last executing test programs:

2m55.100432365s ago: executing program 0 (id=1):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x1, @empty}}, 0x0, 0x0, 0x3fb, 0x0, 0x32, 0xfffffffd}, 0x9c)
sendmmsg$inet6(r1, 0x0, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mmap(&(0x7f000057d000/0x1000)=nil, 0x1000, 0xc, 0x110, r0, 0x1facf000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getown(r2, 0x9)
madvise(&(0x7f00001e5000/0x1000)=nil, 0x1000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000580)='1\x00', 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x60, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2a, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @val, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x60}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r7=>0xffffffffffffffff})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r8, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="cf04000000000000000013000000080003", @ANYRES32=r10, @ANYBLOB="0500130092848b000a00060008021100000100000600100080050000060012"], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

2m52.803730067s ago: executing program 0 (id=7):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r5 = accept4$alg(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x40)
sendfile(r3, r5, 0x0, 0x10ffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000280))
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
ioctl$HIDIOCGRDESC(r8, 0x4030582a, &(0x7f0000000200)={0xd, "7954bbc8e80000000000000001"})
socket$inet(0x2, 0x4000000000080001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=@newtaction={0x1d4, 0x30, 0xfffffffffffffffd, 0x70bd2c, 0x0, {}, [{0x1c0, 0x1, [@m_tunnel_key={0xf0, 0x4, 0x0, 0x0, {{0xf}, {0x54, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010100}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @multicast1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x5, 0x7fffffff, 0x7, 0x400, 0x3}, 0x1}}]}, {0x6e, 0x6, "f42e4a5bf6fea49309979b763a03f677797536148c6a571666e029fc443242012569a36e189b721fb002a805b6f9386810d2dda21d721dc4d9b069f62a301d92c63bbea3809631d19ad0a19e23e8cc2de83aa70fe1b94f8e1cf2337b991c614e0fc2c99c3dcddd7f6461"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mirred={0xcc, 0xa, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x9, 0x20000000, 0x8, 0x3}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0xfffffffe, 0x0, 0x5cc, 0x7ffffffc}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x6, 0x6, 0x2410, 0x6}, 0x2}}]}, {0x3d, 0x6, "ed4807c8bf8c7109a18c004d4bf224f7c0df9f6ce9e3f9f7d3f9a6b41fc30d183ebdf20a3806e7e56b3699fc38293675cc6dfb9938517a67cb"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

2m51.531592414s ago: executing program 0 (id=9):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000bdc000/0x2000)=nil, 0x2000}, 0x1})
r2 = syz_clone(0x88000000, &(0x7f0000000300)="a74a07b6b3514cfac1cfc06d9dd9a46e8d64443bda71fcef3c19f00f74b0e03715", 0x21, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="2e430628ed43bd55f254906f839e4fcf4d2af53bebd579e280ef874d51efaea550919a332ac025d967930528377be9a085b1582fb6f5f5ccf123d3f3a486bd12d3c2eb69e8b62122a67d931a0aafeaa892cc531783bf")
syz_pidfd_open(r2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
socketpair(0x8, 0x800, 0x40, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000480), 0x4)
ftruncate(r0, 0x400000)
lseek(r0, 0x0, 0x3)
r4 = socket$pptp(0x18, 0x1, 0x2)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r5, 0x11, 0xb, &(0x7f00000001c0)=0x1e00000, 0x4)
bind$pptp(r4, &(0x7f0000000080)={0x18, 0x2, {0xa, @rand_addr=0x64010100}}, 0x1e)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x80, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0x7, &(0x7f0000000640)={0x4000, 0x4, 0x8, 0x8001}, 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
close(r4)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500005800000000006c907800000000000000000420880b0000000000000800000086dd080088be000000001000000001000000000095af080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r7, 0x0)
recvmmsg(r7, &(0x7f0000000080), 0x72a, 0x500, 0x0)
syz_clone(0x2910a000, 0x0, 0x37, 0x0, 0x0, 0x0)

2m51.416633901s ago: executing program 0 (id=10):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_ethernet(0x2a, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08060001080006040001aaaaaaaaaaaaac1414bb0180c2000000ffff"], 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x6d8c, 0x0, 0x20000000}, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0xa, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
read$alg(0xffffffffffffffff, &(0x7f0000000780)=""/4110, 0x100e)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = io_uring_setup(0x673d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x500000})
fchmodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket(0x15, 0x5, 0x0)
getsockopt(r5, 0x200000000114, 0x271b, 0x0, 0x0)

2m50.329197141s ago: executing program 0 (id=15):
socket$inet(0x2, 0x4000000000000001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x200, 0x0, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0x5}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0x1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x17, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xc, 0x400}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x904}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={0xffffffffffffffff, 0x0, 0x4d, 0xfffffffffffffd86, &(0x7f00000007c0)="c5cce0083349945c9b5c4688d70b67e983b799c9a18c90e8b1bd2cf41aae27ac346c1f5c38f7895e168e95ea2da1082f55d1684c66dc16056a6f6a4674d10fc71ae0186065082f9aa6aa200a04", &(0x7f0000000380)=""/141, 0x9, 0x0, 0x4, 0xb1, &(0x7f0000000900)="cc486c9c", &(0x7f0000000580)="ba81c60037a5c8ce0d6bcf6811fef9a12e407788170824fa7f6c98b367cfae2e0bcb5487426a0a0a0ace7fd0845338d85757809d0fa628488954dd363aa7a96b81096d1416fa1b5a1dbd775a73a962ca624155df886724ee1b20cd310d897b3da2f5f48a6bc6c93771cdd0a08741d9af9ef3dc635d0853ac7ab18494758d76e5730d9f91ad9943e82fd24aff24a219ac9f4900f1d242a4e2e857cecb7ac76f70874fde9e7efa97403b9ed94e407829b9832697114903fa306566c5e9c7282a86ea41abf36f2dc5b04b373ce9ec689502cf6dc6474bc54d6cda9a5aa793c57f03cd95701ae58453378f1aecac3b47d6db5a1d0c699292e91ce78fe2ef4de774c09cb489864244b3e57efb94386d2680e52c95027e30d24fe131c8deb00b9ad9839de00fb7f0fdfceaf24c939037665638ca928c35bab5a4c6a924676e50db5ebc291b57940670b3a5c91c945ac5db6c7844959cce2c64c6a9a6dbb7042432491a58df490372fe339719e6cc3b5dc9a67dec24200f9c24de5306d0a77a43dd60c861b9", 0x1, 0x0, 0x8001}, 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000000000), 0x0, 0x4000000)
recvmmsg(r0, &(0x7f0000000580), 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
process_mrelease(0xffffffffffffffff, 0x1000000)
msync(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioperm(0x524, 0xab49, 0x9)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0xffffc000)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0xa}})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x1000)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)

2m50.254683898s ago: executing program 32 (id=15):
socket$inet(0x2, 0x4000000000000001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x200, 0x0, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0x5}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0x1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x17, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xc, 0x400}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x904}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={0xffffffffffffffff, 0x0, 0x4d, 0xfffffffffffffd86, &(0x7f00000007c0)="c5cce0083349945c9b5c4688d70b67e983b799c9a18c90e8b1bd2cf41aae27ac346c1f5c38f7895e168e95ea2da1082f55d1684c66dc16056a6f6a4674d10fc71ae0186065082f9aa6aa200a04", &(0x7f0000000380)=""/141, 0x9, 0x0, 0x4, 0xb1, &(0x7f0000000900)="cc486c9c", &(0x7f0000000580)="ba81c60037a5c8ce0d6bcf6811fef9a12e407788170824fa7f6c98b367cfae2e0bcb5487426a0a0a0ace7fd0845338d85757809d0fa628488954dd363aa7a96b81096d1416fa1b5a1dbd775a73a962ca624155df886724ee1b20cd310d897b3da2f5f48a6bc6c93771cdd0a08741d9af9ef3dc635d0853ac7ab18494758d76e5730d9f91ad9943e82fd24aff24a219ac9f4900f1d242a4e2e857cecb7ac76f70874fde9e7efa97403b9ed94e407829b9832697114903fa306566c5e9c7282a86ea41abf36f2dc5b04b373ce9ec689502cf6dc6474bc54d6cda9a5aa793c57f03cd95701ae58453378f1aecac3b47d6db5a1d0c699292e91ce78fe2ef4de774c09cb489864244b3e57efb94386d2680e52c95027e30d24fe131c8deb00b9ad9839de00fb7f0fdfceaf24c939037665638ca928c35bab5a4c6a924676e50db5ebc291b57940670b3a5c91c945ac5db6c7844959cce2c64c6a9a6dbb7042432491a58df490372fe339719e6cc3b5dc9a67dec24200f9c24de5306d0a77a43dd60c861b9", 0x1, 0x0, 0x8001}, 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000000000), 0x0, 0x4000000)
recvmmsg(r0, &(0x7f0000000580), 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
process_mrelease(0xffffffffffffffff, 0x1000000)
msync(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioperm(0x524, 0xab49, 0x9)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0xffffc000)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0xa}})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x1000)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)

2.920073749s ago: executing program 4 (id=1244):
getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000002080)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$inet(0x2, 0x3, 0x8d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x2461, &(0x7f0000000380)={0x0, 0x239b, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x52fd, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000000040)={0x2020}, 0x2020)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
r7 = fcntl$dupfd(r6, 0x2, 0xffffffffffffffff)
splice(r5, 0x0, r7, 0x0, 0x2000, 0x0)

2.233839981s ago: executing program 2 (id=1246):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8011, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_int(r1, 0x29, 0x49, &(0x7f00000005c0)=0x7dff, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="cfb51c645500"/20, @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000240)={0x800, <r3=>r0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000001b7040000000000008500000033000000850000007d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000000000)=0x8, 0x4)
epoll_wait(r4, &(0x7f00000001c0)=[{}, {}], 0x2, 0x1)
r5 = inotify_init()
writev(r5, &(0x7f0000000380)=[{&(0x7f0000000280)="b66e745e633402a5fd3c9fe86967b647291ce5497fc3eb9f5db74a4b1c388b52b16e5a6e0ceb377baa7c4a7444dd100fe418887ff8aef811557e560d73f93ea77372927c2a271bf3aeabad81b133ebad9cdb1db58099b4ddfd03eedf64aa1070de09ae41800726129f28470b765e1178cbbadb2c4ee096c9bfb227863580cd078a3eb0288d86c73decd42438e52724f78ba5445c61da5b81c53619dd365a2956e0c94e41d2233f51e89e81373b13d3bc61a2d7970b322d604195c0ca9e86947af7f7af1d3663a38fc0498177bd4c3216503aa195e642dfdd2c8619c1c4", 0xdd}], 0x1)
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
ioctl$UDMABUF_CREATE_LIST(r6, 0x40087543, &(0x7f0000000080)=ANY=[@ANYBLOB="72c9000000000000"])

2.222230911s ago: executing program 2 (id=1248):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002340)={0x3c, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_OUT_KEY_ID={0x20, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x40094)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000340)={'wpan1\x00', <r8=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x40, r7, 0x852dd6c070cd7e4d, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}]}, 0x40}, 0x4, 0x700000002000000}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan3\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r3, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x1}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x3ff}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000080), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60)
ioctl$KVM_CREATE_PIT2(r12, 0x4040ae77, &(0x7f0000000040))
close(r12)

2.159111362s ago: executing program 3 (id=1249):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
truncate(0x0, 0x1)

2.158765049s ago: executing program 3 (id=1250):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/igmp\x00')
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x8a, 0xc9, 0x4}}}, 0x8)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x80042, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xe)
ioctl$TCFLSH(r3, 0x540b, 0x1)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180)={<r5=>0x0, 0x1}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000004c0)={r5, @in={{0x2, 0x4e22, @loopback}}, 0x7ff, 0x5}, 0x88)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000006680))
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r7, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
sendto$inet6(r7, &(0x7f0000000000)='\x00', 0x1, 0x800, &(0x7f00000000c0)={0xa, 0x0, 0x27b6a97, @loopback, 0x8080}, 0x1c)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r8)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x1840}, 0x40c0080)

2.059800219s ago: executing program 4 (id=1251):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendto$inet(r2, &(0x7f0000000200)="f5c7b1d32f3a881b284e5e5f586051ce409007592e0514eaa6072abd9c4fe4b214a8093b67f13631e222517b1ed2c108fb366283a6af7c119f01145077b63e90232cc941c5f202a3b6bf05cf7ef1b601f0f0d499eec516ecae3e17c18e6a2307a0a4e7329654db637e5458191aadb255ee08348cc9219c3899194b18b6b4c068d83437287875d69a8ca7c1b6fe5ec3e8f21ff3deddc7", 0x96, 0x1, &(0x7f0000000180)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x6, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRESHEX=r2, @ANYRESOCT=r2, @ANYRESDEC=r2], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x0, "340b7832ceefd131b8e6e93bbabd18cf501922de8f9c85da00"})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xbf, 0x0, 0x0, 0x192}, &(0x7f0000000000)={0x1f, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x24, 0x28, 0xd27, 0x4000, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0x2, 0x3d}}}, 0x24}}, 0x0)

2.059158126s ago: executing program 2 (id=1252):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80146, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROM_SEND_PACKET(r0, 0x5393, &(0x7f0000000300)={"73b0c0fc2fdecdc52aa23781", 0x0, 0x0, 0x7, &(0x7f0000000140)={0x5, 0x1, 0x9, 0xe, 0x0, 0x0, 0x0, "2aac6767", 0xa, "6ebc28b7", 0x56, 0xfc, 0x1, "1f49ed", "5fe61cf6c3a31733e4b4a424893f5eda9808d9825fe4ce8144a0946158669c51da90937cf05ef2395fffa7528a4d"}, 0x1, 0x3, 0x342, 0x0})
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000240)={0xf0003, 0x0, [0x680, 0x3, 0x7, 0x0, 0x0, 0x0, 0x2b, 0x40000000]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
r3 = creat(0x0, 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000041c0)={0x2020, 0x0, <r6=>0x0, <r7=>0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x2, {0x3, 0x0, 0x0, 0x5, 0x0, 0x1000, {0x0, 0x0, 0x20, 0xfffffffffffffffd, 0xf5, 0x0, 0x0, 0x0, 0x7, 0x2000, 0x2, r7, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, r6, {0x7, 0x27, 0x1, 0x4824800, 0x66d, 0x0, 0x0, 0x3fe, 0x0, 0x0, 0x40, 0x9}}, 0x50)
rename(&(0x7f0000000280)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000a280)="1695367704d10dd832678e4e2d01860484a69eaac410e2d6cf3b3d3925f9a3cb602592377170dffdc4de86f163e390e21d07459b0f058cfc248c4bcbe896f3c68006f3c2cbe07c55b87170871c1d364d740faeb750c8c8acb76aca18bc0c018ed341b55b0ef80cefe95b85756aac978a0e0b5ce59cae6657643e7ada0c1336bab310888351664553c2faa6dd39054e19e23cc7c4b4d33546407f880194aa0761f2a9360c4ba26de342328b92db81ae84fc9c1e9eefb4b7ec3f58a6d5d23b907327b14480a37f3c84305729a91c28807f8809b997235bfa2d4b6f45ee9568bb4a416df34f4140c5e272bfc068ea61a48b365490ccb02772a906dad457f5d2dd1a57cc1209e8897c8115049d7e4e3c756a7f5ad0c004ef66c8bf91f600910e73b4aa5f516bab5cd62ad93642960ab32b7fdaeacb1a9587a389a529c231f8a47a65fb6d27ba6a0eeb46660cd75dbf47df89e9f578eafa6992a12d9d7de56d69fd0e30b15caabd13c28d63921597466292f8c4e87f23d53d52e6e8f1c9295af0743c8c671a49273074ba44dbce9e9b1136a93dbc19d2b8e60cda5f50eba2d814822a68a0fd4ff5e6a25dd5346f96b26b5e1563ebb97829a76fd8c2aa467499fdced91b05b193b68316494f11f5ce97ed8e13d474b03c6f6eda4eff54b0ec362fda53003e6e2a3868a5d57e2426aed5adccdac8e162c6cc20361dd4709889b79b2810ba42f531fdd3746562a00da65b4211fb7d8f482a3610748d3b80d2942d8432471f98c6e9036cb57f3913b31dd8baddd6d85b44e8463b838fcfb6979628c5fa3dbd30688e10b9ede257ebc7b96d4092f38d11b9e6a4d10490a9df1387b3743cf51e206c7dbc0741c408bbebaae7f36d81b5ce5b21bb9fe992c8a0cb3a91ea2df21e571ff094b53b17c46fe22c0cead29144d203294eb42c984790a6b6348ed8b7b0317ee5b2353cc54bcfd808bf0f61f73917584e17bd9259c8a04d2ba3b4f931571947c77035975933471fb1203088dce478eb4e411ddb7b88caeb02e1cda741245df701a2b5c29c48a631eaf18549bd90c70222fd6dafe5550726bb58dd0fbf84ffeeae683a0379505f03740a652025add8e0e4e6b5bfb4bd0876dfe1ecb639acc110eba97294a4e4642aefbcad04ba50d830e945fd9900ee7e02488694041f43cbaa86280c1df64e8f1f81f7cd5130914efd19b58262f3bd2c43bd8b4a5beac09f1ba27020521994465e62c329debb50efe0716d22cf0056febc7cb95aa818e10639077e91cac3c80b37d6eebc6907dde971b578383ee04086a0dad18750ceff6b8d6d373afa93a51fee65fe1318c1ac291b784e45d66962c8b54571bc1e92a996c11561d94af6ecdd37948d35adbd1ad63c1c05c31c7f4afd707aa1956d1444fec1137fb6d81f56566887131777e5fe3e2fafe8af8f21ed34480afe74afb25d8d16f8089fcb851ac49dd826b7f273aa3d771856d712c62397d49c72d93e3c2a5e6b9767fcff0fc5b3d70dcd70ff8bad5dfd7f5a84c194f99450601f970104f9be026852ead21824152dd8f6536fcd01a69177a65f2af266e619d61d20de0c738680fbec29e7c594cad29f009d46d87908c951b2e4ad8d9a67db8be6f570fe5416d9e4dd22a108140a1c95369731807325ee7f4201209a795fa1609ce8fa27384677816f651a96cc08400e1b647bdddfb851313e3ccaa472b9a6a1da3a0936e119a6d7808f09de244d739c39df3ed36004b77cb54b6b1396b718c87fba28cb1439c7d1d140dae1ee2c2a7d647427b1e7472710c7ac4f1fb0fc0c9d15ecce28167d23e2e42474dbf1c63c0819606be9c9b6dc2eb59bf9932568ef408c20e9498cf105e84eee30460d4348f4cdfab623b416adadb4427887d9b1b6b8db75b224e8a55fa0351d21093b2b7e42e6685491cbfce100d602d0281f4bd086b50612f3ccf055fab1aad97a52695a233c3d458be4536b66b0acdda5ce0aaab48bb7d7f39a8af473c4478991f1c4569839eab0c1d684001ee1772290871653a2293bb7754c1eac178c60f86e2a98e1992dee198c76365f2d04d159d7c210c6cc58764e3b7dfb5bc15190555febd01c69cab8f55926c28a13fa4f9060dde1ca2df7e1f71fd99a0c350d7f0e341ece8e0685e9c205b486ef400910211b688f07fb05b542261c74b45f4ac23ff53e9e620ab12dad7b5131f67128bb8ed6a4a70caec437f2157f8bcb3d080091e5715dfc7d7539dd0320c90d0aab6a6d7a447ebeea893a0efa2176292c648c62cedd4138c9d0535ab0621855484fc43e0e3e84357db6951bb21fe2f4e99fa188ebecbc23f73ea879bd304408acd1c470fd112606ccfd7b7970e950ebd363afbba359a51877248a42845097094ff785dc82264225752f3aefa980d9ed5309b48f47a5b5ef49f69808b91bde955277b6525f55436ffeba0bfa8c13f6314c57ec97eea295afc66a9f4ec844474c0da6ff1ef0c6c65c035f3bb74a70ffa668359b58a46af97600c428626b45c81a4e372e198894c02e2bee8010fb4c2c075ea623a6ee24a99e225f809322df6ea6f39b1566b1aee5403d45ba648f94f70976013199b3241744458d030a5319360780897413289d89267c389e04f23de79adf4b864c5ca76efc225eb1ecf6424887f0d8b3ac13cbe9df4eb69f7b702e85fb396dc4a030d57a8c4edd227ee568fb11a9859935ad53dcfdb01727f106af352c569a020b7e405a1ad4c6b39e2e8796fe9f16db3794550f5ef3ecd6af2b2ab0383e6c198f17ada5840bde84ccbaa661d9c456d9ddaf92763ba450098cd5a971d847fd5030a4c9b066ab3b0096dfdf7e5ce2f8349165f94c493b7e4192e85239bb11552f910fb41c5e96ee10fc8dce711e88e0572ce0bbbd9c9f3b7c9dae89f1dfa6af309c4321755a5b19070c8731ac590c30fffb69feeb75f699aebb101d3a30f784f1745182cb4f0bf63a148b521f0a03c691927694ee453b278523e3ed256c150098a932f62c90ac65faa4b9782c27a3ef6ca2b5ecae6a01d8a1d7096bf6a7d1b317a9eab22ef4907c631bcca224f723f5fb9a44d7e1295186cf37fd71343919aa167fa70a505a73e9f52a11cfbd40d8c1087d4ffdfe45a40ed5aebfa4b0c3622c78a914d68dd92f46478711437ff88803ab28cd9ce2223aa0fa37eb9d9a4a7866dec4ca6bb66e794ccac6bd19b11daa0b6d4d42cbcf7d6426b5718030ca51bf92b3d8ea0b11c46ec5c0c6e3805c88b39731b2b751d9928ed1ddba7c66bcc5273d709fd295aa0792384435b98c1f44575c028ff2869074156713931f7e62f8b0f8c7ee9dfeaeb2e096e77600586a47d6f6a2e13a17dfceae46ad84858bf8873f9f1e35fc700aef0a648af168ab0774a3441a203ef325577f2c76f5f0e5808acdc7965bc65e8ad1ca816bc3b67711ea42e619c957d0f26b394be1f3b0c4ac9af8558eaebf5c1c27b6549022513479b4c28dbe3f1c3131cc9211eee768f96a9c8b5e0e6425bef921a355faccf0072ba19b16d88b75feb5dc8fcfc1b7b5973eb9654ca3dcfd482831ff5d1fe09fe7ae43cf129c8c17a6686685a13ed076f34608b7ac16eb8e9de6a44418c4e3f8162e6a679bc9482df96a04b14575ebf093b99bf5cc26495f5dd6e571129d9760de3f801b001a1f3248d14f579bc519de2b656641a88da758a2ed3baf15fdf2739ddb44f0e5892de7ea48e9302129d0c939137b9d0687b296577675bcbf433a53f6a9816797cbfef1ba0caa2b8602387b5a8bae24d3e15d42b34d81708738fd269c3e8cbacdc3ff5ab1d4816a783d7be0f0a8086e345a6b4c231ffd61745f6c45cfceaf6089e70542aea1574e3c78740f77a08eb55b37f03549c1dd318cb5a76094210e8cf800c350d328fbf9442d0437e7affd54b3bfc33da3f24558f3ea8e59da8e61ae60e7e7b4de7179b8cf941d51d420c8eee69143966800dc4f7bcb50a033331fcac02a65e88de28ab219c68388a9da9196e044dd1ebbd3994bf8cc862f6f8b419fa1f4f4e5427f10866b498935fa28b8e6f9c5e48be8b74b9c2262823390480f71aff6cf72281f526265877d223eef9ad7a4be7438f9afb6aff0e80c5125c2c612ceb83f0470ea04479979c0a10fbbd0bed7379e949cc19fe36fbcbcc59a9fe30a2662d3e4d22862e8841b587b8995ef8482bc60fe0863b41752ef3dd44a387eff101595822bf1ce440ff9e5f73e560e4f7fbfe4754d9dabbcd92de02017eb43d3cf7c75e45ba04009a782a68ce11eefd52253c721daa5f37c6408e37b48d1f2e36d7c1793300f2c9039e69a52057486b63c0fa644d00528ce48f2e551ca88e356ac25ae74c73492ed3e6233490acfbe7ed8244f23e2af86e0ade6b78bb34a75a86f6cbadbd39762680cb0821d6d28f18d427df13d0e747f6da54be970e43ef8ca8285dc8bf44e3cecdbf2d8757a9800bb889b846d58cc636a2648809451a95736a0ecec6ea3fe61fb24dcd8a00ac0b8933918189cda555b17e431d99ee190d6d0d9f769e665ec193ba8889ae72a01e18b98cebb75d20ed778e5778ef657ce85d40eafa44b46f293d64023b877e8c5d58587c3abecf9a1ad8d874a4cdba0bfbea61b7eb19e81f7c932be12a83bacc51017b42dbe2931dc11c742a5a942cb6ed9bd9922ad78f55b0f6cbae0e8d4235140263ed8c83ab22e71a0f0a62b6920b5d5109e415254e527546546bd025cf1583e3e8d9d5bf735a4651fa2e5c3c86a185bb77e9b75224cdda8cb0eb21d9e3bb19e286832aa5dce19f055539a0a5caccfd752742a31d0af882c4f02c29cbd90ac2cdf5cc61c448cd09eb7b82b930ca99962c0e5ed84124fe37f7d30aad0296ee340377a7e0aa7413c495ac8ab0b482c4c5f59872efd5a1ceadbc7606e67d3c79a77d095bd82519db0893b9d2bbc2b2f3a7391826840e49424703c006399cde5f2a52a9383e89dfbfca284be4d75dd3aafd8a43dc6c71bd7fde9460647eb5c97707e96ddb9124d6020da38ee7ad743db8fd0377a8711905194c496e39a2132d7bbf35b79f920b6dcaa73625bf8b5320da250513cd45bf42c8072809ad59d69c02f0554cf82b79ff291e42d9227de1948352b0dba0281b69876ae0ca24972a5e75aee7e0a46bd4fc83f5a0dd3f22d666f2d950ca580c6da6dfaaa293beded10d1328613611b6e01d5d8567541e81466467302d8050a3ae4791fbddc1aec749edb68173be5341166c1d5c42d63e7368473e48bafa43459de3fa3a5550a4ac979711dd9a2d6796b0bcf9b5881124ade4b12bf64fa55724976a0da9d642e76a036c430f5fb2c06d599b0f78e978580f8eb763d2846177ff18b9b5cf8c76197ed809ef24212bc5563a1713214ce78e0e6cced6e41578d46a07839795c83c189610244bc1b680535fce39f290da90d719078015d90020b1d4567a97081b48514709df8e327d814e8c15496d90efacae6b13e297ed520d280203896bbc3a23f3b638adf594de03a782bb292a93ef0b14b8b3e13c01787a0b7bfb3abd8ab15eebbc651b7b054d3e56ebb7808de9b9bd067560ec6a6432455b37054292a3d9d32434506bf84b2907560017089de3f60c2deb4dfb7371f96d65a575d446aa1d2df81867135120df4e24e9227f72ff9f8f015a7754948704ecd084a1a93fbeb5a44af086ef73e9fc1c072b7d5473e92558fc2824acf27f1dbe9b019247d3074bf4256a966ceb674a2c4222632c8e4b6c0736de019ccfe4cca40b9b07f8c4df9753cdfb4ad66643ed71510983e29c2b5f9ae7db4913cb74d9dd0461a900810650d0da73f766aa6882385f3bb40644bf43f01faf2aa4cd187659edb0498527f201442b64349afa814b3dae5ce815971f3b11d177e3e1aaf90c7674c097d475640218ad27e63f9071c9081c06d9b5d1f3a070da3eed4f4080190a74063e7f97b5f35706dd1173dcbfa13a70d5362e50d57d0c5105c8d3beb926d93f61699e737ebe1a935839c3aa5b629dc93aa209d9e7774c40de7f59fca1eb274a8280022a15934e5dd2579a8cf5cd16a3b0a1ff3ea712c4258164fe2fa17a4cbfa5630f4041bad4204605eb2e762d610fa17dafa415ed8a678da1d4b5a6618d71d0066d66e3ac10b3ce65137a5a02344abc57f1be4ce0cbf1a2ac66dcb5e94495e863819c627e4704fb479c232b27aa4a5dfca8896a7eb8e0592b6b392ec9fa2767f569d5c1356d7ef7a909d8ee344ba017c75ca664d98f5288230b7f1ffa2fa7a5d07fab5f4b53b7f19c3fb361795fd632fa8a654004d931b4b7fc0890927aec727160cded3c01b7e40e6b81ce015796895f9c007762a1c22acfb9513eccd93c845e91ea8b0960b299b3ce788cbcce5bea9a94325289d2c3573975c512d56e19c4655f849b3652f8b5f9fa6f49e03202f2031debe3c299c3ceceb1febf4b285da9033493088a36f885ed6d3958b8d05cc6be00f3465de8bf6e41796d17e393067585b459b143d592cea102f584e48676a45f896cf662bd6b3b2309aa7f46d2b8ec6597a063f12bcc88922050c8c1e070134ce77ab1cb7a7f29983a0b30d9b2abeca5cfbfc55e941376c616c2834b1c1c9a9473b531c86c3b708478ee95923fe6a8108c2c4dc8a78a9d5e995f6c815b292b986cab0afa233ef10567a49d4e8dc17f438b90b620df4d291b52549ac8e1b69078b62011ed4bb0e288db740817ff07d01e779e11cb8e0606b5ca3aac6c7b262499f5a115acdad8a67b6eb77503318ef3bf0008347b270aa986d9e79e2af174f38a4743250c1091e6053a7a785464483161aad3ef3ad976e5329b71afe9bbfd93d7541a1014db4cc159ac266021e841c665217fa150e130f921ebd4cfb5accdb87f5f9bc0fd94b402289db4d0ac3f0906a689aef044c09fc2c5a00f7795ea935aeb943eb32826bd2176c1d1cb058195e3229d293595ebc07514c6b038a1d964199c59e59d4fc621c54b7bbd3410ccec22f7fb6751527c2aa0940ed2f0c9dcfc4e99ced91d09ba4a37042b5f48b127439cad24df2951ff1e769d3892dc4788dbbe27cce60f7f0138789444712e84e059ac0a4e87557f6c3369fc61b9a843c816df3cb4ec77a11e16390234da24dc0420f6a44554fc7954cc74d63ec030d4d964898e14500d0dacdbb2959f7a8a191773f66448348f36c3f4904187088bcfeafda7dd721236810d04469e93ca4e7926305c25b1ef1380d775008fd238e33e8dd2dc5a9783f97414487a7ef70eba3dcf71331803fad223f65aadfc87d79512bf311c14926d619a089f5e84c46f4a9ff393969f8eacc8fa20acaa9eb01a8aab625853e415d3871e555a11ee71ee93cba85ee9cde60b3962e294c2c840f0a1ba87714bac54f1ca0ebda74daa3e8e19d382b951d64a22da48c632ec5754f42129214a807427e69a93c128b6b0a8697c9ee375818dd79244a38287fe8f66c7cc3aa18aee2fbf804fc1aadcc7d2daf75be82a60276b6902a51f2bbb64c261915b80053fb9635f405f1fa855d1ec8adc0ebe9648b8151eda70ec5ad5f704fa2a337bcfb7ecbc845a11cae7a68d6bc58f107ac7bb0c2f6b83edc48703ba00c94036b9af4ada51d6d78bfe697df06f47573c14cd7191ec52dc0f208ecdcf54669529bba2c2fb7a6b38f6f2b5ec5fe876f03c096ae092b6f881a84b00edd1e9f67449069d876afaa99eb1a446f20656b5104c72ed28bd8553c724785f4e8bfdc33194409960de4969b708ce26e4cd608d21ace0c38e27d54b55369a9e807cfda9a6240466dd94f6150d4b0105f7b9ae392009b2cf146d1dad5d7c8664463d7d60d11b45f30d01db7364e21ac557d37a4c9ad88926c472e98710d2cbfc4b70d6a5dbb128d46909e634761c6f6952bf9021aa5282c391dcee3278a25e3e2ee31a7f6713979a546084fb2e598214c36a3b7618bf23c57bb23b33e9c98dfe5192ef257dc2d891a6f7c11be334fbdab015eedafe1c4aea95ff1fa6d340d0cade542f3f782c1589470fa64c6fd9ac0c31536ecee0ae312f992733beea6fcaf7562dd6e0f2c016f712ce14d93f02a54f577c75b444fd7f46e9bd2cd9cd1f89195781d88f984eca45c97355095d3b48b0d9bd730c7d6f63b1dc78d2344bdb0f18c4e1554822345c11efa2ba32bcef4f29ed05315cf44617a80d7d1392de077bbda08669c8c3cb6c0b12f872f1247bc1d07634bf5bf4acc3a4ecdae7e6acd7c4af9820147afe55500a7270d7eb511f907339e5af54cfaf33e2364f54091ebee2a245ba048452d383cd441604c4dd1c6376e4df8b83ebf6070d2be248174fc1dc0a1352c103325360aeb3ab71cb73bb646ac6247dd68155fd48b90250c3b0f250a74f827780367e117a94094e5005e2f926accaef0b3e36c25e315c1e80cd4c3481f3465d99025c7de91c45bb8dd0a5577174c1f366017d87d2033239a8b6f399a9095845b5fafe9cca113b93f455bb790709b6c93fcbbd0c4bd7b5d621088dca06802e241836291226ad56d40b3b4e90eb68bd5845742baf4cb4a69b4bdb07f02d0bd6fbb5a5fad3af030816b254725e6db4073b7a0536b884c8985c3a159cdb105c73f7e0e03546248336449eff6afeb96cf8ad3617df18ee2247bc2d11ebbe10e0379f5578c41611872c5461541fb4da5be3f3348e0592982a61c352315370a9b452306c9f31f9040ef755ad096a8733dd9daf6bdbcb7a3521ad2282ae4fa7bfdb9cda5997ba3a6652af46c6d0205bb356dfb411e2b931b357723bb70254211819b74a461ed5c126cec6573cda4f6107fc3ebc76483621e9ab5789a5575ea3a91463f76138ea0f3ec9c44e1cddb2de59bef83333d235e922b920e267453676575b38e6415bd136534b8df2360ab489fb69eefd04b66758ab5dd105be7b0635f7194f9e4b158b22b21ac97fda4e804747a9718b40a32531cd5c3fd1d3c1dd8ba5ef9c86d3c8df8c71f81da1a9756e5db4dddf70755053f7129d656a8069fe83c39ab240cf7a73f0f880ec7a791c5115ab262184839b906c238eaabf2268dfcd6560c5bcb70fea00b580ad52e7de0333e6de63ae351952e6e5dee6edf284de0a2f53e2089db13bd5eca5f98883a24eb2e1a58ae199f8db9c60a5b6b85585b2d2a17d6b5406e5668685d95c4718c375db05f7953b363c25d2ed0906eda70eb659845acd31fec9b8e4d5951d12fd50bbb969dd824a78c72622c8311a980f0f2e6a1ddc368879a1f3a07d3c0780e85a4e5d13223a3424782e3f77bf6a1ebf823f468d41b777ff61345064f1096ed653c277bab90ca5afc8ad6d25f4447236cdd82950afff27763f3fef5308f034379f4ad4955cb8cc5280d51b5427de4eba374f64dde2f1e7a6ae628aa4696160a5cf0ae9fc70e307b4eb19c0a5af2c2855710c8e117211d73a7e7f3f7f2ba55d03a4b73d816c9c3fc1edb86ec95ddcd77884a913805ad6549e7a5f776a1c2385dd6d83877727f128207cda29f83462269a7f606fa31934d06a6e0efd238d0a180c754a9d2e85609fd20c880ea0e79cbe887c442f9f682801da783529e1e45eb3e70195fa2711fa291dca43ee0672b7afc14cf87b9506a7ebe223019c856777e1783f6ae1b0ed90486b32e3b6f7ff77be834c7b6676da6c8052fa49450e3e16a6f90ee33742bbfe3dc025832e0bbc7abeb625077b8c1ea07dee89c7dc26fa42514ff9ac21e848e32309bc2862a873fb57796e05923fce42fa2833c73866e22a04497ec13acebcdff6ae1df71dd8756f1febac04f2034c1f3e1d401ddbdb7f2ef676d5c85437830d527a5fb04c9bbf0d892ee1306d2d2df37008916a3a66e70f865cd6d25de16fdb4bb4f2616204cf86a3ffdbf147223968c092a46dc2aae4aedb32fb850b85d4adb87bfada328bce4c2c70ec42affde442179fcc1d3d9f5e4a848c8ba03b0df3065d1b2d5f1b08d8c25148c51bb54e191a87ea59903084000b4b520fffda111fe831d4bdcf62423c1fcd673b020c5f2c41973dd1b9698054368081f917715e1c1592bc78dd265e051bcda5bf5877821fedfcf7790a58b328cf780f71ee71491e59194504bc800d319251607e53ba0e1ed15cd4fd5c959eaff4d3a1c7cb28c479f2776256633ef7c0f0e98688b54e8c8634cf57e27e5c1ee1e43573ae23bfbb1ff1bef6cabd33c02ff165c44f0f190426ba8391ba4f03458be3351869c5c5c9d5fa5600edbcce523525b9cd9c3bb040e34771ea277d05cb76302c72fac5edc815412dbbbc651371d70d044c4f89a68da7abd836fb3a495e212b5fd13819c41c9a240405582ae69b7c35b30935af3085d457a4d76a94c9272c5eafcecc4c92dd4f314b04b4739864e626a5bab27fa2f345f052afe3bae2ff4c442c42a1c83091bfcc23a3b5e06a511d02cefcd618a6d9761de00af192cf1aacc902cf3ba98f898c48fbc74b6710db7ac890b4f7ed7377e0fa3b4c46a131e775130a80db5014a79e674c8fc8b45495066e88201d2e320320fa4561abab617d0e67e9e879b0080a8ab404f4eb007a088990aa6a7b29afce5b8dd038ce96d43e1271315f6070e761e759c44fba1ce78730e35ca31e0bf5840cc01289c81613a07c497f288ed70a6d10d9f58fe135558b2a862bd877fcc939d7536e7dc988409290cd73da04a3b1399b0a2637f737d5f86bba4a31019546e2000a3ca57f8291cd9af28299eb93909061200c9738cca998add04e7bb0137ecc460fc3ef72872e7d13c159914fcdf577910e6c5d7a1636b13b78c5088551c614e3c75befb0f37fb89b918f4aad0126a9efd3390d6a0cab97ed0e01c7eae0e798a4142345578beb10d6b61a90b4d1fe836022def90bb8e37e07428a4592e7bf30e935951e492234a8db96f081379e7c4e18c3b6ce4ed1f97698dc1da940f14217e877bb8e0f33b392d801a01c48ec62ce2774d2e4e55e9415c063e1bfa31a8f0633443ec19c5fab977c1485147e46c06f86742278fd071de4a165dff7eddd5390a1e031d80e3d44477f6009c9fc27a7d92b865a292b0d586083f681c2d92da7e7f42eabd076fa7d61eba0c2b406c75f1cec561b1a523dd4c6f344b02ed59bd473d7d30a24144e981fc8da434931adeb841d63bb705485f8f58a180da91af64bad1379356787b37467dc9b4a0d12496e5048e7ccb40a978eebee5eaac4e9dd96faf194aa93a22333d7f68cccde147dce26c9ff18d7c8ffe0d1377c70dd1057d54473b2c2b2b3eea82fb223952c0dc3796efd0cd94afea38341ab9a83c6a9ee77f26bf8dea8510dfc964f9b9b4942c08ade50e43f06e5101f2e6b68b6a7f9cc5443c862b1198627461938daf4bd1fc7b21d6d7fd3f775f0e4a1f60434a242b049f159dbe5de145e741c5c9b4e59a7f5d7de54a6d51cd87845dde819ca74e3abf60356fbcf18bfff3b6ae1c545e243c08f9f41b86e55ed6e71be453843e0bffc5b6bdcfeefd33075ee5110627d4f05e008e54ddd62fb6979d9c2a5e4a2cb45fad7b2d77bd17508952889b30df2124cdc2fe6a749a12c9f6dbbd01226cc4ba2693b7e6a858d3c36ac6519ee70e896588a6df81b0e3be3604bbbe1a845088cf1834a04368dde8b6ee76d0492911dc09b05cf6642e0003cd8faafd398872c1a8dc3e85d3658ec8", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={0x90, 0x0, 0x8, {0x3, 0x100000000000, 0x100000003, 0x0, 0x0, 0x3881fffc, {0x5, 0xfd, 0x1, 0x0, 0x3, 0x0, 0xa, 0x0, 0x0, 0x2000, 0x0, 0x0, r8, 0x5, 0x8009}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1f, 0x12, r2, 0x100000000)

2.058672926s ago: executing program 4 (id=1253):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan1\x00', <r2=>0x0})
r3 = getpid()
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5)
sendmsg$IEEE802154_ADD_IFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100040000000000000021000000050020000100000009001f007068793100000000ddbfa6c5f1ba08f67841ed8280cc4a2a9d9c9ce6c8467001fd19442959e4aae6ee03275cb5e827b9c04432dfd9e22c7ffae725e433c181f7aab53773df69e1de109c38b6634b72c0822852189c15928ba8cc968e44c422349379a4adfb90ca7491e3add84f917ba5b21764d96a54f13963eb4b73"], 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000000000001400000008000300", @ANYRES32=r2, @ANYBLOB="08001c00", @ANYRES32=r3, @ANYBLOB="8bf9f5240eb4ad2d45b7496e64f72854c7aadffdb2791a1b35a50011ed805907919e6dd57a2cf7d835cc0e87be360a505d9078c407c3ecaceb898ced2b5f182b981bc1e6ff53b0d8c154d31f797104ad1507bc1c7380aa8b25217d18e187cc79987c79d63625d18e68316701752635f82738894acf4ad13d8d03795b611becc24d2c19537d519359670c7e07ca6844fccf03271fd78cf3"], 0x24}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.899238929s ago: executing program 2 (id=1254):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sndpcmc(&(0x7f0000001000), 0xf5, 0x80000)
read$snddsp(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x9, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfffffff9, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4}, 0x40004)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4c)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x16, 0x4, &(0x7f0000001040)=ANY=[@ANYRES8=r2, @ANYRESHEX=r6], &(0x7f00000011c0)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x20, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xfffffffffffffe47)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0xe, 0x0, &(0x7f0000000ac0)="c21e729275995250167bd449636b", 0x0, 0xa65, 0x0, 0x0, 0x38, 0x0, &(0x7f0000000a40)="60ac45a91a626219827329f61b7da4a0a6c105143141fc0473d8f335982062f60d7a333d262b2b80a4eade56e56df22e681cf74a47ead688", 0x0, 0x0, 0x8}, 0x4c)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)="1400000016000b63d25a80648c2594f90224fc60", 0x14}], 0x1}, 0x80)
read$FUSE(r6, &(0x7f0000003440)={0x2020}, 0x2020)
userfaultfd(0x80001)
getpid()

1.622719856s ago: executing program 4 (id=1255):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0x0, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4, 0x6, "3798259d09b07ec3cd09eb1ff0066091cd6578e658d380b0489b9fa81951ad494845401e547c218650b5b173f10d12204ccfe3873db922e857b203996771c96dc19512f9eee53002b5c1b4bd6a79"}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x15, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000440)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init()
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x8000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fffffff}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4048aecb, &(0x7f0000000280))

1.290676538s ago: executing program 2 (id=1257):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69641d", @ANYRESDEC=0x0])
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESHEX=r2, @ANYBLOB=',\x00'])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
ioctl$IMCTRLREQ(r2, 0x80044945, &(0x7f00000000c0)={0x0, 0x4, 0x2, 0x7})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r6, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "db8f2d2b3b7596160c6981acf8805944823a7f"})
write$binfmt_aout(r6, &(0x7f0000000600)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
ioctl$TCSETS(r6, 0x5402, &(0x7f0000000080)={0x0, 0xfffffffd, 0x0, 0x6, 0x1, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"})
r7 = syz_open_pts(r6, 0x0)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000280)={0x0, 'veth1_to_bridge\x00', {0x4}, 0x5})
prlimit64(r3, 0x9, &(0x7f0000000100)={0xa2, 0x8}, &(0x7f00000002c0))
setsockopt$inet_int(r8, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r8, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbf, &(0x7f0000000440)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000b100000000fe019078ac1e0001ac1414aa030190780324000045000400000100000004df4402377457bc0101028677ffffffff000ce256b28c59881681fb520009020007651442eb000e7434954373561de584b703c80009e706d30bd224f80207cfa11cab1a00108475be675de6a70a05a0dc91e5c6000a6580a5e97612fe86001273bc23f9ffffffa30900a301c84600000012c8f46976e79ea788f03d9d3205927e3d8606010000200000006377423ef8aadf0f518193f4b705c7cc930b8c773a1999b8aac94c58f91746d8561efa90ef847f7b1b5f1c05e7fda5949a6208eea0"], 0x0)
r9 = dup3(r7, r6, 0x0)
read$FUSE(r9, &(0x7f0000002840)={0x2020}, 0x2020)

1.198637491s ago: executing program 1 (id=1258):
r0 = fsopen(&(0x7f00000000c0)='f2fs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

1.19775108s ago: executing program 3 (id=1259):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, 0x0, &(0x7f0000000280))
epoll_create1(0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
socket$packet(0x11, 0x3, 0x300)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
shutdown(r0, 0x1)

1.138306592s ago: executing program 1 (id=1260):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFC_CMD_LLC_SDREQ(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010029bd7000fddbdf25130000000400138008000100", @ANYRES64=<r3=>0xffffffffffffffff], 0x20}, 0x1, 0x0, 0x0, 0x40884}, 0xc0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r4=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)=<r5=>0x0)
sendmmsg$nfc_llcp(0xffffffffffffffff, &(0x7f0000000a40)=[{&(0x7f0000000180)={0x27, r5, 0xffffffffffffffff, 0x2, 0x0, 0x1, "70b75f934564211e92ff311f2d46f7337c60c8e8f75fc2e9c9defec57dedb876a619430b3ca2e8118afe26127c2d756bd654df670f0f58720e935a036d2a34"}, 0x58, &(0x7f00000009c0)=[{&(0x7f0000000600)="0c873d87aa574b296f7e4468e8c2c52eddf62a947fbaed3fad2ff12771f3e63562a9e116f82205b54b0dafe98a3b0db7f106e8ba8583293ae37361401c27c51b22af83e18f60f28e18abb39f728c8a5e984c18279fcba5c5d67da74545c3efeaaea1d6de246d26c1c83b0ca162c9823d3e03467983ee4c53d15c36714469fbbfa47cc4b100c45dc6b90fc80c50857035cff6a2de5212fd3d490d76c94e4ad394cbd0ec44e1c288d5121a2a9c2bfd83599d88669a55f1e0422156dd6967b17d", 0xbf}, {&(0x7f0000000cc0)="fd26ab5cfcf387bb6aa1c0ffb0a183417f97e6031810d3c4735a937998e9711e12ea82e585fae7f49183d1b11a485bce068a8118b8f5d9535a0b6bf064b9f44e6b4f8af7b940d7041afd4f5298a6f9b347e15b52a63b6d80579bf8dd1d15ecaef92b3ca88a04149ff597846c14f2dadb8ea1892139971325042c8259549a8bf4ce849015bb673464639861211cfe2c9d6d85b9f4d8265cd959a538c830e726aa525a5e419455dacc8df98d5a3328131136fcd63dfb80cee9ce822ab6b9c4fcbd811e2d55125f05e6c775d8aa535b56973ab1a9f9ad81c871eddb43a4a92b53219ec92a5e1cbf52942b2fe2f8962816e86e2a9e8268218cfd7cc5e8be0d524851d2cdccd724bd934daa7b8eaa4c553edb47c2d07d06be1611144c9a616105e89114612448a6248d1a608cccd7cf035859f605f435c8cf02506ed073dbbcfa6ab0691b6d7765bf0a657ff87713f009baa7ec394cbaae19d41d693b1ce252cac526f94f131e7e6f2465e01a85c1bb1cdb699cb2a2e3c1ce105142dea90f6a3a055608030d607619fe22355c9e90edae9df91e02f7c769f6a9fea061c2e8e12886692417dd051e48a4a1424268fef60dde503fd2144b814284cbf3ffec739096d2f4272e1fdbf3468e7ed259be376dabcbe47707a25690f6d36627e49d9ec6750ada79ca129c88c52c7b116068cd0342776c493e94cf24f23cf9da71f3d1e245caecc69397c444315c989ede8f6afc4c558ecb56bb182bf61ac9beeee48a69f1d2028c48862d43c0cddf1e65d10b9731fc8b7066732286ef3204e3afd7a06c9bd4459ed7c77c0bdaea2ced9acef6345a83d14bbf0d4eba8615e7cee6a9f5a22330b7ce979549ae36d43fbf2a3acd83d50b44bee0532c2f513397c073941eab2d3aee541e9827dea9c3a1d4138fc358c6090ce18a1cc5554f6c582ea04d034ae1fc0948a8f9b10741fac4fbf0b45b8fdbdbce4b806a83408bc8fc3d3a1f8513e2bcd87c7c7a9f5096e27a63786b00656a726095b1505873066c92aa55b312d2f99f9969071d5dbec45a36ff8806b99df213785f32beebc2e49f85214a2898b529edcac6a7802925febecaf267cb26faf65700e99cd19345131a2b1bc894482ff809d7adf8abce7731dce23f979937e5c0880cb4364134af0c31bbbb610a7b36ea529a559ac58fe1d8845d34c6a76dc88283436f3c5a309d97d766f1d558db497cac559e1796310b4dd3bf635d90f64be0fe777a9e159b07c548e98b598c9cd36c661fa6e228f950bd6c93248c4b6421038730f3485460f7e0f9317247ee4cbec27672274f02818560b4eb51a5b33d0c0489e9439562a8cbdc5e63ff18d306255402d41d5e9ee8f264f1a816c2fcdba1ef4c588a1e603b6d60e824580c88d63b6ac17a63a211c6717129a1ef49e6a0c16ff2bd9c61ce865367c2fb98c171e8e2235c388f3c37dc336686e1c78a481fa5947a2d9cdbf3016ba9cab2c9deda5bbcccea7e2f0878c5dad391ed85d90002f3fadd81de4f4e3cc44b9703c6dc355fadf09a02d6c6d2c9f9dc87431b232f0ebdae579bd9e96aea821dd15ece27978ab3926f4ad607009e62fa307545804054279f0b78ac5a2fc127251792ae47e7fae71de38bbf01cc595cd5a4664f5d6523cdcff8d6861a04afe983c15043fb2cb7fff6482508bbc55f3ae10de6cb403e23a74193c131349dbd079a4883d2fa9b56613cbb5780d9de11df9f1b1d8e3ae557dc3099c0b5718bce3a26fcb11babe1a708dbdda17623463ee43001bc38e8cfe09d4476a30580686716deca57423c4c3082bd793b659613d6c74e2bbeec4d1d00c3bdf1a7b8fac07768fb63c41be70f5c01626cf7a9167a44984d232d2a35df40c62e2d802f8061ebcb46653b4239ecd2fb92944789fcac0c001f82978ccd96d352c168fa3495b195ae9861a98d44bce538aa781e4359128fe941e7c3c59a4d91800a9359e6a79a45b17c254b3ed9c96f4d3076b8705828a7f20407562a487fcdba702a97c101357b658d915fc859d89b0e206a4e714caae5876ee1f616ea69f43a8239b86162eb63f61148febc241b88a0539732d9c866a90bdb5aabe062f0e6375fb436f59575e5d62889a6771ad6b8c443503fa3de6adc8ba6ba203d660f02ab8f0cd0eacb833d1fde62740427348da313b79df20801edc7cbca1bfdf57a58340ba6bcd0c83fdeb225b22bd7c0544255c5920f0657e2b2dc5aa37a8717c2b14b4ebaf7160a52e8a480727c39b20c1bab88a991224047d35df5e8548429d9ad42ee5030a858820074c31b1a59fdb578f7aef9f8376c72e5fc34792933d6636279b2d714f9375b7e39b3f3b0a2a0f50a5e6a88c2625e6c7519436aab253fdcbd6a2bb25507be94edf28a08ce3360a72dbd5472005d94ca2e57edd1ad83f868964965bc4338dc362c0358ccaf1dae741c87aacc0fc062014e5d27878d7ffc794227abcb438c088a8ecf236e09f3c85cd8031aea7437c2eed1bb7a8ed804dc3da387bd1ad659a88d545f4df6fd1b6a1e0ef9f3b4148caf2abe1e2cc52db4434adbce36d5e9d290c50988104e9c16984cdb95f0622795aeda1e7ece434065bc173073ee86488091251dd9d80bbf2568becb8c29ef301a5c483719a63daa640993a960222baf118ba75db2274d2a90d1595c6bbb2ab6c7bc2e494fa082076876fe7936e955b1f2f7e4dbe05ff99411433265c4e6aa812b747bf3cc5de11ee582e1bc398beab843c34a38bb7e7eade41112d850ff723b51b4cb950d7422949cc933f9ee254fa7960f2978c7b9965ef140dea041c183ff9c4b6c1f6eea1c924a6b3ff4271a03b3b75aa8b3ca8373c667486bc6739e643c9bb5af7d92d7799851729517482db1ab756d3e545f4cda5732dc774bc4f20b8b22048e14c240430ce7845f599032ac1677771221d0672b8152d0cceb2f6568aeb23839d1e4e3bb2fff077f833a4a2658bd0a94b0460874ba5b3c75dc73c32d2a26eb6db1c393f84926346b695a99f9d9fc9e9967157b1a42d1999636bc17bf1eb712796f287c434a200b2a8e671278fa7f069be16f01cb59c7bdb8533fc9f85b08d5aac03584d980acd3f47eb47eddc08b7d5c20743ed91ad1f19d8c44e31c0df88a97a72da4d203d6bebe54c6a0301b93d4b53f59288f7b9252412aa7e71d861308f525ad40e3ca3555a2575318d67d37f7c9a6d3629abe333f759e5fb0dd651223d0c1f6352e98054306d6f126f46bfb2fa2a1089aa6adf8f99f526bbb2e0f40409c964130f95d509b73c1b1803543685830916c8ff061ba5ca1e6035d426c7879c6704857f4aa7dcb13f497fba9f5b73cc609f452edaff85cdf829e24bf5e1bacdb502ad5e0799798e0fd998e9987d2b33fccffb99014b34542645d0fad8588265cb894daa9cf861c74656d920192ae7d1c027f771859e36ce6bf7eca390da9592519afb2423116dfee2c41c61179ec2ef283984144fee96a9f81a7a3aff81dd4b476c6b2e83e23649bfdae6f922e98a0e749cf7bcf63d4301a2a10f156f7d7c11d04e0db30f7f190cc7713fd990f7df7e4d684a7d5f40d67bb673dfd9a01f1b3ea9603b480804015fcaf2a4a6820295c5c8b3f75e213aa171b56d564614620c6c4af162a2f42762bf28e77ba62c41f69b9634fd88feb9d2e3bb4833480d18ed5789f7b89213accfa50c8010710f9c7212d91f3bc1d5cf3e9928792fb3744aa67ba58e06eea3e218d7328b050d035cc59003a9d052d13550fe4a4efa519bc8b61c7020d43c67899139ed3970a2624fd9b472c1fbf5bfb9f5207a4cbd641b4cae84f00e53ba7176162f0200aa523f7183e096c21246d9d6e8bbb61ef6ef0376559dfb516918a6a3254d4f91aa17dab96b63ccaf1e1f4bad7ba9a57156e8e4a40120f10c512c5ef6efebe813c88ecd6fd72a38c05ab35f8b4aae30b410c58a2e427b7195a5e2881c801e56fe61bbd257f4ed35fd4ddcf5172dea14092475761abc0048a301279b9d1696ce2f6057ff41ad5061dd8a5a5c194b7569a75954076cd148f66a433a2c44140868ecc59b1b7c8587b4b011648557a4299b078df6c221d97e223c62255239ff9bf84ad876732744d09c2f3861be337c1e0dfe3de60107568ef416b97627daec9d0952424e88215bcf23491fda481d43afaa230d9769f9ec30b90841469d9c7b2469e9f74cbf9f190f14353d2ea9f7340e58e45c9043ea3f38e3441029d05364e8855f089f6c3eaa526df6fa7a53eb074b93209c72606d2f36fd0a49bb17bd64c2008ea17003cc85d148f88de6ca95c55be3d4c7596952f228c533f48dd4bd7a3d624d2528645d0d6ab505a9f5c11ec68838c129613daf933c49a11bd1bf2b60ddb50b02575f001920ad305ff764ee9eb937cd44dfc56b637d9e6f9089c9751602f6a980fa4be6db1eb140e7a28b02bfca7c48b675ba36ab3ee7eff8197896a76f1c3fae100967f79232299a935ff3bbb4f94e80ecd87f939fd1fed23c9910f2a4f579946a37f7a2ecc3f19fa82fface97d53caa4f577578d5b6ebdb337717c2503fca941d33ec0cb55ff4ca2705dc25a39d99ad6b97560abe9d1b13e110c2de76995de16fed098a32e2c396f16f3141af278fa09458125b2a73322361f3f514f48503c30ec24a1191f8f8f009750cddef0ebde2bcbcb24175dfaca2ff6ce0b4c75c9e36f6caed4398eae77ade54bd79304c593c389eb9fb08cc1e1e50a8e65c1619d2d9041a99135fdb67c0577f2ad5165f0bf3e70b60211a3d0e6cbefe54ca86dcf04c023fac959c4df922e005141356c7076f1b189e625cb457236fcf1b2116b8edf498cdaf13e13c25bced30a670cb7840a5242ab568303543512620769a79e469a6702e75dff56d5c493e55e4965c5c5ecdabc71940a957073bcbec34032784aad7c5cbecfd3d95c850608b2b315d57cdb1664f1d5a3ef1b21a1c5105681dee66001092dc3696edd58cc2149cd0dc64c743e27743987e499c39cecc4bce5b0169ce38c5a3e18e63831c6b7f37a4cf1792ab3cf8be8ada9a4a3f8da5f03147c8f5fa924bc5c155ab1ccb5cf6a0ef1dbbb93e8ae0fa2636ed0b015b21b9a5fe9f44e89877490c68ffb688724ba031ff36b655496139c0106a2522d814e3fcd595007c07b381317a02bae53744b3a0be5b9459a55531d55ac0427707ad8f417593fc3fc36825f917626e5ce47e959359e7e24f224860eb6d8248077c18918425c67a98042443e61570953ac614bf3fd24729497beb91f36e650de612a36be78d05ed491992a227f1ea3ea9b6ceac0e7f603b10820c672bd52d9de1d8f7228a5d9d05ddcace46af9c588c457a100cca616c6f52e890266c0895c00215e31741c65609218bea1a305c7fe94469c98ae3a387bbb925ae4e79986a4eb693834187d489bbafdf18f563dacf64614559cb93dee1766181f856845e70cefdec1fc517786b9d191b946b3d18fa83fc609c6368cd8e3fe940bac2638f9b23187c676094c6f2f9b5279382dbc9095a3e97d4f2c2fb8377cd28b9f4f71116b5ba4218098b0d5c929b249298dab0324b10cbc516bf9dded024ce8d633ec52580cef5dadaabbd2cc0e659cb5bc0b6c552af76a6fda7e331ba619364555e2313ed44291adf361cc2932b7918813e416787fdeb36c6c2be9464f851a7f50edc590dae78d1efb2b75d64c3ee311058580ada8b227f67ee029e4229f8803686e4dfb9b265e0ba86becb12ef816e602bd954defe57fa79739e1523a4f8953ab39753aba520adccb2684e5f8175129b7c0f60caaf41beb4aedf924b11feec7", 0x1000}, {&(0x7f00000002c0)="ce980b25ac1e97234e187046e2eed6233fd911288f0a17c4fbf8f806f2ce986a52442c8bc6abe7a374c68bee49c40d702b79e97a40c2fac59ae26add62e6d761348e7d488163a9bf18e1a18fe7b5aa22de212a0e3071736c68", 0x59}, {0x0}, {&(0x7f00000007c0)="7f97d4fa33a092cda749e31901be51c026310026f72d9cb712bce3275fa8f82c3dfa6a1d75bc1ca3bb7b43295ee28938edc08236e8b096751943a6a6b2ad3ccdc2899adda7f6475851a800fa72d9f56b4a0d67c1a2ba6e616884b3c9267d8ea244c40db2985ae2e49a4aa44a22a161b26df92b5c3c66631e209abccf7aa22665b8ff652781fc3433d4f78fd916be6cf7eeed9a", 0x93}, {&(0x7f0000000880)="4ce438aa66b3d5f51039da75c41a33608d526186886a0aaee73cfe53c999985ab748634538f539977773d12ae34966b842875030e524ba08e0f789606bc80ef36a448445b45d3fe68c119288756a38c5220ae0dfdad68ec1b2a69d0946e36dd05151a2bc906084c95b76584a2896da575c51b09c6781b82e479f869b2d78f96165b36f903798e2a0d99677e315ce50db9023e47231776df42436005deb0d276ee7e8060ad54686fdff79aecbfaf521c1ee02bee768ad73d6b02d67fdc47e577ce6cef0815e1c990d4ceb9d4e764ddc4c839392e33b99e9f6531b86f93f93d6961ffd72fafb77908e29f7bba4f9ff", 0xee}, {&(0x7f0000000540)}, {&(0x7f0000000980)="38154a8ca6d3103fe4082fb6758f957205643fcee7b999448953840371498609090a4ed4b6f16d44796490ae43b9d9184a99d29fd360e838c2f1c1f366dd", 0x3e}], 0x8, &(0x7f0000001cc0)={0xd0, 0x0, 0x6, "2b40af9a66b6d74d803cc02f79c2c8a55d78ad743c271eff416e44a5862049dc11c1cea6788d6d80528ab9b873551c313230af8196b7f42d8b3e0f2fa4a2e05c264716879fbf61e36cf6fb1d7b0924868d01743cc866801fa1eec408dbd1aa5581a42607c8ad400ab9a8e50520e984af46a77e569f1f51a67343f36e85289a9d574bfec6cae7f23fafdcbf3f4d12957b1204ef0866bbf28c34c626f0be39fcb65b3792126327d1dd85b07e4fab2da3558f756762a5f7f6cbd8e68ce8213b2094269c"}, 0xd0, 0x4040000}], 0x1, 0x10)
sendmsg$NFC_CMD_SE_IO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="18010000", @ANYRES8=0x0, @ANYBLOB="160028bd7000fcdbdf251b000000080015002dd000cd08000100", @ANYRES32=r4, @ANYBLOB="d400190031740251a7bcf39a70453006082089b8d05cfd5f4a119929d8eb7b9b1aec259e05382c44dc56f3933cac65ff7277c6624b7462f909026bf0cd10f1abc14b85fcbaf4a094e6a4c2d0d29499b1023a5bbbd8047559434ea8e043767092c3d7bfeff10c44d3a9bdee36cbf72d21fec3fa626261be864b47def086b861659529a02dd52e4b6a9fb88c1e9dc9dbba0c4b4abc625071b5653078e58ea1123bfeca60327da04019913334ceb17983d5ff21a228535886dc6a22288b8f36ff16395ffd9bc8d49bd4637889c6e3c3341ef3c721ac08001500c000000008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="0800150002000000"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000240)=<r6=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000400)=<r7=>0x0)
r8 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r8, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r9=>0x0)
sendmsg(r8, &(0x7f0000000480)={&(0x7f00000002c0)=@nfc_llcp={0x27, r9, 0xffffffffffffffff, 0x6, 0xa, 0x7, "f3e1dd90a0ba9cbdd7985c55d2fe2eb86b3b6f29da265514103f0bc85d18069ca3543fe3cd2307d7fba63c308904b5647b0779e368d5c5d4cd66d4fa029f3b", 0x35}, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB="7800000018010000050000006e9bcf3b2337e4df058ed41fdc9a1366fea5df5fc6ba9753b48c37128dd2eca84a9206654e6e067ac351a1ae3e89c701feb312935c09e2173a36a89dcecd12f90ea3f117d0702b2918f384bc824bd1a52a8bce97c97cab504cc5fd6af0a66a034ff7511de194b479deca00009c0000003a0000003e090000fc071f6c8389e560263bf5bccb342298cc5a88c2c377f615acae59430ca3ac496222f9c0dee50481f0232f7820faf72b533a385b7f9dd76f9af305b773a85b4503d04a05ce0b07c0ee7189c4d00f75b17059e4e3ef07456e91fd407f621be3882444bd2a1c2446d04381fdc87d3dcc6fe257eb2f345c737b1b6043ccacfd1a7feab2c5a9ecff3eec363ef9ce70e621cd0c100000ea0000000f000000c345365a1632fd2f572396c6996ef869d0fc33a2c855c2ce0c93e0e3b886935116d30432e67d6311eaa922f3507500a08eac20d0196d9e1f65cb911374e04dfbd615484627572837b3994f0c42464a720ea17dd45cc8a50e5ad9a84142fd698f83e1d3b6d66f084bb1ecef9bc8c9fbb452dddabbaa0fbb52a7d269b362199b11d53ba77b61d7fcd3b8505ccdc316ca6baeb56712cf95ab778874c180f2519d03c74ca2c1a6e289cceff8bfad64c3f23dab59fc8fc1fde1644070cf6e23c57a01436814794353709bd6c7ad41389b528bef74c11e0bbd39a954fb8a141cf22634005a6101a5a6877ca0f888f316912ac6b920fb392c0b89eee353722775ea19e8c72cfeb60b6131b0841b7affd61711df6bc8fa9ad61eabe0982ce86b94ff43f26c6f380e5f9011f8f829c42aa0e2b6633acb426d8dccad26ce5417bdc28b9838856db2afa538493932cbca37f3d4a607922ac9d57d39e5fa245be3e113a895b8798864ce760a072ed55bd85c54d55972719a1c095e743ed65eaafa938ddf9a6ce07cf6cd40669106234dfdf581f9e217bd26876d79ccc7a23ebb9f541fe0f85f1f279432aac999c6d79bd9ccf7bbf47994c454c12e296b6e2c1633b46a2ff815d678b384528474d779ed1e28b13069274aa68b0d392138751dc6eadcb959954ab643affa7a8b5b1118efef8fcc8f9a8279032aac0773b28f3c8e6a12b8e6a09f772a79e01d1b13ce5c7450b3a7d706fc71eb71bce128857881c79d78c85455de4e4e20e6ca0a7a1f5cb48d2b3740fd5e725622fdb74b904fe42e68bef910c9d8ac2f9fd6bea172ef41ac5aa63b0ca1b56a4dc884e0077a693c1eba227c500b1265b5ac2b2c2338d914c2b53f90e2e727704676cc0386c185297f809d4a088e802818004c0f3bde85f6d2b46172d5cef4b92d056cafc5a2047a3b8dc8e29a695306009cfcf0fa4fd7f3a080dd1bca604b775a677a2a3037741c5a1cb2fc7d65e44bf3b0335d930ed61caae2a081424d423f62f222ede536f5f1c57994adf284c443ff1d567e8f2503e385da6fe2e1699262ce1bc5d08e9040a287fc3bced6ab244cf873ba3bddff7f533f2be2747822d949648564b40f52c35c3f2e09d6131bdf4552106d2ca403b4ce1be6c8a91e5e75fdb8d458c7a43ec830486d227e4f23d683f82bf4b81d1040b82cb5092face3cbbcd92e56e21fd222745d265a7d521e81203348635afeb35b02690625b67b94fe7ed5edbb8abd3431d23d87e0df73984a613c88e359cf34e8537d973d5fd6a0c60596cbb0f1488417b7c29deb54467cd686e3f7daeae9aa9c28d61e6fdb8a3022cc8f646b72fb027dac4f79dc31f124d3bc127771d99f6f0dd3c655af3fdb17d1c4c7ea7e73c32515fa69a8d7227a2465ff65ea609bb9acd833ac65cdb38eeae3e46b934f004829ecdb7f5fa6679ed5e2272623ddf4f9fafe6db8bbb0a5fecfc1fac4abf80dbf52d6f8405e5494a5e264e96a0c939ed648c8e0222a0ac22fa9659588010ae7b8ff14cdbd0b759438b8e0ee01e2815f3b57cd05beb280db65f0c34ead720b11d330df9d2d7d68b007b2df3ca74aea380aa54aa33cfa9f22d1a7fccf6f532e2d6578d2b8b7f6325df678f271d4f8eb72d64d831601a545d9f03d707b1cc89a6aaba40d2b3537590842cc4cf6a56d8a516338c5c31169d8f8f6fbe6234f68d7e26452e7bbe2f89ac0e69c96d779ba918eabd4163f628e0abf1919951933de7af89b24988c53649fb7cd5c40eac413fab952481ce7afca1aacf16fdd9205d299253dbd2713c17448681de1f1e48167844a4f1f1c8d5b5c7b71c7e94d3d8ea04d0e2b6e1658896ab72d0be21ab5abf8088c1b966e81dbe1df96e1e721ab1712de78d4cb398e5ab7d8fd46f4ed65b2de809a0dbbfa9aa72ded56fdcb1baf0ac6b210ef7cf95501fa815686893dbbc268ade91052841ec810f2e1d2e0fc44c20cfff98bce018ad145d1b23db0ec4fe0dc7fd3311a47ed9e7f9f50bb6b76aa452dbf90b19e7dcc84232494fcc7c069a61081b87bec5d3ae03f6706ec0e892624fc4fa92385ac22ea6be62b16771c196bb3c3d595c05550c108ae1654e51a6cc534454ec3dda754c6436e7d57647ad1a21638492c8378162491c376589462d7b67405423d6affde859a1f6029c8f5c189e0bc82d0dae6fd323050d2983fae8048ecda7f4ccdcc6b06388e6c969aa65fb40079ed7d3841ddad39aa9345dda6e19f296cccb23090d729b2035abb46e7869577ae9825adffe6f3286a66e72ad959f902dfc8c3fa9663f94e948b2ce0f241d2e7baac0aede9b111b1a07f2648830167bb756d3be74bc57d1da497c31b05ed3555abd54253ae24b4db07015ca2457551eac437d246e705f91414d8099c5a778cc68cfbe77fa33c7f04fe8985c0156edbb22154e95b898ab849ef6eb9cc4a30700e345a4f6e29e81d898eb7d312478b6c9ae0294e68780c46f466a48e4656ef64b0a71b9b47f3a8fa0b1c5ebac7df979a3d81e4ee3aaeae4e7e990643a58a074440c6697a032d11485e93155c0feb452a61c221d5b795c8f5cdf0366f2f17283bda7a8554630c2ffa10f7a7862bb4d93e2ef8141116c595414df177ef86c76bf599e2be14ce183fa2435ff5c999d9ec592f9dec554dc0c05b3b908747d90e5ac07d4c2ee8e087f2bf74bf5c747a1d81e220f6e61a2146731cc8dfab6240fd2ffa70479004a96826a65cb4867fe4c71d0014ce80a17ce109db8cd84ef54a08f853d185d1f2b6e18e32e66b12a3244b653e3fd77b77e0d4a436005b8513c27bd8d6899b32a76d7a519aaa2ac24fb6100d3d7008bf2850f8fa2dee3ccb67c0612768ec6e12439556178ce644220f04f09b1c234058b9191377cb1fa019267b3186a71bf6fdd04b758eedb5848514cccbae0394eae9ef2726187c2e8aa98d782957f8ed3758e22a0757d1a3e3451c899bdc5d80293e63fbb8d372688e4f0b00fd57ef777824978a2cea2605c4490b525d7de0fbdc202814ad9ddac1a388bdbf5a63cc15b26dc73c4af3f1ab0e29c7f65957479bfd99fcb54b8d2a4ee156f71adad2815c0d731e5bfef3adc65b258808229c58663cfac1948192d9aab76fcd666a5d94aeacf32da062d53146f2c078cfa301fa339a49cb8919dadcc77198f295661e4df8ebe1696192e556d68081cd97c4e3934cf7d719f333f76f3f42edde55a34663e9464a13d775add635f0986ead35b2122c2440592a9a4f2ba0be4ebe6a7c7d62a91f28d75d55927ccaa925d93ce90d39c970df5859d52dd7dd243e515ffd3cbc38ef3958180f44a20be55dbcd40496f2d91685c05a374e4b3848728b7279ff8d049bc58556a3b3df8fc74817ea979794715b665f46387a68c00c07ee9659a2bea66457245625f5fc6dd7ff98a90485c48e3787255c0440c0e2e27d58df1e9431c22151fd09e4469d22f56781abf4190079701f89e4f03f409e3e4bab507317363b2451c8d9d424d5399f8008a652c48c329b0240ee61bd11c1ce3a99862a637f47628229537bd94f9c23e6121016493e43de0502afd4afae3682e2c2cbc6be54dbdcfb818219d95423c5c1d1a672a35a3169e7c7f4e05139af83e6e376a5898498fd17f73ab9cd3596b361730acfbabc39259608ac028c93d750bce85514bf97d4fb174dd2ab70d7029f73f4626c3aacc5f8178a51133d33ded64d1e1dfc6c8260ec5a1a1771c335905a57767c0e9623ce5d55de98ce6fd27fa8edc348713fb38a6e2bb1d4d52530ec4620d3ba445d37a890537e4a6fa22486176478c100fd72fce719b22db4d6e4a327fe07f4bc7c155a00844db5dc57ae2c7100687f02e490799e08a9b6ce174504e84a9d08ce5413125b4d657677afe679c25c40620a1eda3fa0623e8be152691feb9530f3dd71fe7ce15e3775e0a62730f31a01ede298a54bb7fd6100a381750a5b0bebe4671f2490d59e900214f3830b9293273c0307520625968829ca11972c70fbb58678a0bc1ee1c9a010159695a72fa6f7d9281cb2a81b8ff89b91586313591e54ac39a70b8eac150a80ca1ab019ef7ec997a9cf23f2100cef00ffe972237745fa53d00e98a7a14584b5669d64f3de19c2f3f9704042f635b3342b4a3a7ba5822aad55aa08236ac7858701ac02542b9880d0f6019626e2e86c8e8f11ad09e3d3397d57f3d68981a874ea7c000e2c16b37081f34981b11f85daf068bbe6767488eb00179755ecdffe4fe23137d7510cd7e0f7ab8cfa776980a48a6c731cbd795b0645e8cfad11c7c6bf43cca2344b9d44754f880f331fcede671cbb7ec81d9875c6f507e311166b40e25240e420b456065b5ffc9d5a49e19e776527ea2d238c9a3a7a009039ed096684e9e7dbd365660982dfeaf7e81ea00b1c1cea6433b88e42b60e22675f91ae1d3ecc4a408ee5f61be91a6a8d83e88a2d98245a1f3e76dbc1243b3b04018cdad700cf513899f6095abba0dd55a696be98803e839c341755522391adb6aa65d9ffe2b5c0be228a388dd83e6cec7f043bb79a30f8d9afa2c81ffbec0ba3c68f3e6d3a7fccc2f0835701f135e9da54c2e39cbfe6adb19069848d2f7e171618de06fe1ea9603a3b8e6338d05c3fca21c41891d2240761231d72df912555e2358acbe8cb132c90f91322f21c07425acb952b7af37319b0465c49a43831cb9d6933a41b9343736aaa3a1e00f4c8d9975cb01e14f7b16a86e808fff30f29b30fb0b6974714ef140d64ef80ccfd4499dacfda4f47f2653c50fabffb97fd5f50e973c97dd881fdc2129426d28f2f99a6c7b3168f0f1ee24ec04aeaf0e20051398f1e58871b30ac18de2ad00903fe28428d0b26236300cbe1e86409f1bee033419a7388605ea995d4184463bd4d2b4cad605ec5f4d19a740e24d27ca88c3a110fd03d84bb2782c94ba8f39e2091b7a4bc2f96d69b2d6d39683fe567c85155c2448281f5086851258311a56f82468029ef57590e14b93349f49ab6e1118ee5260648ee8b8b9d19d4d00ab64fb6f2b08827eb09177337775a25d99add075b6f74fa18e44c3da0646f7328dc5c0fba252c7b4c4e89b97e0cfbff59e01fc309000c602f843cae6df628e841d8f5e0dfebbab6ae871a363bd1806231cade4a8611e51447ec96a00e8abe07709b970371e6856e830841a7e4f43d7c8b2f2d9b9985367cb8de1e5772625fc66f74a0f04c41fcee94d800f6ff8057974501b76b437dffb87c7a148ca74ce8a6b54ecb13739eca2b29b914937d7b94f907d0d2a5745b4eb30df20ce3339ee4b49c09c89892a7a49e69610558b26a9283891ece6045ccf2a8bdbc70ae9cfdbe720235eec284f23317ea193f8e88a7d5c2b829fac1a6d72ddf9abd330df66ff3081625ee6fe9cc5213854d294325ce12ae7fad7e6eb1dfbc2bee7b4785aeb6431c155df1dff891594f4edbc8e8fc861120049160e93e393d43932b5588d7286c363ae84458946640d781f39cce8092fe8a0c5f4ad47105419deb385202014ffd115b65edd0678d5340dfdc18109382a46e4dcce53c3ca2b222d8b7ad5d3a2868a826c64d2d8f615eced968fc334f23cce5af7874940075f50c9f4a6f470bee9564fc358283688816da8856c95b7e0c8939a0744a6210d3eeb49ff336ed157b3da68e2ea361d50d02166624811c0215eda4fe87faab98e3e134bcc2e821885f8370ae5927d15e6d0f7fb3e4dfd4ae67dea7d60b26ada3b834ce8b727a9e381d7bed061be647edf2858e3e60b105a76a7d17da93cd7ba9fab3cb8e00"/4384], 0x1120}, 0x4000004)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x4c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000041}, 0x20040010)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x4b, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x80000000}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r10, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r11, 0x29, 0x48, 0x0, &(0x7f00007d0000))
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xc, 0xffff}}}, 0x24}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r13)
getsockname$packet(r13, &(0x7f0000000180)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0x14)
sendmsg$nl_route_sched(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x24, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r14, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008854}, 0x4010)

1.069055516s ago: executing program 1 (id=1261):
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x20, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@nested={0xc, 0x4, 0x0, 0x1, [@typed={0x2c, 0x6, 0x0, 0x0, @str='\x8e\n'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r1 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = getpgrp(0xffffffffffffffff)
sched_setscheduler(r2, 0x0, &(0x7f0000000100)=0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='mpol=prefer:0\nNs']) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='mpol=prefer:0\nNs'])
syz_open_procfs(0x0, &(0x7f0000000180)='net/sctp\x00') (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/sctp\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

969.194791ms ago: executing program 1 (id=1262):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = syz_open_dev$midi(&(0x7f00000012c0), 0x2, 0x2)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r2, 0x810c5701, &(0x7f0000000080))
r3 = dup(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b0000000700000002"], 0x50)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000280)=ANY=[], 0xa8)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

889.853375ms ago: executing program 1 (id=1263):
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x11000)
syz_io_uring_setup(0x236, &(0x7f0000000400)={0x0, 0xf691, 0x10100, 0x0, 0x2b5}, &(0x7f0000000180), &(0x7f00000001c0))
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x48582, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffe75, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
open$dir(0x0, 0x20a40, 0x90)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r4, 0x8914, &(0x7f0000000000))
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r6 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
bind$ax25(r6, &(0x7f0000000540)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
ioctl$sock_ifreq(r5, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000700)={'gre0\x00', <r7=>0x0, 0x40, 0x10, 0x200, 0x9, {{0x15, 0x4, 0x3, 0x5, 0x54, 0x66, 0x0, 0x6b, 0x29, 0x0, @private=0xa010100, @remote, {[@timestamp_addr={0x44, 0x3c, 0xad, 0x1, 0x9, [{@private=0xa010101, 0xce6}, {@empty, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@broadcast, 0xffff}, {@remote, 0x9c1}, {@multicast1, 0x6}, {@local, 0x4}]}, @noop]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r7, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000280)={r7, 0x1, 0x6, @broadcast}, 0x10)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
accept4$phonet_pipe(r8, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', r7, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="6c91072c8df519fc5d7a5f85f1a7b129e499", @ANYRES32=r8], 0x48)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r9, &(0x7f0000000340), 0x0}, 0x1c)

639.588214ms ago: executing program 4 (id=1264):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x29}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="a41746f44b3d123a895030569f1e", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x5, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000000000), 0x0, 0x0, 0x6)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
r8 = socket$netlink(0x10, 0x3, 0x4)
r9 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r9, 0xa, 0x13)
fcntl$setlease(r9, 0x400, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_clone(0x60001600, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = getpid()
fcntl$setownex(r10, 0xf, &(0x7f0000000100)={0x2, r11})
ioctl$sock_FIOGETOWN(r10, 0x8903, &(0x7f00000001c0)=<r12=>0x0)
fcntl$setown(r9, 0x8, r12)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x68, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x4}, [@IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x5}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x40}, @IPSET_ATTR_ETHER={0xa, 0x11, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xfffffffa}]}, 0x68}, 0x1, 0x0, 0x0, 0x1840}, 0xc0880)

374.985671ms ago: executing program 4 (id=1265):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x7ea3, &(0x7f0000000440)={0x0, 0xbfe, 0x11e0a, 0x0, 0x67}, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r3, &(0x7f00000002c0)='./file1\x00', 0x10, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x5608, 0x1)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, 0x0, 0x0)
linkat(r3, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f00000000c0)='qdisc_dequeue\x00', r4, 0x0, 0x1}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000680)={'wlan0\x00'})

299.447836ms ago: executing program 3 (id=1266):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000300000001801eeff026c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000300000085000000060000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000003c0)="c274386d178550cb864bd57221bc", 0x0, 0x1200000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = io_uring_setup(0x7a4, &(0x7f00000003c0)={0x0, 0xdf09, 0x800, 0x5})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) (async)
r3 = socket(0x80000000000000a, 0x2, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000200), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000540)="8d", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000380)='asymmetric\x00', &(0x7f0000000500)=@keyring={'key_or_keyring:', r6})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r5) (async)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000001900090000000000000000001c140000fe000001000000001400120002"], 0x30}}, 0x0) (async)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0) (async)
recvmsg$inet_nvme(r3, &(0x7f0000000480)={&(0x7f0000000080)=@nfc_llcp, 0x80, &(0x7f0000000440)=[{&(0x7f0000000100)=""/118, 0x76}, {}, {&(0x7f0000000180)}, {&(0x7f0000000340)=""/87, 0x57}], 0x4}, 0x20) (async)
close_range(r1, 0xffffffffffffffff, 0x0)

299.168527ms ago: executing program 2 (id=1267):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000080)=0x24000000)
getpid()
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r2 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$udambuf(0xffffff9c, &(0x7f00000001c0), 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f00000000c0)={0x1ff, 0x0, &(0x7f0000fff000/0x1000)=nil})
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "058f2d2b3b7596160c6981acf8805944823a7f"})
write$binfmt_aout(r3, &(0x7f0000000600)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
r6 = syz_open_pts(r3, 0x0)
r7 = dup3(r6, r3, 0x0)
mlock(&(0x7f00004a6000/0x1000)=nil, 0x1000)
read$FUSE(r7, &(0x7f0000002840)={0x2020}, 0x2020)
read$FUSE(r7, &(0x7f0000000800)={0x2020}, 0x2020)

100.179629ms ago: executing program 3 (id=1268):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x4c040, 0x0)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
close(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
read$dsp(r1, &(0x7f00000002c0)=""/4087, 0xff7)

99.84506ms ago: executing program 3 (id=1269):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x22201)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000009, 0x15031, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80001)
socket$kcm(0x29, 0x0, 0x0)
shutdown(r0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000200000001000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00#\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x360})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_clone(0x0, &(0x7f0000000200)="c50f8f08266ae54947d3479b4afc4beed383c21200b8bb1d7de76dfe82f992acdc7a315c3d9324e81017887fc1cd53f70644e428d030cfe7da4766b168dec1121194984746c05a309388bff242ee26a23b51402028afd885eec7ae64644670d2593902392439294352ceefc66deed9b0112a805b9114f0f32dc6fe1a53ef3fa148a61ad80a7d2ee3d7daa21b01bdae99e96e133f41d499166d433ee9b5fac70837558ebcaf9046f464e4ba2c3bd0fc91be8d475eb394c393469528b0d6057648213b015dd13f5203c742d15f2e35775186e21af6", 0xd4, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000300)="05d05010f1608974a539cddf9e97b7fd8be7bef776b138b0503da214924e3a37a2188957558c8ae77ba17802463fe15586bd8ba5c33839e207fba9b95f1275c647d7432247236855a5fbb14d902058608b3a7b826c4b6365eea0ba97b69c1fb23e7b7d0572df8ea950f8f3b36a9e19680827f0c6a0ac2679c1f0f00b5253258f98c9da2ce176b8c52f0ef9329ee7b51599bec7e0085ed8eaef01eb5798b78c49592f7a20a683")
prlimit64(r5, 0xe, &(0x7f0000000180)={0x89, 0x4}, &(0x7f00000003c0))
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000000000000000000000000008500000097000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x2f000000, 0xe, 0x0, &(0x7f00000000c0)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa4ba, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x2}, 0x50)
getpeername$tipc(r4, 0x0, &(0x7f0000000100))
connect$l2tp6(r1, &(0x7f0000000480)={0xa, 0x0, 0x258, @mcast2, 0x4, 0x4}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
mkdir(&(0x7f0000000140)='./file0\x00', 0x88a083111cb19e52)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r7, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000400)="d13080f02a994ec97dffc828afeaf274", 0x10}, {0x0}, {&(0x7f0000000440)="d6", 0x1}], 0x4)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x9)

0s ago: executing program 1 (id=1270):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220f00000054b2000093"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x0)
ioctl$HIDIOCGFIELDINFO(r1, 0xc038480a, &(0x7f0000000040)={0x3, 0x100, 0x2, 0x5, 0xb27f0377, 0x10000, 0x10, 0x5, 0x1, 0x6, 0x1, 0x1, 0x9, 0xa})

kernel console output (not intermixed with test programs):

"/newroot/71/file0" dev="tmpfs" ino=413 res=1 errno=0
[   93.338282][ T7024] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[   93.349538][ T7024] ref_ctr increment failed for inode: 0x19d offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88806948d600
[   93.582432][ T7035] 9pnet_fd: Insufficient options for proto=fd
[   93.655379][ T7041] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   93.886295][ T7048] syz_tun: entered allmulticast mode
[   94.084219][ T7047] syz_tun: left allmulticast mode
[   94.153762][ T7053] program syz.1.254 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.161304][ T7053] netlink: 28 bytes leftover after parsing attributes in process `syz.1.254'.
[   94.167958][ T7053] wg2: entered promiscuous mode
[   94.170253][ T7053] wg2: entered allmulticast mode
[   94.189695][ T7054] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   95.012379][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[   95.184521][ T7078] netlink: 44 bytes leftover after parsing attributes in process `syz.3.262'.
[   96.196007][ T7083] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[   96.198674][   T40] audit: type=1804 audit(1748702476.055:21): pid=7083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.264" name="/newroot/78/file0" dev="tmpfs" ino=464 res=1 errno=0
[   96.205702][ T7083] ref_ctr increment failed for inode: 0x1d0 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b22040
[   96.312314][ T7086] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   97.435536][ T7100] mkiss: ax0: crc mode is auto.
[   97.438516][ T7100] netlink: 'syz.1.270': attribute type 10 has an invalid length.
[   97.450770][ T7100] team0: Port device dummy0 added
[   97.461781][ T1341] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   97.611971][ T1341] usb 8-1: Using ep0 maxpacket: 8
[   97.616254][ T1341] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   97.620263][ T1341] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   97.639266][ T1341] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   97.645025][ T1341] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   97.650445][ T1341] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   97.654723][ T1341] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.701073][ T7109] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   97.714805][   T40] audit: type=1804 audit(1748702477.575:22): pid=7107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.273" name="/newroot/61/file0" dev="tmpfs" ino=353 res=1 errno=0
[   97.724338][ T7107] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[   97.727836][ T7107] ref_ctr increment failed for inode: 0x161 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888069489580
[   97.974025][ T7088] netlink: 60 bytes leftover after parsing attributes in process `syz.3.266'.
[   97.979171][ T1341] usb 8-1: GET_CAPABILITIES returned 0
[   97.985450][ T1341] usbtmc 8-1:16.0: can't read capabilities
[   98.118849][ T7118] netlink: 16 bytes leftover after parsing attributes in process `syz.4.276'.
[   98.181280][    C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   98.189425][  T838] usb 8-1: USB disconnect, device number 2
[   98.637935][ T7128] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   98.695039][   T40] audit: type=1326 audit(1748702478.555:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.704018][   T40] audit: type=1326 audit(1748702478.555:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f835a7 code=0x7ffc0000
[   98.712732][   T40] audit: type=1326 audit(1748702478.555:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.720832][   T40] audit: type=1326 audit(1748702478.555:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.727678][   T40] audit: type=1326 audit(1748702478.555:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.735524][   T40] audit: type=1326 audit(1748702478.555:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.742753][   T40] audit: type=1326 audit(1748702478.555:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.751306][   T40] audit: type=1326 audit(1748702478.555:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f835a7 code=0x7ffc0000
[   98.759795][   T40] audit: type=1326 audit(1748702478.555:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   98.768731][   T40] audit: type=1326 audit(1748702478.565:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.280" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f83579 code=0x7ffc0000
[   99.527488][ T7144] syz_tun: entered allmulticast mode
[   99.686482][ T7143] syz_tun: left allmulticast mode
[  101.813717][ T7172] syz_tun: entered allmulticast mode
[  101.937345][ T7171] syz_tun: left allmulticast mode
[  102.115796][ T7181] trusted_key: encrypted_key: master key parameter '' is invalid
[  102.189060][ T7186] loop6: detected capacity change from 0 to 524287999
[  102.269179][ T7189] netlink: 'syz.4.295': attribute type 12 has an invalid length.
[  102.743385][ T7196] ipvlan2: entered promiscuous mode
[  102.822079][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.300'.
[  103.493956][ T7193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.058173][ T7220] syz_tun: entered allmulticast mode
[  104.182217][ T7219] syz_tun: left allmulticast mode
[  105.327282][ T7230] netlink: 84 bytes leftover after parsing attributes in process `syz.3.308'.
[  105.581832][ T1019] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[  105.743589][ T1019] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  105.746386][ T1019] usb 8-1: config 0 has no interface number 0
[  105.748554][ T1019] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  105.753228][ T1019] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  105.757676][ T1019] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  105.762616][ T1019] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  105.767084][ T1019] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  105.771550][ T1019] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  105.777042][ T1019] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  105.780737][ T1019] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.785990][ T1019] usb 8-1: config 0 descriptor??
[  105.788313][ T7230] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  105.790998][ T7230] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  105.798909][ T1019] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  106.007782][ T7230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.011926][ T7230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.017993][   T29] usb 8-1: USB disconnect, device number 3
[  106.028343][   T29] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  106.322997][ T7245] syz_tun: entered allmulticast mode
[  106.532121][ T7244] syz_tun: left allmulticast mode
[  107.039209][ T7276] syz_tun: entered allmulticast mode
[  107.166119][ T7275] syz_tun: left allmulticast mode
[  107.435351][ T7289] veth1_to_team: entered promiscuous mode
[  107.442941][ T7289] veth0: entered promiscuous mode
[  107.662637][ T7287] veth0: left promiscuous mode
[  107.664754][ T7287] veth1_to_team: left promiscuous mode
[  107.799229][ T7308] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  107.801806][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  107.801816][   T40] audit: type=1804 audit(1748702487.655:59): pid=7308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.340" name="/newroot/74/file0" dev="tmpfs" ino=430 res=1 errno=0
[  107.810191][ T7308] ref_ctr increment failed for inode: 0x1ae offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804add60c0
[  107.897408][ T7321] ipvlan2: entered promiscuous mode
[  108.251805][   T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  108.401800][   T10] usb 7-1: Using ep0 maxpacket: 8
[  108.406273][   T10] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  108.410403][   T10] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1007
[  108.417125][   T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  108.420529][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.423972][   T10] usb 7-1: Product: М
[  108.425724][   T10] usb 7-1: Manufacturer: ்ϴ溂꥿賁ꆝ细ᣭṟ䯣฿螥精䃕䵆䛾㺡밤㎿꺌鴛聎㎨㇆㣤鱉ᜢⷘ꘷殌ꚍ㘈ﳠ㓇႐쩖ጄ鶪ᴙ瓉힠쫙뱯숿蜐ڥ쓮鮷賶赁Sၫ﹋ꭽ攩↯畲轥鿻금✴䊢
[  108.433771][   T10] usb 7-1: SerialNumber: ᠌
[  108.631748][ T7315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  108.649272][   T10] cdc_ncm 7-1:1.0: bind() failure
[  108.652974][   T10] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  108.655176][   T10] cdc_ncm 7-1:1.1: bind() failure
[  108.662411][   T10] usb 7-1: USB disconnect, device number 2
[  109.241905][   T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  109.280955][ T7344] mkiss: ax0: crc mode is auto.
[  109.391982][   T10] usb 7-1: Using ep0 maxpacket: 8
[  109.396277][   T10] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  109.399513][   T10] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1007
[  109.406474][   T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  109.409263][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.412145][   T10] usb 7-1: Product: syz
[  109.413671][   T10] usb 7-1: Manufacturer: syz
[  109.415119][   T10] usb 7-1: SerialNumber: syz
[  109.437274][   T10] cdc_ncm 7-1:1.0: bind() failure
[  109.444441][   T10] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  109.446812][   T10] cdc_ncm 7-1:1.1: bind() failure
[  109.525683][   T40] audit: type=1804 audit(1748702489.385:60): pid=7348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.351" name="/newroot/79/file0" dev="tmpfs" ino=459 res=1 errno=0
[  109.526292][ T7348] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  109.534981][ T7348] ref_ctr increment failed for inode: 0x1cb offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804add0ac0
[  109.544866][ T5943] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  109.548437][ T5943] CPU: 2 UID: 0 PID: 5943 Comm: kworker/u33:3 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  109.548466][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.548475][ T5943] Workqueue: hci2 hci_rx_work
[  109.548493][ T5943] Call Trace:
[  109.548498][ T5943]  <TASK>
[  109.548503][ T5943]  dump_stack_lvl+0x16c/0x1f0
[  109.548524][ T5943]  sysfs_warn_dup+0x7f/0xa0
[  109.548544][ T5943]  sysfs_create_dir_ns+0x24b/0x2b0
[  109.548556][ T5943]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  109.548567][ T5943]  ? find_held_lock+0x2b/0x80
[  109.548587][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[  109.548602][ T5943]  kobject_add_internal+0x2c4/0x9b0
[  109.548620][ T5943]  kobject_add+0x16e/0x240
[  109.548634][ T5943]  ? __pfx_kobject_add+0x10/0x10
[  109.548650][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[  109.548663][ T5943]  ? kobject_put+0xab/0x5a0
[  109.548681][ T5943]  device_add+0x288/0x1a70
[  109.548693][ T5943]  ? __pfx_dev_set_name+0x10/0x10
[  109.548705][ T5943]  ? __pfx_device_add+0x10/0x10
[  109.548716][ T5943]  ? mgmt_send_event_skb+0x2fb/0x460
[  109.548733][ T5943]  hci_conn_add_sysfs+0x17e/0x230
[  109.548749][ T5943]  le_conn_complete_evt+0x1075/0x1d70
[  109.548766][ T5943]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  109.548778][ T5943]  ? hci_event_packet+0x459/0x11c0
[  109.548795][ T5943]  hci_le_conn_complete_evt+0x23c/0x370
[  109.548812][ T5943]  hci_le_meta_evt+0x357/0x5e0
[  109.548825][ T5943]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  109.548840][ T5943]  hci_event_packet+0x682/0x11c0
[  109.548853][ T5943]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  109.548868][ T5943]  ? __pfx_hci_event_packet+0x10/0x10
[  109.548882][ T5943]  ? kcov_remote_start+0x3c9/0x6d0
[  109.548895][ T5943]  ? lockdep_hardirqs_on+0x7c/0x110
[  109.548911][ T5943]  hci_rx_work+0x2c5/0x16b0
[  109.548929][ T5943]  process_one_work+0x9cf/0x1b70
[  109.548949][ T5943]  ? __pfx_process_one_work+0x10/0x10
[  109.548967][ T5943]  ? assign_work+0x1a0/0x250
[  109.548980][ T5943]  worker_thread+0x6c8/0xf10
[  109.549001][ T5943]  ? __pfx_worker_thread+0x10/0x10
[  109.549022][ T5943]  kthread+0x3c2/0x780
[  109.549036][ T5943]  ? __pfx_kthread+0x10/0x10
[  109.549050][ T5943]  ? rcu_is_watching+0x12/0xc0
[  109.549067][ T5943]  ? __pfx_kthread+0x10/0x10
[  109.549080][ T5943]  ret_from_fork+0x5d4/0x6f0
[  109.549093][ T5943]  ? __pfx_kthread+0x10/0x10
[  109.549106][ T5943]  ret_from_fork_asm+0x1a/0x30
[  109.549126][ T5943]  </TASK>
[  109.549749][ T5943] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  109.630882][ T5943] Bluetooth: hci2: failed to register connection device
[  109.777119][ T7354] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  109.955779][   T40] audit: type=1804 audit(1748702489.815:61): pid=7358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.355" name="/newroot/89/file0" dev="tmpfs" ino=558 res=1 errno=0
[  109.956119][ T7358] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  109.964934][ T7358] ref_ctr increment failed for inode: 0x22e offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131ca040
[  111.029870][ T5979] usb 7-1: USB disconnect, device number 3
[  111.153301][ T7381] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  111.156189][ T7381] ref_ctr increment failed for inode: 0x1c3 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804add1580
[  111.156749][   T40] audit: type=1804 audit(1748702491.015:62): pid=7381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.361" name="/newroot/78/file0" dev="tmpfs" ino=451 res=1 errno=0
[  112.985457][ T7422] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  113.110171][ T7426] FAULT_INJECTION: forcing a failure.
[  113.110171][ T7426] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  113.115370][ T7426] CPU: 3 UID: 0 PID: 7426 Comm: syz.3.374 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  113.115386][ T7426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.115392][ T7426] Call Trace:
[  113.115396][ T7426]  <TASK>
[  113.115400][ T7426]  dump_stack_lvl+0x16c/0x1f0
[  113.115417][ T7426]  should_fail_ex+0x512/0x640
[  113.115436][ T7426]  _copy_to_user+0x32/0xd0
[  113.115454][ T7426]  simple_read_from_buffer+0xcb/0x170
[  113.115472][ T7426]  proc_fail_nth_read+0x197/0x270
[  113.115491][ T7426]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.115508][ T7426]  ? rw_verify_area+0xcf/0x680
[  113.115525][ T7426]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.115542][ T7426]  vfs_read+0x1e1/0xc60
[  113.115553][ T7426]  ? fdget_pos+0x2a2/0x370
[  113.115566][ T7426]  ? __pfx_vfs_read+0x10/0x10
[  113.115576][ T7426]  ? find_held_lock+0x2b/0x80
[  113.115595][ T7426]  ? __fget_files+0x20e/0x3c0
[  113.115609][ T7426]  ksys_read+0x12a/0x250
[  113.115620][ T7426]  ? __pfx_ksys_read+0x10/0x10
[  113.115632][ T7426]  ? rcu_is_watching+0x12/0xc0
[  113.115649][ T7426]  __do_fast_syscall_32+0x7c/0x3a0
[  113.115664][ T7426]  do_fast_syscall_32+0x32/0x80
[  113.115677][ T7426]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.115690][ T7426] RIP: 0023:0xf70fe579
[  113.115699][ T7426] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.115709][ T7426] RSP: 002b:00000000f50ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  113.115739][ T7426] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50ee620
[  113.115749][ T7426] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[  113.115755][ T7426] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  113.115761][ T7426] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  113.115767][ T7426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.115781][ T7426]  </TASK>
[  113.129896][ T7412] ALSA: mixer_oss: invalid OSS volume ''
[  113.471813][ T5979] usb 8-1: new low-speed USB device number 4 using dummy_hcd
[  113.623507][ T5979] usb 8-1: config 0 has no interfaces?
[  113.625924][ T5979] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  113.629783][ T5979] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.636320][ T5979] usb 8-1: config 0 descriptor??
[  113.858844][   T60] usb 8-1: USB disconnect, device number 4
[  114.155429][   T40] audit: type=1804 audit(1748702494.015:63): pid=7436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.377" name="/newroot/99/file0" dev="tmpfs" ino=612 res=1 errno=0
[  114.155778][ T7436] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  114.164902][ T7436] ref_ctr increment failed for inode: 0x264 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131cd600
[  114.342581][ T7439] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  114.345160][   T40] audit: type=1804 audit(1748702494.205:64): pid=7439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.378" name="/newroot/100/file0" dev="tmpfs" ino=618 res=1 errno=0
[  114.351610][ T7439] ref_ctr increment failed for inode: 0x26a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131ce0c0
[  114.516359][ T7446] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  114.615359][ T7452] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  114.800131][ T7460] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  115.321620][   T40] audit: type=1804 audit(1748702496.173:65): pid=7466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.388" name="/newroot/110/file0" dev="tmpfs" ino=628 res=1 errno=0
[  115.328437][ T7466] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  115.328452][ T7466] ref_ctr increment failed for inode: 0x274 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131cb5c0
[  115.390562][ T7469] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  115.391915][   T40] audit: type=1804 audit(1748702496.243:66): pid=7469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.387" name="/newroot/81/file0" dev="tmpfs" ino=468 res=1 errno=0
[  115.393886][ T7469] ref_ctr increment failed for inode: 0x1d4 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b260c0
[  115.540685][   T40] audit: type=1804 audit(1748702496.393:67): pid=7472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.389" name="/newroot/111/file0" dev="tmpfs" ino=634 res=1 errno=0
[  115.548763][ T7472] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  115.552307][ T7472] ref_ctr increment failed for inode: 0x27a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888069489580
[  115.572565][ T7474] netlink: 16 bytes leftover after parsing attributes in process `syz.2.390'.
[  115.674385][ T7481] random: crng reseeded on system resumption
[  115.796777][   T40] audit: type=1326 audit(1748702496.653:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  115.803625][   T40] audit: type=1326 audit(1748702496.653:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  115.810176][   T40] audit: type=1800 audit(1748702496.653:70): pid=7484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.391" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  115.816967][   T40] audit: type=1326 audit(1748702496.653:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  115.823738][   T40] audit: type=1326 audit(1748702496.653:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  116.169051][ T7501] dlm: non-version read from control device 4096
[  116.542354][ T7506] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  116.545826][ T7506] ref_ctr increment failed for inode: 0x1ef offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804d6bd600
[  116.871361][ T7518] netlink: 12 bytes leftover after parsing attributes in process `syz.3.403'.
[  116.891798][ T7516] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  116.894376][ T7516] ref_ctr increment failed for inode: 0x28b offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b235c0
[  117.109804][ T7522] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  117.120651][ T7524] lo speed is unknown, defaulting to 1000
[  117.212861][ T7524] lo speed is unknown, defaulting to 1000
[  117.370369][ T7528] netlink: 72 bytes leftover after parsing attributes in process `syz.1.407'.
[  117.509754][ T7509] ALSA: mixer_oss: invalid OSS volume ''
[  117.691474][ T7541] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  118.034643][ T7550] overlayfs: statfs failed on './file1'
[  119.068900][ T7568] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  119.072337][ T7568] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  119.074981][ T7568] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  119.078118][ T7568] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  119.091062][ T7575] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  119.152132][ T7555] ALSA: mixer_oss: invalid OSS volume ''
[  119.677549][ T7595] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  120.138815][ T7615] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  120.145869][ T7615] 9pnet_virtio: no channels available for device syz
[  120.527253][ T7622] netlink: 'syz.2.434': attribute type 7 has an invalid length.
[  120.535736][ T7622] : entered promiscuous mode
[  120.542017][ T7622] netlink: 12 bytes leftover after parsing attributes in process `syz.2.434'.
[  120.544961][ T7622] ksmbd: Unknown IPC event: 0, ignore.
[  120.593062][ T7627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.435'.
[  120.679978][ T7632] sp0: Synchronizing with TNC
[  120.681906][ T7631] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  120.966324][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  120.966335][   T40] audit: type=1804 audit(1748702501.823:93): pid=7646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.443" name="/newroot/99/file0" dev="tmpfs" ino=565 res=1 errno=0
[  120.967341][ T7646] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  120.977323][ T7646] ref_ctr increment failed for inode: 0x235 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b20ac0
[  121.322858][ T7661] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  122.035955][ T7672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.451'.
[  122.109383][ T7675] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  122.111737][   T40] audit: type=1804 audit(1748702502.963:94): pid=7675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.452" name="/newroot/102/file0" dev="tmpfs" ino=581 res=1 errno=0
[  122.112306][ T7675] ref_ctr increment failed for inode: 0x245 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88806948cb40
[  122.195602][   T40] audit: type=1804 audit(1748702503.053:95): pid=7680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.454" name="/newroot/106/file0" dev="tmpfs" ino=605 res=1 errno=0
[  122.195908][ T7680] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  122.205175][ T7680] ref_ctr increment failed for inode: 0x25d offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888069488000
[  122.321501][ T7689] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  122.759434][   T40] audit: type=1800 audit(1748702503.613:96): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.459" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  122.875352][ T7699] loop6: detected capacity change from 0 to 524287999
[  123.311486][ T7701] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  123.313965][ T7701] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  123.317444][ T7701] vhci_hcd vhci_hcd.0: Device attached
[  123.357517][ T7701] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[  123.360527][ T7701] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[  123.623038][ T2296] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  123.839549][   T40] audit: type=1804 audit(1748702504.693:97): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.463" name="/newroot/108/file0" dev="tmpfs" ino=617 res=1 errno=0
[  123.839904][ T7715] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  123.848683][ T7715] ref_ctr increment failed for inode: 0x269 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131c8000
[  123.904270][ T7707] vhci_hcd: connection reset by peer
[  123.907482][   T12] vhci_hcd: stop threads
[  123.909156][   T12] vhci_hcd: release socket
[  123.912338][   T12] vhci_hcd: disconnect device
[  124.281806][   T40] audit: type=1804 audit(1748702505.133:98): pid=7719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.465" name="/newroot/110/file0" dev="tmpfs" ino=632 res=1 errno=0
[  124.288766][ T7719] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  124.291360][ T7719] ref_ctr increment failed for inode: 0x278 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b24080
[  124.510527][ T7725] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  124.513524][ T7725] ref_ctr increment failed for inode: 0x27e offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804d4ad600
[  124.516210][   T40] audit: type=1804 audit(1748702505.363:99): pid=7725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.467" name="/newroot/111/file0" dev="tmpfs" ino=638 res=1 errno=0
[  125.210864][ T7738] netlink: 'syz.4.471': attribute type 1 has an invalid length.
[  125.213960][ T7738] netlink: 224 bytes leftover after parsing attributes in process `syz.4.471'.
[  125.216840][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.471'.
[  125.224198][ T7738] netlink: 12 bytes leftover after parsing attributes in process `syz.4.471'.
[  125.244123][ T7738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.471'.
[  125.335805][   T40] audit: type=1804 audit(1748702506.193:100): pid=7741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.472" name="/newroot/111/file0" dev="tmpfs" ino=633 res=1 errno=0
[  125.336118][ T7741] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  125.347179][ T7741] ref_ctr increment failed for inode: 0x279 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804d4a9580
[  125.536949][ T7749] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  125.539872][   T40] audit: type=1804 audit(1748702506.393:101): pid=7749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.475" name="/newroot/132/file0" dev="tmpfs" ino=746 res=1 errno=0
[  125.546723][ T7749] ref_ctr increment failed for inode: 0x2ea offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b22040
[  125.555604][ T7757] 9pnet_virtio: no channels available for device syz
[  126.065298][ T7765] netlink: 'syz.3.479': attribute type 5 has an invalid length.
[  126.074269][ T7765] ip6erspan0: entered promiscuous mode
[  126.534876][ T7773] fuse: Bad value for 'fd'
[  126.538432][   T40] audit: type=1804 audit(1748702507.393:102): pid=7773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.482" name="/newroot/136/file0" dev="tmpfs" ino=768 res=1 errno=0
[  126.538699][ T7773] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  126.548877][ T7773] ref_ctr increment failed for inode: 0x300 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b260c0
[  126.691185][ T7782] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  126.698404][ T7782] syzkaller0: entered promiscuous mode
[  126.700001][ T7782] syzkaller0: entered allmulticast mode
[  126.707346][ T7783] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.813259][ T7796] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  127.858052][ T7801] syz_tun: entered allmulticast mode
[  128.012727][ T7800] syz_tun: left allmulticast mode
[  128.270135][ T7817] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  128.365456][ T7819] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  128.577794][   T40] audit: type=1804 audit(1748702509.433:103): pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.496" name="/newroot/112/file0" dev="tmpfs" ino=685 res=1 errno=0
[  128.578171][ T7821] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  128.589183][ T7821] ref_ctr increment failed for inode: 0x2ad offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804add60c0
[  128.701773][ T2296] vhci_hcd: vhci_device speed not set
[  128.737821][ T7825] fuse: Bad value for 'fd'
[  128.742595][ T7825] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  128.744427][   T40] audit: type=1804 audit(1748702509.603:104): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.497" name="/newroot/113/file0" dev="tmpfs" ino=691 res=1 errno=0
[  128.745795][ T7825] ref_ctr increment failed for inode: 0x2b3 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804add4b40
[  129.042364][ T7834] netlink: 4 bytes leftover after parsing attributes in process `syz.4.499'.
[  129.320047][   T40] audit: type=1326 audit(1748702510.173:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.326864][   T40] audit: type=1326 audit(1748702510.173:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.333986][   T40] audit: type=1326 audit(1748702510.183:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.340766][   T40] audit: type=1326 audit(1748702510.193:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.348588][   T40] audit: type=1326 audit(1748702510.193:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.357929][   T40] audit: type=1326 audit(1748702510.193:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.370097][   T40] audit: type=1326 audit(1748702510.223:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7844 comm="syz.1.502" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  129.929873][ T7853] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  130.113878][ T7857] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  130.298119][ T7860] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  130.300782][ T7860] ref_ctr increment failed for inode: 0x2c9 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131ca040
[  130.668607][ T7877] kvm: kvm [7876]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[  130.706338][ T7871] loop6: detected capacity change from 0 to 524287999
[  130.744497][ T7881] overlayfs: failed to resolve './file0': -2
[  131.035835][ T7893] netdevsim netdevsim2: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  131.039501][ T7893] netdevsim netdevsim2: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  131.150071][ T7896] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  131.153888][ T7896] ref_ctr increment failed for inode: 0x2de offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b20ac0
[  131.171957][ T7897] xt_CT: You must specify a L4 protocol and not use inversions on it
[  131.895828][ T5943] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  132.324968][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  132.330658][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  133.025765][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  133.025776][   T40] audit: type=1804 audit(1748702513.883:118): pid=7937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.529" name="/newroot/125/file0" dev="tmpfs" ino=708 res=1 errno=0
[  133.026073][ T7937] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  133.036944][ T7937] ref_ctr increment failed for inode: 0x2c4 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88806948eb80
[  133.120387][ T7941] syz_tun: entered allmulticast mode
[  133.144644][ T7940] syz_tun: left allmulticast mode
[  133.528849][ T7958] fuse: Bad value for 'fd'
[  133.557357][   T40] audit: type=1804 audit(1748702514.413:119): pid=7958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.537" name="/newroot/127/file0" dev="tmpfs" ino=719 res=1 errno=0
[  133.770239][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.4.539'.
[  133.916124][ T7971] warning: `syz.1.540' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  134.268297][   T40] audit: type=1804 audit(1748702515.123:120): pid=7984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.544" name="/newroot/149/file0" dev="tmpfs" ino=836 res=1 errno=0
[  134.276736][ T7984] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  134.279365][ T7984] ref_ctr increment failed for inode: 0x344 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880131ce0c0
[  135.099371][ T8010] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  135.372293][    C2] hrtimer: interrupt took 4119017 ns
[  135.873221][ T8024] netdevsim netdevsim3: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  135.897227][ T8024] netdevsim netdevsim3: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  135.965797][ T8028] fuse: Bad value for 'fd'
[  135.981823][   T40] audit: type=1804 audit(1748702516.833:121): pid=8028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.560" name="/newroot/129/file0" dev="tmpfs" ino=776 res=1 errno=0
[  136.178582][ T8041] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  136.210065][ T8042] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  136.702738][ T8050] overlayfs: missing 'lowerdir'
[  136.803308][ T8053] fuse: Bad value for 'fd'
[  137.089649][ T8063] netlink: 'syz.2.571': attribute type 39 has an invalid length.
[  137.164373][ T8067] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  137.646207][ T8078] netdevsim netdevsim1: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  137.650736][ T8078] netdevsim netdevsim1: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  137.850984][   T40] audit: type=1326 audit(1748702518.703:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.858320][   T40] audit: type=1326 audit(1748702518.703:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.865533][   T40] audit: type=1326 audit(1748702518.703:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.872553][   T40] audit: type=1326 audit(1748702518.703:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.879021][   T40] audit: type=1326 audit(1748702518.703:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  137.885665][   T40] audit: type=1326 audit(1748702518.703:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8083 comm="syz.2.579" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[  138.851363][ T8104] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  138.853503][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  138.853513][   T40] audit: type=1804 audit(1748702519.703:135): pid=8104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.586" name="/newroot/138/file0" dev="tmpfs" ino=822 res=1 errno=0
[  138.854239][ T8104] ref_ctr increment failed for inode: 0x336 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804d4aeb80
[  139.078626][ T8124] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  139.172302][ T8126] netdevsim netdevsim4: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  139.176140][ T8126] netdevsim netdevsim4: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  139.906646][ T8138] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  139.909529][ T8138] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  140.204664][ T8149] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  140.508520][ T8157] input: syz1 as /devices/virtual/input/input13
[  140.630786][ T8160] fuse: Bad value for 'fd'
[  140.722916][ T8166] netdevsim netdevsim4: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  140.727030][ T8166] netdevsim netdevsim4: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  140.732475][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  140.782963][ T8167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[  141.182384][ T8175] syz_tun: entered allmulticast mode
[  141.315240][ T8174] syz_tun: left allmulticast mode
[  141.408040][ T8179] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  141.586442][ T8186] fuse: Bad value for 'fd'
[  141.893853][ T8200] fuse: Bad value for 'fd'
[  141.896740][   T40] audit: type=1804 audit(1748702522.753:136): pid=8200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.619" name="/newroot/176/file0" dev="tmpfs" ino=987 res=1 errno=0
[  141.962458][ T8204] netdevsim netdevsim3: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  141.967308][ T8204] netdevsim netdevsim3: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  142.621895][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  142.664484][ T8210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.622'.
[  142.818763][ T8215] fuse: Bad value for 'fd'
[  143.224684][ T8228] fuse: Bad value for 'fd'
[  143.229958][   T40] audit: type=1804 audit(1748702524.083:137): pid=8228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.628" name="/newroot/149/file0" dev="tmpfs" ino=833 res=1 errno=0
[  143.752891][ T8237] lo speed is unknown, defaulting to 1000
[  143.864473][ T8237] lo speed is unknown, defaulting to 1000
[  143.961340][ T8241] netlink: 24 bytes leftover after parsing attributes in process `syz.2.632'.
[  144.004850][ T8241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.632'.
[  144.485054][ T8246] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  144.501481][ T8246] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  144.504622][ T8246] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  144.507536][ T8246] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  145.326816][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  145.370477][ T8260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.639'.
[  146.752979][ T8273] netlink: 20 bytes leftover after parsing attributes in process `syz.2.641'.
[  147.461770][ T5979] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  147.467506][ T6082] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  147.469934][ T6082] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  147.472374][ T6082] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  147.479005][ T6082] hid-generic 0000:0004:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  147.539454][ T8287] fido_id[8287]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  147.592130][ T5979] usb 7-1: device descriptor read/64, error -71
[  147.795042][ T8297] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  147.831797][ T5979] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  147.971915][ T5979] usb 7-1: device descriptor read/64, error -71
[  148.092911][ T5979] usb usb7-port1: attempt power cycle
[  148.431757][ T5979] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  148.453255][ T5979] usb 7-1: device descriptor read/8, error -71
[  148.486183][ T8302] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  148.487097][ T8304] overlayfs: missing 'workdir'
[  148.720598][ T5979] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  148.742706][ T5979] usb 7-1: device descriptor read/8, error -71
[  148.853177][ T5979] usb usb7-port1: unable to enumerate USB device
[  148.943219][ T8327] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  148.956755][ T8329] overlayfs: missing 'workdir'
[  148.969565][   T10] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  149.123701][   T10] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  149.129083][   T10] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  149.132055][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  149.134536][   T10] usb 9-1: SerialNumber: syz
[  149.177723][ T8334] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  149.360393][ T8315] loop6: detected capacity change from 0 to 128
[  149.412922][ T8315] Invalid logical block size (1373)
[  149.620583][   T10] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -71
[  149.625575][   T10] usb 9-1: USB disconnect, device number 4
[  149.930516][ T8344] netlink: 16 bytes leftover after parsing attributes in process `syz.3.664'.
[  151.336683][ T8371] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  151.714292][ T8375] netlink: 'syz.4.674': attribute type 7 has an invalid length.
[  151.717619][ T8375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.674'.
[  151.726089][ T8375] FAULT_INJECTION: forcing a failure.
[  151.726089][ T8375] name failslab, interval 1, probability 0, space 0, times 0
[  151.729991][ T8375] CPU: 3 UID: 0 PID: 8375 Comm: syz.4.674 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  151.730006][ T8375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.730012][ T8375] Call Trace:
[  151.730017][ T8375]  <TASK>
[  151.730022][ T8375]  dump_stack_lvl+0x16c/0x1f0
[  151.730038][ T8375]  should_fail_ex+0x512/0x640
[  151.730054][ T8375]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  151.730069][ T8375]  should_failslab+0xc2/0x120
[  151.730084][ T8375]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  151.730097][ T8375]  ? __lock_acquire+0x622/0x1c90
[  151.730107][ T8375]  ? __alloc_skb+0x2b2/0x380
[  151.730123][ T8375]  __alloc_skb+0x2b2/0x380
[  151.730134][ T8375]  ? __pfx___alloc_skb+0x10/0x10
[  151.730148][ T8375]  ? find_held_lock+0x2b/0x80
[  151.730164][ T8375]  alloc_skb_with_frags+0xe0/0x860
[  151.730183][ T8375]  sock_alloc_send_pskb+0x7fb/0x990
[  151.730196][ T8375]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  151.730215][ T8375]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  151.730227][ T8375]  ? find_held_lock+0x2b/0x80
[  151.730241][ T8375]  ? dev_get_by_index+0x17c/0x380
[  151.730258][ T8375]  packet_sendmsg+0x1fb0/0x5880
[  151.730279][ T8375]  ? __pfx___might_resched+0x10/0x10
[  151.730294][ T8375]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  151.730311][ T8375]  ? __pfx_packet_sendmsg+0x10/0x10
[  151.730321][ T8375]  ? __might_fault+0xe3/0x190
[  151.730334][ T8375]  ? aa_label_match+0x11e0/0x2750
[  151.730358][ T8375]  __sys_sendto+0x4a0/0x520
[  151.730370][ T8375]  ? __pfx___sys_sendto+0x10/0x10
[  151.730393][ T8375]  ? ksys_write+0x1ac/0x250
[  151.730405][ T8375]  ? __pfx_ksys_write+0x10/0x10
[  151.730418][ T8375]  __ia32_sys_sendto+0xdd/0x1b0
[  151.730428][ T8375]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.730440][ T8375]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  151.730454][ T8375]  __do_fast_syscall_32+0x7c/0x3a0
[  151.730468][ T8375]  do_fast_syscall_32+0x32/0x80
[  151.730481][ T8375]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.730495][ T8375] RIP: 0023:0xf704e579
[  151.730504][ T8375] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  151.730514][ T8375] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  151.730524][ T8375] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  151.730531][ T8375] RDX: 0000000000000000 RSI: 0000000020044800 RDI: 0000000080000140
[  151.730537][ T8375] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  151.730543][ T8375] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  151.730549][ T8375] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.730563][ T8375]  </TASK>
[  153.667375][ T8416] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  153.889795][ T8418] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  154.191068][ T8428] FAULT_INJECTION: forcing a failure.
[  154.191068][ T8428] name failslab, interval 1, probability 0, space 0, times 0
[  154.195943][ T8428] CPU: 1 UID: 0 PID: 8428 Comm: syz.3.689 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  154.195958][ T8428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.195965][ T8428] Call Trace:
[  154.195969][ T8428]  <TASK>
[  154.195973][ T8428]  dump_stack_lvl+0x16c/0x1f0
[  154.195990][ T8428]  should_fail_ex+0x512/0x640
[  154.196005][ T8428]  ? fs_reclaim_acquire+0xae/0x150
[  154.196023][ T8428]  ? tomoyo_encode2+0x100/0x3e0
[  154.196037][ T8428]  should_failslab+0xc2/0x120
[  154.196052][ T8428]  __kmalloc_noprof+0xd2/0x510
[  154.196065][ T8428]  ? d_absolute_path+0x136/0x1a0
[  154.196081][ T8428]  tomoyo_encode2+0x100/0x3e0
[  154.196097][ T8428]  tomoyo_encode+0x29/0x50
[  154.196110][ T8428]  tomoyo_realpath_from_path+0x18f/0x6e0
[  154.196128][ T8428]  tomoyo_path_number_perm+0x245/0x580
[  154.196140][ T8428]  ? tomoyo_path_number_perm+0x237/0x580
[  154.196153][ T8428]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.196180][ T8428]  ? find_held_lock+0x2b/0x80
[  154.196197][ T8428]  ? hook_file_ioctl_common+0x145/0x410
[  154.196219][ T8428]  ? __fget_files+0x20e/0x3c0
[  154.196233][ T8428]  ? __fput_deferred+0x370/0x370
[  154.196261][ T8428]  security_file_ioctl_compat+0x9b/0x240
[  154.196284][ T8428]  __ia32_compat_sys_ioctl+0xc3/0x370
[  154.196307][ T8428]  __do_fast_syscall_32+0x7c/0x3a0
[  154.196322][ T8428]  do_fast_syscall_32+0x32/0x80
[  154.196335][ T8428]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.196349][ T8428] RIP: 0023:0xf70fe579
[  154.196358][ T8428] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.196368][ T8428] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  154.196378][ T8428] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000402c5828
[  154.196385][ T8428] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  154.196391][ T8428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.196397][ T8428] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.196403][ T8428] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.196416][ T8428]  </TASK>
[  154.196427][ T8428] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.247255][   T40] audit: type=1326 audit(1748702535.103:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8429 comm="syz.2.690" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  155.244290][ T8446] netlink: 40 bytes leftover after parsing attributes in process `syz.3.695'.
[  155.247434][ T8446] netlink: 'syz.3.695': attribute type 2 has an invalid length.
[  155.253445][ T8446] dummy0: entered allmulticast mode
[  155.257495][ T8446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.695'.
[  155.261884][ T8446] dummy0: entered promiscuous mode
[  155.266882][ T8446] netlink: 24 bytes leftover after parsing attributes in process `syz.3.695'.
[  155.272910][ T8445] dummy0: left allmulticast mode
[  155.368003][ T8449] vivid-002: disconnect
[  155.381205][ T8447] vivid-002: reconnect
[  155.490678][ T8457] vivid-004: disconnect
[  155.495372][ T8453] FAULT_INJECTION: forcing a failure.
[  155.495372][ T8453] name failslab, interval 1, probability 0, space 0, times 0
[  155.499267][ T8453] CPU: 0 UID: 0 PID: 8453 Comm: syz.4.698 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  155.499282][ T8453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.499289][ T8453] Call Trace:
[  155.499293][ T8453]  <TASK>
[  155.499298][ T8453]  dump_stack_lvl+0x16c/0x1f0
[  155.499315][ T8453]  should_fail_ex+0x512/0x640
[  155.499331][ T8453]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  155.499361][ T8453]  should_failslab+0xc2/0x120
[  155.499376][ T8453]  __kmalloc_cache_noprof+0x6a/0x3e0
[  155.499387][ T8453]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.499398][ T8453]  ? io_wq_create+0x68/0x8f0
[  155.499411][ T8453]  io_wq_create+0x68/0x8f0
[  155.499423][ T8453]  io_uring_alloc_task_context+0x1e1/0x650
[  155.499436][ T8453]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[  155.499458][ T8453]  __io_uring_add_tctx_node+0x2dd/0x500
[  155.499469][ T8453]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  155.499481][ T8453]  ? __fget_files+0x20e/0x3c0
[  155.499494][ T8453]  __io_uring_add_tctx_node_from_submit+0x89/0x130
[  155.499506][ T8453]  __do_sys_io_uring_enter+0x123a/0x1630
[  155.499522][ T8453]  ? __fget_files+0x20e/0x3c0
[  155.499532][ T8453]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  155.499552][ T8453]  ? fput+0x70/0xf0
[  155.499565][ T8453]  ? ksys_write+0x1ac/0x250
[  155.499576][ T8453]  ? __pfx_ksys_write+0x10/0x10
[  155.499589][ T8453]  ? rcu_is_watching+0x12/0xc0
[  155.499607][ T8453]  __do_fast_syscall_32+0x7c/0x3a0
[  155.499621][ T8453]  do_fast_syscall_32+0x32/0x80
[  155.499634][ T8453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.499648][ T8453] RIP: 0023:0xf704e579
[  155.499657][ T8453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.499668][ T8453] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  155.499679][ T8453] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000000048e9
[  155.499686][ T8453] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  155.499692][ T8453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.499698][ T8453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.499704][ T8453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.499718][ T8453]  </TASK>
[  155.499923][ T8452] vivid-004: reconnect
[  155.780297][ T8477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.706'.
[  155.981942][ T5979] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  156.131788][ T5979] usb 9-1: Using ep0 maxpacket: 8
[  156.135702][ T5979] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  156.139698][ T5979] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  156.143684][ T5979] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.147766][ T5979] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.152491][ T5979] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  156.155290][ T5979] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.420584][ T8474] netlink: 60 bytes leftover after parsing attributes in process `syz.4.703'.
[  156.433203][ T5979] usb 9-1: GET_CAPABILITIES returned 0
[  156.434962][ T5979] usbtmc 9-1:16.0: can't read capabilities
[  156.633613][  T838] libceph: connect (1)[c::]:6789 error -101
[  156.635045][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  156.636281][  T838] libceph: mon0 (1)[c::]:6789 connect error
[  156.643154][  T838] libceph: connect (1)[c::]:6789 error -101
[  156.645486][  T838] libceph: mon0 (1)[c::]:6789 connect error
[  156.768937][ T8499] ceph: No mds server is up or the cluster is laggy
[  158.696059][  T838] usb 9-1: USB disconnect, device number 5
[  158.748992][   T40] audit: type=1804 audit(1748702539.603:139): pid=8530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.722" name="/newroot/163/file0" dev="tmpfs" ino=958 res=1 errno=0
[  158.857066][ T8541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  158.903163][ T8542] sg_write: data in/out 768/18 bytes for SCSI command 0x2a-- guessing data in;
[  158.903163][ T8542]    program syz.4.725 not setting count and/or reply_len properly
[  159.435680][ T8554] fuse: Bad value for 'fd'
[  159.491578][ T8556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.731'.
[  159.512723][ T1117] sr 2:0:0:0: [sr0] tag#10 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  159.515712][ T1117] sr 2:0:0:0: [sr0] tag#10 Sense Key : Illegal Request [current] 
[  159.518058][ T1117] sr 2:0:0:0: [sr0] tag#10 Add. Sense: Invalid command operation code
[  159.520892][ T1117] sr 2:0:0:0: [sr0] tag#10 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  159.527185][ T1117] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  159.530410][ T1117] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  159.754758][ T8568] netlink: 12 bytes leftover after parsing attributes in process `syz.4.736'.
[  159.778086][ T8568] 
: renamed from bond0 (while UP)
[  159.789107][ T8570] netdevsim netdevsim3: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  159.789548][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.4.736'.
[  159.798279][   T40] audit: type=1804 audit(1748702540.653:140): pid=8563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.734" name="/newroot/174/file0" dev="tmpfs" ino=993 res=1 errno=0
[  159.799781][ T8570] netdevsim netdevsim3: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  159.913419][ T8568] team0: Port device team_slave_0 removed
[  159.953737][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  159.994231][ T8577] netlink: 4 bytes leftover after parsing attributes in process `syz.2.738'.
[  160.495122][ T8582] fuse: Bad value for 'fd'
[  160.815031][   T40] audit: type=1804 audit(1748702541.673:141): pid=8597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.746" name="/newroot/180/file0" dev="tmpfs" ino=1016 res=1 errno=0
[  161.710214][ T8612] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  161.855796][ T8620] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  162.051103][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  162.095500][ T8629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.755'.
[  162.176736][ T8635] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  163.035967][ T8654] lo speed is unknown, defaulting to 1000
[  163.085164][ T8655] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  163.139555][ T8654] lo speed is unknown, defaulting to 1000
[  163.479393][ T8671] fuse: Bad value for 'fd'
[  163.483412][   T40] audit: type=1804 audit(1748702544.343:142): pid=8671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.769" name="/newroot/186/file0" dev="tmpfs" ino=1063 res=1 errno=0
[  163.484293][ T8671] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  163.492507][ T8671] ref_ctr increment failed for inode: 0x427 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ecb5c0
[  163.675328][ T5943] Bluetooth: Frame is too long (len 16, expected len 4)
[  163.740067][ T8679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.770'.
[  163.863254][ T8686] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  164.160542][ T8696] FAULT_INJECTION: forcing a failure.
[  164.160542][ T8696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.165373][ T8696] CPU: 0 UID: 0 PID: 8696 Comm: syz.3.778 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  164.165389][ T8696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.165396][ T8696] Call Trace:
[  164.165400][ T8696]  <TASK>
[  164.165404][ T8696]  dump_stack_lvl+0x16c/0x1f0
[  164.165421][ T8696]  should_fail_ex+0x512/0x640
[  164.165440][ T8696]  _copy_from_user+0x2e/0xd0
[  164.165457][ T8696]  io_msg_copy_hdr.isra.0+0x56e/0x910
[  164.165474][ T8696]  ? __pfx_io_msg_copy_hdr.isra.0+0x10/0x10
[  164.165496][ T8696]  io_sendmsg_setup+0xfa/0x300
[  164.165509][ T8696]  ? rcu_is_watching+0x12/0xc0
[  164.165524][ T8696]  ? __pfx_io_sendmsg_setup+0x10/0x10
[  164.165537][ T8696]  ? __kmalloc_noprof+0x242/0x510
[  164.165552][ T8696]  ? __asan_memset+0x23/0x50
[  164.165563][ T8696]  ? io_cache_alloc_new+0xb8/0xf0
[  164.165580][ T8696]  io_sendmsg_prep+0x48a/0x590
[  164.165595][ T8696]  io_submit_sqes+0x832/0x2580
[  164.165617][ T8696]  __do_sys_io_uring_enter+0xd6a/0x1630
[  164.165633][ T8696]  ? __fget_files+0x20e/0x3c0
[  164.165644][ T8696]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  164.165659][ T8696]  ? fput+0x70/0xf0
[  164.165673][ T8696]  ? ksys_write+0x1ac/0x250
[  164.165684][ T8696]  ? __pfx_ksys_write+0x10/0x10
[  164.165697][ T8696]  ? rcu_is_watching+0x12/0xc0
[  164.165713][ T8696]  __do_fast_syscall_32+0x7c/0x3a0
[  164.165728][ T8696]  do_fast_syscall_32+0x32/0x80
[  164.165741][ T8696]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.165755][ T8696] RIP: 0023:0xf70fe579
[  164.165763][ T8696] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  164.165773][ T8696] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  164.165783][ T8696] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000003d0e
[  164.165790][ T8696] RDX: 00000000000004c1 RSI: 0000000000000043 RDI: 0000000000000000
[  164.165800][ T8696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.165806][ T8696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  164.165812][ T8696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.165826][ T8696]  </TASK>
[  164.287400][ T8698] capability: warning: `syz.3.779' uses 32-bit capabilities (legacy support in use)
[  164.352167][ T8700] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  164.929130][ T8713] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  165.065290][ T8723] fuse: Bad value for 'fd'
[  165.068039][   T40] audit: type=1804 audit(1748702545.923:143): pid=8723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.789" name="/newroot/222/file0" dev="tmpfs" ino=1252 res=1 errno=0
[  165.068296][ T8723] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  165.074634][ T8724] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  165.077428][ T8723] ref_ctr increment failed for inode: 0x4e4 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b235c0
[  165.901805][   T54] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  165.913284][   T10] IPVS: starting estimator thread 0...
[  165.919007][ T8741] netlink: 32 bytes leftover after parsing attributes in process `syz.3.796'.
[  166.011815][ T8742] IPVS: using max 44 ests per chain, 105600 per kthread
[  166.055351][ T8746] fuse: Bad value for 'fd'
[  166.060148][   T40] audit: type=1804 audit(1748702546.913:144): pid=8746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.798" name="/newroot/193/file0" dev="tmpfs" ino=1082 res=1 errno=0
[  166.060637][ T8746] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  166.070541][ T8746] ref_ctr increment failed for inode: 0x43a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ecb5c0
[  166.083500][   T54] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.087536][   T40] audit: type=1326 audit(1748702546.943:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  166.087767][   T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  166.094706][   T40] audit: type=1326 audit(1748702546.943:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  166.100144][   T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  166.107150][   T40] audit: type=1326 audit(1748702546.943:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.799" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  166.109853][   T54] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  166.123815][   T54] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  166.127568][   T54] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  166.130863][   T54] usb 7-1: Manufacturer: syz
[  166.135607][   T54] usb 7-1: config 0 descriptor??
[  166.381837][   T54] rc_core: IR keymap rc-hauppauge not found
[  166.383918][   T54] Registered IR keymap rc-empty
[  166.385991][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.402482][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.423549][   T54] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  166.430405][   T54] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input19
[  166.446024][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.461904][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.491986][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.511854][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.531817][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.552935][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.571820][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.593047][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.611860][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.631810][   T54] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  166.653261][   T54] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  166.657366][   T54] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  166.664624][   T54] usb 7-1: USB disconnect, device number 8
[  166.894984][ T8748] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.898202][ T8748] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  166.907307][ T8748] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  166.911821][ T8748] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.913774][ T8748] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.916305][ T8748] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.920472][ T8748] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.924169][ T8748] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  166.926185][ T8748] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  166.928817][ T8748] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  166.932132][ T8748] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.934225][ T8748] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  166.936962][ T8748] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  167.293796][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.297141][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.300044][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.303873][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.306745][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.310586][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.313790][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.316543][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.319652][ T8771] netlink: 50 bytes leftover after parsing attributes in process `syz.2.806'.
[  167.322971][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'.
[  168.039053][   T40] audit: type=1804 audit(1748702548.893:148): pid=8780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.808" name="/newroot/230/file0" dev="tmpfs" ino=1293 res=1 errno=0
[  168.162686][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout
[  168.253058][ T1019] kernel read not supported for file /vcs (pid: 1019 comm: kworker/0:2)
[  168.304466][ T8792] FAULT_INJECTION: forcing a failure.
[  168.304466][ T8792] name failslab, interval 1, probability 0, space 0, times 0
[  168.308903][ T8792] CPU: 2 UID: 0 PID: 8792 Comm: syz.1.812 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  168.308918][ T8792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.308925][ T8792] Call Trace:
[  168.308930][ T8792]  <TASK>
[  168.308934][ T8792]  dump_stack_lvl+0x16c/0x1f0
[  168.308951][ T8792]  should_fail_ex+0x512/0x640
[  168.308968][ T8792]  ? fs_reclaim_acquire+0xae/0x150
[  168.308986][ T8792]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  168.309001][ T8792]  should_failslab+0xc2/0x120
[  168.309016][ T8792]  __kmalloc_noprof+0xd2/0x510
[  168.309032][ T8792]  tomoyo_realpath_from_path+0xc2/0x6e0
[  168.309048][ T8792]  ? tomoyo_profile+0x47/0x60
[  168.309065][ T8792]  tomoyo_path_number_perm+0x245/0x580
[  168.309076][ T8792]  ? tomoyo_path_number_perm+0x237/0x580
[  168.309089][ T8792]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.309116][ T8792]  ? find_held_lock+0x2b/0x80
[  168.309131][ T8792]  ? hook_file_ioctl_common+0x145/0x410
[  168.309145][ T8792]  ? __fget_files+0x20e/0x3c0
[  168.309155][ T8792]  ? __fput_deferred+0x370/0x370
[  168.309172][ T8792]  security_file_ioctl_compat+0x9b/0x240
[  168.309187][ T8792]  __ia32_compat_sys_ioctl+0xc3/0x370
[  168.309206][ T8792]  __do_fast_syscall_32+0x7c/0x3a0
[  168.309221][ T8792]  do_fast_syscall_32+0x32/0x80
[  168.309234][ T8792]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.309248][ T8792] RIP: 0023:0xf7f83579
[  168.309257][ T8792] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.309268][ T8792] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  168.309279][ T8792] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000541c
[  168.309286][ T8792] RDX: 0000000080001900 RSI: 0000000000000000 RDI: 0000000000000000
[  168.309292][ T8792] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.309298][ T8792] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  168.309304][ T8792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.309318][ T8792]  </TASK>
[  168.309323][ T8792] ERROR: Out of memory at tomoyo_realpath_from_path.
[  168.613230][ T8805] wireguard0: entered promiscuous mode
[  168.615197][ T8805] wireguard0: entered allmulticast mode
[  168.746756][   T40] audit: type=1804 audit(1748702549.603:149): pid=8811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.819" name="/newroot/197/file0" dev="tmpfs" ino=1103 res=1 errno=0
[  168.961852][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  168.964256][ T5943] Bluetooth: hci2: command 0x0c1a tx timeout
[  169.567115][   T63] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  170.231803][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  170.392735][ T8857] lo speed is unknown, defaulting to 1000
[  170.512708][ T8857] lo speed is unknown, defaulting to 1000
[  170.736189][ T8873] lo speed is unknown, defaulting to 1000
[  170.764113][ T8876] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  170.766873][ T8876] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  170.771277][ T8876] vhci_hcd vhci_hcd.0: Device attached
[  170.780927][ T8876] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(15)
[  170.783678][ T8876] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  170.787246][ T8876] vhci_hcd vhci_hcd.0: Device attached
[  170.794718][ T8876] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(17)
[  170.797759][ T8876] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  170.800922][ T8876] vhci_hcd vhci_hcd.0: Device attached
[  170.805413][ T8876] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  170.810720][ T8876] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(21)
[  170.813218][ T8876] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  170.816760][ T8876] vhci_hcd vhci_hcd.0: Device attached
[  170.833995][ T8876] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(23)
[  170.836693][ T8876] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  170.862808][ T8876] vhci_hcd vhci_hcd.0: Device attached
[  170.868779][ T8876] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  170.873394][ T8876] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  170.876374][ T8876] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  170.883362][ T8876] vhci_hcd vhci_hcd.0: port 0 already used
[  170.915373][ T8884] vhci_hcd: connection closed
[  170.915552][   T89] vhci_hcd: stop threads
[  170.915613][ T8886] vhci_hcd: connection closed
[  170.917474][   T89] vhci_hcd: release socket
[  170.919698][ T8877] vhci_hcd: connection closed
[  170.920652][   T89] vhci_hcd: disconnect device
[  170.923975][ T8880] vhci_hcd: connection closed
[  170.927416][   T89] vhci_hcd: stop threads
[  170.928321][ T8882] vhci_hcd: connection closed
[  170.929032][   T89] vhci_hcd: release socket
[  170.929151][   T89] vhci_hcd: disconnect device
[  170.937910][   T89] vhci_hcd: stop threads
[  170.939545][   T89] vhci_hcd: release socket
[  170.941171][   T89] vhci_hcd: disconnect device
[  170.950345][   T89] vhci_hcd: stop threads
[  170.951794][   T60] vhci_hcd: vhci_device speed not set
[  170.956048][   T89] vhci_hcd: release socket
[  170.958685][   T89] vhci_hcd: disconnect device
[  170.963694][   T89] vhci_hcd: stop threads
[  170.967488][   T89] vhci_hcd: release socket
[  170.972621][   T89] vhci_hcd: disconnect device
[  171.031944][   T63] Bluetooth: hci2: command 0x0c1a tx timeout
[  171.032077][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  171.064455][ T8873] lo speed is unknown, defaulting to 1000
[  171.557654][ T8908] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  171.649596][ T8911] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  171.729738][ T8914] Bluetooth: MGMT ver 1.23
[  171.971886][   T54] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  171.974320][   T34] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  172.142035][   T34] usb 8-1: Using ep0 maxpacket: 8
[  172.150502][   T54] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  172.154648][   T54] usb 6-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  172.158918][   T34] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  172.165593][   T54] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  172.169304][   T54] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  172.173766][   T34] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  172.177751][   T34] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  172.181969][   T54] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  172.188476][   T34] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.193886][   T34] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  172.197699][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.201618][   T54] usb 6-1: New USB device found, idVendor=9325, idProduct=a415, bcdDevice= 0.40
[  172.208420][   T54] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  172.211605][   T54] usb 6-1: Product: syz
[  172.214361][   T54] usb 6-1: Manufacturer: syz
[  172.236318][   T54] cdc_wdm 6-1:1.0: skipping garbage
[  172.238085][   T54] cdc_wdm 6-1:1.0: skipping garbage
[  172.244417][   T54] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  172.246986][   T54] cdc_wdm 6-1:1.0: Unknown control protocol
[  172.312059][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout
[  172.423319][   T34] usb 8-1: GET_CAPABILITIES returned 0
[  172.425083][   T34] usbtmc 8-1:16.0: can't read capabilities
[  172.563255][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  172.564053][ T1019] usb 6-1: USB disconnect, device number 4
[  172.565436][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  172.568870][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  172.582782][ T8930] cdc_wdm 6-1:1.0: Tx URB error: -19
[  173.111823][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  173.111853][   T63] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.373007][   T40] audit: type=1804 audit(1748702554.233:150): pid=8935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.855" name="/newroot/189/file0" dev="tmpfs" ino=1114 res=1 errno=0
[  173.600742][   T54] usb 8-1: USB disconnect, device number 5
[  174.248907][ T8944] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  174.465321][ T8947] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  174.590916][ T8951] netlink: 'syz.1.860': attribute type 1 has an invalid length.
[  174.624831][ T8953] __nla_validate_parse: 92 callbacks suppressed
[  174.624842][ T8953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.861'.
[  174.981390][ T8958] fuse: Bad value for 'fd'
[  174.986441][ T8956] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  174.989757][ T8956] ref_ctr increment failed for inode: 0x479 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ece0c0
[  174.991823][   T40] audit: type=1804 audit(1748702555.843:151): pid=8956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.862" name="/newroot/195/file0" dev="tmpfs" ino=1145 res=1 errno=0
[  175.060854][   T40] audit: type=1804 audit(1748702555.913:152): pid=8961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.864" name="/newroot/244/file0" dev="tmpfs" ino=1368 res=1 errno=0
[  175.099014][ T8968] netlink: 'syz.3.866': attribute type 4 has an invalid length.
[  175.101453][ T8968] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.866'.
[  175.251887][   T63] Bluetooth: hci2: command 0x0c1a tx timeout
[  175.455883][ T8985] netlink: 8 bytes leftover after parsing attributes in process `syz.3.868'.
[  175.480884][ T8983] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  176.030359][ T8993] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  176.168287][ T8996] fuse: Bad value for 'fd'
[  176.173414][ T8996] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  176.173422][   T40] audit: type=1804 audit(1748702557.033:153): pid=8996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.874" name="/newroot/248/file0" dev="tmpfs" ino=1390 res=1 errno=0
[  176.176762][ T8996] ref_ctr increment failed for inode: 0x56e offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ecb5c0
[  177.301884][   T54] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  177.461803][   T54] usb 9-1: Using ep0 maxpacket: 8
[  177.466633][   T54] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.469899][   T54] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  177.473448][   T54] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  177.477972][   T54] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  177.482805][   T54] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  177.485952][   T54] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.494680][   T54] hub 9-1:1.0: bad descriptor, ignoring hub
[  177.497102][   T54] hub 9-1:1.0: probe with driver hub failed with error -5
[  177.500230][   T54] cdc_wdm 9-1:1.0: skipping garbage
[  177.504393][   T54] cdc_wdm 9-1:1.0: skipping garbage
[  177.508827][   T54] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  177.511329][   T54] cdc_wdm 9-1:1.0: Unknown control protocol
[  177.623022][ T9022] fuse: Bad value for 'fd'
[  177.625894][   T40] audit: type=1804 audit(1748702558.483:154): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.883" name="/newroot/252/file0" dev="tmpfs" ino=1411 res=1 errno=0
[  177.626327][ T9022] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  177.636581][ T9022] ref_ctr increment failed for inode: 0x583 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880136f60c0
[  178.027696][ T9030] FAULT_INJECTION: forcing a failure.
[  178.027696][ T9030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.032000][ T9030] CPU: 1 UID: 0 PID: 9030 Comm: syz.2.885 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  178.032027][ T9030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.032034][ T9030] Call Trace:
[  178.032038][ T9030]  <TASK>
[  178.032042][ T9030]  dump_stack_lvl+0x16c/0x1f0
[  178.032058][ T9030]  should_fail_ex+0x512/0x640
[  178.032077][ T9030]  _copy_from_user+0x2e/0xd0
[  178.032094][ T9030]  __ia32_compat_sys_socketcall+0x187/0x770
[  178.032111][ T9030]  ? __fget_files+0x20e/0x3c0
[  178.032122][ T9030]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  178.032140][ T9030]  ? fput+0x70/0xf0
[  178.032153][ T9030]  ? ksys_write+0x1ac/0x250
[  178.032167][ T9030]  ? rcu_is_watching+0x12/0xc0
[  178.032184][ T9030]  __do_fast_syscall_32+0x7c/0x3a0
[  178.032199][ T9030]  do_fast_syscall_32+0x32/0x80
[  178.032213][ T9030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.032226][ T9030] RIP: 0023:0xf70be579
[  178.032235][ T9030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.032246][ T9030] RSP: 002b:00000000f506b430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  178.032257][ T9030] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f506b444
[  178.032264][ T9030] RDX: 0000000000000000 RSI: 00000000f506b560 RDI: 00000000f7422ff4
[  178.032270][ T9030] RBP: 00000000f506b560 R08: 0000000000000000 R09: 0000000000000000
[  178.032277][ T9030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.032283][ T9030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.032297][ T9030]  </TASK>
[  178.414822][ T9014] usb 9-1: reset high-speed USB device number 6 using dummy_hcd
[  178.563889][ T9014] usb 9-1: device firmware changed
[  178.567588][  T838] usb 9-1: USB disconnect, device number 6
[  178.569977][ T9014] cdc_wdm 9-1:1.0: Error autopm - -16
[  178.701921][  T838] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  178.861755][  T838] usb 9-1: Using ep0 maxpacket: 8
[  178.864620][  T838] usb 9-1: config 1 has an invalid descriptor of length 128, skipping remainder of the config
[  178.867812][  T838] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  178.871230][  T838] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  178.875353][  T838] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  178.878256][  T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.889948][  T838] hub 9-1:1.0: bad descriptor, ignoring hub
[  178.895275][  T838] hub 9-1:1.0: probe with driver hub failed with error -5
[  178.897734][  T838] cdc_wdm 9-1:1.0: skipping garbage
[  178.899369][  T838] cdc_wdm 9-1:1.0: skipping garbage
[  178.901470][  T838] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[  179.212156][   T34] usb 9-1: USB disconnect, device number 7
[  179.241797][  T838] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  179.401845][  T838] usb 7-1: Using ep0 maxpacket: 8
[  179.404710][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  179.407036][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.417876][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.423818][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.427254][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.433249][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  179.435692][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.440064][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.444608][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.448504][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.452815][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  179.454891][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.458352][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.461950][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.465767][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.471246][  T838] usb 7-1: string descriptor 0 read error: -22
[  179.473977][  T838] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  179.476757][  T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.488245][  T838] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  179.691801][ T2296] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  179.841828][ T2296] usb 6-1: Using ep0 maxpacket: 8
[  179.845798][ T2296] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  179.848719][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.849202][ T1019] usb 7-1: USB disconnect, device number 9
[  179.852810][ T2296] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.852833][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.852853][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.853858][ T2296] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  179.868639][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.872148][ T2296] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.875718][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.879133][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.883485][ T2296] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  179.885827][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  179.889269][ T2296] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  179.892931][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.896308][ T2296] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  179.902199][ T2296] usb 6-1: string descriptor 0 read error: -22
[  179.904228][ T2296] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  179.907019][ T2296] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.914071][ T2296] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  180.278612][ T1019] usb 6-1: USB disconnect, device number 5
[  180.571794][ T9065] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  180.892982][ T9080] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  181.037788][ T9083] lo speed is unknown, defaulting to 1000
[  181.275171][ T9083] lo speed is unknown, defaulting to 1000
[  181.383574][ T9083] lo: entered promiscuous mode
[  181.392227][ T9083] tunl0: entered promiscuous mode
[  181.394950][ T9083] gre0: entered promiscuous mode
[  181.398256][ T9083] gretap0: entered promiscuous mode
[  181.400283][ T9083] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  181.670214][ T9097] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  181.673222][ T9097] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  182.352178][ T9111] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  182.877704][ T9129] tipc: Started in network mode
[  182.879337][ T9129] tipc: Node identity ac141425, cluster identity 4711
[  182.882771][ T9129] tipc: New replicast peer: 0.0.0.0
[  182.885706][ T9129] tipc: Enabled bearer <udp:syz2>, priority 10
[  182.892024][ T9129] tipc: New replicast peer: 172.20.20.170
[  183.267351][ T9139] fuse: Bad value for 'fd'
[  183.270768][   T40] audit: type=1804 audit(1748702564.123:155): pid=9139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.916" name="/newroot/262/file0" dev="tmpfs" ino=1464 res=1 errno=0
[  183.271051][ T9139] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  183.280607][ T9139] ref_ctr increment failed for inode: 0x5b8 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88802ad95600
[  183.396928][ T9141] lo speed is unknown, defaulting to 1000
[  183.543005][ T9141] lo speed is unknown, defaulting to 1000
[  183.904023][   T60] tipc: Node number set to 2886997029
[  183.922217][ T9162] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  186.315174][ T9197] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  186.716175][ T9208] mmap: syz.2.936 (9208) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  186.880127][ T9216] fuse: Bad value for 'fd'
[  186.884711][ T9212] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  186.887914][   T40] audit: type=1804 audit(1748702567.743:156): pid=9212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.939" name="/newroot/223/file0" dev="tmpfs" ino=1242 res=1 errno=0
[  186.889312][ T9212] ref_ctr increment failed for inode: 0x4da offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880136f0000
[  186.961012][ T9218] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  187.023414][ T9222] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  187.218975][ T9227] lo speed is unknown, defaulting to 1000
[  187.291833][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  187.426247][ T9227] lo speed is unknown, defaulting to 1000
[  187.480987][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.493981][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.498231][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  187.502409][   T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  187.505405][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.512599][   T10] usb 6-1: config 0 descriptor??
[  187.600537][ T9239] ipvlan2: entered promiscuous mode
[  187.861952][   T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  187.927209][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.929802][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.932502][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.935228][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.937619][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.940012][   T10] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  187.944008][   T10] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  187.954988][   T10] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  188.032819][   T24] usb 9-1: Using ep0 maxpacket: 8
[  188.035721][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  188.039176][   T24] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  188.042241][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.046292][   T24] usb 9-1: config 0 descriptor??
[  188.117811][   T40] audit: type=1804 audit(1748702568.973:157): pid=9249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.952" name="/newroot/269/file0" dev="tmpfs" ino=1502 res=1 errno=0
[  188.253932][   T24] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  188.354112][   T34] IPVS: starting estimator thread 0...
[  188.441855][ T9257] IPVS: using max 44 ests per chain, 105600 per kthread
[  188.461481][   T34] usb 9-1: USB disconnect, device number 8
[  190.045648][   T24] usb 6-1: USB disconnect, device number 6
[  190.130430][ T9295] fuse: Bad value for 'fd'
[  190.134816][ T9295] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  190.135371][   T40] audit: type=1804 audit(1748702570.993:158): pid=9295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.967" name="/newroot/224/file0" dev="tmpfs" ino=1293 res=1 errno=0
[  190.137558][ T9295] ref_ctr increment failed for inode: 0x50d offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804d76a040
[  190.286209][ T9297] binder: 9296:9297 ioctl c0306201 80000540 returned -22
[  190.288749][ T9297] binder: 9296:9297 ioctl c0306201 80000640 returned -22
[  190.404406][ T9301] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  190.406493][ T9301] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  190.410055][ T9301] vhci_hcd vhci_hcd.0: Device attached
[  190.414586][ T9302] vhci_hcd: connection closed
[  190.415371][ T1141] vhci_hcd: stop threads
[  190.418453][ T1141] vhci_hcd: release socket
[  190.419987][ T1141] vhci_hcd: disconnect device
[  190.470270][ T9305] NILFS (nbd3): device size too small
[  190.694603][ T9316] fuse: Bad value for 'fd'
[  190.699137][   T40] audit: type=1804 audit(1748702571.553:159): pid=9316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.976" name="/newroot/232/file0" dev="tmpfs" ino=1306 res=1 errno=0
[  190.699472][ T9316] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  190.709096][ T9316] ref_ctr increment failed for inode: 0x51a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880136f0000
[  190.797860][ T9325] netlink: 'syz.2.980': attribute type 2 has an invalid length.
[  190.813534][   T34] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  190.974460][   T34] usb 9-1: config 1 interface 0 has no altsetting 0
[  190.978372][   T34] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  190.981299][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.983964][   T34] usb 9-1: Product: syz
[  190.985354][   T34] usb 9-1: Manufacturer: syz
[  190.986904][   T34] usb 9-1: SerialNumber: syz
[  191.268576][   T63] Bluetooth: hci1: unexpected event for opcode 0x2031
[  191.428346][ T9346] FAULT_INJECTION: forcing a failure.
[  191.428346][ T9346] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.432424][ T9346] CPU: 3 UID: 0 PID: 9346 Comm: syz.2.987 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  191.432439][ T9346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.432446][ T9346] Call Trace:
[  191.432450][ T9346]  <TASK>
[  191.432455][ T9346]  dump_stack_lvl+0x16c/0x1f0
[  191.432489][ T9346]  should_fail_ex+0x512/0x640
[  191.432523][ T9346]  _copy_from_iter+0x29f/0x16f0
[  191.432543][ T9346]  ? aa_file_perm+0x4d6/0xfb0
[  191.432558][ T9346]  ? __pfx__copy_from_iter+0x10/0x10
[  191.432576][ T9346]  ? __pfx_aa_file_perm+0x10/0x10
[  191.432594][ T9346]  vhost_chr_write_iter+0xc8/0x10f0
[  191.432610][ T9346]  ? get_pid_task+0xfc/0x250
[  191.432624][ T9346]  ? __pfx_vhost_chr_write_iter+0x10/0x10
[  191.432641][ T9346]  ? bpf_lsm_file_permission+0x9/0x10
[  191.432657][ T9346]  ? security_file_permission+0x71/0x210
[  191.432672][ T9346]  ? rw_verify_area+0xcf/0x680
[  191.432690][ T9346]  vfs_write+0x6c4/0x1150
[  191.432702][ T9346]  ? __pfx_vhost_net_chr_write_iter+0x10/0x10
[  191.432718][ T9346]  ? __pfx_vfs_write+0x10/0x10
[  191.432728][ T9346]  ? find_held_lock+0x2b/0x80
[  191.432752][ T9346]  ksys_write+0x12a/0x250
[  191.432763][ T9346]  ? __pfx_ksys_write+0x10/0x10
[  191.432779][ T9346]  ? rcu_is_watching+0x12/0xc0
[  191.432802][ T9346]  __do_fast_syscall_32+0x7c/0x3a0
[  191.432822][ T9346]  do_fast_syscall_32+0x32/0x80
[  191.432841][ T9346]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.432857][ T9346] RIP: 0023:0xf70be579
[  191.432866][ T9346] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.432877][ T9346] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  191.432887][ T9346] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  191.432895][ T9346] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  191.432901][ T9346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.432907][ T9346] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.432913][ T9346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.432927][ T9346]  </TASK>
[  191.601973][ T9310] netlink: 'syz.4.973': attribute type 1 has an invalid length.
[  191.603614][   T34] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  191.604594][ T9310] netlink: 208 bytes leftover after parsing attributes in process `syz.4.973'.
[  191.700611][ T9358] netlink: 36 bytes leftover after parsing attributes in process `syz.3.992'.
[  191.927384][   T40] audit: type=1804 audit(1748702572.783:160): pid=9369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.997" name="/newroot/234/file0" dev="tmpfs" ino=1346 res=1 errno=0
[  191.974919][ T9376] pim6reg9: entered allmulticast mode
[  192.559673][ T9385] input: syz1 as /devices/virtual/input/input30
[  193.477593][ T9395] ALSA: mixer_oss: invalid OSS volume 'PHONEI�'
[  193.479778][ T9395] ALSA: mixer_oss: invalid OSS volume '��Vu얽�Sqi�܆��<|�P[�#ͪN��Q'
[  193.482930][ T9395] ALSA: mixer_oss: invalid OSS volume ';�C2a&�?5��'�,k��遇���V�$E'
[  193.577725][ T9403] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1008'.
[  193.588920][   T40] audit: type=1804 audit(1748702574.443:161): pid=9399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1007" name="/newroot/244/file0" dev="tmpfs" ino=1371 res=1 errno=0
[  193.634476][   T10] usb 9-1: USB disconnect, device number 9
[  193.641252][   T10] usblp0: removed
[  193.753355][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  193.755470][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  193.785681][ T9413] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  195.145138][ T9456] usb usb9: usbfs: process 9456 (syz.2.1027) did not claim interface 0 before use
[  195.253536][   T40] audit: type=1804 audit(1748702576.113:162): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1030" name="/newroot/250/file0" dev="tmpfs" ino=1403 res=1 errno=0
[  195.369821][ T9476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1037'.
[  195.375045][ T9476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1037'.
[  195.595234][ T9475] delete_channel: no stack
[  196.155608][ T9509] batman_adv: batadv0: Adding interface: dummy0
[  196.157506][ T9509] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.165097][ T9509] batman_adv: batadv0: Interface activated: dummy0
[  196.343423][ T9517] xt_CT: You must specify a L4 protocol and not use inversions on it
[  196.346459][ T9517] ./file0: Can't lookup blockdev
[  196.680404][ T9525] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  196.972280][ T9537] 9pnet_fd: Insufficient options for proto=fd
[  197.490354][ T9553] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  197.701738][ T9560] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  197.860224][ T9565] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  197.889852][ T9566] lo speed is unknown, defaulting to 1000
[  198.060777][ T9566] lo speed is unknown, defaulting to 1000
[  198.108311][   T40] audit: type=1804 audit(1748702578.963:163): pid=9570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1069" name="/newroot/246/file0" dev="tmpfs" ino=1362 res=1 errno=0
[  198.396042][ T9593] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  199.036973][ T9601] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1080'.
[  199.039833][ T9601] 8021q: VLANs not supported on vcan0
[  199.318510][ T9583] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1074'.
[  199.558335][ T9610] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1083'.
[  199.675596][ T9613] lo speed is unknown, defaulting to 1000
[  199.778313][   T40] audit: type=1804 audit(1748702580.633:164): pid=9621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1085" name="/newroot/252/file0" dev="tmpfs" ino=1394 res=1 errno=0
[  199.794675][ T9622] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1086'.
[  199.947994][ T9626] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  200.005007][ T9613] lo speed is unknown, defaulting to 1000
[  200.098669][ T9631] usb usb8: usbfs: process 9631 (syz.4.1089) did not claim interface 0 before use
[  200.220462][ T9637] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1091'.
[  200.735496][ T9655] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  200.769357][ T9657] xt_CT: You must specify a L4 protocol and not use inversions on it
[  200.826329][   T40] audit: type=1804 audit(1748702581.683:165): pid=9651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1095" name="/newroot/257/file0" dev="tmpfs" ino=1420 res=1 errno=0
[  200.827139][ T9651] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  200.841032][ T9651] ref_ctr increment failed for inode: 0x58c offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88802ad92040
[  201.138228][ T9659] lo speed is unknown, defaulting to 1000
[  201.241210][ T9659] lo speed is unknown, defaulting to 1000
[  201.387884][ T9667] lo speed is unknown, defaulting to 1000
[  201.506391][ T9667] lo speed is unknown, defaulting to 1000
[  201.524823][ T9672] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  202.567262][   T40] audit: type=1804 audit(1748702583.423:166): pid=9692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1105" name="file0" dev="tmpfs" ino=1750 res=1 errno=0
[  202.567756][ T9692] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  202.576390][ T9692] ref_ctr increment failed for inode: 0x6d6 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880136f4080
[  202.936312][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1108'.
[  205.148399][ T9738] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  205.927547][ T9747] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1125'.
[  206.042757][ T9748] fuse: Bad value for 'fd'
[  206.067843][   T40] audit: type=1804 audit(1748702586.923:167): pid=9748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1123" name="/newroot/265/file0" dev="tmpfs" ino=1462 res=1 errno=0
[  206.069040][ T9748] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  206.076379][ T9748] ref_ctr increment failed for inode: 0x5b6 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027eceb80
[  206.286618][ T9757] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1128'.
[  207.196086][ T9769] lo speed is unknown, defaulting to 1000
[  207.411925][ T9769] lo speed is unknown, defaulting to 1000
[  207.522669][ T9773] lo speed is unknown, defaulting to 1000
[  207.628277][ T9773] lo speed is unknown, defaulting to 1000
[  208.025481][ T9794] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  208.120253][ T9790] lo speed is unknown, defaulting to 1000
[  208.257865][ T9790] lo speed is unknown, defaulting to 1000
[  208.683993][ T9804] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  208.825731][ T9809] netlink: 'syz.4.1143': attribute type 11 has an invalid length.
[  208.849633][ T9809] Bluetooth: MGMT ver 1.23
[  208.851853][ T9809] ipt_ECN: cannot use operation on non-tcp rule
[  208.894715][ T9811] FAULT_INJECTION: forcing a failure.
[  208.894715][ T9811] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  208.898894][ T9811] CPU: 1 UID: 0 PID: 9811 Comm: syz.4.1144 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  208.898910][ T9811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.898917][ T9811] Call Trace:
[  208.898921][ T9811]  <TASK>
[  208.898926][ T9811]  dump_stack_lvl+0x16c/0x1f0
[  208.898943][ T9811]  should_fail_ex+0x512/0x640
[  208.898962][ T9811]  should_fail_alloc_page+0xe7/0x130
[  208.898979][ T9811]  prepare_alloc_pages+0x3c2/0x610
[  208.898999][ T9811]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  208.899030][ T9811]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  208.899045][ T9811]  ? is_bpf_text_address+0x8a/0x1a0
[  208.899057][ T9811]  ? bpf_ksym_find+0x124/0x1c0
[  208.899074][ T9811]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  208.899090][ T9811]  ? is_bpf_text_address+0x94/0x1a0
[  208.899103][ T9811]  ? kernel_text_address+0x8d/0x100
[  208.899117][ T9811]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.899132][ T9811]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.899152][ T9811]  ? __pfx_stack_trace_save+0x10/0x10
[  208.899167][ T9811]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  208.899181][ T9811]  ? policy_nodemask+0xea/0x4e0
[  208.899197][ T9811]  alloc_pages_mpol+0x1fb/0x550
[  208.899211][ T9811]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  208.899225][ T9811]  ? alloc_vmcs_cpu+0x19c/0x280
[  208.899238][ T9811]  ? __pfx_alloc_vmcs_cpu+0x10/0x10
[  208.899252][ T9811]  alloc_pages_noprof+0x131/0x390
[  208.899267][ T9811]  get_free_pages_noprof+0x10/0xb0
[  208.899282][ T9811]  alloc_loaded_vmcs+0x226/0x2e0
[  208.899294][ T9811]  ? __pfx_alloc_loaded_vmcs+0x10/0x10
[  208.899311][ T9811]  enter_vmx_operation+0x74/0x620
[  208.899325][ T9811]  ? free_nested+0x4ee/0x740
[  208.899338][ T9811]  ? __pfx_enter_vmx_operation+0x10/0x10
[  208.899351][ T9811]  ? __pfx_free_nested+0x10/0x10
[  208.899368][ T9811]  vmx_set_nested_state+0x5a7/0x15c0
[  208.899386][ T9811]  ? __pfx_vmx_set_nested_state+0x10/0x10
[  208.899406][ T9811]  kvm_arch_vcpu_ioctl+0x304/0x51c0
[  208.899423][ T9811]  ? is_bpf_text_address+0x94/0x1a0
[  208.899435][ T9811]  ? kernel_text_address+0x8d/0x100
[  208.899448][ T9811]  ? __kernel_text_address+0xd/0x40
[  208.899463][ T9811]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  208.899486][ T9811]  ? stack_trace_save+0x8e/0xc0
[  208.899503][ T9811]  ? __lock_acquire+0xb8a/0x1c90
[  208.899516][ T9811]  ? kasan_save_stack+0x42/0x60
[  208.899528][ T9811]  ? kasan_save_track+0x14/0x30
[  208.899541][ T9811]  ? __mutex_trylock_common+0xe9/0x250
[  208.899553][ T9811]  ? __pfx___mutex_trylock_common+0x10/0x10
[  208.899565][ T9811]  ? __pfx___might_resched+0x10/0x10
[  208.899581][ T9811]  ? rcu_is_watching+0x12/0xc0
[  208.899596][ T9811]  ? trace_contention_end+0xdd/0x130
[  208.899607][ T9811]  ? __mutex_lock+0x1ca/0xb90
[  208.899621][ T9811]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  208.899642][ T9811]  ? kasan_quarantine_put+0x10a/0x240
[  208.899656][ T9811]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  208.899667][ T9811]  kvm_vcpu_ioctl+0x1232/0x1680
[  208.899681][ T9811]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  208.899693][ T9811]  ? tomoyo_path_number_perm+0x18d/0x580
[  208.899705][ T9811]  ? lockdep_hardirqs_on+0x64/0x110
[  208.899718][ T9811]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  208.899730][ T9811]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  208.899743][ T9811]  ? do_vfs_ioctl+0x523/0x1a60
[  208.899760][ T9811]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  208.899788][ T9811]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  208.899801][ T9811]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  208.899814][ T9811]  ? __fget_files+0x20e/0x3c0
[  208.899823][ T9811]  ? __fput_deferred+0x370/0x370
[  208.899840][ T9811]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  208.899853][ T9811]  __ia32_compat_sys_ioctl+0x23f/0x370
[  208.899872][ T9811]  __do_fast_syscall_32+0x7c/0x3a0
[  208.899886][ T9811]  do_fast_syscall_32+0x32/0x80
[  208.899899][ T9811]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.899913][ T9811] RIP: 0023:0xf704e579
[  208.899922][ T9811] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.899933][ T9811] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  208.899943][ T9811] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004080aebf
[  208.899950][ T9811] RDX: 0000000080000340 RSI: 0000000000000000 RDI: 0000000000000000
[  208.899956][ T9811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.899962][ T9811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  208.899968][ T9811] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.899982][ T9811]  </TASK>
[  209.189553][ T9814] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  210.546252][ T9833] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  210.548990][   T40] audit: type=1804 audit(1748702591.403:168): pid=9833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1151" name="file0" dev="tmpfs" ino=1823 res=1 errno=0
[  210.555279][ T9833] ref_ctr increment failed for inode: 0x71f offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880136f2b00
[  210.794129][ T9840] fuse: Bad value for 'fd'
[  210.797352][   T40] audit: type=1804 audit(1748702591.653:169): pid=9840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1153" name="file0" dev="tmpfs" ino=1834 res=1 errno=0
[  210.797669][ T9840] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  210.807458][ T9840] ref_ctr increment failed for inode: 0x72a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ec8000
[  210.975645][ T9847] lo speed is unknown, defaulting to 1000
[  211.239762][ T9847] lo speed is unknown, defaulting to 1000
[  211.689796][ T9863] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  212.041086][ T9871] fuse: Bad value for 'fd'
[  212.082160][   T40] audit: type=1804 audit(1748702592.943:170): pid=9871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1163" name="/newroot/266/file0" dev="tmpfs" ino=1515 res=1 errno=0
[  212.083949][ T9871] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  212.093696][ T9871] ref_ctr increment failed for inode: 0x5eb offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888049ba60c0
[  212.425569][   T40] audit: type=1326 audit(1748702593.283:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.434532][   T40] audit: type=1326 audit(1748702593.283:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.443144][   T40] audit: type=1326 audit(1748702593.283:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=24 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.451599][   T40] audit: type=1326 audit(1748702593.283:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.473004][   T40] audit: type=1326 audit(1748702593.283:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.488141][   T40] audit: type=1326 audit(1748702593.283:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.488742][ T9890] lo speed is unknown, defaulting to 1000
[  212.492850][ T9889] netlink: 'syz.1.1171': attribute type 21 has an invalid length.
[  212.501928][   T40] audit: type=1326 audit(1748702593.283:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=153 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.508593][   T40] audit: type=1326 audit(1748702593.283:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.515178][   T40] audit: type=1326 audit(1748702593.283:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.1.1171" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  212.752860][ T9890] lo speed is unknown, defaulting to 1000
[  212.790724][ T9894] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  212.794123][ T9894] ref_ctr increment failed for inode: 0x602 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ece0c0
[  212.932305][ T9902] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  212.984305][ T9904] fuse: Bad value for 'fd'
[  212.988755][ T9904] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  212.991371][ T9904] ref_ctr increment failed for inode: 0x608 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888041b24080
[  213.038459][ T9906] infiniband syz1: set active
[  213.046156][ T9906] infiniband syz1: added syz_tun
[  213.095446][ T9906] RDS/IB: syz1: added
[  213.096805][ T9906] smc: adding ib device syz1 with port count 1
[  213.098745][ T9906] smc:    ib device syz1 port 1 has pnetid 
[  213.220993][   T63] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  213.225685][ T9915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1178'.
[  214.333641][ T9931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1182'.
[  214.385062][ T9938] fuse: Bad value for 'fd'
[  214.425257][ T9937] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  214.427901][ T9937] ref_ctr increment failed for inode: 0x764 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888027ec9580
[  214.692193][   T63] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  214.780007][ T9967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1189'.
[  214.825320][ T9968] lo speed is unknown, defaulting to 1000
[  215.000340][ T9968] lo speed is unknown, defaulting to 1000
[  215.498418][ T9981] fuse: Bad value for 'fd'
[  215.951826][   T60] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  216.111744][   T60] usb 6-1: Using ep0 maxpacket: 8
[  216.117801][   T60] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  216.121481][   T60] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  216.131738][   T60] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  216.137657][   T60] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  216.142638][   T60] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  216.145509][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.148045][   T60] usb 6-1: Product: ꫕Ⱄ貤乁勐鰠뫟틻ᰫ쪽䘑۹趲♼ʆ࢞剏ต伽츓ᯝ梍腙븽㫺䡃博闳ퟬ瀣೪풲ꎟ槾峰棼㑹똳쫱쏩鮒輦筍ꯡ쵒廿罫罯찄罀쵧⸶ꛅ⊅㣅읤蒒쮥㹟個ꦓ鶧㔾埂䏶꼂詭污
[  216.155450][   T60] usb 6-1: Manufacturer: 址菏⌒敍꧵퇎楥Ⰴ緈✱傻⩅ᚊ설᏿╲埐ꥷ䘖㦷撠쉶쐏ԣ宫ꃭ⛍ꋤ≧愤鸦꧇
[  216.159428][   T60] usb 6-1: SerialNumber: Т
[  216.194156][T10008] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1203'.
[  216.377318][ T9988] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615)
[  216.381432][ T9988] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  216.478481][   T60] cdc_ncm 6-1:1.0: bind() failure
[  216.487881][   T60] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  216.490255][   T60] cdc_ncm 6-1:1.1: bind() failure
[  216.500745][   T60] usb 6-1: USB disconnect, device number 7
[  216.586100][T10023] lo speed is unknown, defaulting to 1000
[  216.795871][T10023] lo speed is unknown, defaulting to 1000
[  217.728959][T10057] lo speed is unknown, defaulting to 1000
[  217.996264][T10057] lo speed is unknown, defaulting to 1000
[  218.091617][T10063] lo speed is unknown, defaulting to 1000
[  218.257142][T10070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1222'.
[  218.314278][T10063] lo speed is unknown, defaulting to 1000
[  219.281892][T10083] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1226'.
[  219.281892][T10084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1226'.
[  219.293652][T10083] bridge0: port 3(macvlan2) entered blocking state
[  219.297128][T10083] bridge0: port 3(macvlan2) entered disabled state
[  219.301840][T10083] macvlan2: entered allmulticast mode
[  219.304717][T10083] bridge0: entered allmulticast mode
[  219.312030][T10083] macvlan2: left allmulticast mode
[  219.314746][T10083] bridge0: left allmulticast mode
[  219.373741][T10084] bridge0: port 3(macvlan2) entered blocking state
[  219.376738][T10084] bridge0: port 3(macvlan2) entered disabled state
[  219.381252][T10084] macvlan2: entered allmulticast mode
[  219.384336][T10084] bridge0: entered allmulticast mode
[  219.389371][T10084] macvlan2: left allmulticast mode
[  219.392866][T10084] bridge0: left allmulticast mode
[  219.847946][T10095] lo speed is unknown, defaulting to 1000
[  220.131556][T10104] overlayfs: conflicting options: userxattr,verity=on
[  220.139221][T10095] lo speed is unknown, defaulting to 1000
[  220.386654][T10111] lo speed is unknown, defaulting to 1000
[  220.467283][T10111] lo speed is unknown, defaulting to 1000
[  220.499647][T10118] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  220.627662][T10120] overlayfs: failed to resolve './bus': -2
[  220.863713][T10139] fuse: Unknown parameter 'al�ow_'
[  220.904243][T10141] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  221.227804][T10149] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  221.863547][T10170] fuse: Bad value for 'fd'
[  221.865825][   T40] kauditd_printk_skb: 70 callbacks suppressed
[  221.865843][   T40] audit: type=1804 audit(1748702602.723:250): pid=10170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1252" name="/newroot/303/file0" dev="tmpfs" ino=1679 res=1 errno=0
[  222.480963][T10156] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  222.483582][T10156] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  222.487845][T10156] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  222.489750][T10156] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  222.494365][T10156] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  222.496663][T10156] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  222.601595][T10186] fuse: Unknown parameter 'group_id00000000000000000000'
[  222.606182][T10186] 9pnet_fd: Insufficient options for proto=fd
[  222.692046][T10192] raw_sendmsg: syz.1.1260 forgot to set AF_INET. Fix it!
[  222.695562][T10192] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1260'.
[  222.751593][T10197] tmpfs: Bad value for 'mpol'
[  222.753531][T10197] tmpfs: Bad value for 'mpol'
[  223.040953][T10205] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  223.196674][T10207] lo speed is unknown, defaulting to 1000
[  223.271044][T10207] lo speed is unknown, defaulting to 1000
[  223.872526][T10228] lo speed is unknown, defaulting to 1000
[  224.055819][T10228] lo speed is unknown, defaulting to 1000
[  224.061769][ T1019] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  224.213115][ T1019] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.216562][ T1019] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.220109][ T1019] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  224.224234][ T1019] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  224.227348][ T1019] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.232993][ T1019] usb 6-1: config 0 descriptor??
Connection to localhost closed by remote host.
[  224.661778][ T1019] usbhid 6-1:0.0: can't add hid device: -71
[  224.664144][ T1019] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  224.668990][ T1019] usb 6-1: USB disconnect, device number 8
[  225.197512][ T1181] smc: removing ib device syz1
[  225.256415][ T1019] syz1: Port: 1 Link DOWN
[  225.273877][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.278548][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  225.444851][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.448127][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  225.617104][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.621429][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  225.674199][ T1181] ------------[ cut here ]------------
[  225.676375][ T1181] GID entry ref leak for dev syz1 index 2 ref=1
[  225.679037][ T1181] WARNING: CPU: 2 PID: 1181 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x387/0x4b0
[  225.682910][ T1181] Modules linked in:
[  225.684643][ T1181] CPU: 2 UID: 0 PID: 1181 Comm: kworker/u32:10 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  225.690162][ T1181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.693532][ T1181] Workqueue: ib-unreg-wq ib_unregister_work
[  225.695451][ T1181] RIP: 0010:gid_table_release_one+0x387/0x4b0
[  225.697989][ T1181] Code: 07 00 00 48 85 f6 74 2b 48 89 74 24 38 e8 21 70 36 f9 48 8b 74 24 38 44 89 f1 44 89 ea 48 c7 c7 60 63 98 8c e8 8a d0 f5 f8 90 <0f> 0b 90 90 e9 6e fe ff ff e8 fb 6f 36 f9 48 8d bd 48 07 00 00 48
[  225.705737][ T1181] RSP: 0018:ffffc90006c57b50 EFLAGS: 00010286
[  225.707732][ T1181] RAX: 0000000000000000 RBX: ffff888068ac9a00 RCX: ffffffff817aba48
[  225.710188][ T1181] RDX: ffff888020f52440 RSI: ffffffff817aba55 RDI: 0000000000000001
[  225.713145][ T1181] RBP: ffff88806823c000 R08: 0000000000000001 R09: 0000000000000000
[  225.715606][ T1181] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed100d15935b
[  225.718087][ T1181] R13: 0000000000000002 R14: 0000000000000001 R15: dffffc0000000000
[  225.720554][ T1181] FS:  0000000000000000(0000) GS:ffff88809797b000(0000) knlGS:0000000000000000
[  225.723425][ T1181] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  225.725497][ T1181] CR2: 00000000804a5000 CR3: 000000000e180000 CR4: 0000000000352ef0
[  225.728079][ T1181] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  225.730973][ T1181] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  225.733486][ T1181] Call Trace:
[  225.734556][ T1181]  <TASK>
[  225.735515][ T1181]  ib_device_release+0xef/0x1e0
[  225.737283][ T1181]  ? __pfx_ib_device_release+0x10/0x10
[  225.739193][ T1181]  device_release+0xa4/0x240
[  225.740647][ T1181]  kobject_put+0x1e7/0x5a0
[  225.742132][ T1181]  put_device+0x1f/0x30
[  225.743461][ T1181]  process_one_work+0x9cf/0x1b70
[  225.745451][ T1181]  ? __pfx_process_one_work+0x10/0x10
[  225.747277][ T1181]  ? assign_work+0x1a0/0x250
[  225.748751][ T1181]  worker_thread+0x6c8/0xf10
[  225.750217][ T1181]  ? __kthread_parkme+0x19e/0x250
[  225.752884][ T1181]  ? __pfx_worker_thread+0x10/0x10
[  225.754444][ T1181]  kthread+0x3c2/0x780
[  225.755716][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.757240][ T1181]  ? rcu_is_watching+0x12/0xc0
[  225.758762][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.760649][ T1181]  ret_from_fork+0x5d4/0x6f0
[  225.762154][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.763615][ T1181]  ret_from_fork_asm+0x1a/0x30
[  225.765146][ T1181]  </TASK>
[  225.766145][ T1181] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  225.768866][ T1181] CPU: 2 UID: 0 PID: 1181 Comm: kworker/u32:10 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  225.773490][ T1181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.776894][ T1181] Workqueue: ib-unreg-wq ib_unregister_work
[  225.779038][ T1181] Call Trace:
[  225.780434][ T1181]  <TASK>
[  225.781694][ T1181]  dump_stack_lvl+0x3d/0x1f0
[  225.783286][ T1181]  panic+0x71c/0x800
[  225.784541][ T1181]  ? __pfx_panic+0x10/0x10
[  225.785947][ T1181]  ? show_trace_log_lvl+0x29b/0x3e0
[  225.787603][ T1181]  ? check_panic_on_warn+0x1f/0xb0
[  225.789209][ T1181]  ? gid_table_release_one+0x387/0x4b0
[  225.790922][ T1181]  check_panic_on_warn+0xab/0xb0
[  225.792488][ T1181]  __warn+0xf6/0x3c0
[  225.793721][ T1181]  ? preempt_schedule_notrace+0x62/0xe0
[  225.795459][ T1181]  ? gid_table_release_one+0x387/0x4b0
[  225.797420][ T1181]  report_bug+0x3c3/0x580
[  225.798804][ T1181]  ? gid_table_release_one+0x387/0x4b0
[  225.800497][ T1181]  handle_bug+0x184/0x210
[  225.801857][ T1181]  exc_invalid_op+0x17/0x50
[  225.803307][ T1181]  asm_exc_invalid_op+0x1a/0x20
[  225.804842][ T1181] RIP: 0010:gid_table_release_one+0x387/0x4b0
[  225.806803][ T1181] Code: 07 00 00 48 85 f6 74 2b 48 89 74 24 38 e8 21 70 36 f9 48 8b 74 24 38 44 89 f1 44 89 ea 48 c7 c7 60 63 98 8c e8 8a d0 f5 f8 90 <0f> 0b 90 90 e9 6e fe ff ff e8 fb 6f 36 f9 48 8d bd 48 07 00 00 48
[  225.812729][ T1181] RSP: 0018:ffffc90006c57b50 EFLAGS: 00010286
[  225.814622][ T1181] RAX: 0000000000000000 RBX: ffff888068ac9a00 RCX: ffffffff817aba48
[  225.816920][ T1181] RDX: ffff888020f52440 RSI: ffffffff817aba55 RDI: 0000000000000001
[  225.819373][ T1181] RBP: ffff88806823c000 R08: 0000000000000001 R09: 0000000000000000
[  225.821822][ T1181] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed100d15935b
[  225.824282][ T1181] R13: 0000000000000002 R14: 0000000000000001 R15: dffffc0000000000
[  225.826859][ T1181]  ? __warn_printk+0x198/0x350
[  225.828889][ T1181]  ? __warn_printk+0x1a5/0x350
[  225.830452][ T1181]  ib_device_release+0xef/0x1e0
[  225.831988][ T1181]  ? __pfx_ib_device_release+0x10/0x10
[  225.833675][ T1181]  device_release+0xa4/0x240
[  225.835139][ T1181]  kobject_put+0x1e7/0x5a0
[  225.836604][ T1181]  put_device+0x1f/0x30
[  225.837917][ T1181]  process_one_work+0x9cf/0x1b70
[  225.839486][ T1181]  ? __pfx_process_one_work+0x10/0x10
[  225.841173][ T1181]  ? assign_work+0x1a0/0x250
[  225.842837][ T1181]  worker_thread+0x6c8/0xf10
[  225.844333][ T1181]  ? __kthread_parkme+0x19e/0x250
[  225.845931][ T1181]  ? __pfx_worker_thread+0x10/0x10
[  225.847953][ T1181]  kthread+0x3c2/0x780
[  225.849653][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.851126][ T1181]  ? rcu_is_watching+0x12/0xc0
[  225.852633][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.854083][ T1181]  ret_from_fork+0x5d4/0x6f0
[  225.855565][ T1181]  ? __pfx_kthread+0x10/0x10
[  225.857240][ T1181]  ret_from_fork_asm+0x1a/0x30
[  225.858887][ T1181]  </TASK>
[  225.860467][ T1181] Kernel Offset: disabled
[  225.861833][ T1181] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:43:25  Registers:
info registers vcpu 0

CPU#0
RAX=000000000044d547 RBX=0000000000000000 RCX=ffffffff8b789419 RDX=0000000000000000
RSI=ffffffff8dc007ba RDI=ffffffff8bf51c00 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08
R8 =0000000000000001 R9 =ffffed100564663d R10=ffff88802b2331eb R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90878250 R15=0000000000000000
RIP=ffffffff8b787f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809777b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1e680ec120 CR3=00000000243e5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080000010 Opmask01=0000000000021d1f Opmask02=00000000ffff1fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000007000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e00000010 000000003de00ec6
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee81ea828 00007ffee81ea860
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000649 00007f1e681c838d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e00000010 00007ffee81ea860
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee81ea858 00007ffee81ea890
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e6805c025
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee81ea890
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 6e6e6e6e6e6e6e6e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 6e6e6e6e6e6e6e6e
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f72726520636269 6c67206c61746146 000000706d74752f 6e75722f7261762f
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 640065676175676e 616c5f626400656c 7075745f62640062 6f6c625f62640065
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800494b4d594b42 4d405f4e48004940 5c59585f4e48004e 43404e5f4e480049
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68637461772e6575 6575716b726f7720 35353d6873657268 745f676f64686374
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e2e65726f632e74 656e2e6c74637379 73203034313d6873 657268745f676f64
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c6f736e6f6320 6164732f7665642f 3d746f6f7220313d 6e7261775f6e6f5f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696e6170203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffffffff93ab81e8 RCX=ffffc90000568001 RDX=1ffffffff1ba15b5
RSI=ffffffff8bf51b80 RDI=ffffffff8dd0ada8 RBP=0000000000000001 RSP=ffffc90000567758
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000006005
R12=ffffffff816a7954 R13=ffffc90000567828 R14=ffffc90000567f58 R15=ffffc9000056785c
RIP=ffffffff81a0cd71 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809787b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f876ed0cb20 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fff00000 Opmask01=0000000000000001 Opmask02=00000000dfffbfff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000044400000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b6cf1cab98feb96
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0073707574726174 73203030312d3031 20666f2030205d72 656e657473696c5b
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 051e505548474953 054140534c404640 5200000000000056 5550515744515605
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6365786562696c 2f7273752f097074 6673096d65747379 736275530a303234
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002d0d4cf32f 1c2535000a726576 7265732d70746673
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000070bfc48f c5b00db9a080596d 7194096c7d51e2a5 eb1cc5eaba643017
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbf38242a1ef8 f0f4f4f123241e33 322e271e273232ee 273232ee223324ee
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e07bf38240a3332 2e07bf32e4ee32e4 bf32e4dff9233622 332426bf242d2e2d
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000050 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8555a9c5 RDI=ffffffff9ae53d80 RBP=ffffffff9ae53d40 RSP=ffffc90006c574c0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000050 R14=ffffffff9ae53d40 R15=ffffffff8555a960
RIP=ffffffff8555a9ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809797b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000804a5000 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 423b0405d79ddf0c 939fd4a964848765
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6008269dae69aabc b5347fea6ad56ae0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1fbb1c71aa670501 ff8158d58ec9b70d
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3c2c7b187cf346b4 4b470fafd4508d8d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bf2749e58b869053 0e47ec1ed6c652e3
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f248c1f7e5fb3113 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c038197a96d0b0d 4d685e0ba2b0c6d9
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3413447f00000000 b015f535872cb3d2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e45201b663dcee24 0706075ba5e6bd04
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2dbc6c8a2934da7f b2b0d082bf137052
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000322861 RBX=0000000000000003 RCX=ffffffff8b789419 RDX=0000000000000000
RSI=ffffffff8dc007ba RDI=ffffffff8bf51c00 RBP=ffffed10037e0000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a663d R10=ffff88802b5331eb R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf00000 R14=ffffffff90878250 R15=0000000000000000
RIP=ffffffff8b787f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a7b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000804b0000 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3c77b190176e1e40 aba57c37d332ac0d
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 683738e27f1ca323 26a4672815b97d8b
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 70e7bada170f9433 8e752e24dfd2e5e0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b13ae55486e816b9 a64805f565c9ade7
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000046c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8fd8ac78f90fe435 90008b9600800100
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0080010000000089 0000008900800100
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 95dca6b5346d90b3 5a5c40d100000089
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008990200b88 90134a3600000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e829c7a9ff601b17 76c874120e57df65
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 50449f9c65090954 c4570fd5127a1bde
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000