last executing test programs:

6m34.880511649s ago: executing program 2 (id=1861):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11ec1e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0xe4}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_emit_ethernet(0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff41bfb0d8298a86dd6012000800403a0000000000000000000000ffffac1e0001fe8000000000000000000000000000aa03029078000000006002081000001102fc0100000000000000000000000000000000000000000000000000000000010000000000000000000106000000000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)="183a", 0x2, 0xfffffffffffffffd)
keyctl$revoke(0x3, r3)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="85000000610000007b0a0000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})

6m34.020581408s ago: executing program 2 (id=1873):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
futex(&(0x7f00000000c0)=0x1, 0x3, 0x1, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140)=0x1, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

6m34.020368765s ago: executing program 2 (id=1874):
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="7f454c461c02f9b7ff7f000000000000020003"], 0x78)
ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101)
listen(0xffffffffffffffff, 0x10000a47)
readv(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x4, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0c09031000", @ANYRESDEC], 0xf)

6m30.955729691s ago: executing program 2 (id=1889):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3}, {{&(0x7f0000000040)=@x25, 0x80, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/165, 0xa5}, {&(0x7f0000000180)=""/32, 0x20}, {&(0x7f00000001c0)=""/238, 0xee}, {&(0x7f00000002c0)=""/102, 0x66}], 0x4}, 0x7}], 0x2, 0x10020, 0x0)

6m30.874104573s ago: executing program 2 (id=1891):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[@ANYRES16=r0], 0x1)
dup3(r1, r0, 0x0)
socket(0x2, 0x3, 0x0)

6m30.564766194s ago: executing program 2 (id=1892):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@map, 0xffffffffffffffff, 0x5, 0x2018, 0x0, @value}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

6m30.528822806s ago: executing program 32 (id=1892):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@map, 0xffffffffffffffff, 0x5, 0x2018, 0x0, @value}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

4m40.193093605s ago: executing program 3 (id=2582):
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80041272, &(0x7f0000000000))
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
sched_setattr(0x0, 0x0, 0x0)
r5 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r5, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r5, &(0x7f0000000600)=ANY=[@ANYBLOB="0701fe6fe901000054020000530800000a020000040000000000000000000000be8c49a2ce0c39ee4af836aa41db3d12ab2e588765db690fa1ec335b8109b08258f85077f0f78e1a025c1d96e23409f892f6e79eac9d9d70c9d6d1893826eeeff11865074f00"/1996], 0xa65)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r6 = socket(0x22, 0x1, 0x4001)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$BLKSECDISCARD(0xffffffffffffffff, 0x127d, &(0x7f0000000180)=0x8)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newtfilter={0xdc, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0xf}, {0x0, 0xffe0}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0xb0, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x0, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_POLICE={0x54, 0x6, [@TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x4, 0x800, 0x3ff, 0x4, {0xa2, 0x2, 0x800, 0x0, 0x4ea, 0x6}, {0x8, 0x2, 0x1, 0x8, 0x7ff, 0x8}, 0x4, 0x3, 0x3c7058f}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x100000000}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xa8}]}, @TCA_U32_INDEV={0x14, 0x8, 'netdevsim0\x00'}]}}]}, 0xdc}}, 0x24040084)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0xba}, r9}, 0x14)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r11 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x240)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r11, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port1\x00', 0x786520dbf34c80f7, 0x20a03, 0x20000003, 0x2, 0x2, 0xc, 0x400, 0x0, 0x0, 0x87})
openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x123482, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)

4m39.327655936s ago: executing program 3 (id=2588):
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = inotify_init1(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8000, &(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r3, @ANYRES64, @ANYRESHEX, @ANYBLOB=',group_id=', @ANYRES16=r1])
read$FUSE(r3, &(0x7f0000004180)={0x2020, 0x0, <r4=>0x0}, 0x204b)
syz_fuse_handle_req(r3, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0x2, 0x0, 0x8, 0xfffffffffffffffd, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0x0, r4}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, 0x0)
r6 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r6, 0xc0585604, &(0x7f0000000040)={0x0, 0x0, {0x9, 0xff, 0x6001, 0x9, 0x4, 0x0, 0x2}})
inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0xa4000061)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r7, 0xc0145401, &(0x7f0000000600)={0x2, 0x0, 0x0, 0xfdfdfffc})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socket$igmp6(0xa, 0x3, 0x2)
r9 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r9, 0x80044d07, &(0x7f00000004c0))
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f00000000c0), 0x40c0, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB="c3b12791dd3305eb49e52006291263109ed2c70391e95bcc008af81207e1f83426160fb5bb8cd904db143011c69f6d1cd5e62afcdd382eafdcd9e882217f425724d31ff765e445ef15c0f014720fb7bcff1292c0324eb75f7e39fe9184ac60d5072072414cc79c4e1a325cafe5aeb977ba4b5efdc2c52cdf50ee93cb573c3d6a3ec31243ed70a74883be554e1d7d99288a847ec154e471a05ca55ab783a005240eac30b8d507ed1dc6257055d0b46e3ad3478df63db6eb1676", @ANYRESHEX, @ANYBLOB="2c0004788e227adbdf5ced"])
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r10, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x149000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000006800000068000000020000000a00000000000008020000001000000000000002020000000e000000001f000100000000480066060e00000002000005080000000e000000040000000100000006000000030000000d00003d43d54c9a56c000080000000000000c040000000b0000000000000e020000000100000000009b22e4b742ce238a0ebf1b6e01f6e333c6134de78fd9437e4b7c901924e19bccd51c5a91390369f115c1595cd0cee45baec7249d8666d3b586989958cfc9187e1c841c7780bcfaa05fb0c383d4c16438925dfe91fe3ff9f64aae90f3b2d88c29c4754be81b2356df1023918307b6939a67ad9860b906868e277751d6e73a12baa86ea2c6c317b76dc1f969d807e605fccf801e171b929b73160f1cf06e"], &(0x7f0000000140)=""/48, 0x82, 0x30, 0x1, 0x7, 0x10000, @value=r8}, 0xff5d)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

4m39.263228845s ago: executing program 3 (id=2590):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000000c0)={'tunl0\x00', &(0x7f0000000080)={'erspan0\x00', <r2=>0x0, 0x7800, 0x8, 0xfffffff7, 0x4, {{0x6, 0x4, 0x1, 0x34, 0x18, 0x68, 0x0, 0xa, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@generic={0x83, 0x3, "8a"}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=@ipv4_getnetconf={0x44, 0x52, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x4}, @NETCONFA_RP_FILTER={0x8, 0x3, 0xd}, @NETCONFA_FORWARDING={0x8, 0x2, 0xef}, @NETCONFA_RP_FILTER={0x8, 0x3, 0x9}, @NETCONFA_IFINDEX={0x8, 0x1, r2}, @NETCONFA_FORWARDING={0x8, 0x2, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x48085}, 0x4000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000002a000b0000000000ecffffff0600000008000300040003000c0001"], 0x28}}, 0x0)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)

4m39.160616229s ago: executing program 3 (id=2592):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid() (async)
socket$key(0xf, 0x3, 0x2) (async)
prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
syz_fuse_handle_req(r1, &(0x7f00000020c0)="5b095762e4ceba7d280612b7511913c90df9e94f4e38e6e5dd2dac0bd4683a92d758ad90f9e2842073d15a2d5baa4db0b69c47e278e3f50f394189dd7fce63890ce3ed1f24e67a79c1cbc5eae3984e9d3e8759a9229593ad412b129b68928ed908711b6d1213f9355ff80c2579fa58ced926b267a2264063dd3fdea384c58f4ac5bf66c361e8ec046ddf824495c5b6947ebab4e24257d117313fd45b6873262073e64e3da2431276466d75447ae3eb562d00423b8edb3729fa059a5f004010d551edb43813821d27006eb0eefa536590139123f218b3b0e2d994953269636885ffa849a905e62cfe5f64cd04940568809738ed7306e2430d382667d87f54013a5cee43dae2ee75111ed33350d86c757a8362a81375befca2d0f555cfcc58af87c184bf154694ebb8f0b6ef09f13370833a44cedd5b3091768bbbbfa1d0859a114ea6b4d9f25c11d9f3f45db19fa5586d36bb6a8a15f9d55210caaeb983f1d2e6688e107b6de6cca9d9c640afab7620dc440e93f9d5e920e8fe7e74bbf8754a7195110fedcd8269be84a945305ee09de4997a5a2796f5090d2f9ee3bc0b2228c389ecb6468c24d2c5699dc30e2c9ad71ab272e16a4a645516458bb1f2a92b6ff06bf697503a43205473baf112ffe468a9c727ace967ad603d335ac634db4534540ef15611f113ca28c3a3cbc7f6c96945bdf291cf39a5bae0277b51e959dcd26d1117ff63f1bf748c845b7641905f83f6a0e468c75f88fd74d36ca638e5fb055dbd55c14fe30813e2518e390dc65db7372755306779d7fb13fb9403578fe91422cdb8dc8db0cbbc986369ff7780afab5755a039b37364347d73835c96389288b3768e1d4e59cf77fd58228100d397badfdf52dd5eb453ccaad785d21418e509f734f19e8cdb5a0993ba59abcf654625000eddf387d0c291a3000e87c4fec269a9c787997e0d106fcbd9f488c75559c0664be295d8dc20d214f17c392ba0bb73df8bcde0f47e449ab40f51b02bec01fa48171e5e39777aa7fd94525e76d78e2f2e692eea0ed254b2ce1db59e5cfa91d9b30ec2d39868c32afc6797ff333b1ce9dd2c0b3034124b1c004d9dc0cbcd4432006d54528e3e28e96e911eba7681a035d4e4551c7b497cb0fde2845ba18c4b8b19efe147d90394ebed77e7c0a3702fe2b6df71ff354ea5d55a77c899975df86aab5abb2ce370f3d8f4bfcb417ecb82ea0746997a1ca1e9765251a6d33402ad0c0c151fa1930d557248f2aef24e59821f7c649f6824f3a00cbc60c78fc3478969443b03cff9bd6dd1944f79fa7b55005874a7c3b6e6e4e19c84975dbf266a572fa0653111af78e2637f9588ae0cb8283f29f55b5e03bfa9caabdb322be5a2c097b8ed1fc6b5de9e2d9833840da9a036738f5a260b2bbbe0392ba7d982bd567573c9a8c3558103dc62e16c0072a97e2355629fc50960bc3b89949a2aa52bce12379c500e767a986762628cff8f69f73d359ef604a48dd15e7d5c298330ba5be94afcfc913f8329aabae358a9b936e6c19f9a0a45f239eccebcae9143aeb66dda74a0a9714038db0986fcd6c8b2f27330657cc35a1e1da3e4805d4f360cd2de4f798bebaf60daa49e5e4abef7dfb930080bc962d66f859c2138c3d72cbbb8ab11ba47d19406e2fbefb30751631e1fad5cab36fc18907fc4790534fe4ef07b2b0058ae14e0762a4a185f1008f4f4f7b8f30aa62f83806a7ff0e0bca2178981a472071f7bd2ba12578b53a131ad4643caacb8cba98caca210e732e7f2df5373f0c637826c4daedcee4d8439392e9e817fc01f3b504142639273a73cd6f5c8c8033e8aa145359ee6808e4f7b10d35646e642f1c2693002f4bf321c72b33d2a7c6bf1864cbc543d1b07785c12ae87f908498a18b32be69f11d8db79d899f605b4c8bf74ae5cdedd5bfd17cb24469076e9d357b7a0abd9a55384f70ad49997948037a630d2d016e85d468c53127b09ac8d7314245ee0082aaa56559c41ce1a986b04bc21fbabaab0731a870eb0aa98d02ce78ec899b8d1ca5488d0492ad0eafb7c17170806f229fb01739d6ec50040cdbcfe16089e478ffc1713c06bb0b7db29f6a5c5ff20c5d1168ec0f138d36a9465e304c3ef6bbee4f6adb26348b469c0718ecd34f0f4ce7886690fe17c8160ec5ba873483ade45233392be8ad11c97f95509d8ae60846c62f0ba45f5f23cc4840280f043677ffda3385d8f4a3a2bad3bb8f9077dfadfe230e6e093eccb4ff6c0e7cab3df81e073c880f9fc41a404ec3144507ebc53c0778068a3ed3abce5d90ba084d71d221373663e9a9686ab654eecbc45fb0bf308ae22543ebbe65996d329018bbd6d4426d774a4babcc3e97c95acc40877bd1120f0208b54541138f4eb88517e2ca4562b409de39c41d636a0f3594f3d065c2e710af90aa55d0ecd20f383dd6fac7c93cc6011469fe5f4fabefc0c12ac0b77a1f44da769a1b6720a29a7969459feb18f61f73457b2aff8b410ff264d10f4be0ac000c4c6f29d656b9a1887df1eeb786bed0c5ff84be315167ad0506786a9cbf64fbebb4d7eab1d9bd9108bf10dfce2559007edcd6fab26b195534e06a6f3f862e351b7b68fe9e3eb6bd9f47f83a6bf49a36c8ed2f6c8c5d3bd2f4a33d791ea61ee2e21a46e46807add328bb3c3109ef7a402b9e3fa16957693dba1d4a4c361bf6848114cbe29e601bb38a532a387edcd5c39b1171471d8590dd4fda56c7d43b9007b1490ab3219d598048fb50d9290713c079031642fcee9d2ebf03c193ea152b30a1ef9e1b30cfb7c3069432295befdd94bb04c8e9d67e367b787031515dc4f64e3496e8c2c390676c7a89a85c02fd681fc7851c0f652b3d9444002991620ac3a0ba7a77139bea95fa8d053359fbc58c392cb194ec3e6903b841404f735f37e5d1608606be851db16bb9d0d659cb16a3edebbd3613f16cd52b5398196d3fc031a611e7b8d61e4f91c2ab9310a6ae26321c7486568f23298552b4a824cb797b3171bf2f7e2d8444734aa8af3a720cbc8a61161b462f9189c11d687948b7271226406f37429ef09d13b17dd21c4e72be1bc0b816fdc096312aff7f19f3a2181ccb08d1f92aa003c284fcebcc8584cfe242dc8fb0e8cedd71dc2ca48df33c9e650e8bc6f331f9eecb4c2de8b75133760b4c51948b990675e724a68ecae3f2d88c7abfc9bee0875f7feb691b813c1825a0326d887032b5016b69c228cb01243d150c6a188cca6d22f469e6195bf2f3d6d4cedd8ef43e9486f5e9cb9f70e5a92cd2e62bd9c70775d900784bf6283b074c9c0df6e5da7465fe30fd723cd4918dd3da6b7e5475c89d34a4075e94a938047625efa4fb8d02b8616f4f84378ca26c875a364e68e3a02ce5dccb0dc0b686ec52384c076133ddbf7eebf178411109c72171a87625ee0607f94f1ad9dc795906ec7012a51d3621f4fa19f25891d8415bc4a0e3273c21159bff5ceeba3767445fa6a24383e5f165a6fd4fa579a02935943aded524f6d6a540d67b44f4d7d0cefd1c08a53a1a06a4ab5157f8f64b22f3875f6c9fdd76507e277691aaaef9a90352cfbe5005d13b35fe0ce04d3b3362590053c5a7e3b6932364426aeba2bd79943a2b50d5856d3ecfc74bc02318f9eaffdd08f20560bd1d0f7f643ec8e05fc19a3188fa77913092b0ddf40f8be0cc278998dc32da328ddead37f6659d780bd530a48b4bfa230370853db872385b5ece3a9a1f39c69a2f7290ae92f769cc996ad69e22038352fffddfde95f9951c4e0029e6244809bc8d77f262cd3057ab49277ad4edc55f94235c01f774de6a7e61f5e688d71e26348cd61c30348bdc9debb28eff7206bd67bd92b038b584afa3526c32cdcad81402b3642ee9fb608a4e18da9b4250c54feb404cf636caa798bd7e1087f60f424904616c959548650976d8577176356b2d47f46417f00000000000000b1b7f9ac7220efbdb49c081dd38f7c8f718f2969237a49f6200d62e879030b0b6229f39dcac78af38be9287fe0bd04b2e65e8555399ec5613856688d547bb43b472ce03ba3190112a004def789771f83faf390ea062a2b093aea35027c6331d097db997a612bfddeda832226851a751b2116ede07459e6e1717a47cb2f93d7f140361183f5d2a0773b8ef0e458b3489176672223eff9701ddf0a3caa2848feaa54ebf4943b409fbe9369b8c2d0f27a9fa6caeb6c321b19f9e7daf7410142a8e1f1649a855165b6dbfa61570926069d94894f616ef85469113add5fce8db6f22a1bcc3f93b75d94644ff75e5716536c727747621e7664a93519faf3acdab5f29b346172892697909f01051474bb8811d4cf1bdb32ead2364a2d89965fb7d523d5d31f7c7bb891e49d0387c2b235f610fadc23b4463f6a31d4a8a068b8e392ed3d27dd27832c9fa6a7d9a170137cef0bea684311e098b6cc60f36e09b1abc09cb089364e0e256f5d624e6098f02e53fc74724ce9f1d13517fa53968554b523c973ecb03643ec452addd7b566d6d12cad7a0acfdd8a97fffeae567c87aff01b2be11e3a95c54bcce3449c4564132be69c08f309ab97c57349f29a1b8d3d78bcd623409966550e294523e21750930b97f012c4129dd0b55142b4c559fba8cd07083cf6cdd0fd36cfd38f3e0de2da821f2d9f79f82239d6ec1db4dc9dde063e35b1d5ffe929c56744c56c3862b8bd8b95dee19254cd480500c2942b594f0eaae14c3eb07d9d1c5d201425e9e3923b41457fd7fbdf747b2fbc61480aad014d8917ff8f5bd048458c55348b292ff00026690a04a07e90fc0373e1b6ed62ba81af0bc4bda161ef8400887481fcfb8cdc4127500e3fb2a071896f657d6fb04912f3395e5f9e66eab3b85c28a2e37b156511bad5b0d2720670e2b1a762333f42ba528668fda6ea0a80a398129eb3347310260f9f26d5ae249bef77d51d2ed248e0775cb634e48c830cc2c2512376bc411258edd8f73a2d7adbaef40ab79d2ae37f27e2893048d59693a355c87e43b53d545c16997fa318f1bff6a7edb29a7ab80a2381ca828b6d8c5d7976abb11d955faef8b8d5589fea555be1803eac4730a4b9ff3477cf462dda1fadbbdbbcf6826276144875d58e12eb9670c6324f0249b220f1336f9ba43b732bd8c421b040680417a1f68977d6beefbfa9358a4d861cdbcab618043e661208b6939313e2bb01d77509c1df93d87d94da5737d2a10a935b44b264fd232dbc2e59036e0d690431627e0903343b8352ac291eea31d1424c34f9f8fff7fd8df9f6330f88598004a353bfaa5e71d039b8caa33770f9050dbce61ed1c2c0285d23bd4a0b4cd9237ec7c2773474d02881cd7d5541dabca4bafb11f7362160c4a871716720d8d2e26c0400b4abd45c93ff25602d93a1031ffaca642d6f88f8b7ba38de3d8cdaeb89f8fe8de3f0c089bd8b360552d1c26845ccabd2d86acedb16f20640648527a420c497c4af51ef463ce1e3fd8f70f06fa016f12b307e1d846ca35e0f22654456705ce42334401fd2e993c6744918f578fe4d1e6e434d53cb8960008357036ea2c3b03ed9676094fa9693345b0db656273e350b10815755ff9010769af2fb6c5cbc859cce9c8a313cf802a2375d1664b61716067fec9609928f0ccb97397f52765a00334c5a620203977c1df6f9a6f13e46e3be2503ca6e1b1332293dcb2babf2f6019a99274621d0ffdafd9447ba70c948d4c8d9b5b093d36f8e6b8136b16a7da020cf6022b10cd13237aee15319c83b0522aebf523b13ca037d0aa604c5a53fb6536edb8a3d0fafcd66dfd4cdb461f8195c41df043fa6f46e490f43c71422e6de020dbe2ac543c516446ce1ee5890df424ba716eb91da1f8e127777a0e4396fb35654468747179d2884951e06c952f7f1ea15ee46b60aa15e562023eebfc3a79693adcd67fb23ab6b74b55b65d8421be9f454f8d89bd76340c46d5309c892121dc19f8124cacd2b8da3fc0c0ab92dbb5e0537bdbfcffacce03376cd10223815f7801b1e20e32080694dfc8a416e0aa0fc76dcfd037366406aaa84d48a8cbad3fa48ba342ec4aa02f391c6039403fd4dfd8a5cdf4b8c4345febc085798b5c7dace7a3646e2b9e4cf57c13b959f21e33bbfec54c85922a8095f2c2de1f1db72493fa9756d69b0ace403bc48adde75bfaa4d723a8dac4dfd370cf02329df1a8e8576e11fb8137910cf753cc76585a2d1c7a0da1304f44c26076d87b5d402c72a724b464b5cc2c0ee6d1fb472a40a41e858697dbb82b6103fce576063d2aae0b4dcefef78f8de0640c82d955c72f5b1280973410100000000000000b419e18c7c62e080b8034ac7e1134524c1fcc4f93833280fecd0ff424e39cfecb21e714e0f9e1843296cfddea2e35fa6a7bfe6069b366316ef5e6b73aea9e069d1538eaf11cd503b50435e976dfdd39e05918be1b4f91005583c8b84c33b13692bb8ff005fb9d29958f9697cc83c48a0f3666dfc6cdff0d5f923ddeb4c74db22597414f1973d3cf339af2b5b2640857c232788e21ab92cfecf7938d7ccc0162cf913d88967b5abe80c61d3ce1efd120a856ae450e4d7593ebad568a74c7f5ee1bdfd17ef1f72e7703b36b5001e593f1c6908edcb023095fa059e97d68af2ea295b766aaf819eacd85946bfc5bf0c35363530870cd8ce3931ce7c3885fbae123dd924871797070b80ff914b7bfaed7d0a54a372716bbead8797a49524e77025bd9b62e1fd69ec8a7d55741716df76be640ab8e7c44600882d316f220780013a80ca957fa9ad31c910e3565a8e1e1a1e96c5362bd0cbfac2a53328df35fbadc141f10e5a1ef3d1bbaf877d0659b051de0f7636712cbbbebf095718c96349a96fbe6e0389a511635f0cf31906fd6bb6c2d7ad9be31e9293b418f13c22929c90eb0950aeb343b61401e632fe3de3dabf51dd308d17d6d6643f08c757ee17131cb91b611d20ab2ab35190859d8e4d76a44199765c1efa2bdf5e3c3994585e0a7d866dfe5be4601442da0b686f4f44ba8dae33d639ec2a5acf11e6650593bdfdcbfc5860144a15734eaf58e9e2f5495471ead9a25ec659df37e11e84f4dd7283687533de576a9de4b705f9e35964849206259862a5a4c956d26945ff0b8456e536d72136b4989ca135f00026107662cfae9696f2bf46a8b3207330961c8b31c8bb8dd2b0a6c3a833ab7b7aa97df0c14941d1833db60892511ce0a77f87bf54927f3d912de88581cbd301e87554f76b46a850177e550924db74794f6b5f8db5a74c1f932b3b4bf4ece2cf045c4fd490906f2ff09bdc8f683cc61a5923be82011fed297c962f8d7690a9fe980130d4b6545cbdad82ce198c8a1b884bb36288dac252c69b0d8a4eb53767d297eb64ef7e9f90faa994863efe194040a984a1461b04d1baa746afc353e006b71d4839d4b2ba10d681c344642fedeb8d6a2d518a42c9b252a7d6ba4ee5cbc7a81d543af5fccbc284df3ccc226dcd79b20b987b30ef767d2f810fcc55266802abc38cbed144621a6c0c52bec0706bda66bf7d5e957210e2eb6fba79d7deafbea073c1e298861f46c6e17523182f67e133121f3ea2d8316ffe6de51fb3717edc99361c979e9ecb51e3474a15accb8254003358975b786d81281bacfdffb655a5855da5c5edabcfc5e3e5ca570c16efae87032d3b85cf3d52b020fef5fa8339f776a2d629173252fefc9fb2085b49354fb255b0ca941d60c41a2cb10c742af0ea277b65b960f49184297336f1a8e049eb80c3d40ef78b0e8a9a4b5848caf5131b2773a7c18421db56afea355d869ab81f0f7e753651e8ce742c379ee4f08fe23e7c1307bb9f00e60a4cc804f4b47ac42903e1b1ad99ff795130833a202c36afa8851a7ae7c0eb7d25b006bafbf6b0f579e910c9207bce105f73cd219dd352af1b3250a273a7eae3fbbb8ece80d2b61591dd25679e541bef9579a538e0c0fde66ddb176c84c235de570860128ae90a44e8219841a1ed84d5a3721afce3b24e0173542644cffa2b2603171bdbf3a5b2d7c9d51b7a31f7b6675d98938c8e003fc26a2931811dfcce100fd5eed707884c9f1a9ff629967eaab2908f2988378a271c373828a9a836dbc6b1db9881bb30509f693a92daf26f0741b01855af81e594c318f0dd13a89e87fb3d7b3527e7b007bb2e744a322ac3a40e05d24619c3d41643b6b811af49eda5448c21af06b8707baa6b8a2f7690966152ada65a5253aaece296c1ef46a12b399074fbc40a791f4677f05109bbc103c5bd37ccf7b67e4fd6b6ad97314a9dd236dee6e1371186ccc03d4d8560a22cb6709c35a391481d659d7ebeae325f5c9a20de7374b6715b4d8e77997873929d7339b20ed8172d68b0510defabae5712e5509e41afc5d8bc531e296832d285d9410a0d1173d194b3d15571773c97fd12b817fc2d3e0eb6a4bd6720f57d487023f52e3e0f7dbb0e8a7807283951bc8dc7344afb95d8d93f34020d7b1d6b90bf0520a35cefcc8895807286f624c7df58c89d3fcc2495e3acbb98d4424b1c1d199878dcd9ac5e7a2b216aeaff32d04b74495d16a20aa5854e750c0a66f60c69db44674d695eb8d3bb7ae36065d1e6efe9d68527e57c21dc4bfb33f4d8625a95fe3d2d3ac42abf540dd46e32619e63f9cb40e2de1b6c2102553c1907f6c62c0c689c85a1aa0b1e801b0115aeffb9618d1b412d9d7be9fda786fc9729c6819f60dff95c14720ef7afd69e92fd36fcb3f25b5388f15e621593132418a5caf60074ced3e1f6b0120fd162ac0e13395cb8d4462dc32406c9a04252666ae7e74e9da335522da7ac76d377ee77a1a4d4fb0ceacc3259d486466f8f45f795bcf04ad2935d7a4b0aed6eafd4bcf1830480d044af5fba3146a7730aa87b3b33494fcc3f4111507f059c65b82171acfb5a3f6c7c9d3b156788ecaf9b3581b36d0a059e28fae2f3f40fa631342dbdd89c28429e1eb511121f2dff45f73a8eebca82caa064c1e158dec6d8fed2d05e3090f70cc8406d3d9cc429783f60e63bbddb2a61d6e995238ee4f0e3eeb23bc529535dbdafd7db565541ca2dccba24388c7cbf1989e9d71eb2a3804b224350fa30e979c08871e5010a32ec886ed30128f6e509ed87056fb45e1845282b5acb1262fbcf5361284a12a009c0dc914a20572e6c4c61bfbc5a01fd9e605aa95ae85fb704e8a59580fc00d0720c1b212c44d33c05193d4c6f9f87406c0be25e5d9cf7f548a2ab9cf829a543cbea4c9d338790100fac6cb3a3c989a1c53f581b459e5b4d90a4c08b633d54c9687b33da736ec62f141b50bcb4ecc13044a598696ba9c0f9bb9644565ab5c2163df0a47f0b7362c0e51746ad2fdebb31b57c1ccbcd8dbb0071c0a69280bd8a7e97abeb6ee17e8cf704d24229e55905b5799ed5d7b98b08a6a7da5c31225edf80a487fb897301b0d134b953c918b320bda3ab29e69f759f1bece2910079d3aea3da89fd6cff8e4c2e24c1dc1a1d6f222f45f61747c2e0d5962846a85180d0b0963d33b24a2daf082b69f2957f6e90e69841b4cbfa1166226cdd6c06c24dd89c2e9b1a495851e1e5f7e1cb6944f660f65ce5e41b12d003e365393b15f13fcaf21031ca6ef8f270c0109b1298ac11c6fc87397bfd5b6e96339f2449082488e9f74cc5cb08f85d9705c53477f25d2f988f817014f2065261e568d3e8175da7811f1a05cbeb07f9b0a156b6abe016e9b8300e212b5e5453c765e5c466e88a5d8f98ec785df0267349c8ee49c18de6d3910d09843310a390522b8751433ebfc6206f6c3e654e710d3a3f76b1ac79842c0451d4904bb82fb631d94dfa7658727f2ac53feaa2f120202d616a9db782f5c25a2b8c6ab387cf3c5dbfdc2631891d875a0ce758bd35772efd9eb1c18a1d92e7a45f958721216585f2d85b8826a16c5bc4e528626e80851f49f29e2cf7f6ef9a6b8b3faee63c8da84b12ce71a153db2af86b29496e52ef13f9f9c86f05001b61f3290b565af6c8c404d2bbdfee74c1f623660647150d487bc5c4a0ec8509c47e89e795ad207463e1bd4f0aadda0d735a2f69028e8b361e4b259eeb81113587fc2fc28c26e82949a3f0a6e9f86247d8408ffbfbf96dc892dce4d8759130198b54e6305d2cd07835c5cf9659920a4cf024285b7584b70e831256813fa3a200f3ab8851b411d6cfb91bce34fb0cf503d439ee1b8fc434cac3a318f1bf65402487503b5c7bbb076ebeaddb2ed22b444902b24cd9c3375621684dc854c4af685b6f768c1085862e94ef0337a4458b1dbb3ff0c724041c82aa956636c40d15dbf0ba1f7b8188d48b5520fbbe65df81bdf86fc2480f65c8ac523b1cf57a37904ebb704b4c27b01f60b514cfe990220f187943ec138a673e08a52477cc2f3cad746ee251ddbba7ba13101eae9d32a20df248569d1ab882aff778c544c7b530d5171f04d3518b4ee6a99e07212f8bd72697037551ef3ff35794e01cba640041fc910e599e3d163577f6c837280f84fdbf9a54a1744b32f62834c9d5cdcb94cbd184687b89b3a9cb8a76be61e5f8bf5528baffa774cba2577ffddec869bc24eaa6ec0cec8c6afc3cba22891e8b09fdb5254dca8117e927d4d8ac2ee20775ca7793b82a1d94c0555df748fab1ba794fa608ed282190e5f84eebd49fa12943ad56f205a2e843429bb550d5b160c74083be846d4d70e4e5bb6c2bc5ac764e5c29029604b2bac9eed579184f7b8f98dbd1a168196b42cb57347f6e55d8e4126e9a51ac2daa61e74ba71188606e2a175028b8634fe1c9a636061e163b993068a13c5e9904e1e2c128596768eb842111569526d128f249fc3f7ad4bc3999b1001af8faffe9b264697bfa964e4d5ca4218d1fe0307052057c04435e4a853f44fdedb07083c85fd32a5ce0e0179d97ab921cd541a5def8c3aaf2b63857c195098783e340675e41fbd73657c83fa94781b910a61d4ceec44d7b8865f5a983b56503647f8fe63fd81f67484753a550e1f3b19ecf5c82e0a84e45ef36da1506cb0c083cb8f24808e1d4a9e2990a25ba8dbb6f5d3eb94bf5d9dcd65ed15fea1a995578b8ffe8ffa8f59eab41607774998459527c2f5447e0076506a3b10dd03ab7c858ed9f800ac489e1cedbddbaae0245dc1bb7b3256e686c9b280c50c49333f6d461db5d3e945309014528bfdbaa6b5c94efce80be1b9174a42bd08d2113bb26a0168c8d25758c993e9623ef9a35724e689a903c0712792d9e76f3e2399ff371d47151c9cd559f53a3e338acfe715ba3ede12f8fbe62cb1ffceee3de90d78f63db72474caa58c4e2cc1436419de2f6c8b738125b0ad76ad393eb162aae5d1fc501e6ba51a2ae5a47628a92bdddec71bbde7587613e293be04d6a9a3e6f886f25aebf4569a0e1ea5b3102efbbc051d368b005c791e0ad48b0569f4c3918080383f7789447e5a658e26646d39a8c827339255e766e2535ca2a0c87d3153823a27b8ccf1cf4c30c71fd9b265b00a955caeb7241a894a86e32e51ac7c729c98f4ea46e1fc90da62b1150afdec4c1a0994594bd14e59ae2abe2c4eee60194eba156e1aaf118d017c2ce4b3e92004aa6718e4abf7ce72df63fe0ce6496cba35df00d5760d634e1e934bd", 0x2000, &(0x7f0000006e40)={&(0x7f00000008c0)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0xf38a02, 0x0, 0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) (async)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r3, &(0x7f0000003480)={0x2020}, 0x2020) (async)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

4m38.973265721s ago: executing program 3 (id=2597):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x30, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}}, 0x44080)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00000010001ffffcffffff0400000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e"], 0x3c}}, 0x800)
dup2(r0, r0)
r4 = socket$inet6(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)={0x44, 0x1, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x30, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @remote}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}]}, 0x44}}, 0x0)
sendto$inet6(r4, &(0x7f0000000180)="900000001c001f4d154a817393278bff0a80a578020000000504740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae90aff2b4c58e4a76a5d4d9d671712e0b390", 0x9e, 0x0, 0x0, 0x0)

4m38.542974512s ago: executing program 3 (id=2602):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000003c0)=ANY=[])
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0xc8601, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x21, "0600000000004000c64c3b6e6ff83a75e5318fdf4288c2ffbdbec772020acd2c", <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r4 = dup(r0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r4, 0x0)

4m38.469846867s ago: executing program 33 (id=2602):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000003c0)=ANY=[])
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0xc8601, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x21, "0600000000004000c64c3b6e6ff83a75e5318fdf4288c2ffbdbec772020acd2c", <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r4 = dup(r0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r4, 0x0)

2.6507607s ago: executing program 1 (id=4635):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000340)="890ec000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x8000)

2.64985075s ago: executing program 0 (id=4636):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48054}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
writev(r0, &(0x7f0000000000)=[{0x0}], 0x1)

2.612259918s ago: executing program 1 (id=4637):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x224, 0x0, 0x11, 0x148, 0x13c, 0x10, 0x1d4, 0x2a8, 0x2a8, 0x1d4, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xb0, 0xf8, 0x1c, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{}, {0x140}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x280)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioperm(0xed, 0x1, 0x1ff)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r3, &(0x7f0000000600)=[{&(0x7f0000000100)='^', 0x34000}], 0x1c)
writev(r3, &(0x7f0000000580)=[{&(0x7f0000000700)='\b', 0x1}], 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@ipv6_delroute={0x2c, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_PRIORITY={0x8, 0x1e, 0x400}, @RTA_EXPIRES={0x8, 0x17, 0xffffffff}]}, 0x2c}}, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2.56097908s ago: executing program 0 (id=4638):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]})

2.560477238s ago: executing program 0 (id=4640):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$inet(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x83, &(0x7f0000000040)={'filter\x00', 0x0, 0x0, 0x90, [], 0x0, 0x0, 0x1000000000000}, &(0x7f00000000c0)=0x108)
write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0xfffd}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x200, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, 0x45c)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, [0x0, 0x2]}})
readv(r1, &(0x7f0000000080)=[{&(0x7f0000000580)=""/104, 0x18}], 0x1)
write$input_event(r1, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="60000000020603ffffffffffffffe9000000000314000300686173683a69702c706f72742c6970000900020073797a31000000001400078005001500100000000800124000080000050005000a0000000500040000000000050001"], 0x60}}, 0x10)
r5 = openat$zero(0xffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$KDGETLED(r5, 0x4b31, &(0x7f0000000600))

2.056807778s ago: executing program 1 (id=4642):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11ec1e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0xe4}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_emit_ethernet(0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff41bfb0d8298a86dd6012000800403a0000000000000000000000ffffac1e0001fe8000000000000000000000000000aa03029078000000006002081000001102fc0100000000000000000000000000000000000000000000000000000000010000000000000000000106000000000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)="183a", 0x2, 0xfffffffffffffffd)
keyctl$revoke(0x3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})
add_key(&(0x7f0000000640)='user\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000006c0)="8944", 0x2, 0xfffffffffffffffd)

1.859218325s ago: executing program 0 (id=4643):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000085c)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r3=>0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010000000000000000000e"], 0x14}}, 0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r2, 0x0}])
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
io_pgetevents(0x0, 0x8, 0x3, &(0x7f0000000180)=[{}, {}, {}], &(0x7f0000000200)={r5, r6+10000000}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYRES64=r1, @ANYRES16=r0, @ANYBLOB="ad43000000f45400000015"], 0x14}}, 0x0)
clock_gettime(0x0, &(0x7f0000000240))
clock_gettime(0x0, &(0x7f0000000280))
setitimer(0x2, &(0x7f0000000040)={{}, {0x0, 0x2710}}, 0x0)
getitimer(0x2, 0x0)
shutdown(r0, 0x1)

1.65104208s ago: executing program 0 (id=4644):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x2180, 0x0)
preadv2(r0, &(0x7f0000001240)=[{&(0x7f0000000100)=""/117, 0x75}, {&(0x7f00000001c0)=""/68, 0x44}, {&(0x7f0000000000)=""/52, 0x34}, {&(0x7f0000000080)=""/12, 0xc}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x5, 0x4, 0x80, 0x8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000140), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)
unshare(0x22020600)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x3ffe, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000380)={<r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000f837c23b00000000000016159700000000"], 0x48)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000001300)={0x0, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e24, @empty}, {0x2, 0x4e21, @multicast1}, 0x208, 0x0, 0x0, 0x0, 0x6, &(0x7f00000012c0)='ip6gre0\x00', 0x7, 0xffffffff, 0x1000})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r8}, 0x10)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r10, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMRRU(r10, 0x4004743b, &(0x7f0000000080)=0xc)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r9, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r6, 0xc0189375, &(0x7f0000001280)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
vmsplice(r6, &(0x7f0000000100)=[{&(0x7f00000000c0)="5d9019", 0x3}], 0x1, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r11, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0xbf9, 0x3000, 0x0, 0x2000000000000, 0x0, 0x2}, &(0x7f0000000180)={0x1f, 0x0, 0x0, 0x0, 0x7, 0x1, 0x8}, 0x0, 0x0, 0x0)

1.347186396s ago: executing program 5 (id=4647):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4f9309", 0x14, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)

1.347007441s ago: executing program 4 (id=4648):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr=0x64010101, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x1, 0x0, 0x0, 0x33, 0x3, {0x5, 0x4, 0x0, 0x2, 0xfff7, 0x65, 0x9, 0x9, 0x11, 0x66b, @multicast1, @empty}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe000031f, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x6, 0x6}, 0x3c)

1.346879098s ago: executing program 5 (id=4649):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x18)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]})

1.281068769s ago: executing program 4 (id=4650):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00100}, {0x136c, 0x2, 0x0, 0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="4d45b771fd7b01adea304c69b0d50850830833ef66aadfb5eab29ce7f56d2cc606b5ad7c636698ef05ec5f7bf6413197c8ae944dfde8048beda2463f5512cf5de3222bd9346dac9904715a4fae3f5b6f8cc5176df8aa994c1f23d53c329673421afaf6e047f2476b64267fe88cd68acaaf827f75c2cdab979642edd4b9abb2643a6b191956399fd7e93db9919d5c45000f92ea9e1683749f745f10fcbd5a1b2f2822196ec0a19d9d816d9bf61c329b0c3c2b75bbc7d5cd75dd"], 0x14}}, 0x1c002)
socket$nl_generic(0x10, 0x3, 0x10) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
dup(r1) (async)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00100}, {0x136c, 0x2, 0x0, 0x6}]}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="4d45b771fd7b01adea304c69b0d50850830833ef66aadfb5eab29ce7f56d2cc606b5ad7c636698ef05ec5f7bf6413197c8ae944dfde8048beda2463f5512cf5de3222bd9346dac9904715a4fae3f5b6f8cc5176df8aa994c1f23d53c329673421afaf6e047f2476b64267fe88cd68acaaf827f75c2cdab979642edd4b9abb2643a6b191956399fd7e93db9919d5c45000f92ea9e1683749f745f10fcbd5a1b2f2822196ec0a19d9d816d9bf61c329b0c3c2b75bbc7d5cd75dd"], 0x14}}, 0x1c002) (async)

1.280438046s ago: executing program 5 (id=4651):
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x3)
fcntl$setlease(r0, 0x400, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x54, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffffff7}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x80000001}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4c090}, 0x40)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000180)={@rand_addr=' \x01\x00', @remote, 0x4, 0x11}})
inotify_add_watch(r0, &(0x7f0000000200)='./file0\x00', 0x11000000)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000240)=0x4)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000280)='sit0\x00', 0x0, r0)
fcntl$notify(r0, 0x402, 0x8000000c)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480)=0xffffffffffffffff, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x20, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa8f}, [@jmp={0x5, 0x1, 0xa, 0x8, 0x8, 0x80, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0x55}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @jmp={0x5, 0x1, 0x8, 0x9, 0x9, 0x0, 0xffffffffffffffff}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x58, &(0x7f0000000400)=""/88, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x21, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x3, 0xe, 0x64}, 0x10, 0x0, r0, 0x1, &(0x7f0000000500), &(0x7f0000000540)=[{0x5, 0x1, 0x1}], 0x10, 0x6, @void, @value}, 0x94)
r3 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r3, &(0x7f0000000640)="8a1100bbbe7efb8547e76afd4a2445cb71a496b331c35fb9c4123cdb4e72047a95e25920fa7b1c6bb558e6eb00f3e378ce5ab61c732d65", 0x37)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000700)={'tunl0\x00', &(0x7f0000000680)={'erspan0\x00', <r4=>0x0, 0x7800, 0x8000, 0x0, 0x0, {{0x15, 0x4, 0x3, 0x8, 0x54, 0x64, 0x0, 0x0, 0x4, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x16}, {[@ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x3c, 0x72, 0x1, 0x6, [{@loopback, 0x31f}, {@private=0xa010101, 0xffb6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffff7}, {@remote, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7f}, {@rand_addr=0x64010100, 0xb}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x8}]}]}}}}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x9, 0x7fffffff, 0x49c, 0x5ebc, 0x2001, r3, 0xa, '\x00', r4, 0xffffffffffffffff, 0x4, 0x4, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r5, 0x4008941a, &(0x7f00000007c0)=0x2)
sendmmsg(r3, &(0x7f0000002540)=[{{&(0x7f0000000800)=@can={0x1d, r4}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000880)="01745c33564cb5815ed4cfb16ff1e6be13d481e6f57b0eecdb60f991a4a34d92dfed8c91047b8a8f94e0b26ee945cdce48a7a66ddedcc9c84f4b533c67c03a94c2541184a6e8d3b6de4fd9df81778105e958e307c452d84a3ca9891e78ea56ab022f22ded12a1e4cc1e93428c24515947e9ea423fb", 0x75}, {&(0x7f0000000900)="33ec706c446866094512955ecdd619ce354f4515821fb1d9ef149253c8a52aa3fe9cde4876dd776568111e2788386ba34d1d2dae370bf499d3edb9ab6bc2d84d240f9b62d30cfffb5a189e0c40d99ab4", 0x50}, {&(0x7f0000000980)="2dbffc5c844ec999d1c2a98b8602e45ae9b159429313446144295e00dd5ba345914b1adb56fc250319a2501f5fecabe7cf49e08eb4663c958f577685d3239fffe84ee0db38e0b7cd421f563f99fa2c2f86cde21e4b1ac6174412e2d3cb8584e92e992e5c43f2aae942", 0x69}, {&(0x7f0000000a00)="413189f34a987d8c9b9265e5e5d4ea3ddb49e34cf2", 0x15}], 0x4, &(0x7f0000000a80)=[{0x20, 0x10e, 0x4, "2ac61a1d3e9c3c0444123750d111072261ea68d6"}, {0x7c, 0x11e, 0x4e4, "e63458071134e2405c37fbd5b1c72cf37a455f13b3ecaef27a5c4af77f34bd01ee6ff53d91ccef0950c52c79ee075f97dd585882009cbe2f7364c02de327fdece7570725f539ec71fda53a5a7e42fdee523cc4cb1f999da2c3ab2f8e9b08ca8c3e838b8e099a1e10b6cce4fe3fe32394"}, {0xc8, 0x101, 0xfffffffc, "9f93cf377914b1a282e2f1d7433dcc978c455631f4c25584c5fbd29c1a273c952926b248be15f7ef58d54e95f2acb667c3177633389c06edff1514448bf4a5395fa14fef3dea2c50846a1fa315ee2a051ee5e10df8a39348f8d8103152a3a8a31fc8c3ead16a871fd57d18831cacd830121e22f9c020242b310a99c60437fab621097b8cb1b4ddad431c7b4b30cfee441192abc40639af84a35b4d9ba27af0f950e7356d15c73023afec936e25738045a2db86f80fd938ab9ec6af"}], 0x164}}, {{&(0x7f0000000c00)=@xdp={0x2c, 0x8, r4, 0x27}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000c80)="f496617d55d807eb4cf0dc0fd40721721310341bbd549c9a4320eed170b7e282276c5111fc871b34f61c666c5c001ebd5496fc23d174f74aa8583f3af95161d5b21e44c4e3423926b02b51970b8e770b9d2e29919877ab8a5fc2f775f14a9bf9d4b2bf00ee353fcaab255b9f92387a629145a65f5f664aa25e62baf23f5d4a19fc6c3a6883a4a39142b3", 0x8a}, {&(0x7f0000000d40)="7e76b7e7f8c05e122edb895aec0be2411103824c0403e6663af7f3f72a6335dc94eca9b01b3932f5617bec600a4b4b97c7f50e37376614c8bd6a81aaf77780ae4414f967f04ed4ce44255c88e36cea73d6c7dd89c317598843b11d82a71f98305fab4ab3c1279aacaf9378b2e2d1f727a2199326a4a22a7effaef42244fb770ac6e03f9c", 0x84}, {&(0x7f0000000e00)="d98dd3dc9c141dd0891967342600be27951a9e941978ddf0bfe0ac1f14f45c5b61c1b39423fd7cfe49b459a1bef1542b973634242ed0552c21515987caeb0ab6c2887d93a5f2293fea4853422a36cccb5544a73926678d84b375d52a036ed1cfb7bb193d098f49f01a026fe3b07d0b26bcd621e9352e993406f000ccfbed437da54f3c30d699e568fbda033cb2ba94db854ec404af0d35c9f839005b579b9af592", 0xa1}], 0x3, &(0x7f0000000f00)}}, {{&(0x7f0000000f40)=@rxrpc=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x16}}}, 0x80, &(0x7f0000002340)=[{&(0x7f0000000fc0)="668b057023428c0cd17822a07877e744244bce3d54faf69c5aa14733066174c43ba5a0e0b9548bdd554c882cd1a766b4812d6e83ab04505cafa2f0d3f96d43bf86ce0902b0b94a849ae9c51b1cca8623c3d2813298b93c1621b96fe49a1560416fa071edcaf88c4be5c43935bb5e880f30f0d706b474ce9c58e64f58709f1993f635f3e7b459dc4e1d2c68608ec973ca848101fd470bba67525f528a1ff1dfeb5a1438fd3b95f8fd97557fcd57d2f00f5a6ffba5f039bfc47aada0dc9ab420ca417468938668c6b2ea40b226c0de76ec5b2830f0f673e5a16adb4b2d5331d823c7a78227149332d40e169c892bd1e74de0660cf0d44c4513316623bf2b713dfa3d48a338e580dd14e6b3be5d20a685053cdac48aee9af9740492d734cf53004231302e104e577c42a15d87ad6efe556cef9fda7d74a6fe3bf88e7f7d8d4d94c6bfcd79064aa112879316b7b99164efeeb7fe4eb846c5b2b275e8be945f41260f072fbcf4095f97c6da3913f7284c33e2e88f39a14d76423f0d0d5ee6e54ed63af102e7fea9cd07f540fa11ce571e943cd7f2adfdad9599787896cd42ed62a610dea1528b16ae40e1671186e8a4be85f9633805f8dee8b50df1f3b0e18e0b67130dd76d455949da7eb5cfd93813ced94e9a97a189e4dfef919df5f675ae3d721bde84671a384ab50fd737a7a171fa6bff8b542b359ce9be3543dfe65344440ff0dd295727f34330f5913c8ce0954d5b7228d67daa29e64cd901293064ad5cd65c9e2142c064f2d7ac2e996e5c839458b04f66f926494fb2d4de3b531aca10b960d94d3bad60f692bdff5854a61828272277b855afc9621b8bde6d93baad54ed557abc6e72fad3d2842a9789360b46854b5bd66d10effffcf168226c19599c116e87896ff2f6d853978c9539308d4b03586860859302fa2ab79831cd0a3c9bde1b0ae1f45eb6f71a34613db1ea0c74866ae35fd4ea4553c5629bd7f621fd0400f599d425cff06a339bd12a296b3f161a9703e5de21b927e53265052749d72d61cf848d7e55e3c02e0dbd0656853f2207f79de081af25f3b1086e2ac1c79250e6c613c45266cb95e7568bc2ac3e2634546a60d8cf4761b308aba332192695b6189de7906a0312f0983719b44ff04324493284cf1239334a9342877ac6c28e5bb71f57d18d0eba7c24c0eb7ac47eebb15e9ac7e63e10f9a60ac323231880175523646b1bf13b30a776013e9dcbb461325a29303e475d0df447d71701cc598a0c88b67b8ae6bc686b429d4ff0cfda17ae08010e6207e498f4144c260b12c77d2112c225e166cf341582bdce4fea5e6f2b899519599a3a2369aa8f1d20d1112b33848e9a9f54dd4adc19a09baece1e6d30e7e984d276724532aa41a830100fba16510c99eae388efc01c262d76d37f686c6939c1328b2beb7c39a6a48b4844e8e532e699ef6c985d66d4191af4126585184a4afe19bc304e81a2d84a3ba33a4a8d476241ce1d28913b31bd7a7c6a2cf56e05b234881a4fe20281352c102afe2eb63f28b6ece94b83e9596b792e1b38bdfa5b437482072af779b1679fd2ce08c3fba23bc41e0d31542a9c9bffb004adcd72c84b3be8c51b217d80772b6f017911378ff94b73ffab4fe4a07570865e4fede3bcd81d75b02f0c1b3f20d9a30a9aead10ee24f4a0f68db2ab113a47ab12bf0a5448a7b7b91303150a1602b610a98b35c80035287cb940df5eed426a757dc57b17fdf6407b043dc46ce81c207c827ba7f9f6f73f4c56c4b99ca36d6e2619e5abe6eba6d1e7ee6821978b557fa81101a4687731bb590422305b19be3567555b86f4f15466ddab1ec23c870f01016106a860de31f24e9ad9b821c740374a7e25165254a4720efd750766e96c2a2c54159573d8940b2defe1011103f3c8296692136addd08389b0f3e35f2c8953bf6ae89a3c06f07c6e9d3bfdecf3d294c11f43d1865031493656fe55cd53fcd18d79963e60fafdca5ebd80bb9b49a2c7b60459d5a6914c85dac33f6e22628ef3748edaba50313a9aa836bab30dc2b9a9d22f54c496cd5c88d5a090ee5edd537bcfac9811309afa56db6c1d7a752dffdf6156bcb0d86b14299e5d88955cc06d6f200e1e9e068fa694bc419af1ee41e7192e1e0d6c380aed17bd85e605fe5f042e9a9dec06d80939bd3eeb3fb04d746044259f03ba3dca0ccb5f0b3accd94cebbb467a1893cfde9b59a4b248e05c3631ebf2e8341517092b695972fe045c3c5a5148362f9a372be352ba8df986d9d9b0d96212dadc291ffbbcbdec97a49b8b4ca85c67f4f541c46cd74d1f975134e0cbda7a17cc6d3edbf88c4f7375462b71a78cd865b81847aa7d131bcf6ab161950bb3745cd0768984437f6f4ceda8defe0ab56798efcdd822000b2a8301c4f4ea0570b6f05e706e87796b1d47be55d977cfd69a6e6f0ef8430f3d6bfae34aa81ed853c6ac83c495e45986a88d83e581f7d4fff7026a35a06d124414534bd2aca3c8c3442edc4a5b985701a7bd034ee3fbdc27b2cccb1e5a6cff8e1e3b38812738a6bf414998404f8fc0f2d041f039d6502a70fdb0c4dbca72f28984afea89aa2bb751291bf52081c62f166de286a5d87866be7e7e903e1c0e4867b01e3c8aa7c9aa706b2de20675ddfddb4112bf91022f5968ea63c743536acb44c0d01cf2ce49b0a40da7fee9e6a62b4a726bd1d3e833e1cd3b80b02d4b70ce4717192ba71d7bb8e20b0d7c1a6cfc1c7c1090c6d19acdcf380799e2445f2d9f716f505e0ebcc2c6341bf9bc4a9ba8b589cc1e7650e18e3db4db9f8a9a875ef3e7f85945ab59ac1c80e5de3fe56f298c45945a40a0ae94e065dd5ceae4bf83aea83429492f3f24cf8af440d800c6fcf2ed1743b17e452ba74d522ed93c7b9622ff4862601101ada5be57179161eba6e5d53ebf29976e8ab4765bd95ad8db49d69c6efdbc7567c62f9bd7aa61ad36de9c90d71d45375a078ae75f47ba0ba0386aeb67f8d474f7cf8184dc7bdac848f925f5ed96242ae9bbe8350e5734ba1fbf9b2cc670d2fd0572738f07fe2e051d50362a5ffbacf64faa05072e163bcec881ffdffcbb5c2e0a1a2fd4b57f95d73666da27ba151d87e367dcf1182a97a336505ec70a0a1790ab5ba7215ae2761b544aea5d5df704e989f96b12ac10fefe0f087002a9637fbb41bd68b7cc980cc9768fdb436b7daf712cf138e4e6ade6878fdc3ca8050f0bb245ba4864b2add3647903031df521d2182d49da2723d40ea032d7081d601918b6584aac5e3db0af37b3f5014046f6b84998c174301cb62689a4fae451c011f9c1a646ee7b12ef9df0bd34c08f29e2e34e7d4cc6169e31e0121a4922b0e422efe1eb22dadf063b920594073a02986b37c860d3e74451a79a25353887343126275b63806b398ea6977439d0a26b6ec6baa94d3fe3613fdcc9e8780fe9baca3a854711f6fb2e231346cd84f7a86db27351249670d8ae5345bda1e57ede9a45e69fc5518dd8382efa310d81243b9fe9b99b19b004c481951225d9762f9fab3d7af9c3233aad78caab0ad5942a52e26e7b3757ff338aa4388cc5583a34c6f25c9724bcecd5d333f262b853839c584d38dbd0a68004e2500e94e222921874626e43208eeae37df620d01eaa58e860c43be67a0a4485ff77fdc85b3686b7ed09999c9201f5b5426a0e5c9b85a3313078bc10c2986696acbbd7fdd45d746bdd04b8631212733cd7ba677642b70f0d263a04a591251d82603cfddf680dabc7067275088c496606823e5bf30975dc1b0db5e35acd95d617f6c702e97f72ce106d01692b3c127f7ccbcb1b9179f0c71490c0c80f61df5eacee5a65dd1ef6f5efd3005686f858e427f5a51a2e1df6ab0b64cc206a11798149b2e69f53b440cd1c50f210bcb6a08c3383cc7fb3173329ac49ef96da61396d2841db8f0669c36793fa4f9dbaa941721f183023ce63fbcf045c81077a1f0814c9d6fb6e8a15feb3e2636257406c8c0227264d3284b0466d7c65c269633caa8856062a171fce2db2c8eb0a27ab91cbc7ad4dcc1ffa81c1b651fb4877390dcf032eaa3917f4e42b61efd94577c7c30842bf0b5f59ab624d508789d2368a8b3f5c4d53fb9e7616858e071a96531d6bf97fb9e0adfdad172c02ad074d793d52150aea46aef4727cae60b07cddd7ed2c63dcb48319b6a0da3ca78e9f86f44c69a96f35836a0cfbb38439e9c584e3b7f15d02397bf485f7e2a2fe2ff27b7b9e4f592cdb6c574cb453432f324f95e257c57509fc73419d36d7fe117f87bfb8cb6603d07f94b3a939ab9f431357141a2c118330585664eed5c3eecb0ff1bcc2feef4fb25acd6b85d170496a9d9e9277a74f7085fcf205f59f979712ef824d2be26a2c80c6a8bb5f685e2675fd27934d63266fe535ced0c511f5625805bb59756f0380ff42517658d552bbf68d5447df9bf5fa94e6629cabd04867c7ca2d1211587e531d350f09f44bddf455c4f9f82557196622da4384dbbd106f6deedb567cdd27a07f7f31ee6648d39dd3efb6a0ea1b4f47da5d54450b80082fefa13938feaa7582fa79605b078b0e5ea8849357fa166edcd636fffad05fa2c2916013ca2a74ed0edf626679d3fe058e79f4a27773f7d7b56faf19c84a563a2f6e3ce832e0afed9b8d00b3762b1cb9961e8e70e0eaf4edd5809c3ab055132a62a3d3d42f238c0b70201eb2cc420dccb9de9e005833bb47d367b7ffd799a3c82b54df59cf0c8920c0ba48d39169b9d054b373d19309e282e6500493287e769b87d2bfecce6dae9c939837015dd73ed55cf6525559141ea085a007827544bcd111c0531e5bc1fea40ab47bd1c116b1cefc5a2b2c74527dd4707a3372419ea4923b70cb97636b520191cc39046aa4a9dad33858e903021e98ef5dcd3b41e8e80a99ffcf282de9f7da427674966c39efbb7a0fb8e6b0f0c1a2c84205c8ca0679c85ed63266c9d27555cb2a3a228e60f6d520d9bc0676e7866e5cb8c0005416eb1a183b71421ba4c61ce2afa65e0e4ac6f4aaefeb1ac0101d13ba50101a6a2705596124be15753d549e4d1b140647ac18a7645c7968b7d714d90da9ac1338c424b0bae9d1197bf6831474aed40f4c9bece6f75da4654c16d1fe2abd2d9a60c831b7f1c43b239a6e6fe66365f4c84c521a15ee9b39d3f6ea8f31ccebee9bf0239b2d906cf80f1848035e52d06d730846c5064baf5ef585f3016f3a07b671d760be58e1ebdc785866bcaa654722fed1a9fcdb0838a85ed4c681b1f6d78b09d97c9a0c32d8e3b25e62059f8831af3394273ba40127440707c9efe26f28d901324c825773343ccaf8096f14b00d411fcd15d47e2e23c02a8c20fbeb78957dcefe3b8166431fa50283441f36edcbeaae76acfa88edf7e2223c36e41de74ff3fb599e52e6d44c1914196a95901e23c07b11f52553f1e5b8060f8b9c2174740b0ee6975edb48c47043933cb423b8601015e736d9b32abf9c488d73de487423c8ac4992d60c553445d755fbf46d8b2b70a3b57d81d7c670452c1e8f4c3566ff90a52d5f8c8cc9c27f590782e60f51eb9ebaedfde054fc3e7d4042d39fd6c60ad0450cac1ee06b1af92e020f13d21972db57db9131130c55cd7f723af9a2fa79ea4b6d584574adc81566cc8353254a2dd8d8d10851f702852e4cc67d029b3f9fb4148850f84d6454359fd8f67deaa6db0aaa27f40b8ea19e60a12d75edef8ef37f82ae71b81feef9cb2385de229da7b1a9d863a81654ae9bf8b80491dcfe84ab073c875ea79478ad20101c240126845bd660353949ccf69d32d", 0x1000}, {0xffffffffffffffff}, {&(0x7f0000001fc0)="213fc9a719bbd842a345c81d884d1575bbea6896fdd6c8fa4f4dae72b29ab10dc7870743cc250e1feac01a7ed5380b0e82a71c6f7009770fc305f05e7630fbebd9b35eacacac6e30c7495ca59632d89407b05d8413606f0d9332b27302c5bf3a8fdfed78f02aeab4edd47e936d5e81485aa0a1cd0e993163e0f804534d40d3e8f370d4c101d4932d7478957ddd2115d08ff3226ad776e241fd7ac1c415bb5200138c9d90c7c25e263fa944684c9db657b9d12cc6b4d5733fcc359bb92da65a7f26d5ce20ad64cfd7a8e06b907da104326a1e2512cab4cb05887489fea1", 0xdd}, {&(0x7f00000020c0)="532bb73450da4492d924e571a1a21652033ee9b53c302a8bbbcb427e9fc16705f6d6d18acc780bd0123682ad373efdd6b2323b9a04609eba7fa5ed8a2d47059fcd97da4b4e143af9f59f75e2b3a5098dcc726e711374b4ee9e0ce3deed1617800dc15db6549f77bcd154468708d032dd28e0657dfe01ec8d8c47a9545f594920d4b89ec7fa0014fc55976be63f4401453c913d61e58c", 0x96}, {&(0x7f0000002180)="b15d56d051e6c384e4653bfa6f5f84a73d6e6313941986a0fdac2c991f50fb32c63a7d71a07885ca9945f8639f427e68f30a39f375b170bafe3a7c6ecd12220d14ad71a24a091604bd21f788a2db25ee5e15bcaa6bc7f1acdb528734be9595337fd88e3f18d1abd00ed5fa9721ffa887dfe15234d3cda374e1b9c7b9704a6ce5bdf14d42ca56104e44876ec5c00670ce15c9d2e57e6bd4b6a07850cb846325b61c485a0c1537ed0eab5d22b585", 0xad}, {&(0x7f0000002240)="32de4a6c562280b96b1e14ccb45e23b98020beff838e543e3f3be45b8cbc3fc09f0ea51eff7f5d3e74c4b04af06ee08ffef59339deae531df1887e39d64490d2546532a275cf050a3d4e9b9dc2fa6449030a1e80f051", 0x56}, {&(0x7f00000022c0)="d50a86f4ac4755c830338fdc60686ba153d644727f2289989ce5940f80f33afeaa58d9084f18448e6cd0af4a358035281e5958d2add6b11b660dffb2b0414fa8762ba7", 0x43}], 0x7, &(0x7f0000002380)=[{0xb4, 0x118, 0x6, "8b3091b906bb1df3b263fd7e54bb62819d545bc8ec090dc8fcb5b055e8609ff279ad717963fc2248a4f60d86d4e02f1171818a18968a152a263deaf82110e17a0b3b4439ffd3a66acff7783ffd91a984c126b59a5b0b0621adc6fc1047a10c33bd27d7818be702e03180c36eed75ac719f6fee104737489ff1c16116d6919327f577148617780b031ead66850575330ffe902955c0801612ac2cd236b46086588b8cded891c4"}, {0xf0, 0x116, 0x8, "899db0d7bcef04bee6bec3897e1d3b3bb4e87f3be24a5338a61d49a65d6d29c857a776bc2e5077cf1fa4b5c6eca8d49f7ca95ac695db5feee3cc2af96a0a39d3ef18596dce026d1d01a65100f8ecd28d0a5cb704ee2fb154e2796cb6e717481de286a0f03dadf98c56c6f71605f4b90fad3773acc31fcf47466e5629dab3fae4eadc4cb3f8cbf02d82976cbff68fde6a8edf4e9c3ba39ec39bc987f40f26cd037193de205eee31bc2779623f31aa6dfc0bf5e54a2f8f8bdeb0eddecdbc18b0e12e5549d62912c6e432655490126156653859df397d2cf539ec348cb72624d61a96ba381b"}], 0x1a4}}], 0x3, 0x4)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000025c0)={<r6=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r3, 0xc01864cd, &(0x7f0000002680)={&(0x7f0000002600)=[r6], &(0x7f0000002640)=[0x4, 0x100, 0x7, 0x200, 0x5, 0x1000, 0x9], 0x1})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000026c0))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000002740)={{0x1, 0x1, 0x18, <r7=>0xffffffffffffffff}, './file0/file0\x00'})
getsockname$l2tp(r7, &(0x7f0000002780), &(0x7f00000027c0)=0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002b40)={0x18, 0x17, &(0x7f0000002800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000028c0)='GPL\x00', 0x4, 0xd0, &(0x7f0000002900)=""/208, 0x40f00, 0x4, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000002a00)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000002a40)={0x2, 0xb, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000002a80)=[r5, r5, r3], &(0x7f0000002ac0)=[{0x4, 0x4, 0xa}, {0x3, 0x1, 0x0, 0x1}, {0x3, 0x3, 0xc, 0x2}, {0x4, 0x1, 0x2, 0x2}, {0x0, 0x4, 0x2, 0x8}, {0x3, 0x2, 0xe, 0x9}, {0x0, 0x2, 0xd, 0xb}, {0x1, 0x1, 0x3, 0xc}], 0x10, 0x4, @void, @value}, 0x94)
r9 = openat$cgroup_root(0xffffff9c, &(0x7f0000002c40)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000002c00)={@cgroup=r9, r8, 0x6, 0x14, 0x0, @void, @value=r2}, 0x20)
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000002c80))
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000002d40)={0x3, 0x40, [0x2, 0x2, 0x9, 0x6], &(0x7f0000002d00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r5, 0x6628)
mkdirat(r7, &(0x7f0000002d80)='./file0\x00', 0x10)

1.220596047s ago: executing program 5 (id=4652):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
writev(r1, &(0x7f0000000140)=[{&(0x7f00000009c0)="53514a0d7ebd", 0x6}], 0x1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x5, 0x1, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f000053f000/0x4000)=nil, 0x4000, 0xf)
munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000000906010800000001000000000200ffff0900020073797a310000000008000940000000390600010007000000100008800c000780080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
pselect6(0x40, &(0x7f0000000040)={0x52f, 0x1, 0x79f, 0x81, 0x1, 0x1, 0x80000001, 0x9}, &(0x7f0000000080)={0x9, 0x7ff, 0xe7, 0x6, 0x27, 0x6d5572b0, 0x7, 0x8}, &(0x7f0000000400)={0xfffffffffffffffc, 0x0, 0x10001, 0x7, 0x8, 0x9775, 0xffc, 0xa}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000280)={&(0x7f0000000200)={[0x6, 0x5]}, 0x8})

1.220159257s ago: executing program 4 (id=4653):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11ec1e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0xe4}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_emit_ethernet(0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff41bfb0d8298a86dd6012000800403a0000000000000000000000ffffac1e0001fe8000000000000000000000000000aa03029078000000006002081000001102fc0100000000000000000000000000000000000000000000000000000000010000000000000000000106000000000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)="183a", 0x2, 0xfffffffffffffffd)
keyctl$revoke(0x3, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})
add_key(&(0x7f0000000640)='user\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000006c0)="8944", 0x2, 0xfffffffffffffffd)

1.150842773s ago: executing program 5 (id=4654):
r0 = syz_io_uring_setup(0x82e, &(0x7f00000005c0)={0x0, 0x20000020, 0x10100, 0x3, 0xfffffffd}, &(0x7f0000000540), &(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRES64=r0], &(0x7f0000000000)='GPL\x00', 0x3, 0xc2, &(0x7f0000001040)=""/194, 0x41000, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r1 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x1, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x2102, 0x22008}}, 0x20}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x3, 0x7ffc1ffb}]})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r5, &(0x7f00000009c0)={0x2, 0x4e34, @empty}, 0x10)
writev(r1, &(0x7f0000000500)=[{&(0x7f00000003c0)="7d29cdbdb6d3f1fa3db706ce3884034118d98cd351d57e79e9075de84623c79763f4fa377e5f316a311fac289bae375b2fe009d18b3ff3e8832fc3df1028ef91733ec8896550f6e7e15ca4826215f78c5fcd", 0x52}, {&(0x7f0000000040)="38165080cdc3", 0x6}, {&(0x7f0000000640)="a0fa6064b4a1b0fabbd7b96b8f0f26c5aff90676c57e5893915c6f853bdcc9573984f4574cc8ea76c3c210a256c8eafbbd67e39f1515a4c3f13dbb2c05702bfd4a72d0926f458da4960fe535109c75c2d7471409fa0cc0d52f9d43901bd081958c5c91d0e683ce4b5b95d451e62b2c596308ade6f75181fe1a2990ac237241df556053bc8adf906c9eae63fd764c9aabca30da0fc139c41e5b05eef3f375d8cada511ef371cd47d82c0fe2ca8b4675866a18c41a27328e8db1ed0845143b8634f5d63ac03482031af5e8b5eb632e99c9a4ca572556be7fb70a2922aafe0ad6925e4736410ece320322b521c9d3f53cc6b093a0984189be3a9cccde33", 0xfc}, {&(0x7f0000000440)="d0d154a99d7b7ef5d3285f464d341c7c95f7093aec5baa3bf3b9bbd5734ae7b95ff5d4e931718d9adaf5cfb01063454522ef1a8e4a676ba5e3b8cd5b90d6c70c714955b0948293fc209028cbf8e23ef806bb5486a845345f0ebc521710a44f590f9961964d17d5da10039b02eb3732ef0c3490b65a", 0x75}], 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x40)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsu(&(0x7f0000000280), 0xea47, 0x40881)

977.859612ms ago: executing program 1 (id=4655):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
setreuid(0xee01, 0xee01)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x7f, 0x2)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xf}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700680081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

609.626616ms ago: executing program 0 (id=4656):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r3, 0x0, 0xa002a0}, 0x38) (fail_nth: 10)

291.099467ms ago: executing program 4 (id=4657):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48054}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)}], 0x1)

290.674309ms ago: executing program 4 (id=4658):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) (async)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
msgget(0x2, 0x600) (async)
r0 = msgget(0x2, 0x600)
msgrcv(r0, 0xfffffffffffffffe, 0x0, 0x0, 0x1000)
msgsnd(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02"], 0x6, 0x800)
msgrcv(r0, &(0x7f0000000000)={0x0, ""/237}, 0xf5, 0x0, 0x2000)
msgsnd(r0, &(0x7f0000000100)={0x2}, 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$alg(0x26, 0x5, 0x0) (async)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
socket(0x9, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)

881.567µs ago: executing program 1 (id=4659):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x18)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]})

575.551µs ago: executing program 4 (id=4660):
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x286580, 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
openat$bsg(0xffffffffffffff9c, &(0x7f00000003c0), 0x880, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f00000003c0)=ANY=[], 0xfe8e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r4 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0xd2, &(0x7f0000000540)={0x0, 0x1, 0x1, 0xfffffffd}, &(0x7f0000000280)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r7, 0x47ba, 0x0, 0x0, 0x0, 0x0)
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c00000010003904fcffffff0000000000000000", @ANYRES32, @ANYBLOB="00000000422200042c00128008000100677265002000028008000500bb7e00000800040006"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x844)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xac, 0x0, 0x2, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x35}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x14}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x28, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x193ae6a7c780e5e5}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x19}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x20008000}, 0x1)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20)
r10 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r10, 0x10f, 0x82, &(0x7f0000001100)=0x7f2, 0x4)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000001f0000000200000022bf000003150000", @ANYRES32, @ANYBLOB="0000000000000000000000000010000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r11, 0x0, 0xa002a0}, 0x38)

214.469µs ago: executing program 5 (id=4661):
socket(0x10, 0x803, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)='./file1\x00', 0x0, 0x100, 0x12345})
r0 = syz_io_uring_setup(0x81f, &(0x7f0000000480)={0x0, 0x0, 0x10, 0x1, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1fffffffffffffaa, &(0x7f0000000200)=[{0x30, 0x9, 0x0, 0x6}]}, 0xfffffffffffffdf1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000040)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd=r6}, @nested={0x14, 0x2b, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @fd=r5}, @typed={0x8, 0x1, 0x0, 0x0, @fd}]}]}, 0x2c}], 0x1}, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000680)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f08676ac744240012e93bf96766c744240201000000f20f78ecf5543e660f3829544e66b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019c09000f01c2", 0x69}], 0x1, 0x7d, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
r9 = memfd_create(&(0x7f0000000740)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c\xfa\xb4q\xbb\x7fN\xd1\r%;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\x12?\xc7zL\x01\r-\x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc\xbe\xb6\xa7w\x9d\xf1\xe5V\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca', 0x4)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r9, 0x0)
ioctl$SOUND_MIXER_READ_CAPS(r8, 0x80044dfc, &(0x7f0000000000))
io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0)

0s ago: executing program 1 (id=4662):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xfd9c, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x100, 0xe000000, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, &(0x7f00000001c0)={<r2=>r0, 0x9, 0x4b, 0x9})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r2, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000640)=@filter={'filter\x00', 0x2, 0x4, 0x5c0, 0xffffffff, 0xc8, 0xc8, 0xc8, 0xfeffffff, 0xffffffff, 0x4f8, 0x4f8, 0x4f8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private1, @mcast1, [], [], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4, 0x0, 0x40, 0x0, 0x2, 0xf8e74ba, 0x1ff, 0x5d8}}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x2, 0x0, [@ipv4={'\x00', '\xff\xff', @broadcast}, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @remote, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @dev={0xfe, 0x80, '\x00', 0x32}, @local, @remote, @private1, @private0, @dev={0xfe, 0x80, '\x00', 0x2c}, @mcast2]}}]}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{}, {}, {0xffff, 0x4}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x61c) (fail_nth: 7)

kernel console output (not intermixed with test programs):

  T40] audit: type=1326 audit(1742612772.770:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19370 comm="syz.5.3867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  585.828301][   T40] audit: type=1326 audit(1742612772.770:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19370 comm="syz.5.3867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  585.835627][   T40] audit: type=1326 audit(1742612772.770:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19370 comm="syz.5.3867" exe="/syz-executor" sig=0 arch=40000003 syscall=280 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  585.841738][   T40] audit: type=1326 audit(1742612772.770:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19370 comm="syz.5.3867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  586.566674][T19393] netlink: 252 bytes leftover after parsing attributes in process `syz.5.3873'.
[  586.569293][T19393] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3873'.
[  587.618974][T19433] fuse: Unknown parameter 'f��Jzd'
[  587.676249][T19434] 9pnet_fd: Insufficient options for proto=fd
[  589.528287][T19464] tmpfs: Unknown parameter 'mpoliaveBrelati���('
[  589.859820][T19467] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  590.031665][T19473] FAULT_INJECTION: forcing a failure.
[  590.031665][T19473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  590.051015][T19473] CPU: 1 UID: 0 PID: 19473 Comm: syz.1.3892 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  590.051038][T19473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  590.051047][T19473] Call Trace:
[  590.051053][T19473]  <TASK>
[  590.051059][T19473]  dump_stack_lvl+0x16c/0x1f0
[  590.051162][T19473]  should_fail_ex+0x50a/0x650
[  590.051193][T19473]  __fpu_restore_sig+0xf5/0x1430
[  590.051206][T19473]  ? lock_acquire.part.0+0x11b/0x380
[  590.051222][T19473]  ? __pfx___fpu_restore_sig+0x10/0x10
[  590.051240][T19473]  ? lock_acquire+0x2f/0xb0
[  590.051253][T19473]  ? __might_fault+0xe3/0x190
[  590.051265][T19473]  fpu__restore_sig+0x113/0x190
[  590.051279][T19473]  ia32_restore_sigcontext+0x40f/0x5d0
[  590.051298][T19473]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  590.051312][T19473]  ? __pfx_lock_release+0x10/0x10
[  590.051328][T19473]  ? _raw_spin_unlock_irq+0x23/0x50
[  590.051341][T19473]  ? lockdep_hardirqs_on+0x7c/0x110
[  590.051357][T19473]  __do_compat_sys_rt_sigreturn+0x121/0x1f0
[  590.051372][T19473]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  590.051390][T19473]  do_int80_emulation+0x104/0x200
[  590.051406][T19473]  asm_int80_emulation+0x1a/0x20
[  590.051419][T19473] RIP: 0023:0xf7f47579
[  590.051428][T19473] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  590.051438][T19473] RSP: 002b:00000000f502455c EFLAGS: 00000296
[  590.051446][T19473] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  590.051452][T19473] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000
[  590.051458][T19473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  590.051464][T19473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  590.051470][T19473] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  590.051481][T19473]  </TASK>
[  590.108370][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.581669][T19499] syz.1.3900: attempt to access beyond end of device
[  591.581669][T19499] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  591.585642][T19499] XFS (nbd1): SB validate failed with error -5.
[  591.732329][   T64] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  591.882177][   T64] usb 5-1: Using ep0 maxpacket: 32
[  591.884814][   T64] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.887799][   T64] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.890446][   T64] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  591.902226][   T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.905229][   T64] usb 5-1: config 0 descriptor??
[  592.314433][   T64] savu 0003:1E7D:2D5A.0012: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  592.459467][T19518] netlink: 168 bytes leftover after parsing attributes in process `syz.5.3901'.
[  592.573116][   T36] usb 5-1: USB disconnect, device number 58
[  592.592314][   T64] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[  592.650366][T19524] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3907'.
[  592.751867][   T64] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  592.754976][   T64] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  592.757679][   T64] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  592.760184][   T64] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.764019][T19517] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  592.767525][   T64] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  593.481318][ T5989] usb 9-1: USB disconnect, device number 35
[  593.709007][T19540] FAULT_INJECTION: forcing a failure.
[  593.709007][T19540] name failslab, interval 1, probability 0, space 0, times 0
[  593.712632][T19540] CPU: 1 UID: 0 PID: 19540 Comm: syz.1.3910 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  593.712656][T19540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  593.712663][T19540] Call Trace:
[  593.712666][T19540]  <TASK>
[  593.712670][T19540]  dump_stack_lvl+0x16c/0x1f0
[  593.712689][T19540]  should_fail_ex+0x50a/0x650
[  593.712699][T19540]  ? fs_reclaim_acquire+0xae/0x150
[  593.712714][T19540]  ? tomoyo_encode2+0x100/0x3e0
[  593.712727][T19540]  should_failslab+0xc2/0x120
[  593.712737][T19540]  __kmalloc_noprof+0xcb/0x510
[  593.712752][T19540]  ? d_absolute_path+0x137/0x1b0
[  593.712763][T19540]  ? rcu_is_watching+0x12/0xc0
[  593.712776][T19540]  tomoyo_encode2+0x100/0x3e0
[  593.712791][T19540]  tomoyo_encode+0x29/0x50
[  593.712804][T19540]  tomoyo_realpath_from_path+0x19d/0x720
[  593.712822][T19540]  tomoyo_path_number_perm+0x248/0x590
[  593.712834][T19540]  ? tomoyo_path_number_perm+0x235/0x590
[  593.712847][T19540]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  593.712871][T19540]  ? __pfx_lock_release+0x10/0x10
[  593.712884][T19540]  ? trace_lock_acquire+0x14e/0x1f0
[  593.712898][T19540]  ? lock_acquire+0x2f/0xb0
[  593.712910][T19540]  ? __fget_files+0x40/0x3a0
[  593.712926][T19540]  ? __fget_files+0x206/0x3a0
[  593.712946][T19540]  security_file_ioctl_compat+0x9b/0x240
[  593.712961][T19540]  __do_compat_sys_ioctl+0x4e/0x2c0
[  593.712974][T19540]  __do_fast_syscall_32+0x73/0x120
[  593.712991][T19540]  do_fast_syscall_32+0x32/0x80
[  593.713006][T19540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  593.713022][T19540] RIP: 0023:0xf7f47579
[  593.713031][T19540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  593.713040][T19540] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  593.713050][T19540] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080047456
[  593.713057][T19540] RDX: 0000000080002300 RSI: 0000000000000000 RDI: 0000000000000000
[  593.713062][T19540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  593.713068][T19540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  593.713073][T19540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  593.713085][T19540]  </TASK>
[  593.713117][T19540] ERROR: Out of memory at tomoyo_realpath_from_path.
[  594.632659][T19561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3916'.
[  594.651325][T19561] 8021q: adding VLAN 0 to HW filter on device bond3
[  594.653959][T19561] bond0: (slave bond3): Enslaving as an active interface with an up link
[  594.657563][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  594.657572][   T40] audit: type=1326 audit(1742612781.630:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19555 comm="syz.5.3915" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0
[  594.930576][T19569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3918'.
[  595.052361][T19571] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3918'.
[  597.709728][T19598] FAULT_INJECTION: forcing a failure.
[  597.709728][T19598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  597.713518][T19598] CPU: 0 UID: 0 PID: 19598 Comm: syz.5.3926 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  597.713531][T19598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  597.713538][T19598] Call Trace:
[  597.713542][T19598]  <TASK>
[  597.713546][T19598]  dump_stack_lvl+0x16c/0x1f0
[  597.713564][T19598]  should_fail_ex+0x50a/0x650
[  597.713576][T19598]  _copy_to_user+0x32/0xd0
[  597.713589][T19598]  pagemap_read+0x536/0x880
[  597.713606][T19598]  ? __pfx_pagemap_read+0x10/0x10
[  597.713620][T19598]  ? iov_iter_advance+0x1e3/0x6c0
[  597.713631][T19598]  ? rw_verify_area+0xcf/0x680
[  597.713643][T19598]  ? __pfx_pagemap_read+0x10/0x10
[  597.713656][T19598]  vfs_readv+0x6c2/0x8a0
[  597.713667][T19598]  ? __pfx___lock_acquire+0x10/0x10
[  597.713681][T19598]  ? find_held_lock+0x2d/0x110
[  597.713694][T19598]  ? __pfx_vfs_readv+0x10/0x10
[  597.713709][T19598]  ? __fget_files+0x1fc/0x3a0
[  597.713723][T19598]  ? __pfx_lock_release+0x10/0x10
[  597.713741][T19598]  ? __fget_files+0x206/0x3a0
[  597.713758][T19598]  ? do_preadv+0x1b1/0x270
[  597.713769][T19598]  do_preadv+0x1b1/0x270
[  597.713782][T19598]  ? __pfx_do_preadv+0x10/0x10
[  597.713798][T19598]  __do_fast_syscall_32+0x73/0x120
[  597.713814][T19598]  do_fast_syscall_32+0x32/0x80
[  597.713829][T19598]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  597.713846][T19598] RIP: 0023:0xf7fe8579
[  597.713854][T19598] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  597.713864][T19598] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  597.713873][T19598] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000640
[  597.713880][T19598] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  597.713885][T19598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  597.713891][T19598] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  597.713896][T19598] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  597.713907][T19598]  </TASK>
[  597.997900][T19603] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3927'.
[  598.461537][T19612] overlayfs: missing 'lowerdir'
[  600.332812][T19654] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3945'.
[  600.336791][T19654] fuse: Bad value for 'fd'
[  601.252937][T19677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3951'.
[  601.262968][T19677] 8021q: adding VLAN 0 to HW filter on device bond3
[  601.265611][T19677] bond0: (slave bond3): Enslaving as an active interface with an up link
[  602.172864][T19693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3955'.
[  602.175996][T19693] fuse: Bad value for 'fd'
[  602.702264][T14792] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  602.857868][T14792] usb 10-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  602.862227][T14792] usb 10-1: config 0 interface 0 has no altsetting 0
[  602.867641][T14792] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  602.870092][T14792] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  602.872865][T14792] usb 10-1: Product: syz
[  602.874001][T14792] usb 10-1: Manufacturer: syz
[  602.875325][T14792] usb 10-1: SerialNumber: syz
[  602.877369][T14792] usb 10-1: config 0 descriptor??
[  602.886395][T14792] snd-usb-audio 10-1:0.0: probe with driver snd-usb-audio failed with error -22
[  603.383770][T19719] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  605.533374][   T31] usb 10-1: USB disconnect, device number 18
[  605.786323][T19744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3968'.
[  605.789861][T19744] fuse: Bad value for 'fd'
[  605.990401][T19750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3971'.
[  606.565429][ T5955] Bluetooth: hci1: unexpected event for opcode 0x040d
[  607.876989][T19785] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3981'.
[  608.612082][T19795] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3982'.
[  608.984202][T19802] x_tables: duplicate underflow at hook 2
[  609.592587][T14578] Bluetooth: hci1: unexpected event for opcode 0x040d
[  609.714626][T14578] Bluetooth: hci4: unexpected event for opcode 0x040d
[  610.167104][T19827] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3993'.
[  610.473855][T19831] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3995'.
[  610.594817][T19833] 9pnet_fd: Insufficient options for proto=fd
[  610.919275][ T5955] Bluetooth: hci2: unexpected event for opcode 0x040d
[  610.994353][T19843] bond1: (slave gretap1): Releasing active interface
[  611.048997][T19843] bond0: (slave bond3): Releasing backup interface
[  611.124872][T19842] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3999'.
[  611.221050][T19854] fuse: Bad value for 'fd'
[  612.711478][T19875] netlink: 'syz.5.4007': attribute type 10 has an invalid length.
[  612.714495][T19875] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4007'.
[  612.717821][T19875] team0: entered promiscuous mode
[  612.719941][T19875] team_slave_0: entered promiscuous mode
[  612.727603][T19875] team_slave_1: entered promiscuous mode
[  612.730310][T19875] bridge0: port 3(team0) entered blocking state
[  612.734159][T19875] bridge0: port 3(team0) entered disabled state
[  612.737028][T19875] team0: entered allmulticast mode
[  612.738993][T19875] team_slave_0: entered allmulticast mode
[  612.741283][T19875] team_slave_1: entered allmulticast mode
[  612.748274][T19875] bridge0: port 3(team0) entered blocking state
[  612.750039][T19875] bridge0: port 3(team0) entered forwarding state
[  613.016745][T19884] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4009'.
[  613.363939][T19891] block device autoloading is deprecated and will be removed.
[  613.413397][T19886] md2: using deprecated bitmap file support
[  613.415776][T19886] md2: error: bitmap file must open for write
[  613.848585][T14792] kernel write not supported for file /vcs (pid: 14792 comm: kworker/2:3)
[  614.131130][T19920] wg2: left promiscuous mode
[  614.132935][T19920] wg2: left allmulticast mode
[  614.150615][T19920] veth1_macvtap: left allmulticast mode
[  614.153458][T19920] macsec0: left promiscuous mode
[  614.155072][T19920] macsec0: left allmulticast mode
[  614.309973][T19924] Invalid logical block size (8192)
[  614.378953][T19926] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  614.381188][T19926] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  614.385618][T19920] bond1: left promiscuous mode
[  614.386215][T19926] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  614.389355][T19920] bond1: left allmulticast mode
[  614.399800][T19920] bond2: (slave gretap1): Releasing active interface
[  614.409297][T19920] bond0: (slave bond3): Releasing backup interface
[  614.434921][T19930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4027'.
[  614.438430][T19930] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4027'.
[  614.440963][T19930] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4027'.
[  614.823550][   T36] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  615.006632][   T36] usb 9-1: config index 0 descriptor too short (expected 45, got 36)
[  615.009001][   T36] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  615.012695][   T36] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  615.016964][   T36] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  615.021899][   T36] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  615.027127][   T36] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.034777][   T36] usb 9-1: config 0 descriptor??
[  615.037380][T19932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  615.506158][   T36] plantronics 0003:047F:FFFF.0013: unknown main item tag 0xd
[  615.508934][   T36] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  615.513031][   T36] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  616.009352][ T5989] usb 9-1: USB disconnect, device number 36
[  616.337905][   T36] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  616.462301][   T36] usb 10-1: device descriptor read/64, error -71
[  616.712484][   T36] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  616.862345][   T36] usb 10-1: device descriptor read/64, error -71
[  616.982349][   T36] usb usb10-port1: attempt power cycle
[  617.342394][   T36] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  617.372742][   T36] usb 10-1: device descriptor read/8, error -71
[  617.737451][   T36] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  617.892848][   T36] usb 10-1: device descriptor read/8, error -71
[  618.003875][   T36] usb usb10-port1: unable to enumerate USB device
[  618.292593][T20002] random: crng reseeded on system resumption
[  618.474218][T20006] netlink: 136 bytes leftover after parsing attributes in process `syz.1.4047'.
[  618.615114][ T5955] Bluetooth: hci4: unexpected event for opcode 0x040d
[  618.999648][T20020] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4059'.
[  619.520267][ T5955] Bluetooth: hci4: unexpected event for opcode 0x040d
[  620.332272][T20042] FAULT_INJECTION: forcing a failure.
[  620.332272][T20042] name failslab, interval 1, probability 0, space 0, times 0
[  620.336663][T20042] CPU: 0 UID: 0 PID: 20042 Comm: syz.1.4057 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  620.336677][T20042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  620.336683][T20042] Call Trace:
[  620.336687][T20042]  <TASK>
[  620.336691][T20042]  dump_stack_lvl+0x16c/0x1f0
[  620.336710][T20042]  should_fail_ex+0x50a/0x650
[  620.336721][T20042]  ? fs_reclaim_acquire+0xae/0x150
[  620.336735][T20042]  ? alloc_fs_context+0x57/0x9c0
[  620.336749][T20042]  should_failslab+0xc2/0x120
[  620.336760][T20042]  __kmalloc_cache_noprof+0x68/0x410
[  620.336774][T20042]  ? lockdep_hardirqs_on+0x7c/0x110
[  620.336791][T20042]  alloc_fs_context+0x57/0x9c0
[  620.336807][T20042]  __ia32_sys_fsopen+0xef/0x240
[  620.336819][T20042]  __do_fast_syscall_32+0x73/0x120
[  620.336835][T20042]  do_fast_syscall_32+0x32/0x80
[  620.336849][T20042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  620.336866][T20042] RIP: 0023:0xf7f47579
[  620.336874][T20042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  620.336884][T20042] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 00000000000001ae
[  620.336894][T20042] RAX: ffffffffffffffda RBX: 0000000080002240 RCX: 0000000000000000
[  620.336901][T20042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  620.336906][T20042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  620.336912][T20042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  620.336918][T20042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  620.336929][T20042]  </TASK>
[  620.437813][T20046] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  621.536956][T20061] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.621434][T20061] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.695525][T20061] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.744914][T20061] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.797644][T20061] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  621.803425][T20061] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  621.814737][T20061] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  621.838545][T20061] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  623.804268][T20069] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4067'.
[  624.249742][T20074] team0: left promiscuous mode
[  624.319481][T20074] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.321968][T20074] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.325218][T20074] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.327709][T20074] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.340299][T20074] veth3: left promiscuous mode
[  624.341712][T20074] veth3: left allmulticast mode
[  624.345769][ T6006] wg1 speed is unknown, defaulting to 1000
[  624.747118][T20083] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4069'.
[  625.792256][   T64] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  625.846202][   T40] audit: type=1326 audit(1742612812.820:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20096 comm="syz.4.4075" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x0
[  625.932275][   T64] usb 10-1: device descriptor read/64, error -71
[  626.182767][   T64] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  626.312313][   T64] usb 10-1: device descriptor read/64, error -71
[  626.422441][   T64] usb usb10-port1: attempt power cycle
[  626.772284][   T64] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  626.804823][   T64] usb 10-1: device descriptor read/8, error -71
[  627.042206][   T64] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  627.062970][   T64] usb 10-1: device descriptor read/8, error -71
[  627.185736][   T64] usb usb10-port1: unable to enumerate USB device
[  627.748396][T20124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4080'.
[  627.992279][ T1016] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  628.153464][ T1016] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  628.156870][ T1016] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  628.160045][ T1016] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  628.162901][ T1016] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.168212][T20120] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  628.172474][ T1016] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  628.414955][ T1016] usb 9-1: USB disconnect, device number 37
[  630.130596][T20159] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4090'.
[  630.154436][T20159] x86/PAT: syz.4.4090:20159 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[  630.160541][T20159] x86/PAT: syz.4.4090:20159 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[  630.372352][T20163] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4091'.
[  630.375512][T20163] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4091'.
[  630.423220][T14792] usb 9-1: new high-speed USB device number 38 using dummy_hcd
[  630.552228][T14792] usb 9-1: device descriptor read/64, error -71
[  630.792435][T14792] usb 9-1: new high-speed USB device number 39 using dummy_hcd
[  630.922286][T14792] usb 9-1: device descriptor read/64, error -71
[  631.034990][T14792] usb usb9-port1: attempt power cycle
[  631.373935][T14792] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[  631.402801][T14792] usb 9-1: device descriptor read/8, error -71
[  631.527808][T20173] sp0: Synchronizing with TNC
[  631.642247][T14792] usb 9-1: new high-speed USB device number 41 using dummy_hcd
[  631.662825][T14792] usb 9-1: device descriptor read/8, error -71
[  631.772667][T14792] usb usb9-port1: unable to enumerate USB device
[  631.817766][T20181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4096'.
[  632.780068][T20195] netlink: 'syz.0.4100': attribute type 9 has an invalid length.
[  633.471583][ T5955] Bluetooth: hci2: unexpected event for opcode 0x040d
[  633.983082][ T2484] pvrusb2: request_firmware fatal error with code=-110
[  633.985281][ T2484] pvrusb2: Failure uploading firmware1
[  633.986986][ T2484] pvrusb2: Device initialization was not successful.
[  633.988824][ T2484] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  633.991964][ T2484] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  633.995490][   T57] pvrusb2: Device being rendered inoperable
[  634.247126][T20229] FAULT_INJECTION: forcing a failure.
[  634.247126][T20229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  634.251160][T20229] CPU: 1 UID: 0 PID: 20229 Comm: syz.1.4110 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  634.251174][T20229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  634.251180][T20229] Call Trace:
[  634.251189][T20229]  <TASK>
[  634.251194][T20229]  dump_stack_lvl+0x16c/0x1f0
[  634.251224][T20229]  should_fail_ex+0x50a/0x650
[  634.251241][T20229]  __kvm_read_guest_page+0x16b/0x210
[  634.251256][T20229]  kvm_fetch_guest_virt+0x128/0x1a0
[  634.251275][T20229]  __do_insn_fetch_bytes+0x420/0x6d0
[  634.251293][T20229]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  634.251309][T20229]  ? find_held_lock+0x2d/0x110
[  634.251322][T20229]  ? kvm_tdp_page_fault+0x295/0x3d0
[  634.251335][T20229]  x86_decode_insn+0xb91/0x5530
[  634.251352][T20229]  ? vmx_segment_cache_test_set+0x14b/0x400
[  634.251367][T20229]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  634.251383][T20229]  ? __pfx_x86_decode_insn+0x10/0x10
[  634.251395][T20229]  ? vmx_cache_reg+0x333/0x5e0
[  634.251409][T20229]  ? kvm_register_read_raw+0xe9/0x240
[  634.251424][T20229]  ? init_decode_cache+0xd/0x210
[  634.251436][T20229]  ? init_emulate_ctxt+0x338/0x510
[  634.251447][T20229]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  634.251459][T20229]  ? mark_lock+0xb5/0xc60
[  634.251475][T20229]  x86_emulate_instruction+0x9c1/0x1a90
[  634.251491][T20229]  handle_ud+0x104/0x280
[  634.251501][T20229]  ? __pfx_handle_ud+0x10/0x10
[  634.251518][T20229]  handle_exception_nmi+0x83e/0x1410
[  634.251534][T20229]  ? trace_lock_acquire+0x14e/0x1f0
[  634.251545][T20229]  ? __pfx_handle_exception_nmi+0x10/0x10
[  634.251562][T20229]  vmx_handle_exit+0x6a4/0x1a30
[  634.251584][T20229]  vcpu_run+0x2af3/0x4cc0
[  634.251609][T20229]  ? __pfx_vcpu_run+0x10/0x10
[  634.251623][T20229]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  634.251644][T20229]  ? rcu_is_watching+0x12/0xc0
[  634.251659][T20229]  ? trace_lock_acquire+0x14e/0x1f0
[  634.251670][T20229]  ? __local_bh_enable_ip+0xa4/0x120
[  634.251686][T20229]  ? lockdep_hardirqs_on+0x7c/0x110
[  634.251700][T20229]  ? kvm_arch_vcpu_ioctl_run+0x1a8/0x17f0
[  634.251712][T20229]  ? lock_acquire+0x2f/0xb0
[  634.251727][T20229]  ? kvm_arch_vcpu_ioctl_run+0x865/0x17f0
[  634.251741][T20229]  kvm_arch_vcpu_ioctl_run+0x865/0x17f0
[  634.251765][T20229]  kvm_vcpu_ioctl+0x5ea/0x16b0
[  634.251785][T20229]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  634.251803][T20229]  ? tomoyo_path_number_perm+0x190/0x590
[  634.251823][T20229]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  634.251841][T20229]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  634.251869][T20229]  ? do_vfs_ioctl+0x513/0x1990
[  634.251888][T20229]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  634.251923][T20229]  ? __pfx_lock_release+0x10/0x10
[  634.251943][T20229]  ? trace_lock_acquire+0x14e/0x1f0
[  634.251963][T20229]  kvm_vcpu_compat_ioctl+0x210/0x3d0
[  634.251982][T20229]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  634.252002][T20229]  ? __fget_files+0x206/0x3a0
[  634.252029][T20229]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  634.252047][T20229]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  634.252070][T20229]  __do_fast_syscall_32+0x73/0x120
[  634.252094][T20229]  do_fast_syscall_32+0x32/0x80
[  634.252114][T20229]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  634.252154][T20229] RIP: 0023:0xf7f47579
[  634.252172][T20229] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  634.252191][T20229] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  634.252205][T20229] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000ae80
[  634.252215][T20229] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  634.252223][T20229] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  634.252232][T20229] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  634.252241][T20229] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  634.252261][T20229]  </TASK>
[  634.358994][    C1] vkms_vblank_simulate: vblank timer overrun
[  634.400536][T20236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4113'.
[  634.622238][   T36] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[  635.092441][   T36] usb 9-1: device descriptor read/64, error -71
[  635.342251][   T36] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[  635.472213][   T36] usb 9-1: device descriptor read/64, error -71
[  635.582781][   T36] usb usb9-port1: attempt power cycle
[  635.922264][   T36] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[  635.942269][ T6006] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  635.942685][   T36] usb 9-1: device descriptor read/8, error -71
[  635.994573][T14578] Bluetooth: hci4: unexpected event for opcode 0x040d
[  636.103512][ T6006] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  636.106768][ T6006] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  636.109342][ T6006] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  636.115528][ T6006] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  636.118462][ T6006] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.122433][ T6006] usb 5-1: config 0 descriptor??
[  636.182315][   T36] usb 9-1: new high-speed USB device number 45 using dummy_hcd
[  636.202662][   T36] usb 9-1: device descriptor read/8, error -71
[  636.530681][ T6006] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  636.533730][ T6006] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  636.556973][   T36] usb usb9-port1: unable to enumerate USB device
[  637.012248][T20285] 9pnet_fd: Insufficient options for proto=fd
[  637.698348][T20312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4137'.
[  637.962270][T14792] usb 5-1: reset high-speed USB device number 59 using dummy_hcd
[  638.484914][ T5955] Bluetooth: hci4: unexpected event for opcode 0x0000
[  638.524773][T20335] QAT: Stopping all acceleration devices.
[  638.597750][T20345] syz.5.4151: attempt to access beyond end of device
[  638.597750][T20345] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[  638.685920][T20351] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4154'.
[  638.697888][T20351] bond2: entered promiscuous mode
[  638.699815][T20351] bond2: entered allmulticast mode
[  639.021572][   T40] audit: type=1326 audit(1742612825.990:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20369 comm="syz.1.4161" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  639.428994][T14578] Bluetooth: hci2: unexpected event for opcode 0x0000
[  639.473631][T20382] netlink: 168 bytes leftover after parsing attributes in process `syz.4.4164'.
[  639.562711][ T5989] usb 5-1: USB disconnect, device number 59
[  639.824356][T20393] fuse: Unknown parameter 'rootmode00000000d���-��6040�000'
[  639.827529][T20394] fuse: Unknown parameter 'rootmode00000000d���-��6040�000'
[  640.072483][T20402] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4170'.
[  640.094254][T20403] FAULT_INJECTION: forcing a failure.
[  640.094254][T20403] name failslab, interval 1, probability 0, space 0, times 0
[  640.098608][T20403] CPU: 1 UID: 0 PID: 20403 Comm: syz.5.4169 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  640.098622][T20403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  640.098629][T20403] Call Trace:
[  640.098633][T20403]  <TASK>
[  640.098637][T20403]  dump_stack_lvl+0x16c/0x1f0
[  640.098657][T20403]  should_fail_ex+0x50a/0x650
[  640.098667][T20403]  ? fs_reclaim_acquire+0xae/0x150
[  640.098682][T20403]  should_failslab+0xc2/0x120
[  640.098693][T20403]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  640.098710][T20403]  ? proc_alloc_inode+0x25/0x200
[  640.098726][T20403]  ? __pfx_proc_alloc_inode+0x10/0x10
[  640.098740][T20403]  proc_alloc_inode+0x25/0x200
[  640.098753][T20403]  alloc_inode+0x5d/0x230
[  640.098764][T20403]  new_inode+0x22/0x210
[  640.098775][T20403]  proc_pid_make_inode+0x22/0x160
[  640.098789][T20403]  proc_fd_instantiate+0x57/0x240
[  640.098802][T20403]  proc_fill_cache+0x362/0x470
[  640.098816][T20403]  ? __pfx_proc_fd_instantiate+0x10/0x10
[  640.098829][T20403]  ? __pfx_proc_fill_cache+0x10/0x10
[  640.098842][T20403]  ? __pfx_vsnprintf+0x10/0x10
[  640.098859][T20403]  ? snprintf+0xc8/0x100
[  640.098875][T20403]  ? _raw_spin_unlock+0x28/0x50
[  640.098888][T20403]  ? fget_task_next+0x2a8/0x580
[  640.098905][T20403]  proc_readfd_common+0x1f0/0x620
[  640.098917][T20403]  ? __pfx_proc_fd_instantiate+0x10/0x10
[  640.098930][T20403]  ? __pfx_proc_readfd_common+0x10/0x10
[  640.098943][T20403]  ? down_read_killable+0xcc/0x380
[  640.098952][T20403]  ? __pfx_down_read_killable+0x10/0x10
[  640.098963][T20403]  ? apparmor_file_permission+0x251/0x400
[  640.098978][T20403]  iterate_dir+0x293/0xab0
[  640.098993][T20403]  __ia32_sys_getdents64+0x148/0x2c0
[  640.099008][T20403]  ? __pfx___ia32_sys_getdents64+0x10/0x10
[  640.099022][T20403]  ? __pfx_filldir64+0x10/0x10
[  640.099038][T20403]  __do_fast_syscall_32+0x73/0x120
[  640.099054][T20403]  do_fast_syscall_32+0x32/0x80
[  640.099069][T20403]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  640.099086][T20403] RIP: 0023:0xf7fe8579
[  640.099094][T20403] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  640.099104][T20403] RSP: 002b:00000000f50c455c EFLAGS: 00000296 ORIG_RAX: 00000000000000dc
[  640.099114][T20403] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000940
[  640.099120][T20403] RDX: 000000000000100f RSI: 0000000000000000 RDI: 0000000000000000
[  640.099126][T20403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  640.099132][T20403] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  640.099138][T20403] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  640.099150][T20403]  </TASK>
[  640.179590][    C1] vkms_vblank_simulate: vblank timer overrun
[  640.690343][   T40] audit: type=1326 audit(1742612827.660:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20407 comm="syz.0.4172" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc3579 code=0x0
[  641.073836][T14578] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  641.074286][T20437] netlink: 'syz.1.4179': attribute type 1 has an invalid length.
[  641.080180][T20437] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4179'.
[  641.192431][T14578] Bluetooth: hci1: command 0x0406 tx timeout
[  641.286624][T20440] virtio-fs: tag <(null)> not found
[  641.652724][T20450] FAULT_INJECTION: forcing a failure.
[  641.652724][T20450] name failslab, interval 1, probability 0, space 0, times 0
[  641.656315][T20450] CPU: 2 UID: 0 PID: 20450 Comm: syz.5.4183 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  641.656330][T20450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  641.656337][T20450] Call Trace:
[  641.656343][T20450]  <TASK>
[  641.656350][T20450]  dump_stack_lvl+0x16c/0x1f0
[  641.656378][T20450]  should_fail_ex+0x50a/0x650
[  641.656393][T20450]  ? fs_reclaim_acquire+0xae/0x150
[  641.656416][T20450]  ? copy_mount_options+0x55/0x190
[  641.656432][T20450]  should_failslab+0xc2/0x120
[  641.656446][T20450]  __kmalloc_cache_noprof+0x68/0x410
[  641.656461][T20450]  ? _copy_from_user+0x59/0xd0
[  641.656474][T20450]  copy_mount_options+0x55/0x190
[  641.656486][T20450]  __ia32_sys_mount+0x1ad/0x310
[  641.656496][T20450]  ? __pfx___ia32_sys_mount+0x10/0x10
[  641.656509][T20450]  __do_fast_syscall_32+0x73/0x120
[  641.656533][T20450]  do_fast_syscall_32+0x32/0x80
[  641.656548][T20450]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  641.656564][T20450] RIP: 0023:0xf7fe8579
[  641.656573][T20450] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  641.656583][T20450] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  641.656593][T20450] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000100
[  641.656600][T20450] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000140
[  641.656606][T20450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  641.656611][T20450] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  641.656617][T20450] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  641.656628][T20450]  </TASK>
[  642.028274][T20461] xt_nat: multiple ranges no longer supported
[  642.273523][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  642.412435][   T40] audit: type=1326 audit(1742612829.380:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20472 comm="syz.4.4191" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x0
[  642.799631][   T40] audit: type=1326 audit(1742612829.770:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20476 comm="syz.5.4192" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0
[  643.464305][T14578] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  643.483564][T14578] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  643.490825][T14578] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  643.497094][T14578] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  643.499461][T14578] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  643.508312][T14578] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  643.523161][T20499] wg1 speed is unknown, defaulting to 1000
[  643.609066][T20499] chnl_net:caif_netlink_parms(): no params data found
[  643.679487][T20499] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.681442][T20499] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.683595][T20499] bridge_slave_0: entered allmulticast mode
[  643.685839][T20499] bridge_slave_0: entered promiscuous mode
[  643.699519][T20499] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.701441][T20499] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.703571][T20499] bridge_slave_1: entered allmulticast mode
[  643.705774][T20499] bridge_slave_1: entered promiscuous mode
[  643.728732][T20499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  643.734423][T20499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  643.759539][T20499] team0: Port device team_slave_0 added
[  643.762632][T20499] team0: Port device team_slave_1 added
[  643.781461][T20499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  643.783872][T20499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  643.790625][T20499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  643.807742][T20499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  643.809611][T20499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  643.816492][T20499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  643.839765][T20499] hsr_slave_0: entered promiscuous mode
[  643.841657][T20499] hsr_slave_1: entered promiscuous mode
[  643.844999][T20499] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  643.847001][T20499] Cannot create hsr debugfs directory
[  643.902753][T14792] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  644.053456][T14792] usb 10-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  644.056431][T14792] usb 10-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  644.060553][T14792] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  644.064295][T14792] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.267548][T12656] bond0 (unregistering): Released all slaves
[  644.273970][T14792] usb 10-1: USB disconnect, device number 27
[  644.392593][T12656] bond1 (unregistering): Released all slaves
[  644.503067][T12656] bond2 (unregistering): Released all slaves
[  644.827518][T20526] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4205'.
[  644.872632][T12656] hsr_slave_0: left promiscuous mode
[  645.088092][   T40] audit: type=1326 audit(1742612832.060:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20527 comm="syz.1.4206" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  645.596362][ T5955] Bluetooth: hci2: command tx timeout
[  646.629523][T20499] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  646.636909][T20499] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  646.640513][T20499] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  646.644822][T20499] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  646.700507][T20499] 8021q: adding VLAN 0 to HW filter on device bond0
[  646.723539][T20499] 8021q: adding VLAN 0 to HW filter on device team0
[  646.727183][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state
[  646.729388][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  646.734505][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  646.736476][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  646.746953][T20499] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  646.750228][T20499] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  646.814522][T20499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.922269][    T9] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  646.925035][T20499] veth0_vlan: entered promiscuous mode
[  646.928920][T20499] veth1_vlan: entered promiscuous mode
[  646.965087][T20499] veth0_macvtap: entered promiscuous mode
[  646.968077][T20499] veth1_macvtap: entered promiscuous mode
[  646.974791][T20499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.977523][T20499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.980580][T20499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  646.985609][T20551] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input62
[  646.987532][T20499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  646.991288][T20499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.995400][T20499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  647.005175][T20499] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.007570][T20499] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  647.009898][T20499] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  647.012736][T20499] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  647.038653][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  647.040850][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.059123][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  647.062068][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.074005][T20569] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  647.077719][T20569] team0: Device ipvlan0 is already an upper device of the team interface
[  647.091000][    T9] usb 10-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  647.094166][    T9] usb 10-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  647.097269][    T9] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  647.100254][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.312708][   T36] usb 10-1: USB disconnect, device number 28
[  647.662528][ T5955] Bluetooth: hci2: command tx timeout
[  648.050721][T14792] kernel write not supported for file [eventfd] (pid: 14792 comm: kworker/2:3)
[  648.107335][   T63] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  648.252234][   T63] usb 10-1: Using ep0 maxpacket: 16
[  648.254985][   T63] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  648.258436][   T63] usb 10-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  648.261008][   T63] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.264421][   T63] usb 10-1: config 0 descriptor??
[  648.267402][   T63] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input63
[  648.488476][T20587] input: syz0 as /devices/virtual/input/input64
[  648.495148][T20618] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  648.497664][T20618] team0: Device ipvlan0 is already an upper device of the team interface
[  648.505613][T20619] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input65
[  649.323630][T20641] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input66
[  649.583583][T20652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4242'.
[  649.752275][ T5955] Bluetooth: hci2: command tx timeout
[  649.974272][   T40] audit: type=1326 audit(1742612836.950:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20659 comm="syz.4.4245" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0
[  650.128594][   T40] audit: type=1326 audit(1742612837.100:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20666 comm="syz.1.4248" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  650.879011][   T63] usb 10-1: USB disconnect, device number 29
[  650.880975][ T5345] bcm5974 10-1:0.0: could not read from device
[  651.068880][T20680] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4252'.
[  651.133056][T20693] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[  651.826544][ T5955] Bluetooth: hci2: command tx timeout
[  652.079107][T20704] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  652.080988][T20704] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  652.083280][T20704] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  652.085003][T20704] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  652.093443][T20704] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  652.164853][   T40] audit: type=1326 audit(1742612839.140:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20711 comm="syz.1.4262" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  652.484054][T20722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4265'.
[  652.782014][ T5955] Bluetooth: hci2: unexpected event for opcode 0x040d
[  653.102738][T20738] /dev/sr0: Can't open blockdev
[  653.527053][T20753] kvm: apic: phys broadcast and lowest prio
[  653.684604][   T40] audit: type=1326 audit(1742612840.660:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20754 comm="syz.4.4275" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0
[  653.711161][   T40] audit: type=1326 audit(1742612840.680:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20760 comm="syz.5.4278" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0
[  654.049176][T20768] ntfs3(nullb0): Primary boot signature is not NTFS.
[  654.052766][T20768] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  654.062354][T14578] Bluetooth: hci4: command 0x0406 tx timeout
[  654.116206][T20769] syz.1.4279: attempt to access beyond end of device
[  654.116206][T20769] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  654.122206][T20769] FAT-fs (nbd1): unable to read boot sector
[  654.128830][T20769] fuse: Bad value for 'user_id'
[  654.130785][T20769] fuse: Bad value for 'user_id'
[  654.142621][T14578] Bluetooth: hci1: command 0x0406 tx timeout
[  654.523842][T20773] syz_tun: entered allmulticast mode
[  654.528923][T20773] netlink: 'syz.4.4280': attribute type 25 has an invalid length.
[  654.747578][T20777] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4283'.
[  654.782338][ T5989] usb 9-1: new full-speed USB device number 46 using dummy_hcd
[  654.933498][ T5989] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  654.935820][ T5989] usb 9-1: config 0 has no interface number 0
[  654.937459][ T5989] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  654.940410][ T5989] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  654.944013][ T5989] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  654.947130][ T5989] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  654.950091][ T5989] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  654.953862][ T5989] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  654.956343][ T5989] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.959502][ T5989] usb 9-1: config 0 descriptor??
[  654.961348][T20773] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  654.964873][ T5989] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  654.992225][T17914] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  655.152187][T17914] usb 10-1: Using ep0 maxpacket: 8
[  655.155036][T17914] usb 10-1: descriptor type invalid, skip
[  655.157482][T17914] usb 10-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 32
[  655.160260][T17914] usb 10-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  655.163941][T17914] usb 10-1: config 1 interface 0 has no altsetting 0
[  655.167172][T20772] syz_tun: left allmulticast mode
[  655.167412][T17914] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  655.168959][ T5989] usb 9-1: USB disconnect, device number 46
[  655.171206][T17914] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  655.173887][ T5989] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  655.176081][T17914] usb 10-1: Product: syz
[  655.179645][T17914] usb 10-1: Manufacturer: syz
[  655.181141][T17914] usb 10-1: SerialNumber: syz
[  655.184300][T20777] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  655.392053][T17914] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 30 if 0 alt 8 proto 1 vid 0x0525 pid 0xA4A8
[  655.396344][T17914] usb 10-1: USB disconnect, device number 30
[  655.400563][T17914] usblp0: removed
[  655.422339][T14578] Bluetooth: hci2: command 0x0c1a tx timeout
[  655.738554][   T40] audit: type=1326 audit(1742612842.710:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20793 comm="syz.1.4289" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  655.745766][T20802] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4292'.
[  656.040938][T20820] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4297'.
[  656.043657][T20820] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4297'.
[  656.645175][T20835] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4301'.
[  656.727672][T20838] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  656.730654][T20838] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0
[  657.238869][T20853] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4307'.
[  657.502430][T14578] Bluetooth: hci2: command 0x0c1a tx timeout
[  657.559538][   T40] audit: type=1326 audit(1742612844.530:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20854 comm="syz.0.4308" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0
[  657.702779][T20862] FAULT_INJECTION: forcing a failure.
[  657.702779][T20862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  657.706380][T20862] CPU: 0 UID: 0 PID: 20862 Comm: syz.1.4311 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  657.706394][T20862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  657.706401][T20862] Call Trace:
[  657.706404][T20862]  <TASK>
[  657.706408][T20862]  dump_stack_lvl+0x16c/0x1f0
[  657.706426][T20862]  should_fail_ex+0x50a/0x650
[  657.706439][T20862]  _copy_from_user+0x2e/0xd0
[  657.706451][T20862]  __tun_chr_ioctl+0x4bc/0x4760
[  657.706465][T20862]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  657.706480][T20862]  ? __fget_files+0x206/0x3a0
[  657.706498][T20862]  ? __pfx_tun_chr_compat_ioctl+0x10/0x10
[  657.706508][T20862]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  657.706522][T20862]  __do_fast_syscall_32+0x73/0x120
[  657.706539][T20862]  do_fast_syscall_32+0x32/0x80
[  657.706553][T20862]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  657.706570][T20862] RIP: 0023:0xf7f47579
[  657.706578][T20862] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  657.706587][T20862] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  657.706597][T20862] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000400454ca
[  657.706603][T20862] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  657.706609][T20862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  657.706614][T20862] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  657.706620][T20862] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  657.706632][T20862]  </TASK>
[  657.849830][T20866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4313'.
[  657.920614][T20869] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4315'.
[  657.921146][T20870] 9pnet_virtio: no channels available for device syz
[  658.156283][T20879] FAULT_INJECTION: forcing a failure.
[  658.156283][T20879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  658.159865][T20879] CPU: 2 UID: 0 PID: 20879 Comm: syz.1.4318 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  658.159880][T20879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  658.159886][T20879] Call Trace:
[  658.159890][T20879]  <TASK>
[  658.159895][T20879]  dump_stack_lvl+0x16c/0x1f0
[  658.159914][T20879]  should_fail_ex+0x50a/0x650
[  658.159926][T20879]  _copy_to_user+0x32/0xd0
[  658.159940][T20879]  simple_read_from_buffer+0xd0/0x160
[  658.159955][T20879]  proc_fail_nth_read+0x198/0x270
[  658.159969][T20879]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.159982][T20879]  ? rw_verify_area+0xcf/0x680
[  658.159995][T20879]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.160007][T20879]  vfs_read+0x1df/0xbf0
[  658.160021][T20879]  ? __fget_files+0x1fc/0x3a0
[  658.160036][T20879]  ? __pfx___mutex_lock+0x10/0x10
[  658.160051][T20879]  ? __pfx_vfs_read+0x10/0x10
[  658.160068][T20879]  ? __fget_files+0x206/0x3a0
[  658.160086][T20879]  ksys_read+0x12b/0x250
[  658.160099][T20879]  ? __pfx_ksys_read+0x10/0x10
[  658.160116][T20879]  __do_fast_syscall_32+0x73/0x120
[  658.160132][T20879]  do_fast_syscall_32+0x32/0x80
[  658.160147][T20879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  658.160164][T20879] RIP: 0023:0xf7f47579
[  658.160173][T20879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  658.160183][T20879] RSP: 002b:00000000f5066590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  658.160193][T20879] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5066620
[  658.160199][T20879] RDX: 000000000000000f RSI: 00000000f73ccff4 RDI: 0000000000000000
[  658.160205][T20879] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  658.160210][T20879] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  658.160216][T20879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  658.160228][T20879]  </TASK>
[  659.422076][T20927] fuse: Unknown parameter ''
[  659.594282][T14578] Bluetooth: hci2: command 0x0c1a tx timeout
[  660.383168][T20951] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4340'.
[  660.742230][   T36] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  660.912290][   T36] usb 5-1: Using ep0 maxpacket: 16
[  660.923034][   T36] usb 5-1: config index 0 descriptor too short (expected 39324, got 156)
[  660.925468][   T36] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  660.928221][   T36] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  660.932102][   T36] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  660.934816][   T36] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.937069][   T36] usb 5-1: Product: п
[  660.938212][   T36] usb 5-1: Manufacturer: з
[  660.939503][   T36] usb 5-1: SerialNumber: 訷鮑嫚偽
冘咖菩ᑓꕚ㗶ð閤汰监䍰Ｙዌ㥜畂䕦㰄慢㮴嫤❿鳾뉔ಊ嚈ℏᾔ퀉财ꅛ㦉佤ろ쾍駞埕瞚䯥䐴馠௱෢࿉群짉䪐鳣빕ꞩ馽箩ഷ咾䓿뺥譻랃咤칻⼒骙鹼圀졁笩㓨絛זּ䱼릂㙟洵ݛ恄밢伩춎
[  661.116390][T20968] netlink: 'syz.4.4345': attribute type 19 has an invalid length.
[  661.369863][   T36] usb 5-1: 0:2 : does not exist
[  661.380837][   T36] usb 5-1: USB disconnect, device number 60
[  661.468502][T20976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4348'.
[  661.471776][T20976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4348'.
[  661.495287][T20978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4349'.
[  661.662377][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  661.920726][ T5989] libceph: connect (1)[c::]:6789 error -101
[  661.922589][ T5989] libceph: mon0 (1)[c::]:6789 connect error
[  661.951420][T20992] ceph: No mds server is up or the cluster is laggy
[  662.930616][T21022] nftables ruleset with unbound set
[  663.546782][T21035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4365'.
[  663.862238][T15249] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  664.038161][T15249] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  664.041145][T15249] usb 6-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  664.044601][T15249] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  664.047158][T15249] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  664.054389][T15249] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  664.058990][T15249] usb 6-1: invalid MIDI out EP 0
[  664.080298][T15249] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  664.261186][ T5989] usb 6-1: USB disconnect, device number 37
[  664.285218][T21055] netlink: 'syz.0.4372': attribute type 1 has an invalid length.
[  664.467113][T14578] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  665.082285][T21073] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�'
[  665.085367][T21073] CPU: 3 UID: 0 PID: 21073 Comm: syz.5.4377 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  665.085382][T21073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  665.085389][T21073] Call Trace:
[  665.085393][T21073]  <TASK>
[  665.085398][T21073]  dump_stack_lvl+0x16c/0x1f0
[  665.085417][T21073]  sysfs_warn_dup+0x7f/0xa0
[  665.085432][T21073]  sysfs_do_create_link_sd+0x124/0x140
[  665.085448][T21073]  sysfs_create_link+0x61/0xc0
[  665.085462][T21073]  device_add+0x62e/0x1a70
[  665.085478][T21073]  ? __pfx_device_add+0x10/0x10
[  665.085493][T21073]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  665.085510][T21073]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  665.085527][T21073]  wiphy_register+0x1cab/0x2860
[  665.085568][T21073]  ? __pfx__dev_printk+0x10/0x10
[  665.085587][T21073]  ? __pfx_wiphy_register+0x10/0x10
[  665.085602][T21073]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  665.085621][T21073]  ieee80211_register_hw+0x2455/0x4060
[  665.085642][T21073]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  665.085658][T21073]  ? net_generic+0xea/0x2a0
[  665.085673][T21073]  ? lockdep_init_map_type+0x16d/0x7d0
[  665.085690][T21073]  ? __asan_memset+0x23/0x50
[  665.085704][T21073]  ? __hrtimer_init+0x106/0x2c0
[  665.085720][T21073]  mac80211_hwsim_new_radio+0x304e/0x54e0
[  665.085742][T21073]  ? __kmalloc_node_track_caller_noprof+0x240/0x510
[  665.085759][T21073]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  665.085773][T21073]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  665.085787][T21073]  ? __asan_memcpy+0x3c/0x60
[  665.085802][T21073]  hwsim_new_radio_nl+0xb42/0x12b0
[  665.085818][T21073]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  665.085837][T21073]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  665.085849][T21073]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  665.085863][T21073]  genl_family_rcv_msg_doit+0x202/0x2f0
[  665.085874][T21073]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  665.085884][T21073]  ? trace_cap_capable+0x1a2/0x210
[  665.085899][T21073]  ? bpf_lsm_capable+0x9/0x10
[  665.085908][T21073]  ? security_capable+0x7e/0x260
[  665.085919][T21073]  ? ns_capable+0xd7/0x110
[  665.085934][T21073]  genl_rcv_msg+0x565/0x800
[  665.085946][T21073]  ? __pfx_genl_rcv_msg+0x10/0x10
[  665.085956][T21073]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  665.085972][T21073]  ? __pfx___lock_acquire+0x10/0x10
[  665.085988][T21073]  netlink_rcv_skb+0x16b/0x440
[  665.086002][T21073]  ? __pfx_genl_rcv_msg+0x10/0x10
[  665.086013][T21073]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  665.086033][T21073]  ? down_read+0xc9/0x330
[  665.086048][T21073]  ? __pfx_down_read+0x10/0x10
[  665.086063][T21073]  ? netlink_deliver_tap+0x1ae/0xd30
[  665.086079][T21073]  genl_rcv+0x28/0x40
[  665.086087][T21073]  netlink_unicast+0x53c/0x7f0
[  665.086103][T21073]  ? __pfx_netlink_unicast+0x10/0x10
[  665.086118][T21073]  ? __phys_addr_symbol+0x30/0x80
[  665.086128][T21073]  ? __check_object_size+0x488/0x710
[  665.086140][T21073]  netlink_sendmsg+0x8b8/0xd70
[  665.086169][T21073]  ? __pfx_netlink_sendmsg+0x10/0x10
[  665.086190][T21073]  ____sys_sendmsg+0xaaf/0xc90
[  665.086206][T21073]  ? __pfx_____sys_sendmsg+0x10/0x10
[  665.086218][T21073]  ? get_compat_msghdr+0x11b/0x170
[  665.086239][T21073]  ___sys_sendmsg+0x135/0x1e0
[  665.086255][T21073]  ? __pfx____sys_sendmsg+0x10/0x10
[  665.086278][T21073]  ? __pfx_lock_release+0x10/0x10
[  665.086291][T21073]  ? trace_lock_acquire+0x14e/0x1f0
[  665.086311][T21073]  ? __fget_files+0x206/0x3a0
[  665.086329][T21073]  __sys_sendmsg+0x16e/0x220
[  665.086339][T21073]  ? __pfx___sys_sendmsg+0x10/0x10
[  665.086354][T21073]  ? __ia32_sys_futex_time32+0x1da/0x460
[  665.086376][T21073]  __do_fast_syscall_32+0x73/0x120
[  665.086392][T21073]  do_fast_syscall_32+0x32/0x80
[  665.086406][T21073]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  665.086423][T21073] RIP: 0023:0xf7fe8579
[  665.086431][T21073] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  665.086441][T21073] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  665.086451][T21073] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  665.086457][T21073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  665.086463][T21073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  665.086468][T21073] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  665.086474][T21073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  665.086486][T21073]  </TASK>
[  665.351661][T21080] netlink: 'syz.5.4378': attribute type 27 has an invalid length.
[  665.550673][T21080] bridge0: port 3(team0) entered disabled state
[  665.552582][T21080] bridge0: port 2(bridge_slave_1) entered disabled state
[  665.554690][T21080] bridge0: port 1(bridge_slave_0) entered disabled state
[  665.674800][   T40] audit: type=1326 audit(1742612852.650:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21086 comm="syz.0.4380" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0
[  665.711561][T21080] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  665.730501][T21080] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  665.851100][T21080] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.861499][T21080] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.863949][T21080] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.866410][T21080] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.888586][T21080] bond2: left promiscuous mode
[  665.890683][T21080] bond2: left allmulticast mode
[  665.982876][T21092] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4382'.
[  666.134938][T21094] Unsupported ieee802154 address type: 0
[  666.202277][    T9] usb 9-1: new high-speed USB device number 47 using dummy_hcd
[  666.355772][    T9] usb 9-1: config 0 has an invalid interface number: 196 but max is 0
[  666.358067][    T9] usb 9-1: config 0 has no interface number 0
[  666.359756][    T9] usb 9-1: config 0 interface 196 has no altsetting 0
[  666.368017][    T9] usb 9-1: New USB device found, idVendor=1371, idProduct=9401, bcdDevice=18.6e
[  666.371003][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.373721][    T9] usb 9-1: Product: syz
[  666.375278][    T9] usb 9-1: Manufacturer: syz
[  666.377007][    T9] usb 9-1: SerialNumber: syz
[  666.382529][    T9] usb 9-1: config 0 descriptor??
[  666.640446][T21090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  666.643032][T21090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  666.713259][    T9] usb 9-1: USB disconnect, device number 47
[  667.422311][T14578] Bluetooth: hci2: command 0x0c1a tx timeout
[  667.597969][T21134] kAFS: No cell specified
[  667.716059][T21136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4389'.
[  667.723199][T21142] FAULT_INJECTION: forcing a failure.
[  667.723199][T21142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  667.727615][T21142] CPU: 1 UID: 0 PID: 21142 Comm: syz.1.4396 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  667.727639][T21142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  667.727646][T21142] Call Trace:
[  667.727649][T21142]  <TASK>
[  667.727654][T21142]  dump_stack_lvl+0x16c/0x1f0
[  667.727674][T21142]  should_fail_ex+0x50a/0x650
[  667.727687][T21142]  _copy_from_iter+0x2a1/0x1560
[  667.727699][T21142]  ? trace_lock_acquire+0x14e/0x1f0
[  667.727711][T21142]  ? __alloc_skb+0x1fe/0x380
[  667.727727][T21142]  ? __pfx__copy_from_iter+0x10/0x10
[  667.727737][T21142]  ? __virt_addr_valid+0x1a4/0x590
[  667.727750][T21142]  ? __virt_addr_valid+0x5e/0x590
[  667.727760][T21142]  ? __phys_addr_symbol+0x30/0x80
[  667.727770][T21142]  ? __check_object_size+0x488/0x710
[  667.727782][T21142]  netlink_sendmsg+0x813/0xd70
[  667.727800][T21142]  ? __pfx_netlink_sendmsg+0x10/0x10
[  667.727820][T21142]  ____sys_sendmsg+0xaaf/0xc90
[  667.727833][T21142]  ? __pfx_____sys_sendmsg+0x10/0x10
[  667.727845][T21142]  ? get_compat_msghdr+0x11b/0x170
[  667.727864][T21142]  ___sys_sendmsg+0x135/0x1e0
[  667.727881][T21142]  ? __pfx____sys_sendmsg+0x10/0x10
[  667.727901][T21142]  ? __pfx_lock_release+0x10/0x10
[  667.727915][T21142]  ? trace_lock_acquire+0x14e/0x1f0
[  667.727931][T21142]  ? __fget_files+0x206/0x3a0
[  667.727948][T21142]  __sys_sendmsg+0x16e/0x220
[  667.727958][T21142]  ? __pfx___sys_sendmsg+0x10/0x10
[  667.727981][T21142]  __do_fast_syscall_32+0x73/0x120
[  667.727998][T21142]  do_fast_syscall_32+0x32/0x80
[  667.728013][T21142]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.728030][T21142] RIP: 0023:0xf7f47579
[  667.728038][T21142] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  667.728048][T21142] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  667.728057][T21142] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000380
[  667.728063][T21142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  667.728069][T21142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  667.728074][T21142] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  667.728080][T21142] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  667.728091][T21142]  </TASK>
[  667.794575][    C1] vkms_vblank_simulate: vblank timer overrun
[  668.338551][T21147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4401'.
[  668.368791][T21147] syz.0.4401: attempt to access beyond end of device
[  668.368791][T21147] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0
[  668.373967][T21147] XFS (nbd0): SB validate failed with error -5.
[  669.665287][T21187] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4410'.
[  669.767625][T21192] trusted_key: encrypted_key: keyword 'updat' not recognized
[  670.238628][T21198] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4412'.
[  670.862278][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  671.054210][T21211] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  671.164656][T21221] 9pnet_fd: Insufficient options for proto=fd
[  671.602603][T21233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4426'.
[  672.415315][T21245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4429'.
[  672.942380][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  674.079201][T21267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4436'.
[  674.082729][T21267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4436'.
[  674.086085][T21267] netlink: 23 bytes leftover after parsing attributes in process `syz.0.4436'.
[  674.223628][T21276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4446'.
[  674.672236][T12162] usb 9-1: new high-speed USB device number 48 using dummy_hcd
[  674.822687][T12162] usb 9-1: Using ep0 maxpacket: 16
[  674.826221][T12162] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  674.829343][T12162] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  674.833908][T12162] usb 9-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  674.836526][T12162] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  674.838896][T12162] usb 9-1: Product: syz
[  674.840146][T12162] usb 9-1: Manufacturer: syz
[  674.841525][T12162] usb 9-1: SerialNumber: syz
[  674.844084][T12162] usb 9-1: config 0 descriptor??
[  674.847190][T21297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4439'.
[  675.050473][T12162] appledisplay: Apple Cinema Display connected
[  675.962268][   T63] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  676.118610][   T63] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  676.122085][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.125296][   T63] usb 5-1: Product: syz
[  676.126949][   T63] usb 5-1: Manufacturer: syz
[  676.128728][   T63] usb 5-1: SerialNumber: syz
[  676.131989][   T63] usb 5-1: config 0 descriptor??
[  676.339977][T12162] usb 5-1: USB disconnect, device number 61
[  676.434806][T21322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4447'.
[  676.495900][T21324] netlink: 'syz.5.4451': attribute type 4 has an invalid length.
[  676.554526][T21325] dvmrp0: entered allmulticast mode
[  676.812296][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.814550][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.816679][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.818860][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.820951][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.823455][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.825660][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.827761][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.830156][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x3
[  676.832296][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.834699][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.836841][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.838953][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.841133][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.843273][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.845420][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.847663][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.850309][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.853238][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.855670][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.857776][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.859850][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.861948][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.864521][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.866663][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.868745][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.870812][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.872936][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.875323][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.878079][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.881388][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.884095][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.886494][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.888584][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.890690][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.893049][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.895237][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.897496][T12162] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  676.900739][T12162] hid-generic 0000:0000:0000.0015: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  676.944499][T21333] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  676.973986][T21332] netlink: 'syz.0.4453': attribute type 3 has an invalid length.
[  676.976463][T21332] netlink: 'syz.0.4453': attribute type 3 has an invalid length.
[  677.165463][T14578] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  677.252322][T12162] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  677.326666][   T63] usb 9-1: USB disconnect, device number 48
[  677.326725][    C3] usb 9-1: appledisplay_complete - usb_submit_urb failed with result -19
[  677.330962][   T63] appledisplay: Apple Cinema Display disconnected
[  677.413641][T12162] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  677.417297][T12162] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  677.420941][T12162] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  677.425116][T12162] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.429736][T21337] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  677.433330][T12162] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  677.639893][   T57] usb 5-1: USB disconnect, device number 62
[  678.187302][T21364] lo: entered allmulticast mode
[  678.233829][T21362] lo: left allmulticast mode
[  679.217924][T21390] fuse: Unknown parameter ''
[  679.384930][T21410] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4476'.
[  679.427470][T21415] autofs: Bad value for 'uid'
[  679.429090][T21415] autofs: Bad value for 'uid'
[  679.501026][T21411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4474'.
[  679.508798][T21411] pim6reg: entered allmulticast mode
[  679.511955][T21411] pim6reg: left allmulticast mode
[  679.513836][T12162] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[  679.674628][T12162] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  679.678819][T12162] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  679.687296][T12162] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  679.694285][T12162] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.701243][T21393] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  679.708224][T12162] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  679.908224][T12162] usb 9-1: USB disconnect, device number 49
[  680.031882][T21452] 8021q: VLANs not supported on ip_vti0
[  680.431878][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.434979][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.476134][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.479574][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.502344][T21468] afs: Unknown parameter 'smack��root'
[  680.507829][T21468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4486'.
[  680.535250][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.538489][T21463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4485'.
[  680.602214][T15249] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  680.739870][ T1171] bond0 (unregistering): Released all slaves
[  680.775733][T15249] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  680.778274][T15249] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.780498][T15249] usb 6-1: Product: syz
[  680.781670][T15249] usb 6-1: Manufacturer: syz
[  680.786782][T15249] usb 6-1: SerialNumber: syz
[  680.805070][T15249] usb 6-1: config 0 descriptor??
[  680.893784][ T1171] IPVS: stopping master sync thread 6089 ...
[  680.978394][ T1171] hsr_slave_0: left promiscuous mode
[  680.978715][ T1171] hsr_slave_1: left promiscuous mode
[  681.011394][T15249] usb 6-1: USB disconnect, device number 38
[  681.025863][    T9] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[  681.222295][    T9] usb 9-1: Using ep0 maxpacket: 32
[  681.226574][    T9] usb 9-1: unable to get BOS descriptor or descriptor too short
[  681.230658][    T9] usb 9-1: config index 0 descriptor too short (expected 34347, got 43)
[  681.234387][    T9] usb 9-1: config 31 has too many interfaces: 196, using maximum allowed: 32
[  681.239728][    T9] usb 9-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config
[  681.253628][    T9] usb 9-1: config 31 has 1 interface, different from the descriptor's value: 196
[  681.257220][    T9] usb 9-1: config 31 has no interface number 0
[  681.259527][    T9] usb 9-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[  681.263575][    T9] usb 9-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 150
[  681.266583][    T9] usb 9-1: config 31 interface 81 has no altsetting 0
[  681.271007][    T9] usb 9-1: string descriptor 0 read error: -22
[  681.272375][T21487] FAULT_INJECTION: forcing a failure.
[  681.272375][T21487] name failslab, interval 1, probability 0, space 0, times 0
[  681.273021][    T9] usb 9-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[  681.276190][T21487] CPU: 3 UID: 0 PID: 21487 Comm: syz.0.4493 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  681.276205][T21487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  681.276211][T21487] Call Trace:
[  681.276215][T21487]  <TASK>
[  681.276219][T21487]  dump_stack_lvl+0x16c/0x1f0
[  681.276240][T21487]  should_fail_ex+0x50a/0x650
[  681.276254][T21487]  ? fs_reclaim_acquire+0xae/0x150
[  681.276274][T21487]  ? alloc_fs_context+0x57/0x9c0
[  681.276290][T21487]  should_failslab+0xc2/0x120
[  681.276300][T21487]  __kmalloc_cache_noprof+0x68/0x410
[  681.276313][T21487]  ? lockdep_hardirqs_on+0x7c/0x110
[  681.276330][T21487]  alloc_fs_context+0x57/0x9c0
[  681.276347][T21487]  __ia32_sys_fsopen+0xef/0x240
[  681.276358][T21487]  __do_fast_syscall_32+0x73/0x120
[  681.276374][T21487]  do_fast_syscall_32+0x32/0x80
[  681.276389][T21487]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  681.276405][T21487] RIP: 0023:0xf7fc3579
[  681.276414][T21487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  681.276424][T21487] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 00000000000001ae
[  681.276434][T21487] RAX: ffffffffffffffda RBX: 0000000080002240 RCX: 0000000000000000
[  681.276440][T21487] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  681.276446][T21487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  681.276452][T21487] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  681.276458][T21487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.276469][T21487]  </TASK>
[  681.341588][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.346958][T21483] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  681.352089][    T9] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:31.81/input/input68
[  681.376806][T21489] syz.0.4494 (21489): /proc/21488/oom_adj is deprecated, please use /proc/21488/oom_score_adj instead.
[  681.469270][   T40] audit: type=1800 audit(1742612868.450:1637): pid=21489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4494" name="file1" dev="overlay" ino=2783 res=0 errno=0
[  681.640084][   T36] usb 9-1: USB disconnect, device number 50
[  681.641925][    C0] usbtouchscreen 9-1:31.81: usbtouch_irq - usb_submit_urb failed with result: -19
[  681.923761][   T63] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  682.084321][   T63] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  682.088323][   T63] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  682.092109][   T63] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  682.095601][   T63] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  682.100313][T21498] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  682.105235][   T63] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  682.342426][T12162] usb 6-1: USB disconnect, device number 39
[  682.885041][T21512] 9pnet: Could not find request transport: f
�rfdno=0x000000000000000c
[  682.955424][T21517] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4504'.
[  683.272439][   T63] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  683.422002][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.425135][T21536] 8021q: VLANs not supported on ip_vti0
[  683.428629][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.431621][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.432305][   T63] usb 5-1: Using ep0 maxpacket: 8
[  683.435206][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.439641][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.440076][   T63] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  683.442547][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.442569][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.442584][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.445033][   T63] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  683.447460][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.455035][   T63] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  683.455919][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.457924][   T63] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  683.460692][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.460708][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.460720][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.475451][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.478070][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.480685][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.483422][   T63] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  683.483449][   T63] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  683.483462][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.492260][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.494378][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.500481][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.503271][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.505455][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.507961][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.510703][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.513983][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.516803][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.518965][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.521788][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.524605][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.526891][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.529735][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.533007][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.535903][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.538749][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.541289][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.543806][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.546225][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.548912][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.551693][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.555085][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.557921][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.560235][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.562888][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.565556][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.568366][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.571208][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.574187][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.577004][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.579838][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.582943][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.585774][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.590271][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.592427][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.594764][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.596916][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.598947][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.600979][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.603184][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.605343][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.607437][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.609521][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.611573][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.613727][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.615803][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.617863][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.619899][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.621941][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.624065][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.626139][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.628179][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.630223][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.632327][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.634382][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.636405][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.638458][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.640493][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.642619][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.644678][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.646783][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.648824][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.650855][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.653102][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.655170][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.657221][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.659253][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.661269][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.664031][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.666695][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.668897][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.671072][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.674141][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.676777][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.679418][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.682055][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.684750][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.687421][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.690079][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.692799][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.695393][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.697834][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.699296][   T63] usb 5-1: usb_control_msg returned -32
[  683.700314][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.701853][   T63] usbtmc 5-1:16.0: can't read capabilities
[  683.703859][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703874][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703886][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703897][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703909][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703920][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703932][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703943][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703955][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703966][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.703978][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.731542][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.734349][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.737008][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.739650][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.742417][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.745072][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.747756][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.750106][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.752789][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.755307][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.757516][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.760022][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.762788][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.765241][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.767405][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.769588][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.771639][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.773787][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.775809][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.777855][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.779887][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.781924][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.784041][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.786115][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.788152][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.790192][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.792310][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.794385][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.796409][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.798430][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.800471][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.802571][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.804600][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.806666][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.808689][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.810705][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.812788][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.815221][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.817449][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.819498][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.821568][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.823707][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.825802][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.827950][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.829998][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.832039][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.834266][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.836280][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.838305][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.840341][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.842450][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.844502][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.846566][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.848593][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.850620][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.852942][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.855007][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.857100][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.859152][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.861183][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.863471][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.865560][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.867603][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.869639][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.871660][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.873710][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.875707][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.877761][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.879799][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.881830][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.883989][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.885996][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.888132][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.890363][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.892493][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.894559][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.896584][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.898653][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.900748][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.903129][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.905390][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.907619][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.909655][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.911686][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.913253][T21542] netlink: 'syz.5.4514': attribute type 4 has an invalid length.
[  683.914064][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.918163][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.920195][T12162] hid-generic 0009:4960:0001.0016: unknown main item tag 0x0
[  683.922330][T15249] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  683.925655][T12162] hid-generic 0009:4960:0001.0016: hidraw1: <UNKNOWN> HID v0.0f Device [syz0] on syz1
[  684.083659][T15249] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  684.087901][T15249] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  684.091580][T15249] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  684.101241][T15249] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.106482][T21538] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  684.110474][T15249] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  684.367751][   T63] usb 6-1: USB disconnect, device number 40
[  684.925112][T21568] FAULT_INJECTION: forcing a failure.
[  684.925112][T21568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  684.930007][T21568] CPU: 2 UID: 0 PID: 21568 Comm: syz.4.4522 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  684.930028][T21568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  684.930038][T21568] Call Trace:
[  684.930044][T21568]  <TASK>
[  684.930051][T21568]  dump_stack_lvl+0x16c/0x1f0
[  684.930079][T21568]  should_fail_ex+0x50a/0x650
[  684.930106][T21568]  _copy_from_user+0x2e/0xd0
[  684.930126][T21568]  user_termios_to_kernel_termios_1+0x21/0x30
[  684.930146][T21568]  set_termios+0x3a5/0x7f0
[  684.930162][T21568]  ? __pfx___lock_acquire+0x10/0x10
[  684.930186][T21568]  ? __pfx_set_termios+0x10/0x10
[  684.930212][T21568]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  684.930236][T21568]  ? rcu_is_watching+0x12/0xc0
[  684.930257][T21568]  tty_mode_ioctl+0x57a/0xd20
[  684.930274][T21568]  ? lock_acquire+0x2f/0xb0
[  684.930294][T21568]  ? tty_ldisc_ref_wait+0x24/0x80
[  684.930312][T21568]  ? __pfx_tty_mode_ioctl+0x10/0x10
[  684.930336][T21568]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  684.930367][T21568]  ? __pfx_n_tty_ioctl+0x10/0x10
[  684.930391][T21568]  n_tty_ioctl_helper+0x4b/0x2b0
[  684.930409][T21568]  n_tty_ioctl+0x7f/0x370
[  684.930434][T21568]  ? __pfx_n_tty_ioctl+0x10/0x10
[  684.930456][T21568]  tty_ioctl+0x6ee/0x15d0
[  684.930477][T21568]  ? __pfx_tty_ioctl+0x10/0x10
[  684.930507][T21568]  ? __pfx_lock_release+0x10/0x10
[  684.930527][T21568]  ? trace_lock_acquire+0x14e/0x1f0
[  684.930554][T21568]  ? __fget_files+0x206/0x3a0
[  684.930581][T21568]  tty_compat_ioctl+0x24a/0x4d0
[  684.930601][T21568]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  684.930623][T21568]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  684.930644][T21568]  __do_fast_syscall_32+0x73/0x120
[  684.930671][T21568]  do_fast_syscall_32+0x32/0x80
[  684.930694][T21568]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.930719][T21568] RIP: 0023:0xf73be579
[  684.930732][T21568] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  684.930747][T21568] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  684.930762][T21568] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005402
[  684.930772][T21568] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  684.930782][T21568] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  684.930791][T21568] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  684.930801][T21568] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  684.930822][T21568]  </TASK>
[  685.129895][T21574] netlink: 'syz.4.4525': attribute type 303 has an invalid length.
[  685.133798][T21576] kvm: pic: level sensitive irq not supported
[  685.182649][T21574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4525'.
[  685.188349][T21574] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  685.190968][T21574] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  685.955203][T21588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  685.959614][T21588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  685.984953][T21588] netfs: Couldn't get user pages (rc=-14)
[  686.032904][T21590] kAFS: unparsable volume name
[  686.093019][   T57] usb 5-1: USB disconnect, device number 63
[  686.322276][T15249] usb 9-1: new high-speed USB device number 51 using dummy_hcd
[  686.483488][T15249] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  686.633063][T15249] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  686.636837][T15249] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  686.640269][T15249] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  686.652457][T21593] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  686.658238][T15249] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  686.716903][T14578] Bluetooth: hci4: unexpected event for opcode 0x040d
[  686.882595][ T5989] usb 9-1: USB disconnect, device number 51
[  687.218795][T21621] program syz.1.4539 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  687.553903][T21635] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4543'.
[  688.124672][T21650] FAULT_INJECTION: forcing a failure.
[  688.124672][T21650] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  688.130243][T21650] CPU: 2 UID: 0 PID: 21650 Comm: syz.0.4547 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  688.130278][T21650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  688.130289][T21650] Call Trace:
[  688.130294][T21650]  <TASK>
[  688.130302][T21650]  dump_stack_lvl+0x16c/0x1f0
[  688.130333][T21650]  should_fail_ex+0x50a/0x650
[  688.130349][T21650]  ? __pfx___might_resched+0x10/0x10
[  688.130378][T21650]  should_fail_alloc_page+0xe7/0x130
[  688.130397][T21650]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  688.130424][T21650]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  688.130453][T21650]  ? stack_trace_save+0x95/0xd0
[  688.130471][T21650]  ? __pfx_stack_trace_save+0x10/0x10
[  688.130489][T21650]  ? hlock_class+0x4e/0x130
[  688.130505][T21650]  ? stack_depot_save_flags+0x28/0x9c0
[  688.130527][T21650]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  688.130553][T21650]  ? hlock_class+0x4e/0x130
[  688.130569][T21650]  ? mark_lock+0xb5/0xc60
[  688.130588][T21650]  ? __kasan_slab_free+0x51/0x70
[  688.130610][T21650]  ? kmem_cache_free+0x2e2/0x4d0
[  688.130632][T21650]  ? kfree_skbmem+0x1a4/0x1f0
[  688.130652][T21650]  ? consume_skb+0xcc/0x100
[  688.130667][T21650]  ? unix_dgram_sendmsg+0x871/0x1880
[  688.130684][T21650]  ? unix_seqpacket_sendmsg+0x12a/0x1c0
[  688.130703][T21650]  ? mark_lock+0xb5/0xc60
[  688.130722][T21650]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  688.130752][T21650]  ? __pfx_mark_lock+0x10/0x10
[  688.130768][T21650]  ? mark_lock+0xb5/0xc60
[  688.130787][T21650]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  688.130811][T21650]  ? policy_nodemask+0xea/0x4e0
[  688.130828][T21650]  alloc_pages_mpol+0x1fc/0x540
[  688.130845][T21650]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  688.130862][T21650]  ? find_held_lock+0x2d/0x110
[  688.130897][T21650]  folio_alloc_mpol_noprof+0x36/0x2f0
[  688.130917][T21650]  vma_alloc_folio_noprof+0xee/0x1b0
[  688.130936][T21650]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  688.130956][T21650]  ? __pfx___lock_acquire+0x10/0x10
[  688.130982][T21650]  do_wp_page+0x105a/0x4670
[  688.131009][T21650]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  688.131033][T21650]  ? __pfx_do_wp_page+0x10/0x10
[  688.131051][T21650]  ? rcu_is_watching+0x12/0xc0
[  688.131080][T21650]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  688.131095][T21650]  ? lock_acquire+0x2f/0xb0
[  688.131115][T21650]  ? __handle_mm_fault+0xdfa/0x2a40
[  688.131143][T21650]  __handle_mm_fault+0x1ade/0x2a40
[  688.131174][T21650]  ? __pfx___handle_mm_fault+0x10/0x10
[  688.131197][T21650]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  688.131234][T21650]  ? find_vma+0xc0/0x140
[  688.131253][T21650]  ? __pfx_find_vma+0x10/0x10
[  688.131276][T21650]  handle_mm_fault+0x3fa/0xaa0
[  688.131304][T21650]  do_user_addr_fault+0x7a3/0x13f0
[  688.131332][T21650]  exc_page_fault+0x5c/0xc0
[  688.131355][T21650]  asm_exc_page_fault+0x26/0x30
[  688.131376][T21650] RIP: 0010:__put_user_nocheck_4+0x7/0x20
[  688.131399][T21650] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00
[  688.131415][T21650] RSP: 0018:ffffc90006de7ce0 EFLAGS: 00050293
[  688.131429][T21650] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080001c1c
[  688.131439][T21650] RDX: 0000000080001c00 RSI: ffffffff89272bce RDI: 0000000000000005
[  688.131449][T21650] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  688.131458][T21650] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000080040840
[  688.131467][T21650] R13: 0000000080001c00 R14: 0000000000000158 R15: 0000000000000159
[  688.131485][T21650]  ? __sys_sendmmsg+0x30e/0x420
[  688.131505][T21650]  __sys_sendmmsg+0x31d/0x420
[  688.131524][T21650]  ? __pfx___sys_sendmmsg+0x10/0x10
[  688.131548][T21650]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  688.131582][T21650]  ? fput+0x67/0x440
[  688.131601][T21650]  ? ksys_write+0x1ba/0x250
[  688.131622][T21650]  ? __pfx_ksys_write+0x10/0x10
[  688.131649][T21650]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  688.131673][T21650]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  688.131698][T21650]  __do_fast_syscall_32+0x73/0x120
[  688.131724][T21650]  do_fast_syscall_32+0x32/0x80
[  688.131748][T21650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  688.131771][T21650] RIP: 0023:0xf7fc3579
[  688.131784][T21650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  688.131799][T21650] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  688.131814][T21650] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001c00
[  688.131824][T21650] RDX: 0000000000000159 RSI: 0000000000040840 RDI: 0000000000000000
[  688.131834][T21650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  688.131844][T21650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  688.131854][T21650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  688.131875][T21650]  </TASK>
[  688.350663][T21657] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  688.354518][T21657] bond0: (slave lo): Error: Device can not be enslaved while up
[  688.502187][T21667] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4554'.
[  688.505852][T21667] 
@�: renamed from bond_slave_0
[  688.641139][T21675] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4552'.
[  689.554916][T21698] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4565'.
[  690.339086][T21707] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4567'.
[  690.341587][T21707] IPv6: NLM_F_CREATE should be specified when creating new route
[  690.344307][T21707] IPv6: Can't replace route, no match found
[  690.406439][T14578] Bluetooth: hci2: unexpected event for opcode 0x0c20
[  690.408953][T21712] overlayfs: missing 'lowerdir'
[  690.467890][T21716] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4572'.
[  690.515097][T21719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4568'.
[  691.112199][T17914] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[  691.232734][T21742] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4578'.
[  691.235372][T21742] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4578'.
[  691.262704][T17914] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  691.265615][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.268056][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.271093][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.273747][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.276243][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.279219][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.281739][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.284308][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.287264][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.289778][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.292315][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.295285][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.297828][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.301082][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.304200][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.306737][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.309221][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.312254][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.314805][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.317226][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.320196][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.322758][T17914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  691.325372][T17914] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  691.328508][T17914] usb 9-1: config 0 interface 0 has no altsetting 0
[  691.331853][T17914] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  691.334841][T17914] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  691.337200][T17914] usb 9-1: Product: syz
[  691.338396][T17914] usb 9-1: Manufacturer: syz
[  691.339711][T17914] usb 9-1: SerialNumber: syz
[  691.341950][T17914] usb 9-1: config 0 descriptor??
[  691.345539][T17914] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  691.547773][T17914] usb 9-1: USB disconnect, device number 52
[  691.550223][T17914] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  692.667147][T21774] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[  692.670372][T21774] CUSE: unknown device info "3�ܟ�,��̘�"
[  692.671992][T21774] CUSE: DEVNAME unspecified
[  692.993001][T21781] kAFS: unparsable volume name
[  693.285555][T21786] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  693.342763][T21786] netlink: 'syz.1.4595': attribute type 21 has an invalid length.
[  693.345212][T21786] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4595'.
[  693.396526][T21789] program syz.4.4596 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  693.430282][T21791] netlink: 'syz.4.4597': attribute type 1 has an invalid length.
[  693.432839][T21791] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4597'.
[  694.632337][T12162] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[  694.796932][T12162] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  694.804369][T12162] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  694.808501][T12162] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  694.811989][T12162] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.820635][T21807] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  694.825513][T12162] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  695.090996][ T5989] usb 10-1: USB disconnect, device number 31
[  696.875829][T21845] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4613'.
[  697.236842][T21850] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4614'.
[  698.692575][T21880] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  698.733961][T14578] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  698.846782][T21886] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4627'.
[  698.998704][T14578] Bluetooth: hci2: unexpected event for opcode 0x040d
[  699.838824][T21903] tipc: Can't bind to reserved service type 2
[  700.092739][T21900] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  700.095336][T21900] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  700.097647][T21900] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  700.099978][T21900] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  700.343770][T21923] ebtables: wrong size: *len 264, entries_size 144, replsz 144
[  700.348896][T21923] input: syz0 as /devices/virtual/input/input75
[  701.482537][T21950] syz_tun: entered allmulticast mode
[  701.484667][T21949] syz_tun: left allmulticast mode
[  701.603068][T21961] netlink: 'syz.5.4652': attribute type 1 has an invalid length.
[  701.856269][   T40] audit: type=1326 audit(1742612888.830:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.872307][   T40] audit: type=1326 audit(1742612888.830:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.878135][   T40] audit: type=1326 audit(1742612888.830:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.884298][   T40] audit: type=1326 audit(1742612888.830:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.890127][   T40] audit: type=1326 audit(1742612888.830:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.912221][   T40] audit: type=1326 audit(1742612888.840:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.922576][   T40] audit: type=1326 audit(1742612888.840:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.932177][   T40] audit: type=1326 audit(1742612888.840:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.938098][   T40] audit: type=1326 audit(1742612888.840:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  701.952188][   T40] audit: type=1326 audit(1742612888.840:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21964 comm="syz.5.4654" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  702.620448][T21984] FAULT_INJECTION: forcing a failure.
[  702.620448][T21984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  702.625034][T21984] CPU: 1 UID: 0 PID: 21984 Comm: syz.0.4656 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  702.625048][T21984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  702.625055][T21984] Call Trace:
[  702.625059][T21984]  <TASK>
[  702.625063][T21984]  dump_stack_lvl+0x16c/0x1f0
[  702.625081][T21984]  should_fail_ex+0x50a/0x650
[  702.625094][T21984]  _copy_from_user+0x2e/0xd0
[  702.625106][T21984]  generic_map_update_batch+0x391/0x5f0
[  702.625125][T21984]  ? __pfx_generic_map_update_batch+0x10/0x10
[  702.625140][T21984]  ? __fget_files+0x206/0x3a0
[  702.625156][T21984]  ? __pfx_generic_map_update_batch+0x10/0x10
[  702.625172][T21984]  bpf_map_do_batch+0x5a8/0x670
[  702.625187][T21984]  __sys_bpf+0x1ce4/0x49c0
[  702.625229][T21984]  ? __pfx_lock_release+0x10/0x10
[  702.625246][T21984]  ? __pfx___sys_bpf+0x10/0x10
[  702.625260][T21984]  ? vfs_write+0x306/0x1150
[  702.625277][T21984]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  702.625299][T21984]  ? fput+0x67/0x440
[  702.625309][T21984]  ? ksys_write+0x1ba/0x250
[  702.625322][T21984]  ? __pfx_ksys_write+0x10/0x10
[  702.625338][T21984]  __ia32_sys_bpf+0x76/0xe0
[  702.625347][T21984]  __do_fast_syscall_32+0x73/0x120
[  702.625364][T21984]  do_fast_syscall_32+0x32/0x80
[  702.625378][T21984]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  702.625395][T21984] RIP: 0023:0xf7fc3579
[  702.625403][T21984] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  702.625413][T21984] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  702.625423][T21984] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000480
[  702.625430][T21984] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  702.625435][T21984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  702.625441][T21984] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  702.625447][T21984] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  702.625458][T21984]  </TASK>
[  702.700129][    C1] vkms_vblank_simulate: vblank timer overrun
[  702.861604][T21992] ------------[ cut here ]------------
[  702.864107][T21992] refcount_t: underflow; use-after-free.
[  702.866163][T21992] WARNING: CPU: 0 PID: 21992 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[  702.868769][T21992] Modules linked in:
[  702.870099][T21992] CPU: 0 UID: 0 PID: 21992 Comm: syz.5.4661 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  702.875633][T21992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  702.878494][T21992] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  702.880178][T21992] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31
[  702.886175][T21992] RSP: 0018:ffffc90003b0f9b8 EFLAGS: 00010282
[  702.888374][T21992] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000c3c6000
[  702.891719][T21992] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  702.895344][T21992] RBP: ffff88806f368a10 R08: 0000000000000001 R09: 0000000000000000
[  702.898309][T21992] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[  702.901255][T21992] R13: 0000000000000000 R14: ffff88806f368a10 R15: ffff88805e71e000
[  702.904299][T21992] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5106b40
[  702.906818][T21992] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  702.909019][T21992] CR2: 000000000c37885a CR3: 0000000064aac000 CR4: 0000000000352ef0
[  702.911847][T21992] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[  702.916212][T21992] DR3: 0000000000000009 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  702.919284][T21992] Call Trace:
[  702.920465][T21992]  <TASK>
[  702.921619][T21992]  ? __warn+0xea/0x3c0
[  702.923211][T21992]  ? __pfx_vprintk_emit+0x10/0x10
[  702.925403][T21992]  ? refcount_warn_saturate+0x14a/0x210
[  702.928097][T21992]  ? report_bug+0x3c0/0x580
[  702.930039][T21992]  ? handle_bug+0x54/0xa0
[  702.931668][T21992]  ? exc_invalid_op+0x17/0x50
[  702.933458][T21992]  ? asm_exc_invalid_op+0x1a/0x20
[  702.934887][T21992]  ? __warn_printk+0x1a6/0x350
[  702.936240][T21992]  ? refcount_warn_saturate+0x14a/0x210
[  702.938353][T21992]  ? refcount_warn_saturate+0x149/0x210
[  702.940473][T21992]  io_tx_ubuf_complete+0x236/0x280
[  702.942617][T21992]  ? __io_submit_flush_completions+0xb85/0x1df0
[  702.944983][T21992]  io_send_zc_cleanup+0x8a/0x1c0
[  702.946948][T21992]  ? __pfx_io_send_zc_cleanup+0x10/0x10
[  702.949087][T21992]  __io_submit_flush_completions+0xcb3/0x1df0
[  702.951932][T21992]  ctx_flush_and_put.constprop.0+0x9a/0x410
[  702.955346][T21992]  io_handle_tw_list+0x3df/0x540
[  702.957895][T21992]  ? __pfx_io_handle_tw_list+0x10/0x10
[  702.959931][T21992]  ? lock_acquire.part.0+0x11b/0x380
[  702.961985][T21992]  ? find_held_lock+0x2d/0x110
[  702.963951][T21992]  tctx_task_work_run+0xac/0x390
[  702.965880][T21992]  tctx_task_work+0x7b/0xd0
[  702.967625][T21992]  ? __pfx_tctx_task_work+0x10/0x10
[  702.969633][T21992]  ? _raw_spin_unlock_irq+0x23/0x50
[  702.971546][T21992]  ? lockdep_hardirqs_on+0x7c/0x110
[  702.973788][T21992]  task_work_run+0x14e/0x250
[  702.975843][T21992]  ? __pfx_task_work_run+0x10/0x10
[  702.978717][T21992]  get_signal+0x1d3/0x26c0
[  702.981055][T21992]  ? __pfx_get_signal+0x10/0x10
[  702.983061][T21992]  ? fput+0x67/0x440
[  702.984621][T21992]  ? __do_sys_io_uring_enter+0x60f/0x1670
[  702.986948][T21992]  arch_do_signal_or_restart+0x90/0x7e0
[  702.989152][T21992]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  702.991454][T21992]  ? rcu_is_watching+0x12/0xc0
[  702.993387][T21992]  syscall_exit_to_user_mode+0x150/0x2a0
[  702.995531][T21992]  __do_fast_syscall_32+0x80/0x120
[  702.997521][T21992]  do_fast_syscall_32+0x32/0x80
[  702.999817][T21992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  703.002550][T21992] RIP: 0023:0xf7fe8579
[  703.004512][T21992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  703.011494][T21992] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  703.013830][T21992] RAX: 0000000000001000 RBX: 0000000000000004 RCX: 00000000000047bc
[  703.016024][T21992] RDX: 0000000000000000 RSI: 0000000000000021 RDI: 0000000000000000
[  703.018125][T21992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  703.020201][T21992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  703.022883][T21992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  703.025489][T21992]  </TASK>
[  703.026431][T21992] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  703.028399][T21992] CPU: 0 UID: 0 PID: 21992 Comm: syz.5.4661 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  703.031282][T21992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  703.034228][T21992] Call Trace:
[  703.035165][T21992]  <TASK>
[  703.036168][T21992]  dump_stack_lvl+0x3d/0x1f0
[  703.037949][T21992]  panic+0x71d/0x800
[  703.039147][T21992]  ? __pfx_panic+0x10/0x10
[  703.040463][T21992]  ? show_trace_log_lvl+0x29d/0x3d0
[  703.042030][T21992]  ? refcount_warn_saturate+0x14a/0x210
[  703.043734][T21992]  check_panic_on_warn+0xab/0xb0
[  703.045229][T21992]  __warn+0xf6/0x3c0
[  703.046361][T21992]  ? __pfx_vprintk_emit+0x10/0x10
[  703.047770][T21992]  ? refcount_warn_saturate+0x14a/0x210
[  703.049286][T21992]  report_bug+0x3c0/0x580
[  703.050524][T21992]  handle_bug+0x54/0xa0
[  703.052110][T21992]  exc_invalid_op+0x17/0x50
[  703.053811][T21992]  asm_exc_invalid_op+0x1a/0x20
[  703.055619][T21992] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  703.057937][T21992] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31
[  703.065121][T21992] RSP: 0018:ffffc90003b0f9b8 EFLAGS: 00010282
[  703.067454][T21992] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000c3c6000
[  703.070454][T21992] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  703.073470][T21992] RBP: ffff88806f368a10 R08: 0000000000000001 R09: 0000000000000000
[  703.076438][T21992] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[  703.079381][T21992] R13: 0000000000000000 R14: ffff88806f368a10 R15: ffff88805e71e000
[  703.082382][T21992]  ? __warn_printk+0x1a6/0x350
[  703.084230][T21992]  ? refcount_warn_saturate+0x149/0x210
[  703.086351][T21992]  io_tx_ubuf_complete+0x236/0x280
[  703.088306][T21992]  ? __io_submit_flush_completions+0xb85/0x1df0
[  703.090688][T21992]  io_send_zc_cleanup+0x8a/0x1c0
[  703.092583][T21992]  ? __pfx_io_send_zc_cleanup+0x10/0x10
[  703.094699][T21992]  __io_submit_flush_completions+0xcb3/0x1df0
[  703.097016][T21992]  ctx_flush_and_put.constprop.0+0x9a/0x410
[  703.098822][T21992]  io_handle_tw_list+0x3df/0x540
[  703.100203][T21992]  ? __pfx_io_handle_tw_list+0x10/0x10
[  703.101725][T21992]  ? lock_acquire.part.0+0x11b/0x380
[  703.103196][T21992]  ? find_held_lock+0x2d/0x110
[  703.104554][T21992]  tctx_task_work_run+0xac/0x390
[  703.105952][T21992]  tctx_task_work+0x7b/0xd0
[  703.107232][T21992]  ? __pfx_tctx_task_work+0x10/0x10
[  703.108684][T21992]  ? _raw_spin_unlock_irq+0x23/0x50
[  703.110135][T21992]  ? lockdep_hardirqs_on+0x7c/0x110
[  703.111581][T21992]  task_work_run+0x14e/0x250
[  703.112892][T21992]  ? __pfx_task_work_run+0x10/0x10
[  703.114326][T21992]  get_signal+0x1d3/0x26c0
[  703.115578][T21992]  ? __pfx_get_signal+0x10/0x10
[  703.116942][T21992]  ? fput+0x67/0x440
[  703.118041][T21992]  ? __do_sys_io_uring_enter+0x60f/0x1670
[  703.119609][T21992]  arch_do_signal_or_restart+0x90/0x7e0
[  703.121137][T21992]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  703.122851][T21992]  ? rcu_is_watching+0x12/0xc0
[  703.124183][T21992]  syscall_exit_to_user_mode+0x150/0x2a0
[  703.125750][T21992]  __do_fast_syscall_32+0x80/0x120
[  703.127181][T21992]  do_fast_syscall_32+0x32/0x80
[  703.128544][T21992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  703.130318][T21992] RIP: 0023:0xf7fe8579
[  703.131464][T21992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  703.136720][T21992] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  703.139024][T21992] RAX: 0000000000001000 RBX: 0000000000000004 RCX: 00000000000047bc
[  703.141208][T21992] RDX: 0000000000000000 RSI: 0000000000000021 RDI: 0000000000000000
[  703.143386][T21992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  703.145574][T21992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  703.147763][T21992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  703.150078][T21992]  </TASK>
[  703.151498][T21992] Kernel Offset: disabled
[  703.152813][T21992] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:08:09  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff853eaa70 RDI=ffffffff9ab72ea0 RBP=ffffffff9ab72e60 RSP=ffffc90003b0f2e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff356e626 R15=dffffc0000000000
RIP=ffffffff853eaa97 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c37885a CR3=0000000064aac000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=1ffff92000f94e82 RCX=ffffc90007ca7450 RDX=1ffff110043ff5e4
RSI=ffffffff8b6cff80 RDI=ffffffff8bd359e0 RBP=fb19a5ccda6a0102 RSP=ffffc90007ca73f8
R8 =0000000000000000 R9 =fffffbfff20c51c2 R10=ffffffff90628e17 R11=0000000000000001
R12=0000000000000001 R13=0000000000000002 R14=ffff888021ffaf28 R15=ffff888021ffa440
RIP=ffffffff8196b466 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000040 CR3=000000005793c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000048673 RBX=ffffea0001480640 RCX=ffffc9002891f000 RDX=0000000000080000
RSI=ffffffff8b53a83f RDI=0000000000000005 RBP=ffffc90007c977b0 RSP=ffffc90007c97550
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000002
R12=0000000000000020 R13=ffff88806a4e4580 R14=0000000000000000 R15=0000000000000001
RIP=ffffffff8b556700 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055be27637000 CR3=0000000069860000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed bcc61eedbcc61eed
ZMM22=a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53 a513ba53a513ba53
ZMM23=81e95da781e95da7 81e95da781e95da7 81e95da781e95da7 81e95da781e95da7 81e95da781e95da7 81e95da781e95da7 81e95da781e95da7 81e95da781e95da7
ZMM24=abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f abd9821fabd9821f
ZMM25=8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd 8f4239bd8f4239bd
ZMM26=8488181084881810 8488181084881810 8488181084881810 8488181084881810 8488181084881810 8488181084881810 8488181084881810 8488181084881810
ZMM27=d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4 d953dbd4d953dbd4
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000 3b1c00003b1c0000
info registers vcpu 3

CPU#3
RAX=000000000084ca3d RBX=0000000000000003 RCX=ffffffff8b557469 RDX=0000000000000000
RSI=ffffffff8b6cfc80 RDI=ffffffff8bd359e0 RBP=ffffed1003766910 RSP=ffffc900004afe08
R8 =0000000000000001 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb34880 R14=ffffffff90628e10 R15=0000000000000000
RIP=ffffffff8b55884f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c37884e CR3=000000004ecb2000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f738cff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000