbf04a7500f0d0ca69819540669455cfcc3d11f49f16468730568d36ba7190fb959fae6d6808ee806a81e47b423ceefa950ed5c2eca38e5069c40c936caae18f1c3f3957f4ee21660c44b188d7e2bba44fe056e92804247cc8f3aa476cb705f7e3db5d076200bb797ef1682f8e8b255a256f3ff45674e0761365237bea63b61ac0f258ace064d6577d6b4ce66cb88cc3924a990ba5dea5f0dc77a495d884fa0e6d92d41a158c0a7e39166ca4a600954c1338144cb20c2323933fd468d50e3f0781cfdc9e92a5cfd6afc8c3265e43317f4d903cb793f353f0fae8dd8c8cdc3ab024cc4ef841ae133d0eed3782dfc5ba76dce6be566b385baaba1c50b809526920a441708adf3c6b3429a0bc943c97956072a0e93c36aa8ed491881a91c2300837e0e64019aea87655b4f8c4983b54a5315e9ba6d163ecf1cfb2f3003614c68fdb265916b439d91b8b5db62a4d7e57ed1f68d8cd0e1e8a6060d4bc0229b67a8364449035509b3a12c41433f33cdbf7db94ee01015f61fcfbf8b37b3c198b3eb66a17ae8e49997c1ba723221c8206f5b6a8da6b42f07d4665a6c19ec320f6b36b743bbd580c2bf9420fa2bc9d4667e087563d8a3086cf1bb7e3afd8ab570c3f535e37844e6f18bbbfe317d9fc92c7da5eeccab6a3b772479c451fce9f554426ffc5ca7da7da2a1115a6705af33d99db0448f3805f66883002050c2c0eb975fd13c6a410704b607c4f8f2f0c0dca3f7ddb90fec0a17b15c55b1aa2b7e26884acb3fb83dd1a4ee9f114cb6718483be3c955a482b30253db73e31464f4d6e3633d8f920158f7016e8a8c67b06232dbbad25446af968e3bb87d4f3d99ae59fff716fba91fa35dce0eff54c9e26a0c78ce1c4a4f915694c466e1c1431a916abdae7cf371248c7e7968407d668aa7f67e466a295b78fd716afd27cc757b2fb5892cf874d2d813c347eeaeac71fb8317ab13b267ab6492a6800050661b035cf40a0d6dd87b218a9192978a8526e5080829e2219988bd6788a4d40921c3584b45d7068de52fef2363941c589f19b05ca4fc0dc0ea821053895da8c011f21e14e0cbb293e961dbd7aa74f282ae4b2b78c0a4ba0b3926feb85d324783afe2bf0364e2d86e855d50cb6f3420d59c0ae365ee40bbb61c018bb094be423de21fb444a4c5082e897a70d1ab53f1eeb0e1f1ac87a6a91da46c88bfaf5249ba253674111a3c2e23f3088810215d6823b168de464296979c877e49f8df84789dd3f6520d0bdea8c6442b25e170336cdd37764bef39a60253be421cdb5dd2566a1020598ade0b44d6455fa48fb1ab3408a32a3b957d33e11a07edbba511e1c24f1f813dfdbcde259716ac3ba9f331ba23147a4ef689dff1e8f2c68c32e9f38f938348a211218368988bb1373bb12210ffb044f574cd5cdcbd26cf9b3223e0da820f60a8838dabbf7945264f685fb546fadfb4aebb6b48ac49ea16fc0c6e6990ba665e23d6cfdce41d6970bb4d2775ee0776b7bcbb963cbd375b50140482d17bbd1aabc982bb2267ab8bd67f339abecf67d4626aa7723e900c778d0ad038238403f3bd0df055fda3ccd4487d090b0fde8939444281eb59ba09b4e1d9298b3712c34e5420c0bec7335b880b5b6447b9759d593b0e9a38ffa7fe6ad6ee38354bb74fe1ac7b12c29cd391f5bfab13ecbc6ce2c1d0829c6698ed992ce4f622bb6a1883363cc89595644adcb32781096320d12718f1fb3a667aea6fd6a802c06e5a137b763f1bb9a4385cf55a2742faac4243fcfa0de0988f77fd91e404bea896be49ed752b74bafdfa4541900ed35e7a129f86f3faf3c02e915e1724b9c8e5e86005ad05d311a2b568b674c50ba18daef5f415e15b663bf0a1fe7d9626e843e20b7f1fcadef2f2929ccaa2573a7377989f3a1ac6cb087e7ec8f3523d9c3a0891438ed159e2874b6334c2797e4354a5553ab6325f2f25dea51008ece3d300da3b42937e6bf857b764c3b84f5715bd386dbc1cbece21ca0f016a8d5f5d13cbe02289e767ad1d7fb35f412e3178eba8999c373a6831e358f2c97bba880e7e7f4a763676821935e1acd884ccd0a1a5051770239dc9fc14731b3c2cf0d25b0d10509ddbbeb51d6aff07190f313e8b0c997303db375ae1b21e456fb69c0b477702a0dd02ac542d5398cea3c44e32f188846043dac6ed07b0c0e1eeef045d3f5ba3f5404c51af1821f8a0a1042874c36053bc27a2932a1754c9ab82b741a93b413e8b712e99776e836c97cf693a8a2edd52996602fb2f54c043c04f6f59f161e26ca7587321398b7f4e861a2e4238888d0499bdd83e5e95f8ade2941f7eac907a4fc31ee5e52c8072f5e5bb993d625daf202850294a0a2628b3ede421fb039f7b1a3019e969376a97a4853179061935cc5756aee1e1bbda07b4f1e1ff5d95be73cbe0cd104b3e253fe3bee06d389ec07b777a4a44c", 0x2000, &(0x7f00000003c0)={&(0x7f00000002c0)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x28, 0x0, 0x20040}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
accept4$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
preadv(r5, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/205, 0xcd}], 0x1, 0x9f, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r6, 0xc02c5638, &(0x7f0000000440))
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRESDEC=r5], 0xa)
socket$l2tp6(0xa, 0x2, 0x73)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xaa2c5000)

2.026018249s ago: executing program 0 (id=1113):
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x82602, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)='wg1\x00')
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = syz_io_uring_setup(0x117, &(0x7f0000000100), &(0x7f0000000280)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

1.886000819s ago: executing program 1 (id=1114):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xd, 0x4008032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
syz_open_dev$sndmidi(&(0x7f00000000c0), 0x8000, 0x214000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/keys\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, 0x0, &(0x7f0000000740)=0xfffffffffffffede)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f00000005c0)={0x0, 0x7e38, 0x8}, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1\x00', <r5=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="003fd9da7375892ec981d3b4e753e2bfa229ee6f276f6526bc6c4a44ab93408a658d63961083b30b253451d010d7189fe31ca28e343ac8a1b6845714d09bac21c2f901f2b4fe8c35ed156dc50306a3b8fcf3e37972ee9c1da3ea42e98873c36a3c3e8f9136359870424aeed231069c0d3a2c6ba9bb1d85856cd4a1e5f1aa0f7fc89393fa4f834183b8f73e2951017d7a6663e947185bf06f4a539b78", @ANYRES16=r7, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000001c0)=<r8=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000240)=<r9=>0x0)
sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002bbd7000ffdbdf25150000000a0014807665743100000008000100fb2ff1ed7c4c35d9938078d0d2894b3d655f034b5f1f67690beb363c29f5e3387736016014f0b7c602c4f0ff", @ANYRES32=r8, @ANYBLOB="27001400628a1f0dfff7488070851283836d5fb1df8e309ccef774748823bca22d23f6c8012f400008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x4000011}, 0x81)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001e7006d6163766c616e003c0002800850a20dcd0000001c0005800a000400aaaaaaaaaabb000002000400d8928afb70280000080003000300000018000400aa", @ANYRES32=r5], 0x74}}, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(0xffffffffffffffff, 0x7ac, &(0x7f0000000980)={0x0, 0x418})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000180)={{@host, 0x9}, @hyper, 0x5, 0x4, 0x140000000000000, 0x3, 0x9})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))

1.725318458s ago: executing program 1 (id=1115):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000100)='./bus\x00', 0x100)
mount(&(0x7f0000000340)=@filename='\x00', &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='ecryptfs\x00', 0x0, &(0x7f0000000040)='&@,,')
socket$kcm(0x11, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x20064084)
r3 = add_key$fscrypt_v1(0x0, &(0x7f00000006c0)={'fscrypt:', @desc1}, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000300)='keyring\x00', 0x0, &(0x7f00000005c0), 0x0, r3)
socket$netlink(0x10, 0x3, 0x4)
memfd_create(0x0, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x4e62, &(0x7f0000000380)={0x0, 0xf3b1, 0x10100, 0x0, 0x276}, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet(0xa, 0x801, 0x84)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="180200000000ff0100000000000000008500000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
connect$inet(r6, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r8 = accept4(r6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r8, 0x84, 0xb, &(0x7f0000000040)={0x6, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xe)
recvmmsg(r8, &(0x7f0000004300), 0x3a4, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))

1.386232682s ago: executing program 1 (id=1116):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="28000000010401010000000000000300000000000a0002000000000000000000050001"], 0x28}}, 0x0)

1.385766352s ago: executing program 1 (id=1117):
socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0xca300, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000680)='./bus\x00', 0x0)
mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x1d, &(0x7f0000000100)=0x2, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x2000000, 0x0, 0x0, 0x0, 0x54}, 0x9c)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f0000000000))
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r5, &(0x7f0000000040)={0x27, 0x0, 0xfffffffd, 0x3, 0xd, 0x7, "ee6a05d39c5140232022ee38badfefbd1cdd17f6acffdd659a7b94ff49a387e464f90cdd620105f70e18dabfae8538da19870bbe90ee9a9bbc78e3d0f506bb", 0x32}, 0x60)

1.286024607s ago: executing program 3 (id=1118):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0700050000000000", @ANYRES32], 0x20)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "901c551265406c7f306003d816e8bd000000001800", [0x8]}})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000640)={0x2, 0x2, @local}, 0x10)
r3 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x4202, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000080), 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d071288111"], 0x2c}}, 0x0)
sendmmsg(r2, &(0x7f00000087c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x1)
getpid()

1.23591969s ago: executing program 3 (id=1119):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="02030002130000002cbd7000fedbdf2505001a00fc0100000000ff800000000000000001000000000000000000000000040000001d00140005000600000000000a004e2400000002fe8400000000000000000000000000000000000000000000020001000000000000f408000000000005000500000000000a"], 0x98}, 0x1, 0x7}, 0x0)

1.23551994s ago: executing program 3 (id=1120):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0xffffffffffffffda}, 0x18)
r3 = socket$inet6(0xa, 0x6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x19, 0x4, &(0x7f00000008c0)=ANY=[@ANYRES16=0x0], &(0x7f0000000540)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r3, 0x5)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000680)={0xfffffffd, 0x2}, 0x8)
io_uring_setup(0x2c4d, &(0x7f0000000200))
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = socket$netlink(0x10, 0x3, 0xf)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x44000, 0xc100}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="f472616e733d66642c72c653fcffe0", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',\x00'])
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000a80)={{}, {}, [{0x2, 0x4}, {0x2, 0x4}, {0x2, 0x4}, {0x2, 0x2}, {0x2, 0x6}, {0x2, 0x5}, {0x2, 0x4}, {0x2, 0x1}, {0x2, 0x4}, {0x2, 0x5}]}, 0x74, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
sendmsg$SMC_PNETID_FLUSH(r7, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, 0x0, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x14}, 0x10)
socketpair(0x2c, 0x3, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r7)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x68, r9, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_LNS_MODE={0x5}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x3}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast1}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'dvmrp0\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x80)

967.418268ms ago: executing program 3 (id=1121):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x7}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount$tmpfs(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB])
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc04c561a, &(0x7f0000000380)={0x1, "497aa4ec7afa5ae757b46c4184492f8c3de6b2624e208c9905349b9adfc31671", 0x1, 0x9, 0x2, 0x320000, 0x20800, 0x4})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x23d)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r6}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340), &(0x7f00000005c0), 0x9, r5}, 0x38)

949.968289ms ago: executing program 2 (id=1122):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x7}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount$tmpfs(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB])
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc04c561a, &(0x7f0000000380)={0x1, "497aa4ec7afa5ae757b46c4184492f8c3de6b2624e208c9905349b9adfc31671", 0x1, 0x9, 0x2, 0x320000, 0x20800, 0x4})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x23d)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r6}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340), &(0x7f00000005c0), 0x9, r5}, 0x38)

878.072037ms ago: executing program 0 (id=1123):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000700000004"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = openat$iommufd(0xffffff9c, &(0x7f0000000040), 0x500, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r2, 0x3b71, &(0x7f00000000c0)={0x20, 0x3, &(0x7f0000000080)="eb95d470cc9ab321", 0x7, 0xee}) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8) (async)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a800160020000340ff5c141cc11eda4cc1d67f6f94007134cf6edb8000a0a542978ff507a290457f0189b3f3267ce06bbace8017cbed4c2ee50000f409000ed6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cbe026600bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941000000000000000000", 0xd8}], 0x1}, 0x0)
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/237, 0xed)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
lseek(r4, 0x100, 0x3) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1a, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000008d0c0000060000008dcb000020000000", @ANYRES32=r0, @ANYBLOB="05000000000000010000000000000000797473b8d5d1755833dfdec9ae189536b2553d989345c0ea8e7d04d779d88f8337996cd6903469d612ed8064a051b39053b8efca5fcbf7aebcaee12dc66d80f8d8ad34a358b77e73a4e0af3ee9edce192a717404a022e941080faf9676df4993ed0f8226c66041072354751709c0f58ea64ca0f6dd28ba6227df580dbd47740c9ef5a48dd13381a480ca2bd364300da2514396fdd6c13975314121ba5179230369e6b89572385f581cecf5a753d7b8dfa3ec785a1ceada20790872f6d38380495e746b91191088f209957df889e33f0b549fa77d2acb067871bd03d252e9a7a2d479a45d844c91321e7f54bf50d122729216fb72ee4ce17d81a43c8d9b80b1289a86d77d9bfbb309629d6cc12f45ed7bc0a7df25b3727296079d110afa70a7909ec511bd2a4ce2caeefbd8301db76be6aae04daae10d7518b246c86fb4590da67ab4f744b5952c58f9a1e24c63d2b1eafa851759b0ca91e0c36b25a842137285b62ed73b7f6db978a0690a2c95df2c3f0beb798c9042c798aad61c822b2425233fb7402acc32ba4c40e49df9e2441952353aadaa5e6c22185a58", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000050010000100"/28], 0x50)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@map=r6, 0x5, 0x0, 0x1, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000140), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)}, 0x40) (async)
open(&(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0/file0\x00', 0x80000, 0x85)

877.616187ms ago: executing program 0 (id=1124):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0xffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x50, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e], [0x88000001, 0x0, 0x4, 0x2, 0x0, 0x0, 0xdc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0xd, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfc2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$uinput_user_dev(r1, &(0x7f0000001340)={'syz1\x00', {0x5, 0xb, 0x1, 0x6}, 0x1d, [0x800, 0x3, 0xdf4, 0xfffffffe, 0xff, 0x9, 0x9, 0x7, 0x100, 0x7, 0xf0, 0x6, 0x7fffffff, 0x85, 0x1, 0x9, 0xee20, 0x1, 0x10000, 0x0, 0x3, 0x1, 0x297, 0x1, 0x48, 0x400, 0x5, 0x3, 0x7fffffff, 0x3, 0x0, 0xffffff73, 0x80000, 0x5, 0x7, 0x9, 0xe000000, 0xf, 0x12, 0x101, 0xffffffff, 0x2, 0x4, 0x1e, 0x4, 0xcda, 0x101, 0x6, 0x7fff, 0x2f000000, 0x2, 0x1, 0xc, 0xffffffc0, 0x2, 0x5, 0xade8, 0xec, 0x4fa, 0xff, 0x5, 0x81, 0xfffffeff, 0x3], [0x3, 0x4, 0xb, 0x88b, 0x8001, 0x80, 0x854, 0x7, 0x55, 0x8, 0x68, 0xf, 0x7f, 0x3, 0x2, 0x0, 0x1, 0xd, 0x4, 0xa, 0x8000, 0x7f, 0x4, 0xe84, 0xfffffff8, 0x4, 0x200000, 0xa, 0x94, 0x0, 0xfee7, 0x0, 0xf, 0x2, 0x6aaa, 0x847, 0x3, 0xffffffff, 0x5, 0xa40, 0x8, 0x600000, 0x0, 0x8, 0x0, 0x8000, 0x2f, 0xef, 0x2, 0x89, 0x2, 0xfffffff8, 0x7, 0x5, 0x3, 0x7, 0x0, 0xd, 0x3, 0x6, 0xa, 0x401, 0x2, 0x1], [0x3, 0xd4, 0x8, 0x2, 0x7fff, 0x7, 0xf, 0xfff, 0x0, 0xfffffbff, 0x1ff, 0x7, 0x1000, 0x4, 0x7, 0x1, 0x1, 0x500, 0x22d, 0x7a6, 0x8, 0x6, 0x1, 0xc415, 0x4, 0x1ff, 0x0, 0x6, 0xfff, 0x3, 0x4, 0xff, 0xfffffff0, 0x9, 0x0, 0x400, 0xd, 0x8, 0x7, 0x5, 0x1, 0xfffffffd, 0x6, 0x4, 0x2, 0xb62, 0x4, 0x2, 0xe26c, 0x81, 0x80, 0x7, 0x73f0, 0x9, 0x2, 0x1, 0xae8, 0xffffffff, 0x7fff, 0x7, 0x81, 0x4a4, 0xfffffff8, 0x8], [0xfedc, 0xfe4, 0x7, 0xc3ba, 0x3, 0xffff6aca, 0x7, 0x2, 0x7ff, 0x1, 0x180000, 0x0, 0x0, 0x8, 0x54, 0x0, 0x0, 0x3, 0x4, 0x2, 0x859, 0x400, 0x8, 0x6d09ab3d, 0x800000, 0x8000, 0x8001, 0x23f, 0x2, 0xfffffffa, 0x6, 0xfffffffb, 0x8bf9, 0x80, 0x10000, 0x8, 0x6, 0x7, 0xffff, 0x6, 0x7, 0x10000, 0x10, 0x0, 0xfffffff8, 0xfc, 0x4, 0x0, 0x2, 0x80000000, 0x8, 0x55, 0x400, 0x0, 0x6, 0x936d, 0x86, 0x0, 0x1, 0x9, 0xfffff000, 0x4, 0x6, 0x6]}, 0x45c)

736.496067ms ago: executing program 0 (id=1125):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0xd7, 0x61, 0x10, 0x54}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

734.104289ms ago: executing program 0 (id=1126):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0xe}, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe4)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0xfffffffc}, {}, {0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
r5 = dup(r4)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc0010140}]})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setregid(0x0, 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000380)=""/231, 0xe7)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

413.687376ms ago: executing program 1 (id=1127):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0xfffffffffffffffe, 0x400000})
ioprio_set$uid(0x3, 0x0, 0x0)
io_uring_enter(r0, 0x54, 0x0, 0x0, 0x0, 0x0)
r3 = openat$ndctl0(0xffffff9c, &(0x7f0000000000), 0x404000, 0x0)
r4 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000240), 0x4422c2, 0x0)
ioctl$I2C_TIMEOUT(r4, 0x702, 0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
rseq(&(0x7f0000000000), 0x62, 0x0, 0x0)
unshare(0x8000000)
mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg0\x00', <r5=>0x0})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000200)={0x24, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00032300000023035d95b5db2617b4c56db3094885239e187f30232fb4711d740fabfa519a43621ba8"], 0x0, 0x0}, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$BLKPG(r6, 0x1269, &(0x7f00000000c0)={0x1, 0x0, 0xffffffffffffff43, &(0x7f0000000000)={0x0, 0x200, 0x801000e}})
r7 = socket$rds(0x15, 0x5, 0x0)
r8 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f00000003c0)={0x60, 0x0, &(0x7f00000cf000/0x3000)=nil, &(0x7f00003c0000/0x4000)=nil, 0x0, &(0x7f00000001c0)=[{}], 0x1, 0x3})
bind$rds(r7, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
syz_usb_connect$cdc_ncm(0x6, 0x0, 0x0, &(0x7f00000000c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x7, 0x2, 0x5, 0x28, 0x1}, 0x5, &(0x7f0000000300)={0x5, 0xf, 0x5}, 0x1, [{0x0, 0x0}]})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000440)={<r9=>0x0, 0xd1, "045098cb071fea62bd831911772c543a581cdf02b4c4d4a6465fbcd4704716952f25415306e150cc9cadb332a6781757de156fe5adbdfeecc0de8fb902aeddcae249e6f9fa8d69958e1ce53c9a2dab7233679291f70f6ffda4a1f3f4f8a967bfc919420bb92fba6099a7d100bb4c35a252901570a80a92138199faf74f058e7bcbc6a3161367919420a59dc37af35661a7c7deef031c38350d3a7afc92e7cc2e8386f3ce2cc80339d62c27ce1b1e89881bcc125c58949d57d5f28de2dd49904c6c670b9b52714711610f83bf2eef72d016"}, &(0x7f00000002c0)=0xd9)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000340)={0xa776, 0x10004, 0x3, 0x4c47, r9}, &(0x7f0000000540)=0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
openat$sysctl(0xffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r10, 0x541b, 0x0)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xcb, &(0x7f0000000140)={0x1, 0x0, 0x7, r5, 0xf}, 0xc)

100.892136ms ago: executing program 3 (id=1128):
sched_setattr(0x0, &(0x7f0000000140)={0x82}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x6, <r4=>0x0}, 0x8)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x5, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0xd70}, [@map_idx_val={0x18, 0x7, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x101}]}, &(0x7f0000000500)='syzkaller\x00', 0xfffffff8, 0x4c, &(0x7f0000000540)=""/76, 0x40f00, 0x45, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x6, 0x3350, 0xfffffffe}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000640)=[{0x5, 0x1, 0xf, 0x3}, {0x2, 0x4, 0xd, 0x4}, {0x1, 0x2, 0x7, 0x37c33193f537f891}, {0x0, 0x5, 0x8}, {0x0, 0x2, 0x3}], 0x10, 0x1, @void, @value}, 0x94)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000b00))
r8 = dup(r7)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000000)={0x1, r8})
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000010000003013270500"/31], 0x50)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0900000004000000080000000f00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000380e000000fb46ca4e90c039ec2c3316c8fbb3814539140885d15387f86d38b708fe78003ddd5949ff096f29ab14427e24fb26e5b5ad70bc982099bdfcff0109fb7f747ba579c73d298e8bb83537793ab9577441e5530d33b48848cd3a0450b0e448fb8a7c40d1c053b8a6cc4d391687211d95afb9d57964ad16b64ed4173f5e8be56b5669dc07ff31186353c4dc9a6f4ed926ccef3c92298e4b00c0997f02c54975cb5360ebd341", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYRESOCT=r4, @ANYRESHEX=r10, @ANYRES8=r10, @ANYRESOCT=r11, @ANYRESHEX=r9, @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x2, 0x18, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0xe7, &(0x7f0000000340)=""/231, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x2, 0x6, 0x100, 0x5}, 0x10, r4, r5, 0x6, &(0x7f0000000880)=[r8, r9, r10, r12], &(0x7f00000008c0)=[{0x5, 0x1, 0x1, 0x5}, {0x3, 0x3, 0x1, 0x5}, {0x0, 0x1, 0x6, 0x9}, {0x5, 0x4, 0x6, 0x1}, {0x4, 0x2, 0x1, 0xa}, {0x4, 0x3, 0xb, 0x6}], 0x10, 0x80, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r13 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r13, 0x400455c8, 0x20000000009)
ioctl$TCGETS2(r13, 0x800455c9, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b00010000030009040000"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=1129):
socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000400)="3dcdd2a9d7452fe36b940b4f67c9b9280dbf860aa42adec6fdee5b4d6b2d7d588e56d8ec3dacf314c7892d5ffc04b6c9e0227a232499115ef10e4d54a858cb5a9ffe555cd48b2e38fbd5c3e1565c47adb1965b4765b2d0dfc4816bc3011f6195b3efc401203f5d0f656c702281a323ea7fe41b2d9b34a19bdc986dac27c56a336eb57f5bfcf8ca9372", 0x89}, {&(0x7f00000004c0)="d9982c006ddf753170c73b1a1275b12d329ebbd4971a49e78fa46c52bd5a33415c53bb8b64b93e6958c19777ef4db4cb9aeb7648e28fe4bdd75a6379734f9fdc8a219dca042917290472069b044df085fe7a34b2573ffdc15743ecefd21f63eac38a6083e7fcc86bd6d1722b7b625eab39ff53741140bc", 0x77}, {0x0}, {0x0}], 0x10000000000002be}, 0x0, 0x1})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x5, &(0x7f0000000200)=0xe2) (async, rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) (async)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000000c0)='source', &(0x7f00000001c0)='source', 0x0) (async)
r6 = gettid() (async, rerun: 32)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) (rerun: 32)
readv(r5, &(0x7f0000000100)=[{&(0x7f00000012c0)=""/141, 0x8d}], 0x1) (async)
tkill(r6, 0xb)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
getpid() (async, rerun: 64)
sched_setscheduler(r6, 0x1, &(0x7f0000000240)=0x5) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10010, r1, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) (async)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000540), 0x200080, &(0x7f0000000a00)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@access_any}], [{@fowner_eq}, {@fowner_eq}, {@euid_lt}, {@subj_type={'subj_type', 0x3d, 'c:::\x00'}}, {@obj_type={'obj_type', 0x3d, '\'@:]'}}, {@euid_lt}, {@smackfsroot={'smackfsroot', 0x3d, '\\-@\xbb[['}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x37, 0x0, 0x64, 0x39, 0x39, 0x30, 0x62], 0x2d, [0x33, 0x30, 0x35, 0x39], 0x2d, [0x36, 0x0, 0x30, 0x30], 0x2d, [0x37, 0x33, 0x32, 0x32], 0x2d, [0x62, 0x36, 0x61, 0x61, 0x30, 0x30, 0x65, 0x65]}}}, {@subj_user={'subj_user', 0x3d, 'asymmetric\x00'}}]}})
r9 = add_key$keyring(&(0x7f0000000080), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e30800200000002d190c937dc6914243b0402d6dcb7154fe6727ae888746b024ee670a5882a0ad79716584e5704b7f62edac751478af9c62f000000000000", 0x40, r9)

kernel console output (not intermixed with test programs):

x10
[  162.055423][ T8430]  __do_fast_syscall_32+0x73/0x120
[  162.057193][ T8430]  do_fast_syscall_32+0x32/0x80
[  162.058931][ T8430]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.061146][ T8430] RIP: 0023:0xf7f82579
[  162.062717][ T8430] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.069344][ T8430] RSP: 002b:00000000f510657c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  162.072240][ T8430] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000047f9
[  162.074967][ T8430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  162.077668][ T8430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.080383][ T8430] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.083100][ T8430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.086000][ T8430]  </TASK>
[  162.248619][ T5943] Bluetooth: hci0: command 0x0406 tx timeout
[  162.285395][ T8421] lo speed is unknown, defaulting to 1000
[  162.307591][ T6005] libceph: connect (1)[c::]:6789 error -101
[  162.311392][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  162.369284][ T8438] ceph: No mds server is up or the cluster is laggy
[  162.656804][ T8453] netlink: 'syz.3.650': attribute type 16 has an invalid length.
[  162.679354][ T8453] usb 2-1: USB disconnect, device number 2
[  162.710233][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  162.712043][ T5943] Bluetooth: hci1: command 0x0406 tx timeout
[  162.791420][ T5949] Bluetooth: hci3: command 0x0419 tx timeout
[  163.116305][ T8459] hub 2-0:1.0: USB hub found
[  163.122908][ T8459] hub 2-0:1.0: 6 ports detected
[  163.367041][ T8470] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  163.634797][ T2217] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  163.783793][ T8486] netlink: 28 bytes leftover after parsing attributes in process `syz.1.664'.
[  163.786164][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.664'.
[  163.896275][ T2217] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  163.899674][ T2217] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  163.901798][ T2217] usb 2-1: Product: QEMU USB Tablet
[  163.903653][ T2217] usb 2-1: Manufacturer: QEMU
[  163.905027][ T2217] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  163.927151][ T2217] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input12
[  163.996488][ T2217] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  164.116837][ T6005] e1000 0000:00:06.0 eth0: Reset adapter
[  164.247115][ T2217] libceph: connect (1)[c::]:6789 error -101
[  164.248874][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  164.283118][ T5949] Bluetooth: hci0: command 0x0406 tx timeout
[  164.337602][ T2217] libceph: connect (1)[c::]:6789 error -101
[  164.339201][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  164.341463][ T2217] libceph: connect (1)[c::]:6789 error -101
[  164.343223][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  164.501255][ T2217] libceph: connect (1)[c::]:6789 error -101
[  164.502700][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  164.610320][ T2217] libceph: connect (1)[c::]:6789 error -101
[  164.611874][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  164.651492][ T8529] netlink: 'syz.3.670': attribute type 1 has an invalid length.
[  164.680645][ T8529] 8021q: adding VLAN 0 to HW filter on device bond2
[  164.688150][ T8529] bond2: (slave gretap1): making interface the new active one
[  164.690718][ T8529] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  164.750143][ T8535] netlink: 64 bytes leftover after parsing attributes in process `syz.3.672'.
[  164.752479][ T8535] netlink: 60 bytes leftover after parsing attributes in process `syz.3.672'.
[  164.755818][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  164.757480][ T5949] Bluetooth: hci1: command 0x0406 tx timeout
[  164.824319][  T833] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  164.834346][ T5949] Bluetooth: hci3: command 0x0419 tx timeout
[  164.976187][ T8499] ceph: No mds server is up or the cluster is laggy
[  164.983447][  T833] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  164.986332][  T833] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  164.989293][  T833] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  164.997086][  T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.006106][ T8523] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  165.016656][  T833] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  165.051041][ T2217] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  165.108917][ T8505] ceph: No mds server is up or the cluster is laggy
[  165.111623][ T5985] libceph: connect (1)[c::]:6789 error -101
[  165.113101][ T5985] libceph: mon0 (1)[c::]:6789 connect error
[  165.221592][ T2217] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  165.228393][ T2217] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  165.230579][ T2217] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.232484][ T2217] usb 8-1: Product: syz
[  165.233547][ T2217] usb 8-1: Manufacturer: syz
[  165.235314][ T2217] usb 8-1: SerialNumber: syz
[  165.239464][ T5985] usb 6-1: USB disconnect, device number 18
[  165.253652][ T8536] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  165.455386][ T8536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.457922][ T8536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.464102][   T39] audit: type=1326 audit(166.176:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8534 comm="syz.3.672" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f42579 code=0x0
[  166.332875][   T30] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  167.715669][ T2217] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  167.724898][ T2217] usb 8-1: USB disconnect, device number 11
[  180.473159][  T833] IPVS: starting estimator thread 0...
[  180.479357][ T8563] netlink: 36 bytes leftover after parsing attributes in process `syz.3.677'.
[  180.481914][ T8563] netlink: 16 bytes leftover after parsing attributes in process `syz.3.677'.
[  180.484890][ T8563] netlink: 36 bytes leftover after parsing attributes in process `syz.3.677'.
[  180.488218][ T8563] netlink: 36 bytes leftover after parsing attributes in process `syz.3.677'.
[  180.568735][ T8564] IPVS: using max 37 ests per chain, 88800 per kthread
[  180.636541][   T30] libceph: connect (1)[c::]:6789 error -101
[  180.638569][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  180.679778][ T6005] libceph: connect (1)[c::]:6789 error -101
[  180.681646][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  180.927287][   T30] libceph: connect (1)[c::]:6789 error -101
[  180.929513][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  180.933588][ T6005] libceph: connect (1)[c::]:6789 error -101
[  180.935270][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  181.145500][ T8584] netlink: 168 bytes leftover after parsing attributes in process `syz.3.679'.
[  181.185104][ T8584] loop9: detected capacity change from 0 to 6
[  181.198032][ T8584] Dev loop9: unable to read RDB block 6
[  181.204550][ T8584]  loop9: unable to read partition table
[  181.211282][ T8584] loop9: partition table beyond EOD, truncated
[  181.216686][ T8584] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  181.216686][ T8584] 
) failed (rc=-5)
[  181.411156][ T8566] ceph: No mds server is up or the cluster is laggy
[  181.440799][ T1015] libceph: connect (1)[c::]:6789 error -101
[  181.442446][ T1015] libceph: mon0 (1)[c::]:6789 connect error
[  181.467175][ T8565] ceph: No mds server is up or the cluster is laggy
[  181.723084][ T8589] ptrace attach of "/syz-executor exec"[5940] was attempted by "/syz-executor exec"[8589]
[  181.942619][  T833] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  182.208910][ T8595] syz.1.682: attempt to access beyond end of device
[  182.208910][ T8595] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  182.213264][ T8595] syz.1.682: attempt to access beyond end of device
[  182.213264][ T8595] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  182.217552][ T8595] Mount JFS Failure: -5
[  182.283148][ T8597] lo speed is unknown, defaulting to 1000
[  182.380628][ T5984] libceph: connect (1)[c::]:6789 error -101
[  182.382269][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  182.415509][ T8597] block nbd0: server does not support multiple connections per device.
[  182.418418][ T8597] block nbd0: NBD_DISCONNECT
[  182.420299][ T8597] block nbd0: Disconnected due to user request.
[  182.422063][ T8597] block nbd0: shutting down sockets
[  182.726401][ T5984] libceph: connect (1)[c::]:6789 error -101
[  182.728454][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  182.873016][ T8618] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'.
[  183.230974][ T5984] libceph: connect (1)[c::]:6789 error -101
[  183.240152][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  183.768341][ T8604] ceph: No mds server is up or the cluster is laggy
[  183.839672][ T8640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'.
[  183.842111][ T8640] netlink: 16 bytes leftover after parsing attributes in process `syz.1.693'.
[  183.844484][ T8640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'.
[  183.847074][ T8640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'.
[  183.931845][   T39] audit: type=1326 audit(184.813:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  183.954015][   T39] audit: type=1326 audit(184.813:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  183.959615][   T39] audit: type=1326 audit(184.813:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf744e579 code=0x7ffc0000
[  183.964973][   T39] audit: type=1326 audit(184.813:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.014926][   T39] audit: type=1326 audit(184.813:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.021616][   T39] audit: type=1326 audit(184.813:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.027345][   T39] audit: type=1326 audit(184.843:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.034090][   T39] audit: type=1326 audit(184.843:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.042810][   T39] audit: type=1326 audit(184.843:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.050338][   T39] audit: type=1326 audit(184.843:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.0.692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  184.289558][ T5985] libceph: connect (1)[c::]:6789 error -101
[  184.290512][ T8657] ptrace attach of "/syz-executor exec"[5950] was attempted by "/syz-executor exec"[8657]
[  184.291526][ T5985] libceph: mon0 (1)[c::]:6789 connect error
[  184.568178][ T5985] libceph: connect (1)[c::]:6789 error -101
[  184.581574][ T5985] libceph: mon0 (1)[c::]:6789 connect error
[  185.123598][ T5985] libceph: connect (1)[c::]:6789 error -101
[  185.236036][ T5985] libceph: mon0 (1)[c::]:6789 connect error
[  185.441050][ T8652] ceph: No mds server is up or the cluster is laggy
[  185.476783][ T8674] fuse: Unknown parameter 'user_i00000000000000000000'
[  185.756147][ T8682] FAULT_INJECTION: forcing a failure.
[  185.756147][ T8682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.764655][ T8682] CPU: 3 UID: 0 PID: 8682 Comm: syz.2.701 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  185.768413][ T8682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.771278][ T8682] Call Trace:
[  185.772184][ T8682]  <TASK>
[  185.772988][ T8682]  dump_stack_lvl+0x16c/0x1f0
[  185.774188][ T8682]  should_fail_ex+0x497/0x5b0
[  185.775410][ T8682]  _copy_to_user+0x32/0xd0
[  185.776614][ T8682]  generic_map_lookup_batch+0x70e/0xb90
[  185.778086][ T8682]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  185.779872][ T8682]  ? __fget_files+0x206/0x3a0
[  185.781577][ T8682]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  185.783756][ T8682]  bpf_map_do_batch+0x483/0x640
[  185.785471][ T8682]  __sys_bpf+0x55a2/0x57a0
[  185.787100][ T8682]  ? __pfx_lock_release+0x10/0x10
[  185.788627][ T8682]  ? __pfx___sys_bpf+0x10/0x10
[  185.790162][ T8682]  ? vfs_write+0x306/0x1150
[  185.791364][ T8682]  ? __mutex_unlock_slowpath+0x164/0x690
[  185.792815][ T8682]  ? fput+0x67/0x440
[  185.793863][ T8682]  ? ksys_write+0x1ba/0x250
[  185.795040][ T8682]  ? __pfx_ksys_write+0x10/0x10
[  185.796311][ T8682]  __ia32_sys_bpf+0x76/0xe0
[  185.797518][ T8682]  __do_fast_syscall_32+0x73/0x120
[  185.798856][ T8682]  do_fast_syscall_32+0x32/0x80
[  185.800466][ T8682]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.802741][ T8682] RIP: 0023:0xf7f82579
[  185.804213][ T8682] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.809533][ T8682] RSP: 002b:00000000f510657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  185.812447][ T8682] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200003c0
[  185.815429][ T8682] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  185.818306][ T8682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.821164][ T8682] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  185.824003][ T8682] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.826849][ T8682]  </TASK>
[  186.137138][ T2217] usb 6-1: new low-speed USB device number 19 using dummy_hcd
[  186.391754][ T2217] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  186.394008][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  186.401043][ T2217] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.406049][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  186.409289][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  186.413667][ T2217] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  186.415732][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  186.418749][ T2217] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.421795][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  186.424693][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  186.428529][ T2217] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  186.431021][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  186.434567][ T2217] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.438484][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  186.441600][ T2217] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  186.447093][ T2217] usb 6-1: string descriptor 0 read error: -22
[  186.448784][ T2217] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  186.451163][ T2217] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.457889][ T2217] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  187.208652][ T2217] usb 6-1: USB disconnect, device number 19
[  187.503397][ T8724] FAULT_INJECTION: forcing a failure.
[  187.503397][ T8724] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  187.506817][ T8724] CPU: 0 UID: 0 PID: 8724 Comm: syz.2.710 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  187.509597][ T8724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.512415][ T8724] Call Trace:
[  187.513297][ T8724]  <TASK>
[  187.514075][ T8724]  dump_stack_lvl+0x16c/0x1f0
[  187.515341][ T8724]  should_fail_ex+0x497/0x5b0
[  187.516571][ T8724]  ? fs_reclaim_acquire+0xae/0x150
[  187.517923][ T8724]  should_fail_alloc_page+0xe7/0x130
[  187.519378][ T8724]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  187.520959][ T8724]  ? mark_lock+0xb5/0xc60
[  187.522095][ T8724]  ? __pfx_mark_lock+0x10/0x10
[  187.523364][ T8724]  __alloc_pages_noprof+0x190/0x25b0
[  187.524756][ T8724]  ? __pfx_mark_lock+0x10/0x10
[  187.526029][ T8724]  ? hlock_class+0x4e/0x130
[  187.527241][ T8724]  ? mark_lock+0xb5/0xc60
[  187.528423][ T8724]  ? __pfx_mark_lock+0x10/0x10
[  187.529673][ T8724]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  187.531165][ T8724]  ? hlock_class+0x4e/0x130
[  187.532344][ T8724]  ? mark_lock+0xb5/0xc60
[  187.533483][ T8724]  ? hlock_class+0x4e/0x130
[  187.534686][ T8724]  ? __lock_acquire+0xcc5/0x3c40
[  187.535990][ T8724]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  187.537534][ T8724]  ? policy_nodemask+0xea/0x4e0
[  187.538880][ T8724]  alloc_pages_mpol_noprof+0x2c9/0x610
[  187.540310][ T8724]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  187.541874][ T8724]  ? hlock_class+0x4e/0x130
[  187.543076][ T8724]  folio_alloc_mpol_noprof+0x36/0xd0
[  187.544468][ T8724]  vma_alloc_folio_noprof+0xee/0x1b0
[  187.545895][ T8724]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  187.547445][ T8724]  ? find_held_lock+0x2d/0x110
[  187.548917][ T8724]  do_pte_missing+0x2017/0x3e00
[  187.550732][ T8724]  __handle_mm_fault+0x103c/0x2a40
[  187.552609][ T8724]  ? find_held_lock+0x2d/0x110
[  187.554330][ T8724]  ? __pfx___handle_mm_fault+0x10/0x10
[  187.556282][ T8724]  ? follow_page_pte+0x3c3/0x1b20
[  187.557911][ T8724]  ? __pfx_lock_release+0x10/0x10
[  187.559731][ T8724]  ? follow_page_pte+0x3f7/0x1b20
[  187.561577][ T8724]  handle_mm_fault+0x3fa/0xaa0
[  187.563355][ T8724]  __get_user_pages+0x8d9/0x3b50
[  187.564935][ T8724]  ? __pfx___get_user_pages+0x10/0x10
[  187.566766][ T8724]  ? down_read_killable+0xcc/0x380
[  187.568345][ T8724]  ? __pfx_down_read_killable+0x10/0x10
[  187.570014][ T8724]  ? find_held_lock+0x2d/0x110
[  187.571313][ T8724]  __gup_longterm_locked+0x211/0x1870
[  187.572712][ T8724]  ? __pfx_lock_release+0x10/0x10
[  187.574044][ T8724]  ? trace_lock_acquire+0x14e/0x1f0
[  187.575416][ T8724]  ? __pfx___gup_longterm_locked+0x10/0x10
[  187.576945][ T8724]  ? gup_fast_fallback+0x84c/0x2690
[  187.578390][ T8724]  ? __pfx_lock_release+0x10/0x10
[  187.580239][ T8724]  ? try_get_folio+0x517/0x800
[  187.582145][ T8724]  ? const_folio_flags.constprop.0+0x56/0x150
[  187.584310][ T8724]  ? sanity_check_pinned_pages+0x385/0x11c0
[  187.585863][ T8724]  gup_fast_fallback+0x1802/0x2690
[  187.587238][ T8724]  ? __pfx_gup_fast_fallback+0x10/0x10
[  187.588736][ T8724]  pin_user_pages_fast+0xa8/0x100
[  187.590053][ T8724]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  187.591518][ T8724]  ? __kmalloc_noprof+0x23b/0x4f0
[  187.592914][ T8724]  ? rds_info_getsockopt+0x376/0x4f0
[  187.594317][ T8724]  rds_info_getsockopt+0x39a/0x4f0
[  187.595685][ T8724]  ? __might_fault+0x13b/0x190
[  187.596958][ T8724]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  187.598562][ T8724]  ? trace_lock_acquire+0x14e/0x1f0
[  187.600474][ T8724]  ? lock_acquire+0x2f/0xb0
[  187.602123][ T8724]  ? __might_fault+0xe3/0x190
[  187.603840][ T8724]  ? __might_fault+0xe3/0x190
[  187.605239][ T8724]  rds_getsockopt+0x173/0x2d0
[  187.606534][ T8724]  ? __pfx_rds_getsockopt+0x10/0x10
[  187.608073][ T8724]  do_sock_getsockopt+0x3fe/0x870
[  187.609495][ T8724]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  187.611019][ T8724]  ? lock_acquire+0x2f/0xb0
[  187.612244][ T8724]  ? __fget_files+0x40/0x3a0
[  187.613487][ T8724]  ? __fget_files+0x206/0x3a0
[  187.614795][ T8724]  __sys_getsockopt+0x12f/0x260
[  187.616110][ T8724]  __ia32_sys_getsockopt+0xbc/0x160
[  187.617532][ T8724]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.619173][ T8724]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  187.620902][ T8724]  __do_fast_syscall_32+0x73/0x120
[  187.622274][ T8724]  do_fast_syscall_32+0x32/0x80
[  187.623601][ T8724]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.625291][ T8724] RIP: 0023:0xf7f82579
[  187.626415][ T8724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.631661][ T8724] RSP: 002b:00000000f510657c EFLAGS: 00000292 ORIG_RAX: 000000000000016d
[  187.633940][ T8724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  187.636116][ T8724] RDX: 000000000000271b RSI: 0000000020000580 RDI: 0000000020000000
[  187.638321][ T8724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.640476][ T8724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.642600][ T8724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.644804][ T8724]  </TASK>
[  188.287351][ T8738] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  188.290098][ T8738] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  188.292525][ T8738] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  188.408119][ T6205] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  188.617314][ T6205] usb 6-1: Using ep0 maxpacket: 16
[  188.621237][ T6205] usb 6-1: config 0 has no interfaces?
[  188.624715][ T6205] usb 6-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  188.629332][ T6205] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.631681][ T6205] usb 6-1: Product: syz
[  188.632827][ T6205] usb 6-1: Manufacturer: syz
[  188.634043][ T6205] usb 6-1: SerialNumber: syz
[  188.642138][ T6205] usb 6-1: config 0 descriptor??
[  189.026560][ T8733] input: syz0 as /devices/virtual/input/input14
[  190.662762][ T8777] FAULT_INJECTION: forcing a failure.
[  190.662762][ T8777] name failslab, interval 1, probability 0, space 0, times 0
[  190.666040][ T8777] CPU: 3 UID: 0 PID: 8777 Comm: syz.0.723 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  190.668838][ T8777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.671658][ T8777] Call Trace:
[  190.672553][ T8777]  <TASK>
[  190.673341][ T8777]  dump_stack_lvl+0x16c/0x1f0
[  190.674614][ T8777]  should_fail_ex+0x497/0x5b0
[  190.675866][ T8777]  ? fs_reclaim_acquire+0xae/0x150
[  190.677241][ T8777]  should_failslab+0xc2/0x120
[  190.678518][ T8777]  __kmalloc_cache_noprof+0x68/0x420
[  190.679904][ T8777]  do_check_common+0x25c/0xd540
[  190.681194][ T8777]  ? kasan_quarantine_put+0x10a/0x240
[  190.682611][ T8777]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.683977][ T8777]  ? kfree+0x14f/0x4b0
[  190.685051][ T8777]  ? __pfx_do_check_common+0x10/0x10
[  190.686451][ T8777]  ? kvfree+0x47/0x50
[  190.687570][ T8777]  ? check_cfg+0x403/0x840
[  190.688751][ T8777]  bpf_check+0x77c2/0xc9b0
[  190.689927][ T8777]  ? hlock_class+0x4e/0x130
[  190.689946][ T2217] usb 8-1: new low-speed USB device number 12 using dummy_hcd
[  190.691123][ T8777]  ? __pfx_bpf_check+0x10/0x10
[  190.691144][ T8777]  ? bpf_offload_find_netdev+0x134/0x2d0
[  190.691160][ T8777]  ? find_held_lock+0x2d/0x110
[  190.697693][ T8777]  ? bpf_prog_load+0xd45/0x2670
[  190.699000][ T8777]  ? __pfx_lock_release+0x10/0x10
[  190.700326][ T8777]  ? trace_lock_acquire+0x14e/0x1f0
[  190.701699][ T8777]  ? bpf_prog_load+0xd45/0x2670
[  190.702991][ T8777]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.704367][ T8777]  ? read_tsc+0x9/0x20
[  190.705446][ T8777]  ? ktime_get_with_offset+0x20f/0x3a0
[  190.706922][ T8777]  ? bpf_obj_name_cpy+0x156/0x1b0
[  190.708240][ T8777]  bpf_prog_load+0xe3f/0x2670
[  190.709572][ T8777]  ? __pfx_bpf_prog_load+0x10/0x10
[  190.710951][ T8777]  ? find_held_lock+0x2d/0x110
[  190.712233][ T8777]  ? __might_fault+0x13b/0x190
[  190.713508][ T8777]  ? __might_fault+0xe3/0x190
[  190.714760][ T8777]  __sys_bpf+0x5677/0x57a0
[  190.715938][ T8777]  ? __pfx_lock_release+0x10/0x10
[  190.717279][ T8777]  ? __pfx___sys_bpf+0x10/0x10
[  190.718541][ T8777]  ? vfs_write+0x306/0x1150
[  190.719751][ T8777]  ? __mutex_unlock_slowpath+0x164/0x690
[  190.721232][ T8777]  ? fput+0x67/0x440
[  190.722266][ T8777]  ? ksys_write+0x1ba/0x250
[  190.723482][ T8777]  ? __pfx_ksys_write+0x10/0x10
[  190.724761][ T8777]  __ia32_sys_bpf+0x76/0xe0
[  190.725957][ T8777]  __do_fast_syscall_32+0x73/0x120
[  190.727318][ T8777]  do_fast_syscall_32+0x32/0x80
[  190.728609][ T8777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.730263][ T8777] RIP: 0023:0xf744e579
[  190.731345][ T8777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.736359][ T8777] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  190.738541][ T8777] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  190.740616][ T8777] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  190.742819][ T8777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.744893][ T8777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.746975][ T8777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.749056][ T8777]  </TASK>
[  190.849296][ T5984] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  190.863599][ T2217] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  190.866024][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  190.869021][ T2217] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.872371][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  190.875578][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  190.880391][ T2217] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  190.882717][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  190.885925][ T2217] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.889246][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  190.892474][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  190.896507][ T2217] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  190.898972][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  190.902353][ T2217] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.902441][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  190.902525][ T2217] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  190.929179][ T2217] usb 8-1: string descriptor 0 read error: -22
[  190.929883][ T2217] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  190.929952][ T2217] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.964513][ T2217] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  191.010268][ T5984] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  191.013748][ T5984] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  191.017709][ T5984] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  191.021695][ T5984] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  191.028903][ T5984] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  191.034657][ T5984] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  191.047445][ T5984] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  191.050787][ T5984] usb 7-1: Product: syz
[  191.052309][ T5984] usb 7-1: Manufacturer: syz
[  191.058082][ T5984] cdc_wdm 7-1:1.0: skipping garbage
[  191.060762][ T5984] cdc_wdm 7-1:1.0: skipping garbage
[  191.063383][ T5984] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[  191.065900][ T5984] cdc_wdm 7-1:1.0: Unknown control protocol
[  191.080781][ T6205] usb 6-1: USB disconnect, device number 20
[  191.270714][ T5984] usb 7-1: USB disconnect, device number 8
[  191.404039][ T2217] usb 8-1: USB disconnect, device number 12
[  191.975641][ T2217] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  192.105146][ T2217] usb 5-1: device descriptor read/64, error -71
[  192.129956][ T8793] IPVS: Error connecting to the multicast addr
[  192.133053][ T8793] netlink: 12 bytes leftover after parsing attributes in process `syz.1.729'.
[  192.331814][ T8801] fuse: Unknown parameter 'user_i00000000000000000000'
[  192.344689][ T2217] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  192.473999][ T2217] usb 5-1: device descriptor read/64, error -71
[  192.544616][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  192.593813][ T2217] usb usb5-port1: attempt power cycle
[  192.952590][ T2217] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  192.973074][ T2217] usb 5-1: device descriptor read/8, error -71
[  193.241702][ T2217] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  193.272053][ T2217] usb 5-1: device descriptor read/8, error -71
[  193.487326][ T2217] usb usb5-port1: unable to enumerate USB device
[  194.448842][ T8829] overlayfs: missing 'lowerdir'
[  194.516269][ T8834] binder: 8833:8834 ioctl c080aebe 0 returned -22
[  194.523211][   T39] kauditd_printk_skb: 43 callbacks suppressed
[  194.523222][   T39] audit: type=1800 audit(195.442:160): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.742" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  194.618729][ T8838] tipc: Started in network mode
[  194.620122][ T8838] tipc: Node identity 080211000001, cluster identity 4711
[  194.622326][ T8838] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  194.851200][ T8854] FAULT_INJECTION: forcing a failure.
[  194.851200][ T8854] name failslab, interval 1, probability 0, space 0, times 0
[  194.854633][ T8854] CPU: 2 UID: 0 PID: 8854 Comm: syz.0.748 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  194.857315][ T8854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.860040][ T8854] Call Trace:
[  194.860875][ T8854]  <TASK>
[  194.861612][ T8854]  dump_stack_lvl+0x16c/0x1f0
[  194.862788][ T8854]  should_fail_ex+0x497/0x5b0
[  194.863966][ T8854]  should_failslab+0xc2/0x120
[  194.865205][ T8854]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  194.866572][ T8854]  ? __pfx_lock_release+0x10/0x10
[  194.867826][ T8854]  ? trace_lock_acquire+0x14e/0x1f0
[  194.869080][ T8854]  ? dst_alloc+0x99/0x1a0
[  194.870162][ T8854]  dst_alloc+0x99/0x1a0
[  194.871207][ T8854]  rt_dst_alloc+0x35/0x3a0
[  194.872294][ T8854]  ip_route_output_key_hash_rcu+0x8a5/0x2770
[  194.873806][ T8854]  ip_route_output_key_hash+0x138/0x2e0
[  194.875258][ T8854]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  194.876839][ T8854]  ? trace_lock_acquire+0x14e/0x1f0
[  194.878274][ T8854]  ? inet_addr_type_dev_table+0x3a/0x1d0
[  194.879797][ T8854]  icmp_route_lookup.constprop.0+0xa3f/0x13e0
[  194.881408][ T8854]  ? rt_dst_alloc+0x35/0x3a0
[  194.882617][ T8854]  ? __pfx_icmp_route_lookup.constprop.0+0x10/0x10
[  194.884357][ T8854]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  194.885894][ T8854]  ? rcu_is_watching+0x12/0xc0
[  194.887254][ T8854]  ? trace_lock_acquire+0x14e/0x1f0
[  194.888698][ T8854]  ? __ip_options_echo+0x7bc/0x1140
[  194.890100][ T8854]  __icmp_send+0x8b7/0x1750
[  194.891357][ T8854]  ? __pfx___icmp_send+0x10/0x10
[  194.892673][ T8854]  ? find_held_lock+0x2d/0x110
[  194.893916][ T8854]  ? __ip_options_compile+0x8ad/0x17b0
[  194.895558][ T8854]  ? ip_route_input_noref+0x15e/0x2e0
[  194.897074][ T8854]  ip_options_compile+0xb7/0x100
[  194.898408][ T8854]  ? __pfx_ip_options_compile+0x10/0x10
[  194.899935][ T8854]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  194.901422][ T8854]  ? sock_wfree+0x11c/0x880
[  194.902656][ T8854]  ip_rcv_finish_core.constprop.0+0x6dc/0x2290
[  194.904298][ T8854]  ip_rcv+0x1c0/0x5d0
[  194.905465][ T8854]  ? __pfx_ip_rcv+0x10/0x10
[  194.906686][ T8854]  __netif_receive_skb_one_core+0x199/0x1e0
[  194.908240][ T8854]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  194.909954][ T8854]  ? rcu_is_watching+0x12/0xc0
[  194.911321][ T8854]  ? ktime_get_with_offset+0x273/0x3a0
[  194.912768][ T8854]  ? lockdep_hardirqs_on+0x7c/0x110
[  194.914109][ T8854]  ? netif_receive_skb+0x109/0x7b0
[  194.915451][ T8854]  __netif_receive_skb+0x1d/0x160
[  194.916877][ T8854]  netif_receive_skb+0x13f/0x7b0
[  194.918367][ T8854]  ? __pfx_netif_receive_skb+0x10/0x10
[  194.919899][ T8854]  ? __pfx___lock_acquire+0x10/0x10
[  194.921325][ T8854]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  194.922946][ T8854]  tun_rx_batched.isra.0+0x3eb/0x730
[  194.924335][ T8854]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  194.925887][ T8854]  ? tun_get_user+0x13c9/0x3e30
[  194.927213][ T8854]  ? lock_acquire+0x2f/0xb0
[  194.928444][ T8854]  ? tun_get_user+0x13c9/0x3e30
[  194.929730][ T8854]  tun_get_user+0x2a01/0x3e30
[  194.930969][ T8854]  ? find_held_lock+0x2d/0x110
[  194.932260][ T8854]  ? __pfx_tun_get_user+0x10/0x10
[  194.933633][ T8854]  ? find_held_lock+0x2d/0x110
[  194.934970][ T8854]  ? __pfx_lock_release+0x10/0x10
[  194.936301][ T8854]  tun_chr_write_iter+0xdc/0x210
[  194.937595][ T8854]  vfs_write+0x5ae/0x1150
[  194.938742][ T8854]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  194.940158][ T8854]  ? __pfx_vfs_write+0x10/0x10
[  194.941437][ T8854]  ? __fget_files+0x40/0x3a0
[  194.942776][ T8854]  ksys_write+0x12b/0x250
[  194.944167][ T8854]  ? __pfx_ksys_write+0x10/0x10
[  194.945773][ T8854]  __do_fast_syscall_32+0x73/0x120
[  194.947414][ T8854]  do_fast_syscall_32+0x32/0x80
[  194.948980][ T8854]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  194.950987][ T8854] RIP: 0023:0xf744e579
[  194.951997][ T8854] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  194.956771][ T8854] RSP: 002b:00000000f5136540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  194.958846][ T8854] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000000
[  194.960785][ T8854] RDX: 0000000000000042 RSI: 00000000f743fff4 RDI: 0000000000000000
[  194.962767][ T8854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  194.964762][ T8854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  194.966733][ T8854] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  194.968715][ T8854]  </TASK>
[  195.080920][ T8860] syz.0.749(8860): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  195.756854][ T6205] tipc: Node number set to 134418688
[  196.318449][ T8893] netlink: 28 bytes leftover after parsing attributes in process `syz.0.758'.
[  198.285069][ T2217] libceph: connect (1)[c::]:6789 error -101
[  198.286806][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  198.558333][ T2217] libceph: connect (1)[c::]:6789 error -101
[  198.560022][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  198.984114][ T8945] ceph: No mds server is up or the cluster is laggy
[  199.098065][ T2217] libceph: connect (1)[c::]:6789 error -101
[  199.099715][ T2217] libceph: mon0 (1)[c::]:6789 connect error
[  199.238108][ T8957] netlink: 64 bytes leftover after parsing attributes in process `syz.1.773'.
[  199.241034][ T8957] netlink: 60 bytes leftover after parsing attributes in process `syz.1.773'.
[  199.432808][ T8964] capability: warning: `syz.2.779' uses 32-bit capabilities (legacy support in use)
[  199.556294][ T5984] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  199.728611][ T5984] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  199.733467][ T5984] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  199.735783][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.738288][ T5984] usb 6-1: Product: syz
[  199.739466][ T5984] usb 6-1: Manufacturer: syz
[  199.740773][ T5984] usb 6-1: SerialNumber: syz
[  199.747529][ T8961] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  199.952903][ T8961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.955202][ T8961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.960282][   T39] audit: type=1326 audit(200.894:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.1.773" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0
[  200.279493][ T6004] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  200.424929][ T6004] usb 7-1: Using ep0 maxpacket: 16
[  200.427445][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  200.431272][ T6004] usb 7-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  200.433492][ T6004] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.435499][ T6004] usb 7-1: Product: syz
[  200.436543][ T6004] usb 7-1: Manufacturer: syz
[  200.437744][ T6004] usb 7-1: SerialNumber: syz
[  200.444791][ T6004] usb 7-1: config 0 descriptor??
[  200.447249][ T6004] appledisplay 7-1:0.0: Could not find int-in endpoint
[  200.449413][ T6004] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  202.190884][ T5984] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  202.201440][ T5984] usb 6-1: USB disconnect, device number 21
[  202.213831][ T9014] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  202.216252][ T9014] overlayfs: failed to set xattr on upper
[  202.217807][ T9014] overlayfs: ...falling back to redirect_dir=nofollow.
[  202.219686][ T9014] overlayfs: ...falling back to index=off.
[  202.221210][ T9014] overlayfs: ...falling back to uuid=null.
[  202.280556][ T9016] netlink: 180 bytes leftover after parsing attributes in process `syz.1.789'.
[  202.977783][ T6005] usb 7-1: USB disconnect, device number 9
[  203.050072][ T9035] netlink: 64 bytes leftover after parsing attributes in process `syz.2.796'.
[  203.052640][ T9035] netlink: 60 bytes leftover after parsing attributes in process `syz.2.796'.
[  203.272850][ T9038] input: syz0 as /devices/virtual/input/input15
[  203.285775][ T8567] udevd[8567]: setting mode of /dev/input/js0 to 020664 failed: No such file or directory
[  203.289406][ T8567] udevd[8567]: setting owner of /dev/input/js0 to uid=0, gid=104 failed: No such file or directory
[  203.460665][ T6005] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  203.607582][ T9042] lo speed is unknown, defaulting to 1000
[  203.639680][ T6005] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  203.645930][ T6005] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  203.648411][ T6005] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.650441][ T6005] usb 7-1: Product: syz
[  203.651553][ T6005] usb 7-1: Manufacturer: syz
[  203.652825][ T6005] usb 7-1: SerialNumber: syz
[  203.671573][ T9036] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  203.873084][ T9036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.877764][ T9036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.885862][   T39] audit: type=1326 audit(204.921:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9034 comm="syz.2.796" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0
[  204.550442][ T9069] FAULT_INJECTION: forcing a failure.
[  204.550442][ T9069] name failslab, interval 1, probability 0, space 0, times 0
[  204.553892][ T9069] CPU: 2 UID: 0 PID: 9069 Comm: syz.0.804 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  204.556602][ T9069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.559396][ T9069] Call Trace:
[  204.560273][ T9069]  <TASK>
[  204.561054][ T9069]  dump_stack_lvl+0x16c/0x1f0
[  204.562297][ T9069]  should_fail_ex+0x497/0x5b0
[  204.563546][ T9069]  should_failslab+0xc2/0x120
[  204.564775][ T9069]  __kmalloc_cache_noprof+0x68/0x420
[  204.566162][ T9069]  io_arm_poll_handler+0x3e7/0xc60
[  204.567498][ T9069]  ? security_file_permission+0x71/0x210
[  204.568915][ T9069]  ? __pfx_io_arm_poll_handler+0x10/0x10
[  204.570385][ T9069]  ? io_req_end_write+0x3f/0x310
[  204.571698][ T9069]  io_queue_async+0xaa/0x420
[  204.572910][ T9069]  io_submit_sqes+0x177a/0x25f0
[  204.574190][ T9069]  __do_sys_io_uring_enter+0xd43/0x1620
[  204.575688][ T9069]  ? __fget_files+0x206/0x3a0
[  204.576926][ T9069]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  204.578530][ T9069]  ? fput+0x67/0x440
[  204.579572][ T9069]  ? ksys_write+0x1ba/0x250
[  204.580778][ T9069]  ? __pfx_ksys_write+0x10/0x10
[  204.582058][ T9069]  __do_fast_syscall_32+0x73/0x120
[  204.583431][ T9069]  do_fast_syscall_32+0x32/0x80
[  204.584714][ T9069]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.586348][ T9069] RIP: 0023:0xf744e579
[  204.587407][ T9069] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.592326][ T9069] RSP: 002b:00000000f511557c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  204.594497][ T9069] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000003516
[  204.596552][ T9069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  204.598615][ T9069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.600655][ T9069] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.602712][ T9069] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.604915][ T9069]  </TASK>
[  205.799961][ T9091] netlink: 16 bytes leftover after parsing attributes in process `syz.3.811'.
[  205.813926][ T5984] IPVS: starting estimator thread 0...
[  205.824262][ T9093] netlink: 36 bytes leftover after parsing attributes in process `syz.0.812'.
[  205.827078][ T9093] netlink: 16 bytes leftover after parsing attributes in process `syz.0.812'.
[  205.829529][ T9093] netlink: 36 bytes leftover after parsing attributes in process `syz.0.812'.
[  205.832003][ T9093] netlink: 36 bytes leftover after parsing attributes in process `syz.0.812'.
[  205.922868][ T9095] IPVS: using max 37 ests per chain, 88800 per kthread
[  205.996664][ T6005] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  206.003651][ T6005] usb 7-1: USB disconnect, device number 10
[  206.111015][ T9109] FAULT_INJECTION: forcing a failure.
[  206.111015][ T9109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.115444][ T9109] CPU: 3 UID: 0 PID: 9109 Comm: syz.1.817 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  206.118970][ T9109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.122867][ T9109] Call Trace:
[  206.124007][ T9109]  <TASK>
[  206.125026][ T9109]  dump_stack_lvl+0x16c/0x1f0
[  206.126743][ T9109]  should_fail_ex+0x497/0x5b0
[  206.128575][ T9109]  _copy_to_user+0x32/0xd0
[  206.130281][ T9109]  simple_read_from_buffer+0xd0/0x160
[  206.132114][ T9109]  proc_fail_nth_read+0x198/0x270
[  206.133925][ T9109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.135828][ T9109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.137811][ T9109]  vfs_read+0x1df/0xbe0
[  206.139273][ T9109]  ? __fget_files+0x1fc/0x3a0
[  206.140896][ T9109]  ? __pfx___mutex_lock+0x10/0x10
[  206.142633][ T9109]  ? __pfx_vfs_read+0x10/0x10
[  206.144262][ T9109]  ? __fget_files+0x206/0x3a0
[  206.145880][ T9109]  ksys_read+0x12b/0x250
[  206.147348][ T9109]  ? __pfx_ksys_read+0x10/0x10
[  206.149381][ T9109]  __do_fast_syscall_32+0x73/0x120
[  206.151229][ T9109]  do_fast_syscall_32+0x32/0x80
[  206.152872][ T9109]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.154996][ T9109] RIP: 0023:0xf743e579
[  206.156365][ T9109] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  206.162944][ T9109] RSP: 002b:00000000f51265b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  206.165871][ T9109] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[  206.168550][ T9109] RDX: 000000000000000f RSI: 00000000f742fff4 RDI: 0000000000000000
[  206.170625][ T9109] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  206.172665][ T9109] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  206.174726][ T9109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.176795][ T9109]  </TASK>
[  206.654959][  T833] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  206.811544][  T833] usb 6-1: Using ep0 maxpacket: 8
[  206.815882][  T833] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.819270][  T833] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.822858][  T833] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  206.825866][  T833] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  206.829341][  T833] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  206.832875][  T833] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  206.837339][  T833] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  206.839925][  T833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.843240][  T833] usb 6-1: Product: syz
[  206.844747][  T833] usb 6-1: Manufacturer: syz
[  206.846521][  T833] usb 6-1: SerialNumber: syz
[  206.999571][ T9130] netlink: 64 bytes leftover after parsing attributes in process `syz.3.825'.
[  207.002008][ T9130] netlink: 60 bytes leftover after parsing attributes in process `syz.3.825'.
[  207.050489][  T833] cdc_ncm 6-1:1.0: bind() failure
[  207.053354][  T833] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  207.055222][  T833] cdc_ncm 6-1:1.1: bind() failure
[  207.063354][  T833] usb 6-1: USB disconnect, device number 22
[  207.300033][ T5984] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  207.447790][ T5984] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  207.452683][ T5984] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  207.455652][ T5984] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.458022][ T5984] usb 8-1: Product: syz
[  207.459407][ T5984] usb 8-1: Manufacturer: syz
[  207.460696][ T5984] usb 8-1: SerialNumber: syz
[  207.464887][ T9132] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  207.579340][ T9135] netlink: 36 bytes leftover after parsing attributes in process `syz.1.826'.
[  207.581722][ T9135] netlink: 16 bytes leftover after parsing attributes in process `syz.1.826'.
[  207.584738][ T9135] netlink: 36 bytes leftover after parsing attributes in process `syz.1.826'.
[  207.665175][ T9132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.667533][ T9132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.681171][   T39] audit: type=1326 audit(208.817:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9129 comm="syz.3.825" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f42579 code=0x0
[  209.946448][ T5984] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  209.954733][ T5984] usb 8-1: USB disconnect, device number 13
[  210.309327][    T9] IPVS: starting estimator thread 0...
[  210.326775][ T5984] usb 8-1: new full-speed USB device number 14 using dummy_hcd
[  210.395798][ T9195] IPVS: using max 37 ests per chain, 88800 per kthread
[  210.495640][ T5984] usb 8-1: not running at top speed; connect to a high speed hub
[  210.498984][ T5984] usb 8-1: config 1 has an invalid descriptor of length 216, skipping remainder of the config
[  210.501856][ T5984] usb 8-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[  210.506966][ T5984] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  210.509347][ T5984] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.511692][ T5984] usb 8-1: Product: syz
[  210.513411][ T5984] usb 8-1: Manufacturer: syz
[  210.515098][ T5984] usb 8-1: SerialNumber: syz
[  210.754502][ T9209] FAULT_INJECTION: forcing a failure.
[  210.754502][ T9209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.757848][ T9209] CPU: 0 UID: 0 PID: 9209 Comm: syz.0.849 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  210.761596][ T9209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.764462][ T9209] Call Trace:
[  210.765334][ T9209]  <TASK>
[  210.766109][ T9209]  dump_stack_lvl+0x16c/0x1f0
[  210.767359][ T9209]  should_fail_ex+0x497/0x5b0
[  210.768627][ T9209]  _copy_to_user+0x32/0xd0
[  210.769797][ T9209]  simple_read_from_buffer+0xd0/0x160
[  210.771209][ T9209]  proc_fail_nth_read+0x198/0x270
[  210.772512][ T9209]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.773949][ T9209]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.775355][ T9209]  vfs_read+0x1df/0xbe0
[  210.776438][ T9209]  ? __fget_files+0x1fc/0x3a0
[  210.777686][ T9209]  ? __pfx___mutex_lock+0x10/0x10
[  210.779171][ T9209]  ? __pfx_vfs_read+0x10/0x10
[  210.780394][ T9209]  ? __fget_files+0x206/0x3a0
[  210.781624][ T9209]  ksys_read+0x12b/0x250
[  210.782753][ T9209]  ? __pfx_ksys_read+0x10/0x10
[  210.783990][ T9209]  __do_fast_syscall_32+0x73/0x120
[  210.785306][ T9209]  do_fast_syscall_32+0x32/0x80
[  210.786574][ T9209]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.788209][ T9209] RIP: 0023:0xf744e579
[  210.789469][ T9209] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.794410][ T9209] RSP: 002b:00000000f51365b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  210.796555][ T9209] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5136620
[  210.798615][ T9209] RDX: 000000000000000f RSI: 00000000f743fff4 RDI: 0000000000000000
[  210.800690][ T9209] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  210.802739][ T9209] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  210.804730][ T9209] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.806767][ T9209]  </TASK>
[  210.840202][ T9213] FAULT_INJECTION: forcing a failure.
[  210.840202][ T9213] name failslab, interval 1, probability 0, space 0, times 0
[  210.843748][ T9213] CPU: 3 UID: 0 PID: 9213 Comm: syz.1.851 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  210.846984][ T9213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.850842][ T9213] Call Trace:
[  210.852080][ T9213]  <TASK>
[  210.853165][ T9213]  dump_stack_lvl+0x16c/0x1f0
[  210.854918][ T9213]  should_fail_ex+0x497/0x5b0
[  210.856548][ T9213]  ? fs_reclaim_acquire+0xae/0x150
[  210.857950][ T9213]  should_failslab+0xc2/0x120
[  210.859186][ T9213]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  210.860697][ T9213]  ? __kernfs_new_node+0xd3/0x890
[  210.862025][ T9213]  __kernfs_new_node+0xd3/0x890
[  210.863316][ T9213]  ? __pfx___kernfs_new_node+0x10/0x10
[  210.864738][ T9213]  ? __pfx_lock_release+0x10/0x10
[  210.866061][ T9213]  ? kernfs_add_one+0x39d/0x520
[  210.867372][ T9213]  ? up_write+0x1b2/0x520
[  210.868945][ T9213]  kernfs_new_node+0x186/0x240
[  210.870855][ T9213]  __kernfs_create_file+0x53/0x350
[  210.872755][ T9213]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  210.874841][ T9213]  internal_create_group+0x56c/0xf10
[  210.876776][ T9213]  ? __pfx_kobject_init_and_add+0x10/0x10
[  210.878310][ T9213]  ? __pfx_internal_create_group+0x10/0x10
[  210.879831][ T9213]  sysfs_slab_add+0x1a3/0x1e0
[  210.880986][ T9213]  do_kmem_cache_create+0x51c/0x720
[  210.882284][ T9213]  ? kstrdup+0x8b/0xb0
[  210.883703][ T9213]  __kmem_cache_create_args+0x231/0x390
[  210.885724][ T9213]  p9_client_create+0xe43/0x11a0
[  210.887492][ T9213]  ? __pfx_p9_client_create+0x10/0x10
[  210.889393][ T9213]  ? rcu_is_watching+0x12/0xc0
[  210.891179][ T9213]  ? __raw_spin_lock_init+0x3a/0x110
[  210.892655][ T9213]  v9fs_session_init+0x1f8/0x1a80
[  210.894044][ T9213]  ? __pfx_v9fs_session_init+0x10/0x10
[  210.895538][ T9213]  ? kasan_save_track+0x14/0x30
[  210.896867][ T9213]  v9fs_mount+0xc6/0xa30
[  210.898025][ T9213]  ? __pfx_v9fs_mount+0x10/0x10
[  210.899330][ T9213]  ? __pfx_v9fs_mount+0x10/0x10
[  210.900644][ T9213]  legacy_get_tree+0x109/0x220
[  210.901920][ T9213]  vfs_get_tree+0x8f/0x380
[  210.903122][ T9213]  path_mount+0x6e1/0x1f10
[  210.904318][ T9213]  ? kmem_cache_free+0x152/0x4c0
[  210.905643][ T9213]  ? __pfx_path_mount+0x10/0x10
[  210.906937][ T9213]  ? putname+0x13c/0x180
[  210.908078][ T9213]  __ia32_sys_mount+0x292/0x310
[  210.909330][ T9213]  ? __pfx___ia32_sys_mount+0x10/0x10
[  210.910765][ T9213]  __do_fast_syscall_32+0x73/0x120
[  210.912125][ T9213]  do_fast_syscall_32+0x32/0x80
[  210.913421][ T9213]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.915105][ T9213] RIP: 0023:0xf743e579
[  210.916209][ T9213] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.921474][ T9213] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  210.923679][ T9213] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0
[  210.925763][ T9213] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000500
[  210.927432][ T9186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.927884][ T9213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.930198][ T9186] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.932156][ T9213] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  210.936263][ T9213] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.938371][ T9213]  </TASK>
[  210.941589][ T9186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.941655][ T9213] SLUB: Unable to add cache 9p-fcall-cache-7 to sysfs
[  210.944829][ T9186] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.952883][ T9186] __nla_validate_parse: 7 callbacks suppressed
[  210.952894][ T9186] netlink: 16 bytes leftover after parsing attributes in process `syz.3.840'.
[  210.958949][    T9] usb 8-1: USB disconnect, device number 14
[  211.266485][ T9222] netlink: 36 bytes leftover after parsing attributes in process `syz.1.853'.
[  211.268941][ T9222] netlink: 16 bytes leftover after parsing attributes in process `syz.1.853'.
[  211.271627][ T9222] netlink: 36 bytes leftover after parsing attributes in process `syz.1.853'.
[  211.274007][ T9222] netlink: 36 bytes leftover after parsing attributes in process `syz.1.853'.
[  211.459826][   T39] audit: type=1326 audit(212.672:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.465442][   T39] audit: type=1326 audit(212.672:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.472613][   T39] audit: type=1326 audit(212.672:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.482658][   T39] audit: type=1326 audit(212.672:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.488768][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.855'.
[  211.494247][   T39] audit: type=1326 audit(212.672:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.499731][   T39] audit: type=1326 audit(212.672:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.505032][   T39] audit: type=1326 audit(212.672:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.510336][   T39] audit: type=1326 audit(212.672:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.515939][   T39] audit: type=1326 audit(212.672:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9225 comm="syz.1.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  211.547656][ T9232] netlink: 12 bytes leftover after parsing attributes in process `syz.1.856'.
[  211.682630][ T9225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  212.048059][ T9248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.860'.
[  212.276241][ T9252] lo: entered promiscuous mode
[  212.297806][ T9250] lo: left promiscuous mode
[  212.412372][ T9260] netlink: 36 bytes leftover after parsing attributes in process `syz.1.862'.
[  212.414815][ T9260] netlink: 16 bytes leftover after parsing attributes in process `syz.1.862'.
[  212.569109][ T9263] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  212.620459][ T9267] FAULT_INJECTION: forcing a failure.
[  212.620459][ T9267] name failslab, interval 1, probability 0, space 0, times 0
[  212.624051][ T9267] CPU: 3 UID: 0 PID: 9267 Comm: syz.1.866 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  212.626828][ T9267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.629699][ T9267] Call Trace:
[  212.630582][ T9267]  <TASK>
[  212.631360][ T9267]  dump_stack_lvl+0x16c/0x1f0
[  212.632592][ T9267]  should_fail_ex+0x497/0x5b0
[  212.633830][ T9267]  ? fs_reclaim_acquire+0xae/0x150
[  212.635253][ T9267]  should_failslab+0xc2/0x120
[  212.636488][ T9267]  __kmalloc_cache_noprof+0x68/0x420
[  212.638097][ T9267]  ? scsi_execute_cmd+0x11b/0xff0
[  212.639630][ T9267]  sr_read_tochdr.isra.0+0xa7/0x270
[  212.641008][ T9267]  ? __pfx_sr_read_tochdr.isra.0+0x10/0x10
[  212.642630][ T9267]  ? hlock_class+0x4e/0x130
[  212.643902][ T9267]  sr_audio_ioctl+0x111/0x2e0
[  212.645199][ T9267]  ? __pfx_sr_audio_ioctl+0x10/0x10
[  212.646572][ T9267]  ? __pfx_scsi_test_unit_ready+0x10/0x10
[  212.648066][ T9267]  ? hlock_class+0x4e/0x130
[  212.649330][ T9267]  ? __lock_acquire+0x15a9/0x3c40
[  212.650664][ T9267]  cdrom_count_tracks+0x26d/0x7e0
[  212.652007][ T9267]  ? __pfx_cdrom_count_tracks+0x10/0x10
[  212.653505][ T9267]  ? __pfx_sr_drive_status+0x10/0x10
[  212.654911][ T9267]  ? lock_acquire.part.0+0x11b/0x380
[  212.656386][ T9267]  cdrom_open+0x73a/0x2680
[  212.657618][ T9267]  ? __pfx_cdrom_open+0x10/0x10
[  212.658915][ T9267]  ? sr_block_open+0x167/0x270
[  212.660175][ T9267]  ? trace_contention_end+0xee/0x140
[  212.661553][ T9267]  ? __mutex_lock+0x1cc/0xa60
[  212.662855][ T9267]  ? __pfx_lock_release+0x10/0x10
[  212.664176][ T9267]  ? sr_block_open+0x167/0x270
[  212.665439][ T9267]  ? __pfx___mutex_lock+0x10/0x10
[  212.666788][ T9267]  ? lockdep_hardirqs_on+0x7c/0x110
[  212.668203][ T9267]  ? __pfx_disk_check_media_change+0x10/0x10
[  212.669766][ T9267]  ? lockdep_hardirqs_on+0x7c/0x110
[  212.671144][ T9267]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  212.672669][ T9267]  sr_block_open+0x174/0x270
[  212.673898][ T9267]  ? __pfx_sr_block_open+0x10/0x10
[  212.675255][ T9267]  ? __pfx_sr_block_open+0x10/0x10
[  212.676598][ T9267]  blkdev_get_whole+0x96/0x290
[  212.677926][ T9267]  bdev_open+0x2c7/0xe20
[  212.679087][ T9267]  bdev_file_open_by_dev+0x17d/0x210
[  212.680454][ T9267]  setup_bdev_super+0x78/0x730
[  212.680780][ T9248] orangefs_mount: mount request failed with -4
[  212.681709][ T9267]  get_tree_bdev_flags+0x365/0x620
[  212.681746][ T9267]  ? __pfx_ext4_fill_super+0x10/0x10
[  212.686146][ T9267]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  212.687738][ T9267]  ? bpf_lsm_capable+0x9/0x10
[  212.689054][ T9267]  vfs_get_tree+0x8f/0x380
[  212.690273][ T9267]  path_mount+0x6e1/0x1f10
[  212.691432][ T9267]  ? kmem_cache_free+0x152/0x4c0
[  212.692744][ T9267]  ? __pfx_path_mount+0x10/0x10
[  212.694037][ T9267]  ? putname+0x13c/0x180
[  212.695198][ T9267]  __ia32_sys_mount+0x292/0x310
[  212.696679][ T9267]  ? __pfx___ia32_sys_mount+0x10/0x10
[  212.698180][ T9267]  __do_fast_syscall_32+0x73/0x120
[  212.699539][ T9267]  do_fast_syscall_32+0x32/0x80
[  212.700814][ T9267]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.702591][ T9267] RIP: 0023:0xf743e579
[  212.703700][ T9267] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.708847][ T9267] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  212.711019][ T9267] RAX: ffffffffffffffda RBX: 0000000020000240 RCX: 0000000020000100
[  212.713152][ T9267] RDX: 00000000200001c0 RSI: 000000000100c041 RDI: 0000000000000000
[  212.715249][ T9267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.717401][ T9267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  212.719581][ T9267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.721652][ T9267]  </TASK>
[  213.531199][ T9291] FAULT_INJECTION: forcing a failure.
[  213.531199][ T9291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.536908][ T9291] CPU: 1 UID: 0 PID: 9291 Comm: syz.3.872 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  213.540808][ T9291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.544727][ T9291] Call Trace:
[  213.545970][ T9291]  <TASK>
[  213.547070][ T9291]  dump_stack_lvl+0x16c/0x1f0
[  213.548811][ T9291]  should_fail_ex+0x497/0x5b0
[  213.550565][ T9291]  _copy_from_iter+0x29b/0x1400
[  213.552398][ T9291]  ? trace_lock_acquire+0x14e/0x1f0
[  213.554309][ T9291]  ? __pfx__copy_from_iter+0x10/0x10
[  213.556274][ T9291]  ? __virt_addr_valid+0x1a4/0x590
[  213.558170][ T9291]  ? __virt_addr_valid+0x5e/0x590
[  213.560015][ T9291]  ? __phys_addr_symbol+0x30/0x80
[  213.561841][ T9291]  ? __check_object_size+0x488/0x710
[  213.563796][ T9291]  file_tty_write.constprop.0+0x48d/0x9a0
[  213.565890][ T9291]  vfs_write+0x5ae/0x1150
[  213.567492][ T9291]  ? __pfx_tty_write+0x10/0x10
[  213.569283][ T9291]  ? __pfx_vfs_write+0x10/0x10
[  213.571051][ T9291]  ? __fget_files+0x40/0x3a0
[  213.572766][ T9291]  ksys_write+0x12b/0x250
[  213.574361][ T9291]  ? __pfx_ksys_write+0x10/0x10
[  213.576204][ T9291]  __do_fast_syscall_32+0x73/0x120
[  213.578123][ T9291]  do_fast_syscall_32+0x32/0x80
[  213.579918][ T9291]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.582231][ T9291] RIP: 0023:0xf7f42579
[  213.583738][ T9291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  213.590941][ T9291] RSP: 002b:00000000f508457c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  213.593911][ T9291] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020001040
[  213.596800][ T9291] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  213.599832][ T9291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.602736][ T9291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  213.605631][ T9291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.608521][ T9291]  </TASK>
[  213.727768][ T9297] netlink: 'syz.2.875': attribute type 10 has an invalid length.
[  214.325922][ T9312] binder: 9311:9312 ioctl c080aebe 0 returned -22
[  214.389833][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  214.389845][   T39] audit: type=1800 audit(215.649:187): pid=9318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.879" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  214.633617][ T9324] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  214.861592][   T39] audit: type=1326 audit(216.126:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9330 comm="syz.2.884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  214.867479][   T39] audit: type=1326 audit(216.126:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9330 comm="syz.2.884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  214.873049][   T39] audit: type=1326 audit(216.126:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9330 comm="syz.2.884" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  214.878649][   T39] audit: type=1326 audit(2776.142:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9330 comm="syz.2.884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  214.884186][   T39] audit: type=1326 audit(2776.142:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9330 comm="syz.2.884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  215.023969][ T9336] netlink: 'syz.0.886': attribute type 3 has an invalid length.
[  216.196222][ T9372] lo speed is unknown, defaulting to 1000
[  216.261213][ T9372] netlink: 'syz.3.898': attribute type 10 has an invalid length.
[  216.267552][ T9372] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.271111][ T9372] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  216.580133][ T9384] __nla_validate_parse: 10 callbacks suppressed
[  216.580146][ T9384] netlink: 48 bytes leftover after parsing attributes in process `syz.3.899'.
[  216.908548][ T9388] openvswitch: netlink: Unknown nsh attribute 0
[  216.910275][ T9388] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  217.262066][ T9404] 9pnet_fd: Insufficient options for proto=fd
[  217.267314][ T9404] netlink: 'syz.2.906': attribute type 1 has an invalid length.
[  217.301064][ T9404] 8021q: adding VLAN 0 to HW filter on device bond3
[  217.311433][ T9404] bond3: (slave gretap1): making interface the new active one
[  217.314102][ T9404] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  217.526144][ T9416] bridge2: entered promiscuous mode
[  217.531260][ T9416] bridge2: entered allmulticast mode
[  217.873106][ T9428] netlink: 32 bytes leftover after parsing attributes in process `syz.2.912'.
[  218.201695][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.411319][ T1158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.488784][ T9445] netlink: 'syz.1.919': attribute type 27 has an invalid length.
[  218.524361][ T9445] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.526302][ T9445] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.591710][ T9445] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.599505][ T9445] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.632336][ T9445] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.634756][ T9445] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.637126][ T9445] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.639506][ T9445] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.672384][ T9451] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.674839][ T9451] 8021q: adding VLAN 0 to HW filter on device team0
[  218.679112][ T9451] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  218.924454][ T9460] netlink: 64 bytes leftover after parsing attributes in process `syz.2.924'.
[  218.927612][ T9460] netlink: 60 bytes leftover after parsing attributes in process `syz.2.924'.
[  219.220555][  T832] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  219.232691][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.371643][  T832] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  219.376474][  T832] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  219.378766][  T832] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.380792][  T832] usb 7-1: Product: syz
[  219.382541][  T832] usb 7-1: Manufacturer: syz
[  219.383691][  T832] usb 7-1: SerialNumber: syz
[  219.387726][ T9463] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  219.541048][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.593746][ T9463] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.597099][ T9463] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.600306][   T39] audit: type=1326 audit(2780.874:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.2.924" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0
[  219.740292][    T9] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  219.890211][    T9] usb 8-1: Using ep0 maxpacket: 8
[  219.900489][    T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  219.903935][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  219.906405][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  219.908859][    T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  219.912421][    T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  219.914904][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.066383][ T9484] 9pnet_fd: Insufficient options for proto=fd
[  220.121496][    T9] usb 8-1: GET_CAPABILITIES returned 0
[  220.122996][    T9] usbtmc 8-1:16.0: can't read capabilities
[  220.270428][ T6205] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.327815][    T9] usb 8-1: USB disconnect, device number 15
[  220.440729][   T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.670541][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.310471][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.371975][ T9525] random: crng reseeded on system resumption
[  221.387777][ T9525] overlayfs: failed to resolve './file0': -2
[  221.769545][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.939761][  T832] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  221.950257][  T832] usb 7-1: USB disconnect, device number 11
[  222.229339][ T9550] nbd3: detected capacity change from 0 to 12
[  222.233526][ T9558] block nbd3: NBD_DISCONNECT
[  222.234727][ T9560] block nbd3: Send control failed (result -89)
[  222.237319][ T9560] block nbd3: Request send failed, requeueing
[  222.242585][ T9560] block nbd3: Disconnected due to user request.
[  222.246223][ T9558] block nbd3: Send disconnect failed -89
[  222.251633][ T6750] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.254883][ T6750] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.257744][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.260476][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.262879][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.265321][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.267457][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.270466][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.272995][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.275557][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.277791][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.280950][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.284272][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.286846][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.289175][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.291588][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.293920][ T9560] ldm_validate_partition_table(): Disk read failed.
[  222.295773][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.298555][ T9556] FAULT_INJECTION: forcing a failure.
[  222.298555][ T9556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.298585][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.302045][ T9556] CPU: 1 UID: 0 PID: 9556 Comm: syz.1.953 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  222.302066][ T9556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.302073][ T9556] Call Trace:
[  222.304319][ T9560] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  222.306914][ T9556]  <TASK>
[  222.306923][ T9556]  dump_stack_lvl+0x16c/0x1f0
[  222.309887][ T9560] Buffer I/O error on dev nbd3, logical block 0, async page read
[  222.310725][ T9556]  should_fail_ex+0x497/0x5b0
[  222.313245][ T9560] Dev nbd3: unable to read RDB block 0
[  222.313898][ T9556]  _copy_from_user+0x2e/0xd0
[  222.315290][ T9560]  nbd3: unable to read partition table
[  222.317244][ T9556]  copy_from_buffer+0x86/0xb0
[  222.318576][ T9560] nbd3: partition table beyond EOD, 
[  222.320229][ T9556]  copy_uabi_to_xstate+0xb5/0x670
[  222.320266][ T9556]  ? find_held_lock+0x2d/0x110
[  222.320294][ T9556]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  222.322076][ T9560] truncated
[  222.323209][ T9556]  ? __pfx_lock_release+0x10/0x10
[  222.332347][ T9556]  ? trace_lock_acquire+0x14e/0x1f0
[  222.334282][ T9556]  ? __local_bh_enable_ip+0xa4/0x120
[  222.336078][ T9556]  __fpu_restore_sig+0x1062/0x1430
[  222.337529][ T9556]  ? __pfx___fpu_restore_sig+0x10/0x10
[  222.339072][ T9556]  ? lock_acquire+0x2f/0xb0
[  222.340434][ T9556]  ? __might_fault+0xe3/0x190
[  222.341705][ T9556]  fpu__restore_sig+0x113/0x190
[  222.342996][ T9556]  ia32_restore_sigcontext+0x40f/0x5d0
[  222.344414][ T9556]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  222.345984][ T9556]  ? __pfx_lock_release+0x10/0x10
[  222.347317][ T9556]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.348978][ T9556]  ? lockdep_hardirqs_on+0x7c/0x110
[  222.350884][ T9556]  __do_compat_sys_rt_sigreturn+0x121/0x1f0
[  222.352830][ T9556]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  222.354638][ T9556]  do_int80_emulation+0x104/0x200
[  222.355959][ T9556]  asm_int80_emulation+0x1a/0x20
[  222.357264][ T9556] RIP: 0023:0xf743e577
[  222.358345][ T9556] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  222.363326][ T9556] RSP: 002b:00000000f512657c EFLAGS: 00000292
[  222.364953][ T9556] RAX: 0000000000000091 RBX: 0000000000000004 RCX: 0000000020001380
[  222.367097][ T9556] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  222.369329][ T9556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  222.371440][ T9556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.373519][ T9556] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.375600][ T9556]  </TASK>
[  222.377328][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.396338][ T8567] ldm_validate_partition_table(): Disk read failed.
[  222.406580][ T8567] Dev nbd3: unable to read RDB block 0
[  222.410510][ T8567]  nbd3: unable to read partition table
[  222.412758][ T8567] nbd3: partition table beyond EOD, truncated
[  222.487799][ T8567] ldm_validate_partition_table(): Disk read failed.
[  222.502638][ T8567] Dev nbd3: unable to read RDB block 0
[  222.524218][ T8567]  nbd3: unable to read partition table
[  222.528312][ T8567] nbd3: partition table beyond EOD, truncated
[  222.551747][ T5984] libceph: connect (1)[c::]:6789 error -13
[  222.553474][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  222.735520][ T9574] 9pnet_fd: Insufficient options for proto=fd
[  222.811489][ T5984] libceph: connect (1)[c::]:6789 error -13
[  222.813181][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  222.879311][ T1136] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.964051][ T9583] netlink: 64 bytes leftover after parsing attributes in process `syz.2.959'.
[  222.967118][ T9583] netlink: 60 bytes leftover after parsing attributes in process `syz.2.959'.
[  223.382472][ T9570] ceph: No mds server is up or the cluster is laggy
[  223.497393][ T5984] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  223.500193][  T832] libceph: connect (1)[c::]:6789 error -13
[  223.501875][  T832] libceph: mon0 (1)[c::]:6789 connect error
[  223.692539][ T5984] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  223.715784][ T5984] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  223.722373][ T5984] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.753052][ T5984] usb 7-1: Product: syz
[  223.754310][ T5984] usb 7-1: Manufacturer: syz
[  223.755588][ T5984] usb 7-1: SerialNumber: syz
[  223.760127][ T9584] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  223.966965][ T9584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.971959][ T9584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.977418][   T39] audit: type=1326 audit(2785.246:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9582 comm="syz.2.959" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0
[  224.427426][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  224.603202][ T9624] netlink: 'syz.3.972': attribute type 1 has an invalid length.
[  224.613984][ T9624] 8021q: adding VLAN 0 to HW filter on device bond3
[  224.663186][ T9629] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  224.665757][ T9629] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  225.740606][ T9667] fuse: Unknown parameter 'm'
[  225.781799][   T39] audit: type=1326 audit(2787.057:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.786980][   T39] audit: type=1326 audit(2787.057:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.792951][   T39] audit: type=1326 audit(2787.057:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.798438][   T39] audit: type=1326 audit(2787.057:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.803653][   T39] audit: type=1326 audit(2787.057:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.809737][   T39] audit: type=1326 audit(2787.057:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.814963][   T39] audit: type=1326 audit(2787.057:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.820376][   T39] audit: type=1326 audit(2787.057:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.825526][   T39] audit: type=1326 audit(2787.057:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.830703][   T39] audit: type=1326 audit(2787.057:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  225.884578][ T9670] FAULT_INJECTION: forcing a failure.
[  225.884578][ T9670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.888217][ T9670] CPU: 1 UID: 0 PID: 9670 Comm: syz.1.985 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  225.891020][ T9670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.893791][ T9670] Call Trace:
[  225.894705][ T9670]  <TASK>
[  225.895462][ T9670]  dump_stack_lvl+0x16c/0x1f0
[  225.896692][ T9670]  should_fail_ex+0x497/0x5b0
[  225.898072][ T9670]  _copy_from_user+0x2e/0xd0
[  225.899246][ T9670]  get_compat_msghdr+0xa8/0x170
[  225.900471][ T9670]  ? __pfx_get_compat_msghdr+0x10/0x10
[  225.901859][ T9670]  ? __seccomp_filter+0x816/0xf40
[  225.903193][ T9670]  ? __secure_computing+0x26c/0x3f0
[  225.904507][ T9670]  ? syscall_trace_enter+0x8b/0x260
[  225.905846][ T9670]  ___sys_recvmsg+0x193/0x1a0
[  225.907058][ T9670]  ? __pfx____sys_recvmsg+0x10/0x10
[  225.908398][ T9670]  ? __fget_files+0x1fc/0x3a0
[  225.909611][ T9670]  ? trace_lock_acquire+0x14e/0x1f0
[  225.910942][ T9670]  ? __fget_files+0x206/0x3a0
[  225.912125][ T9670]  ? __pfx___might_resched+0x10/0x10
[  225.913448][ T9670]  do_recvmmsg+0x55d/0x740
[  225.914616][ T9670]  ? __pfx_do_recvmmsg+0x10/0x10
[  225.915859][ T9670]  ? audit_log_end+0x14a/0x2b0
[  225.917092][ T9670]  ? __pfx___seccomp_filter+0x10/0x10
[  225.918474][ T9670]  __sys_recvmmsg+0x21e/0x280
[  225.919685][ T9670]  ? __pfx___sys_recvmmsg+0x10/0x10
[  225.920983][ T9670]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  225.922524][ T9670]  ? syscall_trace_enter+0x8b/0x260
[  225.923849][ T9670]  __do_fast_syscall_32+0x73/0x120
[  225.925169][ T9670]  do_fast_syscall_32+0x32/0x80
[  225.926477][ T9670]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.928115][ T9670] RIP: 0023:0xf743e579
[  225.929210][ T9670] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  225.933997][ T9670] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  225.936190][ T9670] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200000c0
[  225.938213][ T9670] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  225.940227][ T9670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  225.942210][ T9670] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  225.944241][ T9670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.946196][ T9670]  </TASK>
[  225.978223][ T5984] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  225.981316][ T5984] usb 7-1: USB disconnect, device number 12
[  225.993844][ T9676] FAULT_INJECTION: forcing a failure.
[  225.993844][ T9676] name failslab, interval 1, probability 0, space 0, times 0
[  225.997058][ T9676] CPU: 1 UID: 0 PID: 9676 Comm: syz.1.987 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  225.999719][ T9676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.002453][ T9676] Call Trace:
[  226.003309][ T9676]  <TASK>
[  226.004182][ T9676]  dump_stack_lvl+0x16c/0x1f0
[  226.005755][ T9676]  should_fail_ex+0x497/0x5b0
[  226.007165][ T9676]  ? fs_reclaim_acquire+0xae/0x150
[  226.008829][ T9676]  should_failslab+0xc2/0x120
[  226.010227][ T9676]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  226.011632][ T9676]  ? getname_flags.part.0+0x4c/0x550
[  226.013003][ T9676]  getname_flags.part.0+0x4c/0x550
[  226.014287][ T9676]  getname_flags+0x93/0xf0
[  226.015440][ T9676]  user_path_at+0x24/0x60
[  226.016499][ T9676]  __ia32_sys_mount+0x1fb/0x310
[  226.017894][ T9676]  ? __pfx___ia32_sys_mount+0x10/0x10
[  226.019672][ T9676]  __do_fast_syscall_32+0x73/0x120
[  226.021365][ T9676]  do_fast_syscall_32+0x32/0x80
[  226.022874][ T9676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.024452][ T9676] RIP: 0023:0xf743e579
[  226.025810][ T9676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.031696][ T9676] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  226.034430][ T9676] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000020000080
[  226.036859][ T9676] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000400
[  226.039481][ T9676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.041906][ T9676] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.043811][ T9676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.045777][ T9676]  </TASK>
[  226.317057][ T9684] netlink: 12 bytes leftover after parsing attributes in process `syz.1.989'.
[  226.889898][ T9696] random: crng reseeded on system resumption
[  227.277042][ T9706] netlink: 64 bytes leftover after parsing attributes in process `syz.2.994'.
[  227.279369][ T9706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.994'.
[  227.787076][ T5984] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  227.942136][ T9728] FAULT_INJECTION: forcing a failure.
[  227.942136][ T9728] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  227.945487][ T9728] CPU: 2 UID: 0 PID: 9728 Comm: syz.1.1000 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  227.948141][ T9728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.950770][ T9728] Call Trace:
[  227.951591][ T9728]  <TASK>
[  227.952371][ T9728]  dump_stack_lvl+0x16c/0x1f0
[  227.953565][ T9728]  should_fail_ex+0x497/0x5b0
[  227.954750][ T9728]  ? fs_reclaim_acquire+0xae/0x150
[  227.956045][ T9728]  should_fail_alloc_page+0xe7/0x130
[  227.957354][ T9728]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  227.958894][ T9728]  ? __alloc_pages_noprof+0x402/0x25b0
[  227.960226][ T9728]  __alloc_pages_noprof+0x190/0x25b0
[  227.961550][ T9728]  ? __alloc_pages_noprof+0x402/0x25b0
[  227.962973][ T9728]  ? __pfx___schedule+0x10/0x10
[  227.964184][ T9728]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  227.965548][ T9728]  ? lock_acquire.part.0+0x11b/0x380
[  227.966890][ T9728]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  227.968298][ T9728]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  227.969703][ T9728]  ? __pfx_lock_release+0x10/0x10
[  227.970975][ T9728]  ? lock_acquire+0x2f/0xb0
[  227.972089][ T9728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  227.973568][ T9728]  ? policy_nodemask+0xea/0x4e0
[  227.974820][ T9728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  227.976305][ T9728]  ? policy_nodemask+0xea/0x4e0
[  227.977569][ T9728]  alloc_pages_mpol_noprof+0x2c9/0x610
[  227.978932][ T9728]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  227.980400][ T9728]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  227.981857][ T9728]  ? arch_kexec_post_alloc_pages+0x9/0x10
[  227.983270][ T9728]  ? kimage_alloc_pages+0x282/0x300
[  227.984657][ T9728]  kimage_alloc_pages+0x75/0x300
[  227.985912][ T9728]  kimage_alloc_page+0x132/0x890
[  227.987136][ T9728]  kimage_load_segment+0x1fc/0x770
[  227.988387][ T9728]  do_kexec_load+0x506/0x8c0
[  227.989531][ T9728]  ? __might_fault+0xe3/0x190
[  227.990688][ T9728]  ? __pfx_do_kexec_load+0x10/0x10
[  227.991942][ T9728]  ? __might_fault+0xe3/0x190
[  227.993140][ T9728]  __do_compat_sys_kexec_load+0x2cf/0x330
[  227.994507][ T9728]  ? __pfx___do_compat_sys_kexec_load+0x10/0x10
[  227.996008][ T9728]  __do_fast_syscall_32+0x73/0x120
[  227.997297][ T9728]  do_fast_syscall_32+0x32/0x80
[  227.998496][ T9728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.000037][ T9728] RIP: 0023:0xf743e579
[  228.001073][ T9728] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  228.005823][ T9728] RSP: 002b:00000000f510557c EFLAGS: 00000292 ORIG_RAX: 000000000000011b
[  228.007807][ T9728] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000001
[  228.009710][ T9728] RDX: 00000000200012c0 RSI: 0000000000160000 RDI: 0000000000000000
[  228.011722][ T9728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.013705][ T9728] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  228.015700][ T9728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.017644][ T9728]  </TASK>
[  228.020997][ T5984] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  228.031003][ T5984] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  228.033219][ T5984] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.035239][ T5984] usb 7-1: Product: syz
[  228.036253][ T5984] usb 7-1: Manufacturer: syz
[  228.038687][ T5984] usb 7-1: SerialNumber: syz
[  228.041214][ T9709] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  228.245438][ T9709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  228.248651][ T9709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  228.294558][ T9731] fuse: Bad value for 'user_id'
[  228.295859][ T9731] fuse: Bad value for 'user_id'
[  228.671943][ T9736] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  228.675345][ T9736] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  228.677949][ T9736] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  229.077981][ T9730] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  229.485116][ T9748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1005'.
[  229.551777][   T11] bond0: (slave bond_slave_0): interface is now down
[  229.551810][   T11] bond0: (slave bond_slave_1): interface is now down
[  229.573917][   T11] bond0: (slave bond_slave_0): interface is now down
[  229.576815][   T11] bond0: (slave bond_slave_1): interface is now down
[  229.582483][   T11] bond0: now running without any active interface!
[  229.662549][ T9754] FAULT_INJECTION: forcing a failure.
[  229.662549][ T9754] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.666092][ T9754] CPU: 0 UID: 0 PID: 9754 Comm: syz.3.1007 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  229.668798][ T9754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.671505][ T9754] Call Trace:
[  229.672364][ T9754]  <TASK>
[  229.673120][ T9754]  dump_stack_lvl+0x16c/0x1f0
[  229.674356][ T9754]  should_fail_ex+0x497/0x5b0
[  229.675561][ T9754]  _copy_to_user+0x32/0xd0
[  229.676733][ T9754]  generic_map_lookup_batch+0x69a/0xb90
[  229.678167][ T9754]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  229.679707][ T9754]  ? __fget_files+0x206/0x3a0
[  229.680921][ T9754]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  229.682647][ T9754]  bpf_map_do_batch+0x483/0x640
[  229.683970][ T9754]  __sys_bpf+0x55a2/0x57a0
[  229.685110][ T9754]  ? finish_task_switch.isra.0+0x2e8/0xcc0
[  229.686629][ T9754]  ? __pfx___sys_bpf+0x10/0x10
[  229.687834][ T9754]  ? __schedule+0xe60/0x5ad0
[  229.689109][ T9754]  ? fput+0x67/0x440
[  229.690140][ T9754]  ? ksys_write+0x1ba/0x250
[  229.691301][ T9754]  __ia32_sys_bpf+0x76/0xe0
[  229.692460][ T9754]  __do_fast_syscall_32+0x73/0x120
[  229.693778][ T9754]  do_fast_syscall_32+0x32/0x80
[  229.695021][ T9754]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.696653][ T9754] RIP: 0023:0xf7f42579
[  229.697695][ T9754] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.702629][ T9754] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  229.704783][ T9754] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200003c0
[  229.706936][ T9754] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  229.708938][ T9754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.711018][ T9754] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.713010][ T9754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.715023][ T9754]  </TASK>
[  229.851714][ T9762] loop9: detected capacity change from 0 to 7
[  229.854698][ T9762] Dev loop9: unable to read RDB block 7
[  229.856468][ T9762]  loop9: unable to read partition table
[  229.857971][ T9762] loop9: partition table beyond EOD, truncated
[  229.859528][ T9762] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  229.859528][ T9762] 
) failed (rc=-5)
[  230.088869][ T9748] orangefs_mount: mount request failed with -4
[  230.151207][ T9773] fuse: Unknown parameter 'user_i00000000000000000000'
[  230.265949][ T5943] Bluetooth: hci0: command 0x0406 tx timeout
[  230.284574][ T5984] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  230.297094][ T5984] usb 7-1: USB disconnect, device number 13
[  231.120995][ T9794] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode
[  231.122950][ T9794] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode
[  231.180125][ T9796] FAULT_INJECTION: forcing a failure.
[  231.180125][ T9796] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  231.183490][ T9796] CPU: 2 UID: 0 PID: 9796 Comm: syz.1.1018 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  231.186307][ T9796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.189028][ T9796] Call Trace:
[  231.189897][ T9796]  <TASK>
[  231.190653][ T9796]  dump_stack_lvl+0x16c/0x1f0
[  231.191886][ T9796]  should_fail_ex+0x497/0x5b0
[  231.193135][ T9796]  ? fs_reclaim_acquire+0xae/0x150
[  231.194483][ T9796]  should_fail_alloc_page+0xe7/0x130
[  231.195885][ T9796]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  231.197801][ T9796]  ? mark_lock+0xb5/0xc60
[  231.198977][ T9796]  ? __pfx_mark_lock+0x10/0x10
[  231.200260][ T9796]  __alloc_pages_noprof+0x190/0x25b0
[  231.201685][ T9796]  ? __pfx_mark_lock+0x10/0x10
[  231.202932][ T9796]  ? hlock_class+0x4e/0x130
[  231.204085][ T9796]  ? mark_lock+0xb5/0xc60
[  231.205225][ T9796]  ? __pfx_mark_lock+0x10/0x10
[  231.206730][ T9796]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  231.208193][ T9796]  ? hlock_class+0x4e/0x130
[  231.209395][ T9796]  ? mark_lock+0xb5/0xc60
[  231.210449][ T9796]  ? hlock_class+0x4e/0x130
[  231.211573][ T9796]  ? __lock_acquire+0xcc5/0x3c40
[  231.212857][ T9796]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.214405][ T9796]  ? policy_nodemask+0xea/0x4e0
[  231.215674][ T9796]  alloc_pages_mpol_noprof+0x2c9/0x610
[  231.217091][ T9796]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  231.218637][ T9796]  ? hlock_class+0x4e/0x130
[  231.219800][ T9796]  folio_alloc_mpol_noprof+0x36/0xd0
[  231.221156][ T9796]  vma_alloc_folio_noprof+0xee/0x1b0
[  231.222539][ T9796]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  231.224030][ T9796]  ? find_held_lock+0x2d/0x110
[  231.225268][ T9796]  do_pte_missing+0x2017/0x3e00
[  231.226478][ T9796]  __handle_mm_fault+0x103c/0x2a40
[  231.227761][ T9796]  ? find_held_lock+0x2d/0x110
[  231.228976][ T9796]  ? __pfx___handle_mm_fault+0x10/0x10
[  231.230365][ T9796]  ? follow_page_pte+0x3c3/0x1b20
[  231.231685][ T9796]  ? __pfx_lock_release+0x10/0x10
[  231.232952][ T9796]  ? follow_page_pte+0x3f7/0x1b20
[  231.234251][ T9796]  handle_mm_fault+0x3fa/0xaa0
[  231.235490][ T9796]  __get_user_pages+0x8d9/0x3b50
[  231.236759][ T9796]  ? __pfx___get_user_pages+0x10/0x10
[  231.238099][ T9796]  ? down_read_killable+0xcc/0x380
[  231.239410][ T9796]  ? __pfx_down_read_killable+0x10/0x10
[  231.240816][ T9796]  ? find_held_lock+0x2d/0x110
[  231.242035][ T9796]  __gup_longterm_locked+0x211/0x1870
[  231.243449][ T9796]  ? __pfx_lock_release+0x10/0x10
[  231.244730][ T9796]  ? trace_lock_acquire+0x14e/0x1f0
[  231.246065][ T9796]  ? __pfx___gup_longterm_locked+0x10/0x10
[  231.247576][ T9796]  ? gup_fast_fallback+0x84c/0x2690
[  231.248866][ T9796]  ? __pfx_lock_release+0x10/0x10
[  231.250135][ T9796]  ? try_get_folio+0x517/0x800
[  231.251421][ T9796]  ? const_folio_flags.constprop.0+0x56/0x150
[  231.253018][ T9796]  ? sanity_check_pinned_pages+0x385/0x11c0
[  231.254599][ T9796]  gup_fast_fallback+0x1802/0x2690
[  231.255982][ T9796]  ? __pfx_gup_fast_fallback+0x10/0x10
[  231.257430][ T9796]  pin_user_pages_fast+0xa8/0x100
[  231.258767][ T9796]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  231.260231][ T9796]  ? __kmalloc_noprof+0x23b/0x4f0
[  231.261549][ T9796]  ? rds_info_getsockopt+0x376/0x4f0
[  231.262884][ T9796]  rds_info_getsockopt+0x39a/0x4f0
[  231.264177][ T9796]  ? __might_fault+0x13b/0x190
[  231.265416][ T9796]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  231.266835][ T9796]  ? trace_lock_acquire+0x14e/0x1f0
[  231.268142][ T9796]  ? lock_acquire+0x2f/0xb0
[  231.269299][ T9796]  ? __might_fault+0xe3/0x190
[  231.270511][ T9796]  ? __might_fault+0xe3/0x190
[  231.271722][ T9796]  rds_getsockopt+0x173/0x2d0
[  231.272935][ T9796]  ? __pfx_rds_getsockopt+0x10/0x10
[  231.274247][ T9796]  do_sock_getsockopt+0x3fe/0x870
[  231.275532][ T9796]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  231.276967][ T9796]  ? lock_acquire+0x2f/0xb0
[  231.278115][ T9796]  ? __fget_files+0x40/0x3a0
[  231.279276][ T9796]  ? __fget_files+0x206/0x3a0
[  231.280512][ T9796]  __sys_getsockopt+0x12f/0x260
[  231.281767][ T9796]  __ia32_sys_getsockopt+0xbc/0x160
[  231.283099][ T9796]  ? lockdep_hardirqs_on+0x7c/0x110
[  231.284402][ T9796]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  231.286072][ T9796]  __do_fast_syscall_32+0x73/0x120
[  231.287370][ T9796]  do_fast_syscall_32+0x32/0x80
[  231.288615][ T9796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.290228][ T9796] RIP: 0023:0xf743e579
[  231.291271][ T9796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.296130][ T9796] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 000000000000016d
[  231.298258][ T9796] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  231.300303][ T9796] RDX: 000000000000271b RSI: 0000000020000580 RDI: 0000000020000000
[  231.302249][ T9796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.304230][ T9796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.306161][ T9796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.308139][ T9796]  </TASK>
[  231.309024][    C2] vkms_vblank_simulate: vblank timer overrun
[  231.407238][ T9814] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1023'.
[  231.409913][ T9814] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1023'.
[  231.692229][ T9819] netlink: 'syz.1.1024': attribute type 10 has an invalid length.
[  231.725356][  T833] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  231.866320][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[  231.867064][ T5949] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  231.884873][  T833] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  231.893699][  T833] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  231.910835][  T833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.913036][  T833] usb 5-1: Product: syz
[  231.914115][  T833] usb 5-1: Manufacturer: syz
[  231.948316][  T833] usb 5-1: SerialNumber: syz
[  231.954652][ T9818] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  232.162974][ T9818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.168429][ T9818] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.172879][   T39] kauditd_printk_skb: 22 callbacks suppressed
[  232.172890][   T39] audit: type=1326 audit(2793.440:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9813 comm="syz.0.1023" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  232.389406][ T9838] team0 (unregistering): Port device team_slave_0 removed
[  232.392571][ T9838] team0 (unregistering): Port device team_slave_1 removed
[  232.581458][ T8679] udevd[8679]: inotify_add_watch(7, /dev/pmem0p13, 10) failed: No such file or directory
[  233.420939][ T9866] netlink: 'syz.3.1034': attribute type 1 has an invalid length.
[  233.456367][ T9866] 8021q: adding VLAN 0 to HW filter on device bond4
[  233.629093][ T9879] FAULT_INJECTION: forcing a failure.
[  233.629093][ T9879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.632731][ T9879] CPU: 3 UID: 0 PID: 9879 Comm: syz.1.1039 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  233.635480][ T9879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.638235][ T9879] Call Trace:
[  233.639179][ T9879]  <TASK>
[  233.639978][ T9879]  dump_stack_lvl+0x16c/0x1f0
[  233.641210][ T9879]  should_fail_ex+0x497/0x5b0
[  233.642473][ T9879]  _copy_to_user+0x32/0xd0
[  233.643613][ T9879]  bpf_check+0x240e/0xc9b0
[  233.644757][ T9879]  ? __pfx_bpf_check+0x10/0x10
[  233.646006][ T9879]  ? bpf_offload_find_netdev+0x134/0x2d0
[  233.647446][ T9879]  ? irqentry_exit+0x3b/0x90
[  233.648588][ T9879]  ? lockdep_hardirqs_on+0x7c/0x110
[  233.649944][ T9879]  ? read_tsc+0x9/0x20
[  233.651009][ T9879]  ? ktime_get_with_offset+0x20f/0x3a0
[  233.652408][ T9879]  ? bpf_obj_name_cpy+0x156/0x1b0
[  233.653704][ T9879]  bpf_prog_load+0xe3f/0x2670
[  233.654944][ T9879]  ? __pfx_bpf_prog_load+0x10/0x10
[  233.656253][ T9879]  ? find_held_lock+0x2d/0x110
[  233.657480][ T9879]  ? __might_fault+0x13b/0x190
[  233.658670][ T9879]  ? __might_fault+0xe3/0x190
[  233.659879][ T9879]  __sys_bpf+0x5677/0x57a0
[  233.661026][ T9879]  ? __pfx_lock_release+0x10/0x10
[  233.662322][ T9879]  ? __pfx___sys_bpf+0x10/0x10
[  233.663516][ T9879]  ? vfs_write+0x306/0x1150
[  233.664636][ T9879]  ? __mutex_unlock_slowpath+0x164/0x690
[  233.666029][ T9879]  ? fput+0x67/0x440
[  233.667041][ T9879]  ? ksys_write+0x1ba/0x250
[  233.668153][ T9879]  ? __pfx_ksys_write+0x10/0x10
[  233.669334][ T9879]  __ia32_sys_bpf+0x76/0xe0
[  233.670506][ T9879]  __do_fast_syscall_32+0x73/0x120
[  233.671769][ T9879]  do_fast_syscall_32+0x32/0x80
[  233.672997][ T9879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.674562][ T9879] RIP: 0023:0xf743e579
[  233.675589][ T9879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.680355][ T9879] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  233.682484][ T9879] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  233.684484][ T9879] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  233.686471][ T9879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.688494][ T9879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.690470][ T9879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.692456][ T9879]  </TASK>
[  233.728825][ T9881] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1040'.
[  233.731252][ T9881] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1040'.
[  233.733576][ T9881] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  233.876880][ T9888] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1042'.
[  234.219469][ T9893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1044'.
[  234.221859][ T9893] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1044'.
[  234.224515][ T9893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1044'.
[  234.227097][ T9893] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1044'.
[  234.415403][  T833] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  234.422569][  T833] usb 5-1: USB disconnect, device number 16
[  234.436736][ T9895] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[  234.973883][ T5984] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  235.126678][ T5984] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  235.129252][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.131273][ T5984] usb 6-1: Product: syz
[  235.132305][ T5984] usb 6-1: Manufacturer: syz
[  235.133469][ T5984] usb 6-1: SerialNumber: syz
[  235.138710][ T5984] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  235.153099][ T5984] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  235.223859][ T2217] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  235.375176][ T2217] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  235.378330][ T2217] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  235.381936][ T2217] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  235.385528][ T2217] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  235.389717][ T2217] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  235.395533][ T2217] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  235.398789][ T2217] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  235.401609][ T2217] usb 7-1: Product: syz
[  235.403111][ T2217] usb 7-1: Manufacturer: syz
[  235.408423][ T2217] cdc_wdm 7-1:1.0: skipping garbage
[  235.410329][ T2217] cdc_wdm 7-1:1.0: skipping garbage
[  235.414680][ T2217] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  235.416834][ T2217] cdc_wdm 7-1:1.0: Unknown control protocol
[  235.612713][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.614730][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.616541][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.618151][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.620827][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.622601][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.624392][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.626005][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.627751][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.629414][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.631168][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.632847][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.634599][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.636267][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.637997][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.639668][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.641397][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.643074][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.644760][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  235.646453][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  235.650127][ T2217] usb 7-1: USB disconnect, device number 14
[  235.651670][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  235.818510][   T74] usb 6-1: USB disconnect, device number 23
[  235.915566][ T9922] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1053'.
[  235.918706][ T9922] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1053'.
[  235.994772][ T9926] FAULT_INJECTION: forcing a failure.
[  235.994772][ T9926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.998142][ T9926] CPU: 0 UID: 0 PID: 9926 Comm: syz.0.1055 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  236.001076][ T9926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.003790][ T9926] Call Trace:
[  236.004652][ T9926]  <TASK>
[  236.005444][ T9926]  dump_stack_lvl+0x16c/0x1f0
[  236.006669][ T9926]  should_fail_ex+0x497/0x5b0
[  236.007841][ T9926]  _copy_from_user+0x2e/0xd0
[  236.009047][ T9926]  get_compat_msghdr+0xa8/0x170
[  236.010302][ T9926]  ? __pfx_get_compat_msghdr+0x10/0x10
[  236.011637][ T9926]  ___sys_recvmsg+0x193/0x1a0
[  236.012757][ T9926]  ? __pfx____sys_recvmsg+0x10/0x10
[  236.014039][ T9926]  ? __fget_files+0x1fc/0x3a0
[  236.015199][ T9926]  ? trace_lock_acquire+0x14e/0x1f0
[  236.016452][ T9926]  ? __fget_files+0x206/0x3a0
[  236.017630][ T9926]  ? __pfx___might_resched+0x10/0x10
[  236.018982][ T9926]  do_recvmmsg+0x55d/0x740
[  236.020095][ T9926]  ? __pfx_do_recvmmsg+0x10/0x10
[  236.021386][ T9926]  ? vfs_write+0x306/0x1150
[  236.022512][ T9926]  ? __fget_files+0x206/0x3a0
[  236.023651][ T9926]  __sys_recvmmsg+0x21e/0x280
[  236.024832][ T9926]  ? __pfx___sys_recvmmsg+0x10/0x10
[  236.026213][ T9926]  ? __pfx_ksys_write+0x10/0x10
[  236.027492][ T9926]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  236.029119][ T9926]  ? lockdep_hardirqs_on+0x7c/0x110
[  236.030391][ T9926]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  236.032043][ T9926]  __do_fast_syscall_32+0x73/0x120
[  236.033311][ T9926]  do_fast_syscall_32+0x32/0x80
[  236.034682][ T9926]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.036305][ T9926] RIP: 0023:0xf744e579
[  236.037340][ T9926] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  236.042153][ T9926] RSP: 002b:00000000f511557c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  236.044373][ T9926] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200066c0
[  236.046302][ T9926] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000
[  236.048287][ T9926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.050359][ T9926] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  236.052306][ T9926] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.054302][ T9926]  </TASK>
[  236.183426][ T5984] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  236.185264][ T5984] ath9k_htc: Failed to initialize the device
[  236.192295][   T74] usb 6-1: ath9k_htc: USB layer deinitialized
[  236.235281][ T6205] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  236.352270][ T9932] netlink: 'syz.1.1057': attribute type 6 has an invalid length.
[  236.414474][ T6205] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  236.418813][ T6205] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  236.420867][ T6205] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.422686][ T6205] usb 8-1: Product: syz
[  236.424466][ T6205] usb 8-1: Manufacturer: syz
[  236.425558][ T6205] usb 8-1: SerialNumber: syz
[  236.427867][ T9925] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  236.668494][ T9925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  236.671357][ T9925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.676117][   T39] audit: type=1326 audit(2797.952:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.3.1053" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f42579 code=0x0
[  237.219040][ T9954] binder: 9953:9954 ioctl c080aebe 0 returned -22
[  237.227146][   T39] audit: type=1800 audit(2798.502:229): pid=9954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1063" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  237.394780][ T9970] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  237.400895][   T39] audit: type=1326 audit(2798.672:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.406527][   T39] audit: type=1326 audit(2798.672:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.412129][   T39] audit: type=1326 audit(2798.672:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.418035][   T39] audit: type=1326 audit(2798.672:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.424342][   T39] audit: type=1326 audit(2798.672:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.429689][   T39] audit: type=1326 audit(2798.672:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.435172][   T39] audit: type=1326 audit(2798.672:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.441220][   T39] audit: type=1326 audit(2798.672:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.446784][   T39] audit: type=1326 audit(2798.672:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9955 comm="syz.0.1064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  237.662851][   T74] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  237.824104][   T74] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  237.827151][   T74] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  237.829928][   T74] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  237.833840][   T74] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  237.837321][   T74] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  237.842198][   T74] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  237.844834][   T74] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  237.847247][   T74] usb 7-1: Product: syz
[  237.848750][   T74] usb 7-1: Manufacturer: syz
[  237.853440][   T74] cdc_wdm 7-1:1.0: skipping garbage
[  237.855001][   T74] cdc_wdm 7-1:1.0: skipping garbage
[  237.857344][   T74] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  237.859248][   T74] cdc_wdm 7-1:1.0: Unknown control protocol
[  237.912699][ T2217] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  238.110962][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  238.110963][ T6005] usb 7-1: USB disconnect, device number 15
[  238.213989][ T2217] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  238.216717][ T2217] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  238.220052][ T2217] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  238.222485][ T2217] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.226539][ T2217] usbtmc 5-1:16.0: bulk endpoints not found
[  238.882503][ T9993] input: syz0 as /devices/virtual/input/input16
[  238.932260][ T6205] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  238.957139][ T6205] usb 8-1: USB disconnect, device number 16
[  239.032202][T10006] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1079'.
[  239.034569][T10006] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1079'.
[  239.036873][T10006] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1079'.
[  239.039116][T10006] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1079'.
[  239.122758][T10001] afs: Unknown parameter 'dyn¸$y¾Ñöñ'
[  240.035621][T10025] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1087'.
[  240.038245][T10025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1087'.
[  240.331728][   T74] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  240.495382][   T74] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  240.501250][   T74] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  240.505245][   T74] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.508052][   T74] usb 8-1: Product: syz
[  240.509548][   T74] usb 8-1: Manufacturer: syz
[  240.512709][   T74] usb 8-1: SerialNumber: syz
[  240.516647][T10027] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  240.696457][ T5984] usb 5-1: USB disconnect, device number 17
[  240.730791][T10027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.734232][T10027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  243.067703][   T74] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  243.074146][   T74] usb 8-1: USB disconnect, device number 17
[  243.666448][ T5949] Bluetooth: hci0: unexpected event for opcode 0x2042
[  243.712997][T10096] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1104'.
[  243.715810][T10096] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1104'.
[  244.011070][   T74] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  244.529740][   T74] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  244.535123][   T74] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  244.537574][   T74] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.539652][   T74] usb 7-1: Product: syz
[  244.540751][   T74] usb 7-1: Manufacturer: syz
[  244.542155][   T74] usb 7-1: SerialNumber: syz
[  244.545198][T10098] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  244.749912][T10098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.752574][T10098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.757630][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  244.757640][   T39] audit: type=1326 audit(2806.038:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10095 comm="syz.2.1104" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0
[  244.934648][T10110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'.
[  245.224516][T10114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.530479][T10110] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  245.533933][T10110] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  245.535670][T10110] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  245.537498][T10110] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  245.922339][T10140] ecryptfs: Unknown parameter '&@'
[  246.366693][T10148] loop2: detected capacity change from 0 to 7
[  246.372029][T10148] Dev loop2: unable to read RDB block 7
[  246.373713][T10148]  loop2: unable to read partition table
[  246.375384][T10148] loop2: partition table beyond EOD, truncated
[  246.377245][T10148] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  246.767195][   T74] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  246.771280][   T74] usb 7-1: USB disconnect, device number 16
[  246.775333][T10161] netlink: 'syz.0.1123': attribute type 21 has an invalid length.
[  246.777846][T10161] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1123'.
[  246.780560][T10161] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1123'.
[  246.819616][T10166] input: syz0 as /devices/virtual/input/input17
[  247.068936][ T5949] Bluetooth: hci0: command 0x0406 tx timeout
[  247.210619][   T39] audit: type=1326 audit(2808.488:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.216358][   T39] audit: type=1326 audit(2808.488:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.222301][   T39] audit: type=1326 audit(2808.498:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.229520][   T39] audit: type=1326 audit(2808.498:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.235169][   T39] audit: type=1326 audit(2808.498:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.240758][   T39] audit: type=1326 audit(2808.508:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.246315][   T39] audit: type=1326 audit(2808.508:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.254909][   T39] audit: type=1326 audit(2808.508:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.262613][   T39] audit: type=1326 audit(2808.508:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10171 comm="syz.0.1126" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf744e579 code=0x7ffc0000
[  247.551604][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  247.554972][ T5943] Bluetooth: hci1: command 0x0406 tx timeout
[  247.557359][ T5949] Bluetooth: hci3: command 0x0419 tx timeout
[  247.684189][ T1143] Bluetooth: hci4: Frame reassembly failed (-84)
[  247.833974][T10176] ==================================================================
[  247.836142][T10176] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690
[  247.838249][T10176] Write of size 4 at addr ffffc90002db9010 by task syz.0.1126/10176
[  247.841838][T10176] 
[  247.842869][T10176] CPU: 3 UID: 0 PID: 10176 Comm: syz.0.1126 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  247.845666][T10176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.848511][T10176] Call Trace:
[  247.849742][T10176]  <TASK>
[  247.850794][T10176]  dump_stack_lvl+0x116/0x1f0
[  247.852049][T10176]  print_report+0xc3/0x620
[  247.853234][T10176]  ? __virt_addr_valid+0x5e/0x590
[  247.854644][T10176]  kasan_report+0xd9/0x110
[  247.855849][T10176]  ? push_insn_history+0x615/0x690
[  247.857233][T10176]  ? push_insn_history+0x615/0x690
[  247.858696][T10176]  push_insn_history+0x615/0x690
[  247.860069][T10176]  do_check_common+0xb78/0xd540
[  247.861350][T10176]  ? lockdep_hardirqs_on+0x7c/0x110
[  247.862744][T10176]  ? __pfx_do_check_common+0x10/0x10
[  247.864131][T10176]  ? kvfree+0x47/0x50
[  247.865295][T10176]  ? check_cfg+0x403/0x840
[  247.866521][T10176]  bpf_check+0x77c2/0xc9b0
[  247.867727][T10176]  ? hlock_class+0x4e/0x130
[  247.869158][T10176]  ? __pfx_bpf_check+0x10/0x10
[  247.871035][T10176]  ? find_held_lock+0x2d/0x110
[  247.872430][T10176]  ? bpf_prog_load+0xd45/0x2670
[  247.873705][T10176]  ? __pfx_lock_release+0x10/0x10
[  247.875083][T10176]  ? trace_lock_acquire+0x14e/0x1f0
[  247.876447][T10176]  ? bpf_prog_load+0xd45/0x2670
[  247.877724][T10176]  ? lockdep_hardirqs_on+0x7c/0x110
[  247.879332][T10176]  ? read_tsc+0x9/0x20
[  247.880408][T10176]  ? ktime_get_with_offset+0x20f/0x3a0
[  247.881845][T10176]  ? bpf_obj_name_cpy+0x156/0x1b0
[  247.883207][T10176]  bpf_prog_load+0xe3f/0x2670
[  247.884441][T10176]  ? __pfx_bpf_prog_load+0x10/0x10
[  247.885773][T10176]  ? find_held_lock+0x2d/0x110
[  247.887163][T10176]  ? __might_fault+0x13b/0x190
[  247.888530][T10176]  ? __might_fault+0xe3/0x190
[  247.890291][T10176]  __sys_bpf+0x5677/0x57a0
[  247.891942][T10176]  ? __pfx___sys_bpf+0x10/0x10
[  247.893429][T10176]  ? finish_task_switch.isra.0+0x217/0xcc0
[  247.895082][T10176]  ? __switch_to+0x749/0x1190
[  247.896423][T10176]  ? do_futex+0x123/0x350
[  247.897584][T10176]  ? __pfx_do_futex+0x10/0x10
[  247.898889][T10176]  ? xfd_validate_state+0x5d/0x180
[  247.900265][T10176]  ? rcu_is_watching+0x12/0xc0
[  247.901616][T10176]  __ia32_sys_bpf+0x76/0xe0
[  247.902878][T10176]  __do_fast_syscall_32+0x73/0x120
[  247.904222][T10176]  do_fast_syscall_32+0x32/0x80
[  247.905477][T10176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.907137][T10176] RIP: 0023:0xf744e579
[  247.908208][T10176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.913949][T10176] RSP: 002b:00000000f511557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  247.916129][T10176] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  247.918175][T10176] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  247.920388][T10176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.922307][T10176] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  247.924365][T10176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.926540][T10176]  </TASK>
[  247.927390][T10176] 
[  247.928060][T10176] The buggy address belongs to the virtual mapping at
[  247.928060][T10176]  [ffffc90002d99000, ffffc90002dbb000) created by:
[  247.928060][T10176]  kvrealloc_noprof+0xfc/0x150
[  247.933285][T10176] 
[  247.933921][T10176] The buggy address belongs to the physical page:
[  247.935594][T10176] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xa8 pfn:0x45d6b
[  247.937907][T10176] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  247.939851][T10176] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  247.942087][T10176] raw: 00000000000000a8 0000000000000000 00000001ffffffff 0000000000000000
[  247.944301][T10176] page dumped because: kasan: bad access detected
[  247.945958][T10176] page_owner tracks the page as allocated
[  247.947447][T10176] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 10176, tgid 10171 (syz.0.1126), ts 247833895952, free_ts 247740905931
[  247.952455][T10176]  post_alloc_hook+0x2d1/0x350
[  247.953712][T10176]  get_page_from_freelist+0xfce/0x2f80
[  247.955134][T10176]  __alloc_pages_noprof+0x6a6/0x25b0
[  247.956514][T10176]  alloc_pages_mpol_noprof+0x2c9/0x610
[  247.957873][T10176]  __vmalloc_node_range_noprof+0x724/0x1530
[  247.959605][T10176]  __kvmalloc_node_noprof+0x14f/0x1a0
[  247.960971][T10176]  kvrealloc_noprof+0xfc/0x150
[  247.962163][T10176]  push_insn_history+0x2ac/0x690
[  247.963288][T10176]  do_check_common+0xb78/0xd540
[  247.964503][T10176]  bpf_check+0x77c2/0xc9b0
[  247.965670][T10176]  bpf_prog_load+0xe3f/0x2670
[  247.966913][T10176]  __sys_bpf+0x5677/0x57a0
[  247.968076][T10176]  __ia32_sys_bpf+0x76/0xe0
[  247.969615][T10176]  __do_fast_syscall_32+0x73/0x120
[  247.971230][T10176]  do_fast_syscall_32+0x32/0x80
[  247.972537][T10176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.974183][T10176] page last free pid 10183 tgid 10180 stack trace:
[  247.975850][T10176]  free_unref_page+0x661/0x1080
[  247.977138][T10176]  vfree+0x17a/0x890
[  247.978166][T10176]  snd_dma_free_pages+0x51/0x70
[  247.979651][T10176]  snd_pcm_lib_free_pages+0x172/0x390
[  247.981047][T10176]  snd_pcm_release_substream.part.0+0x2a8/0x340
[  247.982679][T10176]  snd_pcm_release_substream+0x5b/0x70
[  247.984101][T10176]  snd_pcm_oss_release+0x16f/0x310
[  247.985428][T10176]  __fput+0x3f8/0xb60
[  247.986482][T10176]  task_work_run+0x14e/0x250
[  247.987699][T10176]  syscall_exit_to_user_mode+0x27b/0x2a0
[  247.989474][T10176]  __do_fast_syscall_32+0x80/0x120
[  247.991165][T10176]  do_fast_syscall_32+0x32/0x80
[  247.992467][T10176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.994155][T10176] 
[  247.994783][T10176] Memory state around the buggy address:
[  247.996239][T10176]  ffffc90002db8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  247.998348][T10176]  ffffc90002db8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  248.001064][T10176] >ffffc90002db9000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  248.003146][T10176]                          ^
[  248.004351][T10176]  ffffc90002db9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  248.006423][T10176]  ffffc90002db9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  248.008527][T10176] ==================================================================
[  248.011558][ T2217] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  248.015582][T10176] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  248.017518][T10176] CPU: 3 UID: 0 PID: 10176 Comm: syz.0.1126 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  248.020308][T10176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.023159][T10176] Call Trace:
[  248.024041][T10176]  <TASK>
[  248.024952][T10176]  dump_stack_lvl+0x3d/0x1f0
[  248.026409][T10176]  panic+0x71d/0x800
[  248.027851][T10176]  ? __pfx_panic+0x10/0x10
[  248.029442][T10176]  ? preempt_schedule_thunk+0x1a/0x30
[  248.031022][T10176]  ? preempt_schedule_common+0x44/0xc0
[  248.032570][T10176]  check_panic_on_warn+0xab/0xb0
[  248.034049][T10176]  end_report+0x117/0x180
[  248.035251][T10176]  kasan_report+0xe9/0x110
[  248.036453][T10176]  ? push_insn_history+0x615/0x690
[  248.037836][T10176]  ? push_insn_history+0x615/0x690
[  248.039231][T10176]  push_insn_history+0x615/0x690
[  248.040567][T10176]  do_check_common+0xb78/0xd540
[  248.041904][T10176]  ? lockdep_hardirqs_on+0x7c/0x110
[  248.043368][T10176]  ? __pfx_do_check_common+0x10/0x10
[  248.044766][T10176]  ? kvfree+0x47/0x50
[  248.045818][T10176]  ? check_cfg+0x403/0x840
[  248.047078][T10176]  bpf_check+0x77c2/0xc9b0
[  248.048280][T10176]  ? hlock_class+0x4e/0x130
[  248.049495][T10176]  ? __pfx_bpf_check+0x10/0x10
[  248.050987][T10176]  ? find_held_lock+0x2d/0x110
[  248.052348][T10176]  ? bpf_prog_load+0xd45/0x2670
[  248.053661][T10176]  ? __pfx_lock_release+0x10/0x10
[  248.055015][T10176]  ? trace_lock_acquire+0x14e/0x1f0
[  248.056421][T10176]  ? bpf_prog_load+0xd45/0x2670
[  248.057737][T10176]  ? lockdep_hardirqs_on+0x7c/0x110
[  248.059134][T10176]  ? read_tsc+0x9/0x20
[  248.060178][T10176]  ? ktime_get_with_offset+0x20f/0x3a0
[  248.061629][T10176]  ? bpf_obj_name_cpy+0x156/0x1b0
[  248.063262][T10176]  bpf_prog_load+0xe3f/0x2670
[  248.064525][T10176]  ? __pfx_bpf_prog_load+0x10/0x10
[  248.065885][T10176]  ? find_held_lock+0x2d/0x110
[  248.067186][T10176]  ? __might_fault+0x13b/0x190
[  248.068473][T10176]  ? __might_fault+0xe3/0x190
[  248.069744][T10176]  __sys_bpf+0x5677/0x57a0
[  248.070976][T10176]  ? __pfx___sys_bpf+0x10/0x10
[  248.072259][T10176]  ? finish_task_switch.isra.0+0x217/0xcc0
[  248.073840][T10176]  ? __switch_to+0x749/0x1190
[  248.075118][T10176]  ? do_futex+0x123/0x350
[  248.076297][T10176]  ? __pfx_do_futex+0x10/0x10
[  248.077578][T10176]  ? xfd_validate_state+0x5d/0x180
[  248.078984][T10176]  ? rcu_is_watching+0x12/0xc0
[  248.080256][T10176]  __ia32_sys_bpf+0x76/0xe0
[  248.081496][T10176]  __do_fast_syscall_32+0x73/0x120
[  248.083076][T10176]  do_fast_syscall_32+0x32/0x80
[  248.084664][T10176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  248.086344][T10176] RIP: 0023:0xf744e579
[  248.087435][T10176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  248.092588][T10176] RSP: 002b:00000000f511557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  248.094746][T10176] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  248.097235][T10176] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  248.099981][T10176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  248.102276][T10176] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  248.105055][T10176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  248.107798][T10176]  </TASK>
[  248.109316][T10176] Kernel Offset: disabled
[  248.110480][T10176] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:22:51  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080010007 RBX=00000000ffffffff RCX=0000000000000000 RDX=0000000000010007
RSI=0000000000000004 RDI=0000000000000001 RBP=ffff88802b63ed00 RSP=ffffc90000007e88
R8 =0000000000000001 R9 =fffff52000000fbf R10=0000000000000003 R11=0000000000000006
R12=ffff8880267d8014 R13=ffff8880267d8a00 R14=ffff8880267d8000 R15=ffffc90000007ee0
RIP=ffffffff8167b793 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7412994 CR3=000000004a01a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000003ffffffeb 000000c8ffffffeb
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff2d7c533 RBX=ffffffff96be5b78 RCX=1ffffffff2ba9206 RDX=00000000000003fd
RSI=1ffffffff2ba92f5 RDI=ffffffff96be29c8 RBP=ffffffff96d32698 RSP=ffffc9000398d950
R8 =0000000000000000 R9 =ffffffff969c7ef8 R10=00000000000002bb R11=00000000000003a9
R12=ffffffff81753e80 R13=ffffffff96d326b8 R14=dffffc0000000000 R15=ffffffff96d32688
RIP=ffffffff81758d78 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000006ac7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000173fc00000000 0000003b00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=fffffbfff2d36f9a RBX=fffffbfff2d36f9b RCX=ffffffff8175513e RDX=0000000000000001
RSI=0000000000000008 RDI=ffffffff969b7cd0 RBP=fffffbfff2d36f9a RSP=ffffc9000392f340
R8 =0000000000000000 R9 =fffffbfff2d36f9a R10=ffffffff969b7cd7 R11=0000000000000001
R12=ffff8880267d8000 R13=0000000000000100 R14=0000000000000008 R15=1ffff92000725e74
RIP=ffffffff81fbef6b RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002002c000 CR3=000000006a320000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851531d5 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc900038deff8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666657
R12=0000000000000000 R13=0000000000000034 R14=ffffffff85153170 R15=0000000000000000
RIP=ffffffff851531ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f306ffc CR3=000000006a320000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000