last executing test programs:

1m4.761236866s ago: executing program 1 (id=1902):
socket(0x1e, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
shutdown(r1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000208000840000005003c0000000e0a01020000000000000000010000000900020073797a3200000000100003800600008008000180040002800900010073797a3000000000140000001000010000000000000000000000000a"], 0xc8}}, 0x0)
recvmmsg(r1, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)

1m4.338369073s ago: executing program 1 (id=1907):
syz_io_uring_setup(0x70ca, &(0x7f0000001380)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100), &(0x7f00000007c0))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000009fdef6420a0200000000000700000000000000"])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket(0x15, 0x5, 0x0)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount$nfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c666f776e65723d746b2b6a34fda8adb094a78eacdca24f853b813d49611ccdf42b35149da600255ffed4b2f96dfa0d7c061acd1fb803980c84618f871795027e87bf0c68c2168dbd40f27bc055226ac3b9d70ee8e704153740af7950b128b6513c319b15c7c24bb1160b8d3e72bcaa11935654f7c5c8d28cf21dacf4335d8f5639adbeacaa809b724e731d00e0c402b28ebddbe94f102f7aac26a4864241d3dd038d7d08847c30e67ec4d1bf8e2ba72be8376cccbe54b8e8e014091bd4c4919f2c5ad3a401d473ed08", @ANYRESDEC=0x0, @ANYBLOB=',func=MMAP_CHECK,obj_role=,\x00'])
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x4a, &(0x7f0000000040), 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r6, 0x11, 0x67, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
socket$kcm(0x10, 0x2, 0x0)

1m3.118327619s ago: executing program 1 (id=1911):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000040)='zonefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r4, &(0x7f0000000b80)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x7ffe, @mcast2, 0x4}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000080)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000240)=[@dstopts_2292={{0x18, 0x29, 0x43, {0x32}}}], 0x18}}], 0x1, 0x4000084)
close(r3)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40086436, &(0x7f0000000180)={0x0, 0x7})
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r6, @ANYBLOB="fd00000000000000300012800b000100ab0b00002000028004001200"], 0x50}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r3, 0x0, 0x6b, 0xe)
r7 = syz_open_dev$sndctrl(&(0x7f0000000200), 0xd3, 0x101100)
read(r7, &(0x7f0000000300)=""/197, 0xc5)

1m2.217199551s ago: executing program 1 (id=1922):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=@newsa={0x134, 0x10, 0x713, 0x40000, 0x0, {{@in6=@mcast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e}, {@in6=@mcast1, 0x0, 0x32}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}, {0x8000001, 0x0, 0x100000000000, 0xfffffffffffffffd}, {0x0, 0x2, 0x2}, 0x0, 0x0, 0xa, 0x4, 0xb, 0x40}, [@algo_crypt={0x48, 0x2, {{'ecb-serpent-avx\x00'}}}]}, 0x134}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SMI(r2, 0xaeb7)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xae\xd1md\xc8\x85\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;2\xb5\xe1jS\xeb\xbf%||\xa0\x8e\x01\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000440))
mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0\x00', 0x89901)
umount2(&(0x7f0000000400)='./file1\x00', 0xc)
mknod$loop(&(0x7f0000000000)='./file1\x00', 0x1000, 0x1)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000003c0)=[{0x4, 0x5, 0xb, 0xb}, {0x2, 0x4, 0x7, 0x4}, {0x2, 0x1, 0x8, 0x3}, {0x1, 0x4, 0x4, 0xc}, {0x5, 0x5, 0xa, 0x7}, {0x5, 0x4, 0x0, 0x3}, {0x5, 0x2, 0x5, 0xa}, {0x4, 0x1, 0xe, 0x1}], 0x10, 0x9}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c00018006000600080600000800028004007280080007"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
set_mempolicy(0x4005, &(0x7f0000000080)=0x3, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x200000a, 0x4c831, 0xffffffffffffffff, 0x0)

1m2.170352141s ago: executing program 1 (id=1923):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000b40)={0x0, 0x1})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x5c, r5, 0x1, 0x0, 0x0, {}, [{{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4005}, 0x40000)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x3ffdcf, 0xaf0}, 0x50)

1m1.471950146s ago: executing program 1 (id=1927):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000cdc0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="4627563e95d073e9c44031e486c6c3c887234dab29bb5d4444d206b6ed7b2b3001b6ed59a692ab0f0251ebf104d3747ab90777b96df4449e5275f86a62902df16f5fba75e202cbdf6fe7cc018a76b412f6485398037d6cb464f1dcf7fda3c76e43cdf64a53f6182a0b7e6476035e8bce74d0582b1ccf32dc8b0cc3b610b143afb4d3c163308a66f2dedd0d45f392d7899f5c4d2ded35c1602f7338dea29e0dff356a32c9e921eeebf8b9845ec2a40b68a8bdcb88009c910e110de23a02648667d740186ee2a3f4a59672477230c4a3a62a1417659b1978cf2b671f836d49fd361ad0af9157916d29cb4fcc1e873a336660b639383485a5322faca6694c74f58fa428582950bd136778dff61da52778dade8b2c3331b31a89259469b0900ab4173202f6256b2d23d3feb8517556292de52662192eca03da5744515c4a92cd3f0f296209bacb28a0267776c9797a784cfd95a52f9de496a5ed70459d55041b663a70d7d471da4f86cd187fd53e667422a0fdfe5eb34e2f2b8c133f2271fe5b1e71533b698169ac8107187533e37765fbd69c327ec608249c44018e3496b2f66fb8bb942f4bd26ed687ee1f7d2a53d7233fbde91cd03f4b4db0c23ed56ff9a61e0d5a1bf6ed50c308e8af0c32b2e0b15df009046ed88d60b772e0cdbfb3d765251aae01b01660df364dce51971ea2034b316a0b0071cb1d28bb86279de377ccb5a18ce981241b5d566e248866f280d71c6775e14fad44342945663bd56ad056f79e49f8071153391f8de78b05496a5f174e812ee0b102e0421c632e4a9f8ffd87ea68df1d7e85af4b30024b2a3cf0e1106871b3427eedfe857f3bc2a021d42fc09224ece3c56e57806a2da229231cc8e3ed5dbd82fd2d3894cba01e36c2ba91a42456eb570446fa3e2eddfe30264572d5d778cbf5d676ad4bd37d11e09573a5566b3656a760c9d3030b2bcd90be0d670866010e2d33c93f223a79ca167bce1a46670db33470c75776582f26b5d9ce847493ddb34612bc829f93f473c24263246011c4ca689f62f4539550ee13b246aeeec477fb2e9e4b223f66c006303abdb003809b9cd4e993b90821750b86608882355e5f587182c1ac6c677b07c26956073ff3a78d4f325139d9c0b8aead052e73fd21b3615ea22acc084bf5060f72936796311e31c038426f0a0e6c304cd2d9c363e7a1a21752032be17adca8b476b0e571b591c9dd923b0066fd5e32e045494c0a9e1e511f147988e0a5fe9652b92ed0e015ef54e3ed2a510b9383f1938dece777ca866f1a21082052827f3a48c2f38482fe3a8286c0ff17d4c24a468a5a0ec0a2eb1165f48cf76fc07450c82294d973a1793dd58008834f0d3aba4e097ceff0ba44656c67839ff3e489975297b334ecf6c7ce4634afbe3d8ab70827563aa75ffafc43429170c3fe3854238485c5a9b567a959a746010c22a92e863e318312e0efc06ab86d1435e06aca5f4b7b7f06a78f90795545c145c9941b74adb9a31ab4f749f81665dd9308acba8d7861856b548eab226377be82611ad79c8d25b176de98003c1ea28b556a2b90360913c39f8f64f0d122c732af5a990603429b354ecd4de797e17722c66546cc38349cb09c40ea54972562734e9816c83103e0bd19451e6144d005e6ce6d6d6fc1ce90238b73d1e0aaa4ee9fd0545054cea97639a404edf3b27c0073be84961084ea685e8ace53c7d7f52b62e378d9ee167aec3e5cbd60ff36c0d3ad40181bad59f111c30e9414112fbc71ad7ede21c288c878dd2509c36f93c31dab5d091107c8e8bdcadffdcb3053eba35b44c70a6421b343922cb11c69b886db0f412e5c23f89dbaff9e5847fd749e28356cab3999f1142449047a3a6c43bf670244e55d888f36ef1dc87bc5bb1460b6c8d1e69efca9a02ba834591906a65102c3e1c1c7dbdeccc7e261795f349d110836445d8ba19cbc699c46d4edc34942a488de1cc1140dc6acf23c8ec1f475e613c85ba025ff7ae639cb2499629eb5f5c88c4057e30bcf41767424af763c9204084856d87cd99f0da06ae6ee5b7382c1f6f2cbb2cf2dfd8320271f16ba7ebd8f0e3c742482f5426530b1ab946c7118f70aa4eac41dd78569341a0f3dd250531aaefdff4cab9e9eed7efdaa865f9b804ade79ced061a1fcd18a6c61a708fdf119841dc232cc5c4e5343cb8a82e9dd9647779bca053b5a2c43481c06ce2a593e388f5f5f4e681771021aaaf0589dac69db22c7285035d1eb89c75935fa4208b3786f2640ce9d65b0e671967dc27808fea5d17ac70a3ac2802f65d45d9c0372aeed530ee58bf04e190f50dac25139caec0b253d17af28eaed173c7043d66567188f04ea51733835c1c66ac7a634d7b90bdac4a6d1075bb277dc6ca420b24485012db44aed5a2e8099f4f3ed53bdb0b35b35905db28169b3e3b3d13ff94bdf2c9549f4a54c64b8d27098b86ff46cfd515f35b1d5a1bbf1bb29df16cdf296e804977a6b583d018c4fdb66264d5f2d9e162059017d6b6cbc6d6c2f1009717c67093f6feaafce1f242f4b730a2e714e9bba79f18c42a158425147b7b2cd9add4ac1d2c1a95b13a4f352d51982a5d967cd611911e6d0777afbc10883c6293f056acc69da89a0a64913be996466ed63f969d5ccd124cd3052d6654e6db0519449f3cbf3a2011541d26e5b76c3c192857905bcf989fd943d42aee9ebd40fee33094eae69154092e9514819ff126040ea7d43a927809149cfaffcc76cb1e332426bf0eb1ac1a3968c70030453a284a0fe39b9ebd704f0950cb5350d4c60d65566b3f24ec4636cd5bb3e23066f4d4f1814e60f286f3ad2d3c10e79c5991c8bf5fdb561723873fe0c75c7bb6ba262aa3a6655349df95f07abb0200d5b9152da4bfdd66a311b29a15755e8465b7b0d99f7f8ccefe9cb3561b5619d4c21b36c9b29442ccd5949882d0167244d84b677685d62074f63b8dc66941f317c78bb093491e2acb7207cc80fe51c22199aae878170af9fa1eb164854587007eb108f23d1c7946bf75aee50eee6fffdae24b992393bd37d268a136b3dcb1b7d2c9b9fbfe0c860b0d344f488e85de2a65a20eb057f0047d0b6b8898bdd68e21f2234a2c66b963a2d86f62297a7d1176c14acaddd4861f5bb74ee91eb3b6ba0c7328433b977e23c02ab67d82a12d620fc034f1c9c3a99a6a07ddf59eaa18384e429101dacbd93ee794e27b774242446fa433a8c03e4312ad56f6c4dfd1ad014d07932480e07caedabda36caaeaaf405dfa1a650843f2e09ae89c666ab8754d9bf9b290f4c4c9242d8f98533bfdbae191a6fbcba6bdb9096427d2d8efb5dcfbd58df7763cc445bf44a0be6de2335a395ab8157dee25794be81c3d87a7d457b52d88f86cabf91f2ec16a8e05a00f72277943737839a5242163025704c7b938f3f424ef5db6b60d3181e3ef94cbdc6516f0ecf01b52164b92f2e12ed55db595fd8de6862a3b12ebe06b19d1f93132b83b2f5ddbc9808b3ce8fa40352c84664d824edd2631a5e2fddaae887689092007d3d0f22a948f54bfd5c42bea5f0d6bf5018cee5ef232c8b6ea3f54ee6f4997c8ad5ccfd28227eeca811312375a849bdf4d343c1b0ec7035279d1bc0892ef193a74018d5ccd5ccaf0503a697b23abb44b7aa3beced0626daa5e1fbfc4d29d2804292fcc60b775f656179510168bf05929dbc92e009d94561d946f7b4b5a18c08d29678c482d90e07abb029e80546e5cee6c4a30712a9b92d556a29b2de021bd49b6398340a9363b689bedc007416bcb659c0c4b6eaa31ec4976ee4896ff87a7dfab48dc7046d44c9c2db6881f7d6b252e582eb878b0be9b24666e74e8eb565c07582f17817ea2422de5da79cb367e76b9b8a9d056de06ad0483986fef2a3b62d64d5d2128cf55499025ad0739ad3ce5e1bfa6aaac16828bdacad2f86b32ed933a2f672efd1f4a32dd23e59aed872d1015eaaf701a0ef8e1427d59728450c4f1bd561e7ef6f8e34d12ae2120a51746a5c346e739c09854caeec07af0d70dd4d9164b3ae8a098a41c081465fdb5537cb560426bc0de4b735f253dbc779b9dce429d99700cd6c0cbd778caeb56401b2bb5c1ca310ab0c91e1d9f4578b5fb3b4f0dad4c565495797e8e83603f3ef188a896fad5bfec24457e0f6f962b8613434f16acf74308171567eae5ad9ec11186a56493a5394042bd1b29fbe0ce64e5f1b0b56e8910343666d627d71c729c0c90bfae0134e117842d67b160ff50688f7b45f0ae330c2d4890732ace7795ff74b6e36466da623c8eef75528b22199c9bf589a1fcd2aca6c5fe3cce2eddabf1ddc8e87380b815ed5928222613383db7941eb9d55b45487b399a9a35ca4cbd9eaf08c71273fc3334b0acdbd117b13697a9ae475e79a44911ce4fed1490a2ec654fe469c9ea933999dae3616b063769446cfefb4562bd124e42f62a3dd0385fe3d21029ad8fd1c58b0badd42e415a76e3e92f246629d3579dd80d940e6dd9bee3d9a6ef8a7840fb253507e718eca32ff4119eb0bcc02aa210939a3bc41704a63202139c68e276254395ab6b858f4528ea2b3a57328e0b31816de3ad85e50e7f4ec9445eaf21a8b9916ed209bb7e79a7a08c2e4e09644ab831c0ba68d05d5ebf57a9eb36bb9caa8e7ac78a8ccca1bcb03cef0c5eb31fafa6e283632c117031aa3919f72aa80a2b9b2557749951348d5294ed2414ffcbafdf976bfb7a401bedb208fe1285738df515af493047aec962bcacb8ea7bad5fc12d5bf415e66c06c4c87044e694291e104ef53850cbc7ef73ab57982d77a3f941c226a915163e8eebd256cb8a1f0130023d2c5d3be77cab39bae4449711d6f39e50cc83eefaf6cc727b1c0b3fc4f7bd110d18262cd872cee8ca95f1be8005d5b339abbde923ef2d4290d5579e4420ff2beb705c16e96101c38c31cfd05639f252730c145182e4406aab68f556e0290ccf05e25a7bf13cdb5db47a8a0841fbeb880d4f0add608d1badb8992924b548ef1426ec774ec9d86678d4c2aae8f1e3b2dfb295802f75727a308dd1b39460f26858eff99fae8d27f24ea6902adabc89311a5fd18c3d9c606db7295f25acd22624bcc753c4c3acdb3f6c563174441333b69a126e4fcc6b06165f6221539c5ed277c20dac4b7978619e10616475de88810bbac714f3651efaa59b75791080a1086c0f3f1b5edb4b3976cc936665855f6a56788d76c6e771b1c968c859fd1ba995d336d301695fc012b8031a14ca529e3e9bf622db6813417925bb4e1a7a5b786aa90f4d048f1f442a2696970dd442d3a6ee117a3e768644c99951b75e51e98de61bc7ed8eb9e87fd43ec75e948829bd19fc545cddefee7a6f068a419e216982ca4ce6ad3256f1e64d203ba1da27e9e175738124ca86a312d0dd0caae6d64751d459d8134830ebb4f4c7931aa90c1ad6fefd99ea4ded3d246236719d6fd48979ee31eaabbea385e91aea0557a58d73a63660ecee981e3da40a39fec3f01caaffafee3504e9f8dc990cc2d69c513db25f6e722ea4811f778af8a338498b6b908682aca6e02e898cb65377f820529d35707cb83ba69b16c92b571728c58188fb08ed6f6c27d6b70e963b147605714468b90966f082d7175fcbc6e770835efb6e7bac5eeaeb5b2c23eb30ecc102e647f1ff71bc6b35f629a55dd305f8ed5287e35403a91b4dc77a6df2fff354460bf563c071846c84617da4df4c46a9e359c45d217a2b096c830ac8614947d110334ca17f587d86825b2b7ae1039fc11109687c1ad0a16f0180d1700414a4694e7ab73c715436dce437a9b3dff55f62fc1ffffc33d3be037c34c9ee7a0fcfeaec1778268565663f39b69c141304c892ae80da42cc854a87c955e6d8060a731eb16ee91e8ea27f90da85196e4f034d40b85ff59eb4b7c76218342f9c9f8d3749c874562829b7ad0c786c5c25ed240aa14755ff7f5ba5298f9f6b6ec3a46ac36d6a39c59c2ecf7781da77931214ac9a8697691d933b20cb64acde409fc159d748e4f92d83ff7767260fdec04b2e80cc524a2366e8fa5b70eb8684d164dec49fa95f42e7e75daa8c268204beec1fbc58cbbe3317af0993a8676dfdb13db7875f50cebdbc629bcd605dd4c4a65c31870495fb9a9ec51c1867ca8b117a6f9507aa26cee54c4c12f8f22b9d88072639ad765bb7906435128d1c146b9e2029880eccbdf78449bd0630381ad16c13444d709a11890d80fae0d24c037180a8726143306a7cd67abbc830167f524008f9a8e3172df597a63af2e87a92e90b70ce53069657f9b46acc9da241a1b00571540ec5fed4a9acfdd0066ba248cb2bf24540d7296256d4c9a5a5bc821817ada912cdde59876d86d4c53c1d047c6bc3442c2ee78326d7c51b6d01bd4f7ff5bc45db88649220d44099b406ac2e4744996b869ea688ecb4e758e755b29717869d5dfccbf5fd553ad83de0c4cd16b3fd4913451734226e4cf29bc0a860943b3e854d8cf49f07d2bfba1c280efaa85bb8f0f8818d1e58178c338c9e46c873adc0a4b6c832aaf0878956d8a04fcc043ff307f60a263cf1bc57ad0434b6a6f99075d932ff75deb8b017cbd16b272139a4addc24749d9551ba44d5bef0536e58de5e9d0b8985f1044163d542859c699f27f033b01d1e5d4c5598bcc4279f29c56eca82cf40c3b2799277e9b0aea04ba5cdd679e3eb63ceb0eafc21c373356caadc0f5730054a0979d7e32117962af0444b7e0e75bf1d30fd1af656956367bbbddf018531833f6c383b76cd63d014c91f67b41548e558cfae6a953a78c36ba3a896b3a0bf48aaa947d042a456a48c8f323682f560f2679f53578f00746cb04c4ef12b905b37f1b1bac9c75a85d6f173d531198f150ee6dbe7fcdbed4e0baf7610b82a793c17124970924ae32c86f9b7b40a229219958cd2445fca613e264adbf29644b1f405c68ef8afff7f4c1dc86f0e578e3716fa86c53f776dc42e7d28978f1e694428560b923b5d44e3aacb18cb38d3efd90ca0812027d336b011557e9e953cbff769e9ba84b903f5fcf1e6b4ab3e210ceaac574f80607116b196b6ded8668729f9be216bfdd049e88d1cb45581701c6ca7c991488a73e6ae5decdfc6416fa69b76f82e92246ee2b29c91885be24e96ea72438499c5c421ffd199f172667adf7d257947bb47945817930a7f2f0dfc73c2a5f6002fd40b9ea51c4a0c610e9759d43c082ed0c126c0de63c5a079b4c8bac46fcc8a1f74d8929ee2b7878430e3caed5f5aad7378fcbc4d659144a7cdbd654185ffdabd9b36257993ca823990df4aa7809ee58b7a278f38085202f3618fefef67f71b39f8ed35a28b3ff47e6caa3cecdbb41b899ea7ef3179ec3d67d0e3380f61d5a57453b9b790d171e1838c68f988a6914f4b81a7a12a0f50612182de8844a5f18026bc4110a10a31a88dae4bb40a3fea22360830784cf82ccde8187d04635e7e5bc6cda8252fa77d7022ae5fdeb978315f925cdbe7cbe0e3894965795fda4b94068bee89f79f86c420b211411929b9b3074703583c0ba0703a4d282441495110dd167c228079db163febc9ea0bcb02ab400999abfecfbca274fca55a055859eb256fcddc1d1773d72d5c3793ca3ff5f2fbe647b04f5ff2b2dc50a3a897e03634a36d21e391e6b6290cf85064711600de9a74057b78d9c04857017bc762300872f674eed1b68fac65025f3252bb803a9ff8ccf4b2b49028622168439db3bc01ea9ae7618b73dc7f858ba388891da14b88f7fee4f5f49abd687ba947969b8b923c2e119fe172126835ab4d1429133a38bbb80f1f6c308ffd180a179c05d9fb112a70e7658f9e3c7b6545556726e6589ba479edf21afd08da62963b5b724fa7b618c27fba201297dd465217de92395734355e9b34e27ff4916d78dbe0424df3d6110297a7847efda2675f12a3bf5e4b07827cdae6c61b0d969f6bb15be656b394a3f3ca8d705a4cac9c78c66c4be58c40888d49ceb08eb9a90c230faace7e4c837a8cb1aa69b020f9f43532cb7315cd698dfffb0179fb24e135480af4c437170c010e6e8f94108523dca95598c59b9e483753b79bafb02a455ceec727fd271b4cb4af7d958751a747afe6625c1e8b0316af5e13e42dc8d97dc42d5960edcaa391164693250a6f98653fa20c78823e1c1a77b798491f197a647b291cdd04087b3143e5b0fc550ecbbff19666b1c8e2a5bf2cb40f9f54c11828a8dd16489f36583e3128cda7a9abde8abbf61294450af638f56444176b5a11f84e67e4e666d6df58c45c0adc45938a2639fb1717a44c8dedf8471ac82fc1771a704f778fb812acb953493a831be5b28b16b20a112aafcee4e44640a6653c4b3035d5de4fcc16312057046bc3c650057dd9be4450b3e837ff8ac19019e67550a124416d671ccc76de36946c2d91f3d63b212111f4f09f39c24c1a981a7e63dd37a8d94ebfae1df5796d971193a8c723f172a9266af23d1d0e48aae73de4e7545a13f09a1ae3feb147ba1c700776148f027abc7dbdd1f3cb823b9a4c0e9dd43fd0bc411dc3eac2369f10fc9669ffaec5ef76da6b7f8884430b3a00da63a0e5272de159ea047584f4804a14159b1321309db45c55af563081d126300dc3ac446936f6653db92fc09d225716f425997dc247939b8c1e09a11f8b10c36b671cc590922051871ce19f6db85eefac9a666c3cec6fd5a69e7610ae5123413b458024b02521420d8c50c265d7b763f070b8fd1981824da47079135a667ee2395e43cae172e6a5ae96aeb7ce490212792498e427b80036f52cc557d3f94b118b2248af9a75a6d27d084ba423edc616981864cb0069a06f359a953a6e7df6b765d222626030248253e4e93eb0979b0a5550ee15d1489f56cc1d30b1584f37b51dfa029af5b45a85b141f4f8ffdc809a19e01f22f80c8a11e9d35f790a6de2d898462a19f412de4df26896a3d107baa7a661b5482cd71453b5f88f889b93ee6df84363ecaf04cb0dcd4369f9d1a827b955182334a998e8f2edbfe74beb14e9ff50134f03d24d70b068801684e25370c1cfc065d88582389713500f974e8a6c6e7f015b8e84e5b9861e45d4ce4eef79f0e8d4f15eaf7c1b33e64287470b5b3c0b8b6bdadae567f977341b57486c1eb279be8ee1cdf11b6e0dbd42d32c95b6801cea98e6000ea80777c6ad3f62012732859497080b3aa127a0f3a7b80a99182406ccfd54affb463f8eaf01b0c65ab582628b3c2237d039ee68d307dd113e4b593b243bd64eb6f58a0ccdd8e9a78f9ed393e2affde8d616d57c7aa1d12ebb4be718b49843ec6a90d5d8c197f154f27805046c410d4e1b66cbf4a8e495a3a229a2a1d58b4909a240d7ae6ea9e740c055b06e756e57e2ff19c148cbaf37357c0d3273b7f2ec631565e9f6c6c8722ddb0c1180695fb204f35917dc2fe11469801c545b2560a59d0666ec129b88e4f427989e820982329c2c39321f25648666af651f87b495195a95a5d158fd161324796272303114d99d22890385853dbc66d37ce22de0db447260217cf51aaed240e4f4963ca7510522fc6e7dbe164ccdedc334787ddb24bbc8205bf3353d447a1de2407c248775fa7e318d83e3ff18150b3cd9a7cbb0df0703aab6ef8d0f71bf9b5a305dc25fbd200e06b73c7f298320bd90dab05ec62b5f885e7cf95274c656051c71628f31196354460b001b6366c26fd2e92f6ad68ea37d7e3fe91fe98223563b4d23f802b3911a5241a793cb9f5b4f80081ace5877f95da7499f728ab09837120ca75c63d725e46f9f77c3da16318c9bcdd4a9d68379b627c1a71a34b684e5614ab3fabceab8d2741aca921b1b018098060686c56d7ed190e7470f529f6e680ed72e749fe7c9c2f37ea8cf08d4520e496361d2437018bbda93396c05abb2aeba443ea1ee56a3da04a8b880452a3610cb4163154e02df8a08a5e48c03fb0b0cdd4d355142cc736b344b9fd987b49b85791e5bf7805250dfe63b04c7ff56608129ef43664aa2acf82f18b49cdfd2ae5551ea4d486b35cd2ea60e3f032c58f531d4d36054f5ce268a29862ded0a3cc0ff1d30882f7c85b95e9a8599bf1d143d2d25555bbaa6f8b673b76ca8cc17b693519194784833d902581fec4e656ca546eade53abfd7e4650df648cb61a146bef5382f9255bf4a7c380854568495bdb7b33f490d240ead3d1851ce3b6400eda5a370f13ec998605f46b234bc9293c026bd1d648647bf52d506deb522012ae89c4ea75414ae6677c4aef28dd756f877af23d1a5ae3cb2205850c14f27f595d1a1542bb1eaf641293e3ba40e0bb54193a1e5db969d37c97709efbc34ab509f08a51ba71ecc4f9f66c27190115948cffaae914e7eb4e8d0c59ef7368e9b08a05bbbd340e1c1d34319f150d299c0ddf3bb2138359e826f4997068b99d13cc454fea46b8664d413b79b19656d62cbb5b31744aa33f99651fa56703eaec2e6998c7321f69f6cd110c89ae0c612a96f9a84dd751fd81ff66c80563e7091f5c5b67f89d52e7c58eb26218cddeaf5c6def3ad07a610bd4e5785675580c199b8550cbb02e3b4e1d240bb8df8e514fb505f39fd222209584331bef5d271056accaef84c88741ebd9f116cce3fe7b07b78ac4bad346c0d6e71c9daecd8d60aa8ea0914f85c9078dfaff04ba5e9bbbacddbc0cb40fe20f869d7f196c5edb6657c50b82c67f1abab663bff0a8da16422fe31a4a17995ee25081a06154d1c03f1a87a9d4ad5141a9227849bd920d2515ca16a245b635c85a77884cce0b8ae56929b5e22c52f971c2eed4ccfd64f7790a616f719fc0305af71405abae9407ed1cdaa26606331fdcf9b3c19b90e561f646ea15e0e668ef37b349594a335baf26962b89ef33c98aec3ca3e7df47c20dc2928d074e5f87c0edcf37cb25d3b8304f57f8257a5ae96791697e3c6d04f4ec2eb6a69f25346defed5b509368dea2b1960218bc6dd21b567583c229fc7b5fc85f7f2032eb304c3a1f72204f75ee950344cdef846d94e916b29a43d00c789256810de5fff6f9fd1af0fcfc2edd3fff9e2010d88083fc0b9e6a291e9a7a08af62433689a39e34bed8dafc90fec82be5c63a843d82132ce8916e395791dc86c8d11caf57f7fd096c28537ec38d6c14df9782312abc85fba2d04b0b159637b0e09f7e9faa1a6136359d17cf7c58b83994d58674ddbc248b804a82156900ca95a5002ef62de046e2f5ddf8e1e19f00189d4f5169bfc3c67afc149c6bc155767e64eac433cfb787be7f7bae7f869c0ec3d142668c2f90d383af7207a635850c515d69c6a62e24e0d58c5da244a917a17caa6be01992c4f8be0b9fff57522db4756840bdf72cafa6061ff2b86305c180c470b3af589e7c9e5328d98cf737bf01d80762e1e41a4d63a8655387be7f295862fdea629aa97b40c2ba1b563f1a103a860f7dff7fd5ee8423ce3dbf0fad41b66965c67299e35483130d461ac6c68215850fd441323bb856cdf03f624520743f7b445641c72e08994c8f252fe179b29226637b533f0ed6c94a0b84efc1a884af940fbc05c654b59d37a54047de233c496103bb27b657e7f63c24ef3ce29709622f67653f398dc7c4e44", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)={0x150, 0x0, 0x0, [{{0x2000000000003, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {0x0, 0x0, 0x8, 0x4, 'group_id'}}, {{0x3, 0x0, 0x0, 0x0, 0x10000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, r2}}, {0x0, 0x0, 0x8, 0x2, 'group_id'}}]}, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
r7 = getuid()
setresuid(0xee01, r7, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000500)=0x14)
sendmsg$nl_xfrm(r5, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000540)=@updsa={0x328, 0x1a, 0x4, 0xfff, 0x25dfdbfe, {{@in=@multicast1, @in6=@private1, 0x4e21, 0x0, 0x4e23, 0xfffd, 0x2, 0x0, 0xc0, 0x3b, r6, r7}, {@in6=@dev={0xfe, 0x80, '\x00', 0x40}, 0x4d3, 0xff}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0x7, 0x1, 0x0, 0x4800000, 0x5, 0xe00000000000000, 0x5, 0xafe}, {0x4510, 0x1, 0x1, 0x200}, {0x4, 0x7f, 0x35d}, 0x70bd2b, 0x3507, 0x2, 0x0, 0x0, 0x20}, [@offload={0xc, 0x1c, {r8, 0x2}}, @algo_aead={0x113, 0x12, {{'aegis256\x00'}, 0x638, 0xc0, "f3af5c36cecb317dd56213faff1c579048b90caaddb86002b223d40bb02e0d56b5b772f15d14421b6b01aef3fe0a680892616da13e34afb3f486d8970ea485b1e14ee8d6366458d6511f898a4bc77c025106984e40db8e16bb75e19aebeb265a6652387c8a66101dee21dbb26a87231e4be115bae107c36b5338620fe1e830c12f6da3d5cca810f3b0937400632bfdc1f3d86c377562850ec92ea00d36dd8e9cf774f5225b855f8d3af838eb18acd94f16e275806da31ba108b9680adab2756374d132be03ee6a"}}, @tfcpad={0x8, 0x16, 0x6}, @replay_val={0x10, 0xa, {0x70bd29, 0x70bd2b, 0xb609}}, @mark={0xc, 0x15, {0x350759, 0x1}}, @algo_auth={0xf8, 0x1, {{'nhpoly1305-avx2\x00'}, 0x580, "1c76759a68fc902e7ff86d9df0f05d29937844b0c17d7d60d5d644a6808287359e6e1e071d5281ded15462d3a23985cf61471cbbda124b3388ca401593cf6fe05b9bbfc240d538a704cb429627c3b2264bcb9cde3e07e3627c1714a7467bb465578ce8ea1b57235ad25b9622dd3d006ab7420233a066a63d99f1abd9cccd6e60775141657205414d2e1d2b344ec6ec34f38a09f6a0a34081877f37567413b2e63039d917be40213b69369652bc6a5ccf"}}]}, 0x328}, 0x1, 0x0, 0x0, 0x42001}, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000900)=[{{&(0x7f0000000000)={0xa, 0x4a23, 0x0, @remote, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000040)='%', 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e24, 0x9, @local, 0x7}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}}], 0x2, 0x4004851)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000180)=0x4)

1m1.376478583s ago: executing program 32 (id=1927):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000cdc0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="4627563e95d073e9c44031e486c6c3c887234dab29bb5d4444d206b6ed7b2b3001b6ed59a692ab0f0251ebf104d3747ab90777b96df4449e5275f86a62902df16f5fba75e202cbdf6fe7cc018a76b412f6485398037d6cb464f1dcf7fda3c76e43cdf64a53f6182a0b7e6476035e8bce74d0582b1ccf32dc8b0cc3b610b143afb4d3c163308a66f2dedd0d45f392d7899f5c4d2ded35c1602f7338dea29e0dff356a32c9e921eeebf8b9845ec2a40b68a8bdcb88009c910e110de23a02648667d740186ee2a3f4a59672477230c4a3a62a1417659b1978cf2b671f836d49fd361ad0af9157916d29cb4fcc1e873a336660b639383485a5322faca6694c74f58fa428582950bd136778dff61da52778dade8b2c3331b31a89259469b0900ab4173202f6256b2d23d3feb8517556292de52662192eca03da5744515c4a92cd3f0f296209bacb28a0267776c9797a784cfd95a52f9de496a5ed70459d55041b663a70d7d471da4f86cd187fd53e667422a0fdfe5eb34e2f2b8c133f2271fe5b1e71533b698169ac8107187533e37765fbd69c327ec608249c44018e3496b2f66fb8bb942f4bd26ed687ee1f7d2a53d7233fbde91cd03f4b4db0c23ed56ff9a61e0d5a1bf6ed50c308e8af0c32b2e0b15df009046ed88d60b772e0cdbfb3d765251aae01b01660df364dce51971ea2034b316a0b0071cb1d28bb86279de377ccb5a18ce981241b5d566e248866f280d71c6775e14fad44342945663bd56ad056f79e49f8071153391f8de78b05496a5f174e812ee0b102e0421c632e4a9f8ffd87ea68df1d7e85af4b30024b2a3cf0e1106871b3427eedfe857f3bc2a021d42fc09224ece3c56e57806a2da229231cc8e3ed5dbd82fd2d3894cba01e36c2ba91a42456eb570446fa3e2eddfe30264572d5d778cbf5d676ad4bd37d11e09573a5566b3656a760c9d3030b2bcd90be0d670866010e2d33c93f223a79ca167bce1a46670db33470c75776582f26b5d9ce847493ddb34612bc829f93f473c24263246011c4ca689f62f4539550ee13b246aeeec477fb2e9e4b223f66c006303abdb003809b9cd4e993b90821750b86608882355e5f587182c1ac6c677b07c26956073ff3a78d4f325139d9c0b8aead052e73fd21b3615ea22acc084bf5060f72936796311e31c038426f0a0e6c304cd2d9c363e7a1a21752032be17adca8b476b0e571b591c9dd923b0066fd5e32e045494c0a9e1e511f147988e0a5fe9652b92ed0e015ef54e3ed2a510b9383f1938dece777ca866f1a21082052827f3a48c2f38482fe3a8286c0ff17d4c24a468a5a0ec0a2eb1165f48cf76fc07450c82294d973a1793dd58008834f0d3aba4e097ceff0ba44656c67839ff3e489975297b334ecf6c7ce4634afbe3d8ab70827563aa75ffafc43429170c3fe3854238485c5a9b567a959a746010c22a92e863e318312e0efc06ab86d1435e06aca5f4b7b7f06a78f90795545c145c9941b74adb9a31ab4f749f81665dd9308acba8d7861856b548eab226377be82611ad79c8d25b176de98003c1ea28b556a2b90360913c39f8f64f0d122c732af5a990603429b354ecd4de797e17722c66546cc38349cb09c40ea54972562734e9816c83103e0bd19451e6144d005e6ce6d6d6fc1ce90238b73d1e0aaa4ee9fd0545054cea97639a404edf3b27c0073be84961084ea685e8ace53c7d7f52b62e378d9ee167aec3e5cbd60ff36c0d3ad40181bad59f111c30e9414112fbc71ad7ede21c288c878dd2509c36f93c31dab5d091107c8e8bdcadffdcb3053eba35b44c70a6421b343922cb11c69b886db0f412e5c23f89dbaff9e5847fd749e28356cab3999f1142449047a3a6c43bf670244e55d888f36ef1dc87bc5bb1460b6c8d1e69efca9a02ba834591906a65102c3e1c1c7dbdeccc7e261795f349d110836445d8ba19cbc699c46d4edc34942a488de1cc1140dc6acf23c8ec1f475e613c85ba025ff7ae639cb2499629eb5f5c88c4057e30bcf41767424af763c9204084856d87cd99f0da06ae6ee5b7382c1f6f2cbb2cf2dfd8320271f16ba7ebd8f0e3c742482f5426530b1ab946c7118f70aa4eac41dd78569341a0f3dd250531aaefdff4cab9e9eed7efdaa865f9b804ade79ced061a1fcd18a6c61a708fdf119841dc232cc5c4e5343cb8a82e9dd9647779bca053b5a2c43481c06ce2a593e388f5f5f4e681771021aaaf0589dac69db22c7285035d1eb89c75935fa4208b3786f2640ce9d65b0e671967dc27808fea5d17ac70a3ac2802f65d45d9c0372aeed530ee58bf04e190f50dac25139caec0b253d17af28eaed173c7043d66567188f04ea51733835c1c66ac7a634d7b90bdac4a6d1075bb277dc6ca420b24485012db44aed5a2e8099f4f3ed53bdb0b35b35905db28169b3e3b3d13ff94bdf2c9549f4a54c64b8d27098b86ff46cfd515f35b1d5a1bbf1bb29df16cdf296e804977a6b583d018c4fdb66264d5f2d9e162059017d6b6cbc6d6c2f1009717c67093f6feaafce1f242f4b730a2e714e9bba79f18c42a158425147b7b2cd9add4ac1d2c1a95b13a4f352d51982a5d967cd611911e6d0777afbc10883c6293f056acc69da89a0a64913be996466ed63f969d5ccd124cd3052d6654e6db0519449f3cbf3a2011541d26e5b76c3c192857905bcf989fd943d42aee9ebd40fee33094eae69154092e9514819ff126040ea7d43a927809149cfaffcc76cb1e332426bf0eb1ac1a3968c70030453a284a0fe39b9ebd704f0950cb5350d4c60d65566b3f24ec4636cd5bb3e23066f4d4f1814e60f286f3ad2d3c10e79c5991c8bf5fdb561723873fe0c75c7bb6ba262aa3a6655349df95f07abb0200d5b9152da4bfdd66a311b29a15755e8465b7b0d99f7f8ccefe9cb3561b5619d4c21b36c9b29442ccd5949882d0167244d84b677685d62074f63b8dc66941f317c78bb093491e2acb7207cc80fe51c22199aae878170af9fa1eb164854587007eb108f23d1c7946bf75aee50eee6fffdae24b992393bd37d268a136b3dcb1b7d2c9b9fbfe0c860b0d344f488e85de2a65a20eb057f0047d0b6b8898bdd68e21f2234a2c66b963a2d86f62297a7d1176c14acaddd4861f5bb74ee91eb3b6ba0c7328433b977e23c02ab67d82a12d620fc034f1c9c3a99a6a07ddf59eaa18384e429101dacbd93ee794e27b774242446fa433a8c03e4312ad56f6c4dfd1ad014d07932480e07caedabda36caaeaaf405dfa1a650843f2e09ae89c666ab8754d9bf9b290f4c4c9242d8f98533bfdbae191a6fbcba6bdb9096427d2d8efb5dcfbd58df7763cc445bf44a0be6de2335a395ab8157dee25794be81c3d87a7d457b52d88f86cabf91f2ec16a8e05a00f72277943737839a5242163025704c7b938f3f424ef5db6b60d3181e3ef94cbdc6516f0ecf01b52164b92f2e12ed55db595fd8de6862a3b12ebe06b19d1f93132b83b2f5ddbc9808b3ce8fa40352c84664d824edd2631a5e2fddaae887689092007d3d0f22a948f54bfd5c42bea5f0d6bf5018cee5ef232c8b6ea3f54ee6f4997c8ad5ccfd28227eeca811312375a849bdf4d343c1b0ec7035279d1bc0892ef193a74018d5ccd5ccaf0503a697b23abb44b7aa3beced0626daa5e1fbfc4d29d2804292fcc60b775f656179510168bf05929dbc92e009d94561d946f7b4b5a18c08d29678c482d90e07abb029e80546e5cee6c4a30712a9b92d556a29b2de021bd49b6398340a9363b689bedc007416bcb659c0c4b6eaa31ec4976ee4896ff87a7dfab48dc7046d44c9c2db6881f7d6b252e582eb878b0be9b24666e74e8eb565c07582f17817ea2422de5da79cb367e76b9b8a9d056de06ad0483986fef2a3b62d64d5d2128cf55499025ad0739ad3ce5e1bfa6aaac16828bdacad2f86b32ed933a2f672efd1f4a32dd23e59aed872d1015eaaf701a0ef8e1427d59728450c4f1bd561e7ef6f8e34d12ae2120a51746a5c346e739c09854caeec07af0d70dd4d9164b3ae8a098a41c081465fdb5537cb560426bc0de4b735f253dbc779b9dce429d99700cd6c0cbd778caeb56401b2bb5c1ca310ab0c91e1d9f4578b5fb3b4f0dad4c565495797e8e83603f3ef188a896fad5bfec24457e0f6f962b8613434f16acf74308171567eae5ad9ec11186a56493a5394042bd1b29fbe0ce64e5f1b0b56e8910343666d627d71c729c0c90bfae0134e117842d67b160ff50688f7b45f0ae330c2d4890732ace7795ff74b6e36466da623c8eef75528b22199c9bf589a1fcd2aca6c5fe3cce2eddabf1ddc8e87380b815ed5928222613383db7941eb9d55b45487b399a9a35ca4cbd9eaf08c71273fc3334b0acdbd117b13697a9ae475e79a44911ce4fed1490a2ec654fe469c9ea933999dae3616b063769446cfefb4562bd124e42f62a3dd0385fe3d21029ad8fd1c58b0badd42e415a76e3e92f246629d3579dd80d940e6dd9bee3d9a6ef8a7840fb253507e718eca32ff4119eb0bcc02aa210939a3bc41704a63202139c68e276254395ab6b858f4528ea2b3a57328e0b31816de3ad85e50e7f4ec9445eaf21a8b9916ed209bb7e79a7a08c2e4e09644ab831c0ba68d05d5ebf57a9eb36bb9caa8e7ac78a8ccca1bcb03cef0c5eb31fafa6e283632c117031aa3919f72aa80a2b9b2557749951348d5294ed2414ffcbafdf976bfb7a401bedb208fe1285738df515af493047aec962bcacb8ea7bad5fc12d5bf415e66c06c4c87044e694291e104ef53850cbc7ef73ab57982d77a3f941c226a915163e8eebd256cb8a1f0130023d2c5d3be77cab39bae4449711d6f39e50cc83eefaf6cc727b1c0b3fc4f7bd110d18262cd872cee8ca95f1be8005d5b339abbde923ef2d4290d5579e4420ff2beb705c16e96101c38c31cfd05639f252730c145182e4406aab68f556e0290ccf05e25a7bf13cdb5db47a8a0841fbeb880d4f0add608d1badb8992924b548ef1426ec774ec9d86678d4c2aae8f1e3b2dfb295802f75727a308dd1b39460f26858eff99fae8d27f24ea6902adabc89311a5fd18c3d9c606db7295f25acd22624bcc753c4c3acdb3f6c563174441333b69a126e4fcc6b06165f6221539c5ed277c20dac4b7978619e10616475de88810bbac714f3651efaa59b75791080a1086c0f3f1b5edb4b3976cc936665855f6a56788d76c6e771b1c968c859fd1ba995d336d301695fc012b8031a14ca529e3e9bf622db6813417925bb4e1a7a5b786aa90f4d048f1f442a2696970dd442d3a6ee117a3e768644c99951b75e51e98de61bc7ed8eb9e87fd43ec75e948829bd19fc545cddefee7a6f068a419e216982ca4ce6ad3256f1e64d203ba1da27e9e175738124ca86a312d0dd0caae6d64751d459d8134830ebb4f4c7931aa90c1ad6fefd99ea4ded3d246236719d6fd48979ee31eaabbea385e91aea0557a58d73a63660ecee981e3da40a39fec3f01caaffafee3504e9f8dc990cc2d69c513db25f6e722ea4811f778af8a338498b6b908682aca6e02e898cb65377f820529d35707cb83ba69b16c92b571728c58188fb08ed6f6c27d6b70e963b147605714468b90966f082d7175fcbc6e770835efb6e7bac5eeaeb5b2c23eb30ecc102e647f1ff71bc6b35f629a55dd305f8ed5287e35403a91b4dc77a6df2fff354460bf563c071846c84617da4df4c46a9e359c45d217a2b096c830ac8614947d110334ca17f587d86825b2b7ae1039fc11109687c1ad0a16f0180d1700414a4694e7ab73c715436dce437a9b3dff55f62fc1ffffc33d3be037c34c9ee7a0fcfeaec1778268565663f39b69c141304c892ae80da42cc854a87c955e6d8060a731eb16ee91e8ea27f90da85196e4f034d40b85ff59eb4b7c76218342f9c9f8d3749c874562829b7ad0c786c5c25ed240aa14755ff7f5ba5298f9f6b6ec3a46ac36d6a39c59c2ecf7781da77931214ac9a8697691d933b20cb64acde409fc159d748e4f92d83ff7767260fdec04b2e80cc524a2366e8fa5b70eb8684d164dec49fa95f42e7e75daa8c268204beec1fbc58cbbe3317af0993a8676dfdb13db7875f50cebdbc629bcd605dd4c4a65c31870495fb9a9ec51c1867ca8b117a6f9507aa26cee54c4c12f8f22b9d88072639ad765bb7906435128d1c146b9e2029880eccbdf78449bd0630381ad16c13444d709a11890d80fae0d24c037180a8726143306a7cd67abbc830167f524008f9a8e3172df597a63af2e87a92e90b70ce53069657f9b46acc9da241a1b00571540ec5fed4a9acfdd0066ba248cb2bf24540d7296256d4c9a5a5bc821817ada912cdde59876d86d4c53c1d047c6bc3442c2ee78326d7c51b6d01bd4f7ff5bc45db88649220d44099b406ac2e4744996b869ea688ecb4e758e755b29717869d5dfccbf5fd553ad83de0c4cd16b3fd4913451734226e4cf29bc0a860943b3e854d8cf49f07d2bfba1c280efaa85bb8f0f8818d1e58178c338c9e46c873adc0a4b6c832aaf0878956d8a04fcc043ff307f60a263cf1bc57ad0434b6a6f99075d932ff75deb8b017cbd16b272139a4addc24749d9551ba44d5bef0536e58de5e9d0b8985f1044163d542859c699f27f033b01d1e5d4c5598bcc4279f29c56eca82cf40c3b2799277e9b0aea04ba5cdd679e3eb63ceb0eafc21c373356caadc0f5730054a0979d7e32117962af0444b7e0e75bf1d30fd1af656956367bbbddf018531833f6c383b76cd63d014c91f67b41548e558cfae6a953a78c36ba3a896b3a0bf48aaa947d042a456a48c8f323682f560f2679f53578f00746cb04c4ef12b905b37f1b1bac9c75a85d6f173d531198f150ee6dbe7fcdbed4e0baf7610b82a793c17124970924ae32c86f9b7b40a229219958cd2445fca613e264adbf29644b1f405c68ef8afff7f4c1dc86f0e578e3716fa86c53f776dc42e7d28978f1e694428560b923b5d44e3aacb18cb38d3efd90ca0812027d336b011557e9e953cbff769e9ba84b903f5fcf1e6b4ab3e210ceaac574f80607116b196b6ded8668729f9be216bfdd049e88d1cb45581701c6ca7c991488a73e6ae5decdfc6416fa69b76f82e92246ee2b29c91885be24e96ea72438499c5c421ffd199f172667adf7d257947bb47945817930a7f2f0dfc73c2a5f6002fd40b9ea51c4a0c610e9759d43c082ed0c126c0de63c5a079b4c8bac46fcc8a1f74d8929ee2b7878430e3caed5f5aad7378fcbc4d659144a7cdbd654185ffdabd9b36257993ca823990df4aa7809ee58b7a278f38085202f3618fefef67f71b39f8ed35a28b3ff47e6caa3cecdbb41b899ea7ef3179ec3d67d0e3380f61d5a57453b9b790d171e1838c68f988a6914f4b81a7a12a0f50612182de8844a5f18026bc4110a10a31a88dae4bb40a3fea22360830784cf82ccde8187d04635e7e5bc6cda8252fa77d7022ae5fdeb978315f925cdbe7cbe0e3894965795fda4b94068bee89f79f86c420b211411929b9b3074703583c0ba0703a4d282441495110dd167c228079db163febc9ea0bcb02ab400999abfecfbca274fca55a055859eb256fcddc1d1773d72d5c3793ca3ff5f2fbe647b04f5ff2b2dc50a3a897e03634a36d21e391e6b6290cf85064711600de9a74057b78d9c04857017bc762300872f674eed1b68fac65025f3252bb803a9ff8ccf4b2b49028622168439db3bc01ea9ae7618b73dc7f858ba388891da14b88f7fee4f5f49abd687ba947969b8b923c2e119fe172126835ab4d1429133a38bbb80f1f6c308ffd180a179c05d9fb112a70e7658f9e3c7b6545556726e6589ba479edf21afd08da62963b5b724fa7b618c27fba201297dd465217de92395734355e9b34e27ff4916d78dbe0424df3d6110297a7847efda2675f12a3bf5e4b07827cdae6c61b0d969f6bb15be656b394a3f3ca8d705a4cac9c78c66c4be58c40888d49ceb08eb9a90c230faace7e4c837a8cb1aa69b020f9f43532cb7315cd698dfffb0179fb24e135480af4c437170c010e6e8f94108523dca95598c59b9e483753b79bafb02a455ceec727fd271b4cb4af7d958751a747afe6625c1e8b0316af5e13e42dc8d97dc42d5960edcaa391164693250a6f98653fa20c78823e1c1a77b798491f197a647b291cdd04087b3143e5b0fc550ecbbff19666b1c8e2a5bf2cb40f9f54c11828a8dd16489f36583e3128cda7a9abde8abbf61294450af638f56444176b5a11f84e67e4e666d6df58c45c0adc45938a2639fb1717a44c8dedf8471ac82fc1771a704f778fb812acb953493a831be5b28b16b20a112aafcee4e44640a6653c4b3035d5de4fcc16312057046bc3c650057dd9be4450b3e837ff8ac19019e67550a124416d671ccc76de36946c2d91f3d63b212111f4f09f39c24c1a981a7e63dd37a8d94ebfae1df5796d971193a8c723f172a9266af23d1d0e48aae73de4e7545a13f09a1ae3feb147ba1c700776148f027abc7dbdd1f3cb823b9a4c0e9dd43fd0bc411dc3eac2369f10fc9669ffaec5ef76da6b7f8884430b3a00da63a0e5272de159ea047584f4804a14159b1321309db45c55af563081d126300dc3ac446936f6653db92fc09d225716f425997dc247939b8c1e09a11f8b10c36b671cc590922051871ce19f6db85eefac9a666c3cec6fd5a69e7610ae5123413b458024b02521420d8c50c265d7b763f070b8fd1981824da47079135a667ee2395e43cae172e6a5ae96aeb7ce490212792498e427b80036f52cc557d3f94b118b2248af9a75a6d27d084ba423edc616981864cb0069a06f359a953a6e7df6b765d222626030248253e4e93eb0979b0a5550ee15d1489f56cc1d30b1584f37b51dfa029af5b45a85b141f4f8ffdc809a19e01f22f80c8a11e9d35f790a6de2d898462a19f412de4df26896a3d107baa7a661b5482cd71453b5f88f889b93ee6df84363ecaf04cb0dcd4369f9d1a827b955182334a998e8f2edbfe74beb14e9ff50134f03d24d70b068801684e25370c1cfc065d88582389713500f974e8a6c6e7f015b8e84e5b9861e45d4ce4eef79f0e8d4f15eaf7c1b33e64287470b5b3c0b8b6bdadae567f977341b57486c1eb279be8ee1cdf11b6e0dbd42d32c95b6801cea98e6000ea80777c6ad3f62012732859497080b3aa127a0f3a7b80a99182406ccfd54affb463f8eaf01b0c65ab582628b3c2237d039ee68d307dd113e4b593b243bd64eb6f58a0ccdd8e9a78f9ed393e2affde8d616d57c7aa1d12ebb4be718b49843ec6a90d5d8c197f154f27805046c410d4e1b66cbf4a8e495a3a229a2a1d58b4909a240d7ae6ea9e740c055b06e756e57e2ff19c148cbaf37357c0d3273b7f2ec631565e9f6c6c8722ddb0c1180695fb204f35917dc2fe11469801c545b2560a59d0666ec129b88e4f427989e820982329c2c39321f25648666af651f87b495195a95a5d158fd161324796272303114d99d22890385853dbc66d37ce22de0db447260217cf51aaed240e4f4963ca7510522fc6e7dbe164ccdedc334787ddb24bbc8205bf3353d447a1de2407c248775fa7e318d83e3ff18150b3cd9a7cbb0df0703aab6ef8d0f71bf9b5a305dc25fbd200e06b73c7f298320bd90dab05ec62b5f885e7cf95274c656051c71628f31196354460b001b6366c26fd2e92f6ad68ea37d7e3fe91fe98223563b4d23f802b3911a5241a793cb9f5b4f80081ace5877f95da7499f728ab09837120ca75c63d725e46f9f77c3da16318c9bcdd4a9d68379b627c1a71a34b684e5614ab3fabceab8d2741aca921b1b018098060686c56d7ed190e7470f529f6e680ed72e749fe7c9c2f37ea8cf08d4520e496361d2437018bbda93396c05abb2aeba443ea1ee56a3da04a8b880452a3610cb4163154e02df8a08a5e48c03fb0b0cdd4d355142cc736b344b9fd987b49b85791e5bf7805250dfe63b04c7ff56608129ef43664aa2acf82f18b49cdfd2ae5551ea4d486b35cd2ea60e3f032c58f531d4d36054f5ce268a29862ded0a3cc0ff1d30882f7c85b95e9a8599bf1d143d2d25555bbaa6f8b673b76ca8cc17b693519194784833d902581fec4e656ca546eade53abfd7e4650df648cb61a146bef5382f9255bf4a7c380854568495bdb7b33f490d240ead3d1851ce3b6400eda5a370f13ec998605f46b234bc9293c026bd1d648647bf52d506deb522012ae89c4ea75414ae6677c4aef28dd756f877af23d1a5ae3cb2205850c14f27f595d1a1542bb1eaf641293e3ba40e0bb54193a1e5db969d37c97709efbc34ab509f08a51ba71ecc4f9f66c27190115948cffaae914e7eb4e8d0c59ef7368e9b08a05bbbd340e1c1d34319f150d299c0ddf3bb2138359e826f4997068b99d13cc454fea46b8664d413b79b19656d62cbb5b31744aa33f99651fa56703eaec2e6998c7321f69f6cd110c89ae0c612a96f9a84dd751fd81ff66c80563e7091f5c5b67f89d52e7c58eb26218cddeaf5c6def3ad07a610bd4e5785675580c199b8550cbb02e3b4e1d240bb8df8e514fb505f39fd222209584331bef5d271056accaef84c88741ebd9f116cce3fe7b07b78ac4bad346c0d6e71c9daecd8d60aa8ea0914f85c9078dfaff04ba5e9bbbacddbc0cb40fe20f869d7f196c5edb6657c50b82c67f1abab663bff0a8da16422fe31a4a17995ee25081a06154d1c03f1a87a9d4ad5141a9227849bd920d2515ca16a245b635c85a77884cce0b8ae56929b5e22c52f971c2eed4ccfd64f7790a616f719fc0305af71405abae9407ed1cdaa26606331fdcf9b3c19b90e561f646ea15e0e668ef37b349594a335baf26962b89ef33c98aec3ca3e7df47c20dc2928d074e5f87c0edcf37cb25d3b8304f57f8257a5ae96791697e3c6d04f4ec2eb6a69f25346defed5b509368dea2b1960218bc6dd21b567583c229fc7b5fc85f7f2032eb304c3a1f72204f75ee950344cdef846d94e916b29a43d00c789256810de5fff6f9fd1af0fcfc2edd3fff9e2010d88083fc0b9e6a291e9a7a08af62433689a39e34bed8dafc90fec82be5c63a843d82132ce8916e395791dc86c8d11caf57f7fd096c28537ec38d6c14df9782312abc85fba2d04b0b159637b0e09f7e9faa1a6136359d17cf7c58b83994d58674ddbc248b804a82156900ca95a5002ef62de046e2f5ddf8e1e19f00189d4f5169bfc3c67afc149c6bc155767e64eac433cfb787be7f7bae7f869c0ec3d142668c2f90d383af7207a635850c515d69c6a62e24e0d58c5da244a917a17caa6be01992c4f8be0b9fff57522db4756840bdf72cafa6061ff2b86305c180c470b3af589e7c9e5328d98cf737bf01d80762e1e41a4d63a8655387be7f295862fdea629aa97b40c2ba1b563f1a103a860f7dff7fd5ee8423ce3dbf0fad41b66965c67299e35483130d461ac6c68215850fd441323bb856cdf03f624520743f7b445641c72e08994c8f252fe179b29226637b533f0ed6c94a0b84efc1a884af940fbc05c654b59d37a54047de233c496103bb27b657e7f63c24ef3ce29709622f67653f398dc7c4e44", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)={0x150, 0x0, 0x0, [{{0x2000000000003, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {0x0, 0x0, 0x8, 0x4, 'group_id'}}, {{0x3, 0x0, 0x0, 0x0, 0x10000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, r2}}, {0x0, 0x0, 0x8, 0x2, 'group_id'}}]}, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
r7 = getuid()
setresuid(0xee01, r7, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000500)=0x14)
sendmsg$nl_xfrm(r5, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000540)=@updsa={0x328, 0x1a, 0x4, 0xfff, 0x25dfdbfe, {{@in=@multicast1, @in6=@private1, 0x4e21, 0x0, 0x4e23, 0xfffd, 0x2, 0x0, 0xc0, 0x3b, r6, r7}, {@in6=@dev={0xfe, 0x80, '\x00', 0x40}, 0x4d3, 0xff}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0x7, 0x1, 0x0, 0x4800000, 0x5, 0xe00000000000000, 0x5, 0xafe}, {0x4510, 0x1, 0x1, 0x200}, {0x4, 0x7f, 0x35d}, 0x70bd2b, 0x3507, 0x2, 0x0, 0x0, 0x20}, [@offload={0xc, 0x1c, {r8, 0x2}}, @algo_aead={0x113, 0x12, {{'aegis256\x00'}, 0x638, 0xc0, "f3af5c36cecb317dd56213faff1c579048b90caaddb86002b223d40bb02e0d56b5b772f15d14421b6b01aef3fe0a680892616da13e34afb3f486d8970ea485b1e14ee8d6366458d6511f898a4bc77c025106984e40db8e16bb75e19aebeb265a6652387c8a66101dee21dbb26a87231e4be115bae107c36b5338620fe1e830c12f6da3d5cca810f3b0937400632bfdc1f3d86c377562850ec92ea00d36dd8e9cf774f5225b855f8d3af838eb18acd94f16e275806da31ba108b9680adab2756374d132be03ee6a"}}, @tfcpad={0x8, 0x16, 0x6}, @replay_val={0x10, 0xa, {0x70bd29, 0x70bd2b, 0xb609}}, @mark={0xc, 0x15, {0x350759, 0x1}}, @algo_auth={0xf8, 0x1, {{'nhpoly1305-avx2\x00'}, 0x580, "1c76759a68fc902e7ff86d9df0f05d29937844b0c17d7d60d5d644a6808287359e6e1e071d5281ded15462d3a23985cf61471cbbda124b3388ca401593cf6fe05b9bbfc240d538a704cb429627c3b2264bcb9cde3e07e3627c1714a7467bb465578ce8ea1b57235ad25b9622dd3d006ab7420233a066a63d99f1abd9cccd6e60775141657205414d2e1d2b344ec6ec34f38a09f6a0a34081877f37567413b2e63039d917be40213b69369652bc6a5ccf"}}]}, 0x328}, 0x1, 0x0, 0x0, 0x42001}, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000900)=[{{&(0x7f0000000000)={0xa, 0x4a23, 0x0, @remote, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000040)='%', 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e24, 0x9, @local, 0x7}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}}], 0x2, 0x4004851)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000180)=0x4)

7.47474655s ago: executing program 3 (id=2107):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x2)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000003c0)={0x0, 0xfc, 0x1})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000400)=0x5)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="5de0e8bf9a1fd711a6934274b745a214578a936cba92626fc1fdef5532618f46e76932958681f8e5598c5361725beb9da930d14aa5968d69d16ffec9e43616837cd1586a350d8ecc1f4fb18cb19b1d8537fb40d47758d1dd96e3a854e69a020a3339773a19c84a970ca7b77ce6c75a5c959ffebea5fd45b4178034fcdd03a03ed262be0a2e3148ba65f3a3c9a665f1050a289e26bffecebb180751d3724286"], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
getrusage(0x0, 0x0)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000300)='0', 0xfffffe56)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = socket(0x1, 0x1, 0x0)
ioctl$sock_ifreq(r4, 0x89f2, &(0x7f0000000040)={'bond0\x00', @ifru_settings={0x6, 0x8, @sync=0x0}})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
syz_io_uring_setup(0x7bc6, &(0x7f0000000280)={0x0, 0x1c2a, 0x20, 0x0, 0xfffffffc, 0x0, r2}, &(0x7f0000000100)=<r5=>0x0, &(0x7f00000001c0))
socket$key(0xf, 0x3, 0x2)
syz_usb_connect(0x0, 0x24, &(0x7f00000029c0)=ANY=[@ANYRESHEX=r5], 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000000)={0xb, 0x2}, 0x8)
shutdown(r6, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r2, 0x5101)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000080)={'veth0_vlan\x00', 0x1})
ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000005c0)={@null, 0x8005, 'lo\x00'})
keyctl$read(0x20, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)

4.260485026s ago: executing program 3 (id=2130):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x480101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bind$netlink(0xffffffffffffffff, &(0x7f00000007c0)={0x10, 0x0, 0x25dfdbfa, 0x400000}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="eeeaffff616d250b50c83b2a6a3400", @ANYRES32=0x0], 0x50)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x10b121)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000700)="1a589880094221163118c20ba67edecc8e404446a08a220bc228fdded14097f1bccd9ad61925bf16c950493dcbfa6ab0c9b15be904473944ae117dc771d96adb8d73784dfe7e94e74e3174a167769327c0d80ba8284629876a30092ed1a239694a89b84b0e057116bce4937d0f2b278462dba4d09bef9ee19a611b9da53fc371d514278562c24ebdcef5464924a301983232d7b3a5095fae5db44de0b2cb8c", 0x9f}], 0x1)
dup(r2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a20000000030a01030000000000000000010000090a000700726f75746500000038000000090a010100000000007753a2e0136a3b3d000a270000000308000440000000040c00104000000000000000010800084000000001140000001100010000000000000000000300000a"], 0x80}, 0x1, 0x0, 0x0, 0x90}, 0x10)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f50000000000000000020000000900020073797a31000000"], 0x34}, 0x1, 0x0, 0x0, 0x66df5cfbe53006d1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b509020002000000739a04fe00000000b509000000000000c39a04fee1000000bf8700000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000bf9800000000000056080000010000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000000b0601020000000000000100000000000900020073797a310000000005000100073400001c0007800c00018008000140fffffffe0c000280"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

4.189412052s ago: executing program 3 (id=2131):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x6ea, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000015006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0xfffffbd6, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=ANY=[@ANYRES16=r1, @ANYBLOB="6542bfec82d5e6f8fcb1763bfc0423cdf25225dd9e55136eeadd477073845bd38c052ba7c16e5b17673c087c2c8677872c52e7fe5128898dbdc3a94583607ab8605c2f79d0dfc5548004a83e7c374d8d0181a72d38829a75803c5b08cec2e9cc35685d69197e764b619e00624c4799069d9d54d9a29c409a86fbc74de6989b7004b6089890e0a9ace3132cf5acb34d2fc295daa89211b561be4896ef51061c82e4789303dcd20d04988e6bbd33d47075a8eae2dc567ec64720966f873e4c8887f65462aaead7729e2ff20947dde42a8abfdb2670a21a52f07e660d5e4ece5eabcabc05d9dff886302c98efc6d955443e77a6e0ae351e1aeaeaef59c9caadb94fcc6c5efb98c37640232132ff3bdc709fae2789c139f7980a47ee56e4c00d11f9195c6df5ed75ad447661d373db9b2b466d76449f97fcba4c8bf0a8ccae4fd5d796a50e1d400dcec764002c0fc2c78e1316400bbb75c7d5025e4d45de515008d8183de632dd2fb8ba117da1c81eba35e437843fb33b143eb21abbe4b51625274a96519797aad7871a65a5770340c4492f27bfa0dce68382b41effdf2616dc05132edb25657729b7c9cb6b62f490ee9f9c79bc0e85cc1e110d2082f1cc7c2d6f5e18153f26f32642792bef45645ad2b98796bda2d4f4d5f2f80421af1652a5adaa4b262a1ddeead6a941ad8398185c081f37b0e9658b25cabc7c62498b74184c6fc74516b5b586bcaad1623827c247f3e6b619badaae4e8ec793e6ce9d2b9e40183f717197801f02bb7f23694c45e719fd5617e062b6b1ffdb63486fe7658917ba95b59eb70dff32c41ec74ebb4b93f2fcbe9f9d1fae066c199b13a2fecba967f356d62c8d915bc0d1b3d58942e2751efa2a3d1a8487f09da29859ed154c7a8ec2ea632c0022962ca6ee2238103c8ead549c7e4fe8bf336545de0feafa63bb7da98b573970bbabd803b9c73e5b5d646a0795d5095ee7129e3805277431b67abad405d6262704426a72ac20e43d1316340cfc6deee2c234c0c974f33d2cfdf543be3e9f5633b49e81d60c31175cc9a0d5704026cfbd2f944c95f2d89dd49f35deed98cab4c5389829624be81f7d5fe58df559aa216c347ccddd4040ea77734bcee93a18c3a5b120ecbdba9d2dab825528fff365e214b2d31081218d82b71ba493e3b95cf1c05a3ce12b74530f493daac78e607663d4d627e91db47790186804e2bf691d9a36e225468f3bcd12dddb3b48151ae09766852a6508bf09b94a4ff46e3857983308f9353513046ccdc9b078c0fb382e03c4fddce3b79696efe660116543f9ab9b90f58efbc9450a1facc1f1ce93ea9713ae3890ae3751ffa58fac653c82457b08e68da0cdb0b6a7ef93ecec5ff259458a613b42f5842e91d6fb633b60cb5d930498ba4a4f266eecf67ef147256b7ede7b3db73753a0d6eb572d38cfb4034b658b47e6e75d170054cc2ec23ed157a9a64f80e449a64ae53cb49baace44a60a99d0159376f6f9cd86a544492dd264a7ddecb87aa419f1df69b380512f0074251e83c0fe887c522fa5269a1324c3ca94a2c17de524f95e8ebdde84618a198fd3772c195a92d1ba7fed9f535f5ceb99d823f7498570edda76096b3d7c1b5388878c77188687e5e52c2856ff3269f1c55038fae9b9f911985c73543252c73356b0d7e610c330a1027fe4513a79520e23e397ca499662a896dce808ea5529e5256a1724a40af861610cda418804ca6067bf5f0090d72b436609a3bc3c0d7aae4a568546acf868e8e3a666a11289118ffd49ad7cc4cb1f8f2d3658e75a3a6ef1b1c2b74e37e8903a0c671447b592a2d749d955c37359851f633f748683a87d13d62ecfce54c34ebc536ac97ac8b2dfdb4014f87b924a533f6bec0ab3a33a8deb1004fd11a156fb7a2523f6c57c2126a0409bf5dbb2544a1e6f2acc7ac6d0f2115b954868f9160f874447ad3a3e69ef7f7339f5e46096286f12fb6a65139e2d4525b29cc9a869722ea777a4b5ed93a41b47ed69a02aeb96090773aee072a3c54caa2141f855259a2485ec6cbd92dc1a5694cc14acbc37ac4d56790ffdba3f5c1177417ecead6edcf1e364efc5e4259e3fff05017eaacf7001216bc625907c7302b800f367f9c50c3f47d2d66d6db5cd75e77859494389db1f7f7a954c0124ee5489a8e43d7252c7e8d5375504a94c0902db48d66686c796c78b0b0da3f31ace241cc4e13b51132635d50a2e08726f07706c1cb8310a96b8d2ebe441c5de0312aa38d4189035dc997aad57e389a4ea5ff869ee803ac8d8aa9c51117a24fe4cd52aeca5263cc199b2621ec4f7fa3c05a24abb02e5c94c43bd596c81fc49e50cad96890c090b77d68c213c98a1aeaf407092ed039f55434d83640d112a25061d93194165712a9fb368e938ac9a49f3966690e14de2bfde7a1ef9b242cbf01e1cf6a92a0cf82e064f0967cd4419635d172af6ea9b38c7531d5cb768edd02d41007926c68c7d190431b4552d4ac2c557f96e3852f0fadc20f2d7a59bbb2709c035e92326be5f6a0c742bdd9e64ccd0c65433123820732ed3d4fa5dc5bd403f5ad2312e6cf36d7b707f29f8d4654c96a8be7b36e47cc572127c578c3f79c76b15ec1d51c6f2626429727f9c795186544eef9310f3e650dd5c556cc6b0063e3dc312db10bb203db7235912b604655930b6a1231e0341699a9546b915a1934a7aa3ba1879788ad0398c9bff10c436fcc4fbc4e7edaa81889b55cb15f70e474b45e83c2b8197ea1440ac3fc8a88704d7a7462cbed3b43641237fead1d71305266019e5a8c22529b5dcd5ee026340607d095a0e9b69e220f058c42fbf1b6337a92c018b5d50a88764e131c54c032e0da2bec0e61bc0142f2da7059b3bbcc9dc2a35691d46185a94e95002bb175c910878b9e5da8b7df03a6a1ba1b9c28257ae62870f2366aa53b6ee209db0c6dec2b4832465f81131336e71174ae1804a649b8bdd121bc03336d7e3bf381fbc9e5f16e63420e36204ca203ca6ee0492ff160f9e87783c441cb9d823c32f233e41fd060be789cc14b7589187c47fba219dc211084c4b85c53fe3e57dbbaebb7c8f20d09bbde9ab2b859530bcdbd0446debf506fbdac70e6e20c2c312be78ee45c34ff1d1ef2f483494701825dd1856db19ba0229d6f31c56ab79db7203bd314def9b0a006365bc2f63c40bf2021f93486fe43ca9621607a42576eb2b672e5050fbb404e6586c721e4a5447dca82eb42959155932a8dc53ff5d26855acc5a6d84736863251dcbcfae28663d53c8cb21b4ca9f5cf897d6dc84b689e869716bab2090c67011bf9e3a1951458b7d413ef9672fcb92e1c524de1fd8bdb0877649ff36ae952761e3d78154132431b404b10fc4585a861fa66a0a0788c32a8a491a19e23163e3df64dcab4e7d3c2c06f7982a8103ff3d4565babafb80abc50cf844a8b3f6030fa7b10bc6bbaabca85790370548bb08e73cb1a907fdf178f795e54d4fe1e73c7b5a4aca5a1e620613a06e14e4b4f6c98d2e95010b58f0b5aecf49372a0ce07e1332df77173a5aece37508497647ee83e684a31e7e35a7ee95447f9d1fa40da5e001a526fef54ea6ff87803244485e43ff49ce9597f4b535698788e8f75db05eed0079d59a27b49467a9d9b72c4498788fc33f037492d4511b1929b6cd85f52a1c6652a5714566d67a402da12ac683c8709c134bfb8bc2d8aa6cae078afd963c6d50a2ac409e3308ea578c1284bb008abf5cca011e9aaea70d82b7c0c96c5560d2400581f587f7c32e462c02dd9b39dfc56aee874256a1332b4da3a75f0843b88262ab5eccec2eee1cdd57d9c5f317918eecbacccbfaf2819f6790aff4a3a7d1ef1b5d940b0cc812b59d83eae04ef8f6da03d3860f77d73a2ad6d0925226b2fcd575b86216c3b1813c724f0458c7cef187607d653d571e406a9e23c4c60667bf1fa36e4e4904cad8aa7014c40b0a9913a1bbc9b3951eb812b9bdff6f7808975015ef7917ca2c64ce5b479fdec41017b287c3f4952b45a18f076a660a041be0a278f229fb33d856df441e39bcfe3c6932d47f7c5a4a96bc5201e16f7ef1267a88aec908866945df09b5539b6331e412ef6f152cf5ac9dc4b862b7b2f997f72463afdd289aaf4600ecfbd54dd875940bb2586a16e105ac11e02ca0b1d7236d62a9f1850929a1949c2db16d8c9c0f8fd3d69a4887897ea4a9de769326561073883ff271c33c21df1e2336a4199f734cfd2ef09585679b94cff29cfeb89dcc11b2dbd53ee07fd58cb30440216ffa135625f0423b30735d976e768e35b7f7b74ecbdd99386b4321e713c798fad6280c820e4e"], 0x30}}, 0x40)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
recvmmsg(r3, &(0x7f00000034c0), 0x0, 0x10720, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r2, 0x28, 0x0, &(0x7f0000000240)=0x10, 0x8)
bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)

3.379257237s ago: executing program 3 (id=2138):
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1}, 0x50)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000010010000010000008c0fbd205e6d"], 0x10}, 0x8000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$getown(r0, 0x9)
ptrace$ARCH_MAP_VDSO_32(0x1e, r4, 0x2, 0x2002)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vcsa(0xffffff9c, &(0x7f0000000180), 0x801, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='bfs\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40186f40, &(0x7f0000000440)=0x1f)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000)

2.418530036s ago: executing program 3 (id=2145):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/164, &(0x7f0000000100)=""/47, 0xf000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340))
r2 = dup(r0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r2})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x300, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xe77}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000040}, 0x805)

2.349812605s ago: executing program 3 (id=2146):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r3=>0x0)
connect$can_bcm(r2, &(0x7f0000000000), 0x10)
io_submit(r3, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)="0500000093c21faf16da39de706f6468037dc125020000003f420f000000000000580f02000000003f420f00000000000029ffffff000000", 0x20000238}])
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x6, 0xb, &(0x7f0000000400)=ANY=[@ANYRES8=r4], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r5, r7, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000aaaaaaaaaabbd43288f5917104987cc99a176b29cdb32afd49a0ae2b446288e2a75c83e1a98c9e75ce8cc0f0d73a79762b896c52213ed637a89d10cf13b60a010d2ea6d89afc511a439db9faa7"], 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x400017e)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
r8 = socket(0x1e, 0x4, 0x0)
connect$tipc(r8, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r8, r4, 0x0, 0x8010002b)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r11=>0x0})
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendto$packet(r10, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r11, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvfrom(r10, &(0x7f0000000580)=""/4096, 0x1000, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

1.658425699s ago: executing program 2 (id=2149):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd27, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@private2, 0x0, 0xfffd, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8}, {0x0, 0x0, 0x1}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x3, 0x0, 0x3, 0x0, 0x0, 0xfffffffc}]}]}, 0xfc}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000009c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa86dd60000000321032fffe800000000000000000000000000000ff02000000000000000000000000000186"], 0x0)

1.600655439s ago: executing program 2 (id=2150):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}]}})
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000021bf0000000000000500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000007ba0080000000000bf9100000000000005020000010000008500000084000000b700000000000000950000000000000078e127df827941adde8a1ab651ac7aecb21cc8f8fe2984239dcf6b1897bfb556a2375ecb51cc18aabeadf2fdb0e4d8d6f96e6a382dbfe0b2d0b7b9bf2bffb128d751945454752bbbc02af1cb527659736631a54e6c570f7a9e9fda89066eddb613c392ad7bf83351869ac5d99b"], &(0x7f0000000200)='syzkaller\x00', 0x4}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r5, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r4, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x240008c8)

1.596323225s ago: executing program 2 (id=2151):
socket$nl_generic(0x10, 0x3, 0x10)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = getpgid(0x0)
process_vm_writev(0x0, &(0x7f0000001540), 0x3, &(0x7f0000001680)=[{&(0x7f0000001780)=""/216, 0xe4}], 0x200000000000029a, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
write(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{0x0}], 0x1}}], 0x1, 0x9200000000000000)

1.357664342s ago: executing program 4 (id=2152):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x3f00, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)

1.337732822s ago: executing program 4 (id=2153):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6}]})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, 0x0)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r5, 0x4188aec6, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES64=r4, @ANYRES32, @ANYRESDEC, @ANYBLOB="04005b00969d05b74f8dfa4d8e7f46a4f95c1c4a499c466bf7a90113e90f858b04df66e26b5f812fe729b2e449e5bda12f0e8192d518d86715cd543ed977dca8b7d135e6657db315758ae0f78fe4f149f9c40c7fc39a63df22a7d35b4a57f59d98676c70a27e3a39a653b668395d0cc2e82dce7b960556a8b7f61841"], 0x20}}, 0x0)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8000, &(0x7f0000000180), 0xb, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

653.016139ms ago: executing program 2 (id=2155):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0xc)

585.813122ms ago: executing program 2 (id=2156):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x4c, 0x0, &(0x7f0000002880)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

581.852007ms ago: executing program 2 (id=2157):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000740)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {}, {0x0, 0x0, 0xfe}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
recvmmsg(r2, &(0x7f00000004c0), 0xf02, 0xf0, 0x0)
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff})
sendfile(r2, r4, &(0x7f0000000180)=0x9, 0x7)
read(r4, &(0x7f0000032440)=""/102364, 0x18fdc)
bind$rds(r4, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="6f05025d3dcc4f45606fcf4c4a0000", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r5, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x94, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x41, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, @random=0x7, 0x1, @void, @void, @void, @val={0x4, 0x6, {0xf0, 0x2, 0x7f, 0xa706}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x1, 0x8c, 0x8}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}, @NL80211_ATTR_FTM_RESPONDER={0x1c, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x14, 0x2, "6f28cae7e763e81067d4ceb813e7feb2"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
semget(0x0, 0x4, 0x200)

486.836084ms ago: executing program 4 (id=2158):
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6e20, @local}, 0x10) (async)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6e20, @local}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000800)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x0, 0x0, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="24000000240035b90000000000000000070000000600040000ef"], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) (async)
r3 = open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r5 = gettid()
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r6, &(0x7f0000000100)={0x2, 0x4, @remote}, 0x10)
memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0) (async)
r7 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r7, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r1, 0x800c5012, &(0x7f0000000780))
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149) (async)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x35, 0x800000000004, @tid=r5}, &(0x7f0000000000)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={<r9=>0x0, 0x7}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000002c0)={r9, 0xd6, 0x5, 0xa415}, &(0x7f0000000300)=0x10) (async)
getsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000002c0)={<r10=>r9, 0xd6, 0x5, 0xa415}, &(0x7f0000000300)=0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000340)={r10, 0xfffffffffffffecc, "a2468cfdc46ee9a7540f3af089cfc198ec5c0ab42eb347ebed70f07da70c8f0b4b39b80e52c4d8647a981db67c3b7efc02fdc3e8030227c543ca76a91de9ef6be49e47f215b3a506cee82e8c7796"}, &(0x7f0000000240)=0x56)
fcntl$setlease(r3, 0x400, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) (async)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
capset(&(0x7f0000000140)={0x20071026, r5}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x40000084, 0xffffffff, 0x7})
r11 = syz_open_dev$loop(&(0x7f0000000740), 0x7ff, 0x610002)
ioctl$LOOP_SET_CAPACITY(r11, 0x4c07)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x76f7}, 0x10}, 0x94)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000400)={r4, 0x8, {0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x3, 0x1b, 0x10, "6603f8c4fd7df73b424ac0afd31a4b8525ae29d10d2fcdf99db774587069f9318af9d4d9775e55a404d212acafd9bc6a8bf5111f5dc6a0f945dcc15f62038d42", "4739d44ad1347066e47a1690b3fa85192d8b3025c6c4d0ba7bb30624359d6feb7057128fc33a43c7566ddf19c37d7e956c2e1206c3ed98f33b26c0046b69355f", "b0a059f8e6fae6de96df7747d9169a5dadc15229088cc6fc11a3860bebf27583", [0x101, 0x9]}})

413.745376ms ago: executing program 4 (id=2159):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}]}})
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000021bf0000000000000500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000007ba0080000000000bf9100000000000005020000010000008500000084000000b700000000000000950000000000000078e127df827941adde8a1ab651ac7aecb21cc8f8fe2984239dcf6b1897bfb556a2375ecb51cc18aabeadf2fdb0e4d8d6f96e6a382dbfe0b2d0b7b9bf2bffb128d751945454752bbbc02af1cb527659736631a54e6c570f7a9e9fda89066eddb613c392ad7bf83351869ac5d99b"], &(0x7f0000000200)='syzkaller\x00', 0x4}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r5, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r4, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x240008c8)

405.417025ms ago: executing program 4 (id=2160):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x0, 0xb8e]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0xa4ff, @local}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x200]}}, 0x5c)

309.990633ms ago: executing program 4 (id=2161):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/custom1\x00', 0x1000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYRESDEC], &(0x7f0000000380)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000440)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000240)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32=0x0], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000001480), 0x0, 0xffffffffffffffff)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r3, 0x401070c9, 0x0)
io_uring_enter(0xffffffffffffffff, 0x50d4, 0x4000, 0x50, 0x0, 0x20)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x2014800, 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
chroot(&(0x7f0000000040)='./file0\x00')
umount2(0x0, 0x0)
kexec_load(0x5, 0x3, &(0x7f0000001080), 0x3e0000)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})

155.923723ms ago: executing program 0 (id=2166):
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x88101, 0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x28, r4, 0x5, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_SSID={0x4}]}, 0x28}}, 0x22044800)

130.310458ms ago: executing program 0 (id=2167):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x13, 0x0, 0x0, 0x0)

105.682816ms ago: executing program 0 (id=2168):
capset(0x0, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x700}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

60.939462ms ago: executing program 0 (id=2169):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000008000000e27f000001"], 0x48)
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x7, 0x14040)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000000000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095", @ANYBLOB="5cdadf460fcbf32b744b18aee6ff9922af4dad97f6d429cfeb897e53ef433a05b1dd20a60430291ba8dfe6c420c04b19ae6d41950099473876d7f0eb4e63f22df2d6191bbf11a4743ce487d60cd3354f7ecbb3f1788b05b485a3016929508291dbb7d996f16e41f44936ba65ac8633f25ab6f91de72bd874088cee3285a4ba4ad9e005ef8b3900bb564c5518b756266366bc7b64e1a9f11b4642b11862eb710ea9f0a98f591410b6899289029019f5fce57cfb9d658406bab31203c35a14c265c0dee9785b851a8aa3468314396e30ca8888ec55ca0f35c16e3bdd0970ce0125fcc72e765acc4da42045945c746552deef589979868fe438674ab5cbed6c95deaddec1c79525ac12cd336de77b927a9755b9d895d8f8e186cd2e5ce8e7e4850011c38bc1b98818e4b6f86568600d055709516b5e4a846fb776aea0a78be024f7ef248dff55ee1b7166ad5ea654d14cd9320c66d7fa0a6ca2cc3708797fd7cd484d86e0457b5a1079a86ba09c1331e13cea03c1184dd332e40fa561a855f1f859c10b396acf3a2580d5abe6254d94de6847234d9bcdad09e89204177f1dd1f43a5d08f36ef8837fa05270e0ce7b94df877806dc88d64c5276921e8d29efa34ad625e9b9e0229e315a16662fe7647bf003a6d655600de0f00a9267acde0f6b8a13858cff77f1dab9d963183c15f5d4e3bfef985761703abcbf3d8bee6f411b56c2fc996fbb8245ce5029b91f0a48e46520b38afdb1d0d6870177608817ea297db039e73d90b5b8d4acce12823e1da4af042a80d700a719e1061f30872542593491b5976ff3df3e08170945e2951fff88a18a1876aa84b77fcd36c0deeb7b601ea8b4115276a3ed35e0ede5e6ef7819f97d96fa1ed61aa42afb0226bf8fe04e3792190baac64876efdac4f56a8269a10aa6c702a1390416729b57c696348840c2d13e613f0cad722245cc19db23535220720610f96bfafe38044353da0a1efe26bb3f519dcdf717409cac4d843ab02296a58c1f06a10cfb133ae70599b58c1ec5cae3acc6e19a0d9b4756e880643435cff0cf00f0e021e3f5ff1b15309f0067e28caf9827b17681f04652c78e7f8837173b3ff836d54088ff81622c7c7a1f0a4a25ff9c025836ea612a48fa74c2861bf30539253d07a0ea7943e8ac1cf30c1fc9abcc59f632ccf4be014cb38dfb8a953724ea4e10f582c4766f61be11cf01b4dd367f4bdf0bcf31c94d01a4a85a7df6f874618ca72a6f8474020e4acdcdd3fe1a0b4021bcd75f3389e0f3688f209de5a640e4846af44ab72d6689649cf6638d98faca5401f6282088d948b56ceb05d51af4dda43839161915ef7dd5935afb209b6df9e65675c50b77e070e4f0ee3c003a10be0169eaa129fb50410df5d92ba87c57b1c68ad5db327be8e5cd2ae6496b860dee3047948ea3f52e4b6d679d35286f2cf9c26fe964a0844770fce3ac33e0ee5a938b21fefdc8f78265dff17d23d30d3d25f9d8597471e316e79114e0f5100df0fc55fd0f3827f5f492f5d9832e102e7892399d2fe259c3dd5b25c211c7f0dfb94423bb676c89b4fb8d3b23cf17e05833be590a933b50149f2980c959b367d591c07cfcb0e2573240ad89bc9384faa6315b9f1d5ce3443143159189eb728303448b182264f1403aa8117b8dd279d1775bd85377493253ce37ab6bf9bbf5eb2e231240fe85aea8edbf9a27a0e74b237dce06301adc264bfa03d464c50c74f49e316817bc7119ef067a072f73d03d7392541c68c7b2619104c045ac905f7a364e435952008eec4ecdd3ae7c02b3260c3cc46e2d3df507b1e8c2482791baef569b753df22d69e79ca4c89a4b0602aa5a9b2eac305918153e64a3cfe91aa1a0b9789a5c2c9ae55487abca1b8046a0ffbbdaf19cc237971cd46e4bdc12590db9fd01fd798219be13d859dff28bc4c379aa7d8e516cd432e85ccf06c21bbaab062e1c972bf42f4a1c3ad177cca5fae863fe8cd52ec2d5339b43827b3b224b42ae7700e05798a7bd465d8719f03184960b3b2ed09d824bef59af42865b9f761767b0f661aae948fa0ea8c330f6bc3afb70d221ad6ef24cceb678f5ee6342821edd4397df5aae5b8a609b4e094ea232980a8e00de5325ef1ca4a2d0fae2964f10b6e3b376d9865c12698ff78d24e2a2f3ec133019985a4828ae752816891b67078840011a69a767530e1ca06698db818cdb8ac3945c9467f3755f7d15ac8b394202e56b5a2f161bfb42118ea6b1c5c345491d102960e7027517d07091984667900b86c8c821e456c63a1203bab943b08f362929fac0e96c7e5f971fc9dbd537f8a36805101a736ad2fadfdf34e6b399dd7f136c4190044ea3bcff51b909e086f0f871ee882b2bd10e5b9037147014a67952dcf09319f4c78a170a3ae23eb2434c86eaf473f359eab7780dabcfc17e6e8df7bfe4b4bbb57c834b2347ecb0c016ee624663e22a6ba22e25e9b8a3781fd506198475f37f780a3fce92de639ad78da41c0ed28bf77689e05dde4be2756f68c9e22d3f8cc951d08e6538c6a3f91e9e97df1b36425997e0f6d19c35c23e2902b32b060e074a84838e9f092074ca5de7f5817abc2cab180581e37bda84441f5b77b6953a87c2f7c87c8c47d1d45242243d7c9861697b6075eec4e4a31e0d9afa8d9c474b37f65fd95d7723d54be14bfea0e5d19e67edee53531b045fba14e2d8e2523f96b241748b7f115f83af1e00543a97f7aec96d2be9a22b67ca6d3a508085abd3628b4b62c2eee3cadc1327c9225f7754da691533b3da6270e92d6e0275bcf7037846dfc88bd21448146deb7c2a74bc145710a9ea0099be1d9a1491aba979ecef1c92a4009f3d72a764f4c5c461837e1a64cc8b2735519c55acce951f6d98df4bde700e4265e28f9f65a681ec87cf79d98fea75124bde372868bd60331a0f6a00c9a535a665966ec68a9904c148e0f6c3e569b6a60ee429ed126e16fcf6f284815810519b35aa24b476bd1a9430125b6a0b130d1f09320b83d5f5b7f5351151acb1f9c4c4892464ecfb2c3a75a282ce9e62b4de5db2e87a17896d2663d8da2ba865fafb55e1c8b398190b454e25dac7bd99c6c95c6fce909f063574e1469e57a7210eb06fa000729bf962b3a1e08c0c749b8470a128fd01e6859657d7595888a04f9a5381b112728239c503a5fb1925fc1493b9499b86b2f37dfa21855aa9882855e814f88ebc9910d6a3f4189ca1ebdb7847bd760efbcda9bcd4096b3eb4606ead7ec053b14d5bd738ea81d96bf482d4bed2caf8f9ddef3a6f2625ef797e8f5d8e4a9ff29596027f14197d76227c56cee3f310d7d58b7f276903b8dac861656cb665e1c1e5dd760751ad46a4a01200570d5086da7b92886f96ec2d835d12409af6d564deae6e6ad227ce14568c142c88ef0b90a4bb5ac199ae3a563c28cd89dda5ac3961eb52f19a8c54cb0e595954e7d5111301d7c5438d1d5d2ba1c5db6f01445cbd91d9fb1561745977991fc236b8119d6e265e65e516ba07fcae2f7dd457ab91e34aff9f20d73167e156773e2a27073d88a6d5cc16d13c4ea8db874d59bbaf560745c8ace636a29bfb76bff1a136f2c313fe9ab924637d10f3759e47754d67c3a98065f1c5aabde49e2bcbb5093ad8c2b1732e13bd4504a6edf79662f7fb1b9d9a55ca0e2604a85aa250633693e76e38359f8b54b39c93a5c526f00f6c726088f3b0154733e41c2fc71a5d467bc938428c1712813223d6e7ccb43c805ddfc71b92ecbd0b31ed1617d8b452d7ebcf856be8afbde597d38f88012e65f715f52d24b1f63a2a204c32b3fb9e1d1f906e475b53484614400309a250c100dddbadf826ac48abfb79ba4b37f25bb421457b15527cc6c4e57fea572b4eadab706ee8b1d562f74bc351e143f57c9e30fd1b360c89ee963279b6aa4458cbba30a2e7902203936a6e88652fdd829dcdb64f0bf38178b37614594cec6b177c41151699c344a233b4fe0d551dc531b2d401aabb10d2d864d17d67d84b4015bbf884545558d52b446386a095f70b074be810bb5f0c8fd5e635dc7d02a3fecadffcf9ec5ee8cf8230c35c24648a3f88be61c8dceae4b91dfe02abe3f1f0b9259b05cfbeb52848f9953d646e596a0d57c138a8bf551bb192148ccaad46a0143c065233e2357a1a245e7e46bf65abec0dfe24abbbc5f8e93efc8682ba528a4feb8dc300828b47d4291d3825bd1c91b04f47f1d40135e8fd7f0128db346b0fa678ba506ef4bb3c5179312a352fb7a6b86b81dbc1d7f85ef342791d520c5c001b9a31a56cb9dac1e346ebd9e8231442fe10662514858abca135046a2fb216828d082363a92651504f3e0a8c7229bac046e3b19c034bceaa60b3c99219e4231024c2dfe151d50167a2b52263709d3e0ab2216b3336ae7b5d965ed21a309c72d245b3e3d3366a760f62961aafe1c2b3a53ffa419fee9b2251ace381ca7c8087e19b33fd5ca93d2952a8639d64f4708daed4585166bad8f88eebf96dc45122b45d10fb4e579ba0bb70b94ce7df9af0b1effbb78c6a88c6caa3b24fc4e9d2fa5bf851b133ef33172e2680ddee11ceb59e6eb91606eb0a7b4cc48960402fba58e0f2797d04837231e1fd048f6bbe330c2282267e2c0d2759c440a73929ee10cc02472fba9ae7d3d7cd2682a539b34872588fb317394fc4fd28221d368e31ee28271de54fd26703ef3383e34e7eaf66a86c62ba8063d784efa266a3cc05ce71f11412ec95905c0c7233807fc2ab14556bc56705a0610fde6d0c0ef0914c54dd274783627edc9cd61e3e9e6129c840a395cc4f54e2819922415df887150d2e082daf1ebcbc3b56b5875e67f3e0977fd8d29d4d124d07ff06654efc2a0c341bcbccbccdc39050d5bb1031ceba305df465e719c0655ce45f12faac4a459f81c35c9c93b0b9dbb38656e7af9925e212200e37859b800f13fccb1efce8447fdf99f5bfa55894551cd5a9c0a494be1f9ea59e13c2ee493ab5ac43c74d928f181c356b7aad36be2dd060f05cd4df6506b770ae7577ef552edf45a399d0b7647e2cbb6e9afda87a41da39d15044fc4b3a6fb4ef0abad86d2c40a66938d83002e47759e4d2b812da75d0d1cc402bf3dfd4f63afd2998cd7e6d71523405d027c3f8e0fd21b26be0013746cdc9b92fef54dc6b3478f16a4693c9a3f02261dadfd36594f7f2b9185a5878452abf7491ad3791a27f58c3eef5026e583fa18431bf1bbd72b064fce2c10ff22e59d508ccf1b24c70a5b809d76eef2fc38683376ec72c8c4a8d91d8b95e73482f1ac989090ee05f4f63860f42d3aafa7aa12179385b7ca6ad8fa0961820cf7e6bbc39f570a44be2e3d40a826e79b0e6bcd6aea24e908e2ce4efc75271d3e99891504cfe3706de77f7b6251d69a9ed4a975926ba00862e29f08a6a0a6ec9a1881d125dd1bf51945290fa710d09b7be812ce5b51e15ce5d8c6a290ccffc335572b0b3d84a35ddc06da3aa660654de910783f82b9080d32d09c207070071c78718554429022b53ccfdac287079411ff73a860bcbf2db4c25e30e595d9f0f50956531a6df55e4bd2e5215faa05e1bd2dabb50c91961da35793c6014716dd5da8a92cb65b2d505b182c6d1c71c2963e86270020dc6e116bd82fea14ecd008c39eccbcb9aa5c1d5cff0f4cced235d280d41f5e2525c26829124ee8e5791352eff8fe5502f2980e12c3b142685613de32b6ed67e722188f19ab180fdaea1c64f320a00bb77e7e07009c0eb2049d6e112d730cdf7a44bf8487ca6603b5453b9cd2284a1d1ee40d554266841"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, 0x0, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x12040, 0x0)
finit_module(r3, &(0x7f0000000180)='(\x00', 0x1)
fcntl$setlease(r3, 0x400, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='statm\x00')
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000080)=""/7, 0x7}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
r5 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x31, 0x800000000004, @tid=r5}, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x24b9)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_vif\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00'}, 0x94)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
ioctl$RTC_UIE_ON(r6, 0x7003)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mount$9p_unix(&(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x12d7498, 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB="2c726f6f746d20000000303030303030303030303030308d1c094455ba096f7730303030303430303030725f69643df8ddfaba8fd1f9b81bc26d22bc61d274585c0fef268794971f0d858a7d7dd60b9adeb886e6a2a5acf9cc5800000000c6f5edfb7fa1a93484ecbfa73bb88086871fa1c6eed3b922c66ee71b802a306de7257aed79a3e72225b6b778353f6100"/154, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions,\x00'])
r8 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r8, &(0x7f00000029c0)={0x2020}, 0x2020)
ioctl$RTC_AIE_ON(r6, 0x7001)

51.096086ms ago: executing program 0 (id=2170):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000011140100000000000000000008004b001300000008000100000f000008004f00010000000800030001"], 0x30}}, 0x40)

0s ago: executing program 0 (id=2171):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0700000004000000200000000100000022000000", @ANYRES32, @ANYBLOB="1700000700000000f6ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r2, 0x58, &(0x7f0000000100)}, 0x87)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x1520, 0xffffffffffffffff, 0x3}, 0x50)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[0x0])
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f2b, 0x5, 0x3, 0x4, 0x5, 0xcc7, 0xf, 0xb, 0xa, 0x100, 0x2, 0x1, 0xfffffffd, 0x40, 0x6, 0x101, 0x0, 0x1a449, 0x2, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0xa, 0xe69, 0x3f, 0x8, 0x2, 0x0, 0xfffffff8]})

kernel console output (not intermixed with test programs):

 in process `syz.0.1098'.
[  228.300751][   T40] audit: type=1326 audit(1755669886.156:28468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10071 comm="syz.0.1110" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  228.352246][T10075] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1110'.
[  229.270531][T10081] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer.
[  229.346387][T10088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1115'.
[  230.282180][T10102] nfs: Unknown parameter 'fowner'
[  230.751865][ T5983] Bluetooth: hci4: sending frame failed (-49)
[  230.754171][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  231.685611][   T40] audit: type=1326 audit(1755669889.536:28469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10137 comm="syz.0.1131" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  231.786725][T10142] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1131'.
[  232.372686][T10160] tipc: Enabling <eth:lo> not permitted
[  232.376613][T10160] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  232.377934][T10151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1134'.
[  232.664220][T10173] comedi comedi2: dt2815: I/O port conflict (0x4f27,2)
[  233.793865][T10195] netlink: 'syz.1.1145': attribute type 5 has an invalid length.
[  233.998757][T10215] netlink: 'syz.0.1147': attribute type 13 has an invalid length.
[  234.001945][T10215] netlink: 'syz.0.1147': attribute type 17 has an invalid length.
[  234.123750][T10215] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.129120][T10215] 8021q: adding VLAN 0 to HW filter on device team0
[  234.135547][T10215] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  235.843023][T10220] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'.
[  236.171107][T10294] netlink: 'syz.2.1169': attribute type 83 has an invalid length.
[  236.869244][T10318] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  237.572426][T10342] loop7: detected capacity change from 0 to 7
[  237.671182][T10342] Dev loop7: unable to read RDB block 7
[  237.671290][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  237.673308][T10342]  loop7: unable to read partition table
[  237.676390][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  237.681163][T10342] loop7: partition table beyond EOD, truncated
[  237.683911][T10342] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  239.009731][   T63] Bluetooth: hci0: unexpected event for opcode 0x200a
[  239.053313][   T40] audit: type=1326 audit(1755669896.917:28470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10377 comm="syz.0.1193" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  239.157988][T10382] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1193'.
[  240.256111][T10412] netlink: 'syz.0.1197': attribute type 10 has an invalid length.
[  240.264826][T10412] team0: Port device dummy0 added
[  240.269851][T10412] netlink: 'syz.0.1197': attribute type 10 has an invalid length.
[  240.277010][T10412] team0: Port device dummy0 removed
[  240.281866][T10412] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  240.585053][T10417] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  240.592045][T10417] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  240.595480][T10417] tipc: Enabled bearer <udp:syz0>, priority 10
[  240.602859][T10417] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1202'.
[  240.607180][T10417] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1202'.
[  240.640827][   T40] audit: type=1326 audit(1755669898.497:28471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10420 comm="syz.3.1204" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  240.718197][T10423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1204'.
[  241.035870][   T63] Bluetooth: hci2: unexpected event for opcode 0x1405
[  241.197262][   T40] audit: type=1326 audit(1755669899.057:28472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.204856][   T40] audit: type=1326 audit(1755669899.057:28473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.221197][   T40] audit: type=1326 audit(1755669899.067:28474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=332 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.229074][   T40] audit: type=1326 audit(1755669899.067:28475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.236527][   T40] audit: type=1326 audit(1755669899.067:28476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.244153][   T40] audit: type=1326 audit(1755669899.067:28477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.251046][   T40] audit: type=1326 audit(1755669899.067:28478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.258074][   T40] audit: type=1326 audit(1755669899.067:28479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  241.349445][T10446] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  241.351967][T10446] IPv6: NLM_F_CREATE should be set when creating new route
[  241.354381][T10446] IPv6: NLM_F_CREATE should be set when creating new route
[  241.918602][T10469] trusted_key: encrypted_key: insufficient parameters specified
[  242.633254][T10476] /dev/sr0: Can't open blockdev
[  242.657134][   T63] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  242.767657][T10486] kvm: pic: non byte write
[  242.770025][T10486] kvm: pic: non byte write
[  242.772132][T10486] kvm: pic: non byte write
[  242.775696][T10486] kvm: pic: single mode not supported
[  243.799595][T10515] loop7: detected capacity change from 0 to 7
[  243.901670][T10515] Dev loop7: unable to read RDB block 7
[  243.901878][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  243.905351][T10515]  loop7: unable to read partition table
[  243.907345][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  243.909199][T10515] loop7: partition table beyond EOD, truncated
[  243.914105][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  243.914135][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  243.920973][T10515] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  245.103430][T10546] fuse: Unknown parameter 'rootmo'
[  246.229806][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1248'.
[  246.275904][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  246.275998][   T40] audit: type=1326 audit(1755669904.127:28485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10576 comm="syz.0.1250" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  246.325585][T10579] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1250'.
[  246.387482][   T40] audit: type=1326 audit(1755669904.247:28486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10580 comm="syz.3.1251" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  246.489797][T10583] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1251'.
[  247.395314][T10602] misc userio: Invalid payload size
[  247.399164][T10602] misc userio: No port type given on /dev/userio
[  247.401946][T10602] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1257'.
[  248.979035][   T40] audit: type=1326 audit(1755669906.837:28487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.0.1265" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  249.031504][T10628] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1265'.
[  249.157875][T10630] usb 2-1: USB disconnect, device number 3
[  249.245452][T10631] hub 2-0:1.0: USB hub found
[  249.247988][T10631] hub 2-0:1.0: 6 ports detected
[  249.422019][ T4342] usb 2-1: new high-speed USB device number 4 using ehci-pci
[  249.606358][ T4342] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  249.609283][ T4342] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  249.612770][ T4342] usb 2-1: Product: QEMU USB Tablet
[  249.615612][ T4342] usb 2-1: Manufacturer: QEMU
[  249.617430][ T4342] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  249.643267][ T4342] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0007/input/input12
[  249.702958][ T4342] hid-generic 0003:0627:0001.0007: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  251.205840][   T40] audit: type=1326 audit(1755669909.067:28488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.3.1280" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  251.308218][T10686] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1280'.
[  251.553719][T10689] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  251.557521][T10689] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  251.559719][T10689] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  251.562534][T10689] vhci_hcd vhci_hcd.0: Device attached
[  251.616323][T10690] vhci_hcd: connection closed
[  251.616530][   T60] vhci_hcd: stop threads
[  251.620152][   T60] vhci_hcd: release socket
[  251.621584][   T60] vhci_hcd: disconnect device
[  252.631395][T10706] /dev/nullb0: Can't open blockdev
[  253.082222][   T40] audit: type=1326 audit(1755669910.947:28489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.2.1294" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  253.183749][T10730] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1294'.
[  255.203080][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  255.205663][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  256.065325][T10767] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1304'.
[  256.156576][T10771] nfs: Unknown parameter 'fowner'
[  256.573865][T10775] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  256.576766][T10775] overlayfs: failed to set xattr on upper
[  256.579157][T10775] overlayfs: ...falling back to redirect_dir=nofollow.
[  256.582045][T10775] overlayfs: ...falling back to index=off.
[  256.584362][T10775] overlayfs: ...falling back to uuid=null.
[  256.588352][T10775] FAULT_INJECTION: forcing a failure.
[  256.588352][T10775] name failslab, interval 1, probability 0, space 0, times 0
[  256.594695][T10775] CPU: 3 UID: 0 PID: 10775 Comm: syz.1.1307 Not tainted syzkaller #0 PREEMPT(full) 
[  256.594717][T10775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.594727][T10775] Call Trace:
[  256.594733][T10775]  <TASK>
[  256.594739][T10775]  dump_stack_lvl+0x16c/0x1f0
[  256.594763][T10775]  should_fail_ex+0x512/0x640
[  256.594788][T10775]  should_failslab+0xc2/0x120
[  256.594810][T10775]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  256.594829][T10775]  ? trace_kmalloc+0x2b/0xd0
[  256.594851][T10775]  ? getname_kernel+0x52/0x370
[  256.594874][T10775]  getname_kernel+0x52/0x370
[  256.594895][T10775]  kern_path+0x1d/0x50
[  256.594911][T10775]  ovl_mount_dir+0x13e/0x1f0
[  256.594930][T10775]  ovl_parse_param+0x10ae/0x1570
[  256.594949][T10775]  ? __pfx_ovl_parse_param+0x10/0x10
[  256.594964][T10775]  ? rcu_is_watching+0x12/0xc0
[  256.594981][T10775]  ? trace_kmalloc+0x2b/0xd0
[  256.595002][T10775]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  256.595023][T10775]  ? static_key_count+0x5a/0x70
[  256.595039][T10775]  ? __pfx_ovl_parse_param+0x10/0x10
[  256.595056][T10775]  vfs_parse_fs_param+0x208/0x3c0
[  256.595075][T10775]  vfs_parse_fs_string+0xe9/0x150
[  256.595094][T10775]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  256.595114][T10775]  ? __raw_spin_lock_init+0x3a/0x110
[  256.595138][T10775]  ? lockdep_init_map_type+0x5c/0x280
[  256.595159][T10775]  ? ovl_next_opt+0x143/0x1c0
[  256.595174][T10775]  ? __pfx_ovl_next_opt+0x10/0x10
[  256.595189][T10775]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  256.595209][T10775]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  256.595229][T10775]  ? alloc_fs_context+0x59b/0x9c0
[  256.595249][T10775]  path_mount+0x14c9/0x2000
[  256.595270][T10775]  ? __pfx_path_mount+0x10/0x10
[  256.595290][T10775]  ? kmem_cache_free+0x2d1/0x4d0
[  256.595307][T10775]  ? putname+0x154/0x1a0
[  256.595327][T10775]  ? getname_flags.part.0+0x1c5/0x550
[  256.595354][T10775]  ? __ia32_sys_mount+0x28b/0x310
[  256.595374][T10775]  __ia32_sys_mount+0x28b/0x310
[  256.595394][T10775]  ? __pfx___ia32_sys_mount+0x10/0x10
[  256.595415][T10775]  ? rcu_is_watching+0x12/0xc0
[  256.595432][T10775]  __do_fast_syscall_32+0x7c/0x3a0
[  256.595454][T10775]  do_fast_syscall_32+0x32/0x80
[  256.595475][T10775]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.595495][T10775] RIP: 0023:0xf710e579
[  256.595506][T10775] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  256.595522][T10775] RSP: 002b:00000000f54fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  256.595537][T10775] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  256.595547][T10775] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000900
[  256.595557][T10775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  256.595566][T10775] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  256.595576][T10775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.595590][T10775]  </TASK>
[  256.595597][T10775] overlayfs: failed to resolve './bus': -12
[  257.185049][T10780] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1308'.
[  258.242370][   T40] audit: type=1326 audit(1755669916.108:28490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10812 comm="syz.3.1318" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  258.301174][T10815] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1318'.
[  259.473708][T10828] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1323'.
[  259.587956][T10838] sch_tbf: peakrate 4 is lower than or equals to rate 127 !
[  259.672245][T10847] FAULT_INJECTION: forcing a failure.
[  259.672245][T10847] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  259.678017][T10847] CPU: 1 UID: 0 PID: 10847 Comm: syz.1.1327 Not tainted syzkaller #0 PREEMPT(full) 
[  259.678044][T10847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.678056][T10847] Call Trace:
[  259.678067][T10847]  <TASK>
[  259.678074][T10847]  dump_stack_lvl+0x16c/0x1f0
[  259.678101][T10847]  should_fail_ex+0x512/0x640
[  259.678128][T10847]  should_fail_alloc_page+0xe7/0x130
[  259.678153][T10847]  prepare_alloc_pages+0x3c2/0x610
[  259.678179][T10847]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  259.678208][T10847]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  259.678230][T10847]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  259.678258][T10847]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  259.678298][T10847]  ? stack_depot_save_flags+0x3de/0x9c0
[  259.678326][T10847]  ? kasan_save_stack+0x42/0x60
[  259.678347][T10847]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  259.678368][T10847]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  259.678414][T10847]  ? __get_vm_area_node+0x1ca/0x330
[  259.678440][T10847]  ? __vmalloc_node_noprof+0xad/0xf0
[  259.678456][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.678474][T10847]  ? nf_getsockopt+0x7c/0xe0
[  259.678495][T10847]  ? ip_getsockopt+0x18c/0x1e0
[  259.678512][T10847]  ? raw_getsockopt+0x4d/0x1f0
[  259.678527][T10847]  ? do_sock_getsockopt+0x34a/0x440
[  259.678551][T10847]  ? __sys_getsockopt+0x123/0x1b0
[  259.678574][T10847]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  259.678602][T10847]  ? policy_nodemask+0xea/0x4e0
[  259.678625][T10847]  alloc_pages_mpol+0x1fb/0x550
[  259.678648][T10847]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  259.678674][T10847]  alloc_pages_noprof+0x131/0x390
[  259.678695][T10847]  get_free_pages_noprof+0x10/0xb0
[  259.678720][T10847]  kasan_populate_vmalloc+0x89/0x1f0
[  259.678742][T10847]  alloc_vmap_area+0x959/0x29c0
[  259.678773][T10847]  ? __pfx_alloc_vmap_area+0x10/0x10
[  259.678803][T10847]  __get_vm_area_node+0x1ca/0x330
[  259.678831][T10847]  __vmalloc_node_range_noprof+0x271/0x14b0
[  259.678850][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.678867][T10847]  ? sockopt_release_sock+0x52/0x60
[  259.678891][T10847]  ? __local_bh_enable_ip+0xa4/0x120
[  259.678922][T10847]  ? __pfx___mutex_trylock_common+0x10/0x10
[  259.678947][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.678967][T10847]  ? trace_contention_end+0xdd/0x130
[  259.678991][T10847]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.679009][T10847]  ? rcu_is_watching+0x12/0xc0
[  259.679028][T10847]  ? aa_get_newest_label+0xd2/0x250
[  259.679049][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.679064][T10847]  __vmalloc_node_noprof+0xad/0xf0
[  259.679078][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.679096][T10847]  ip_set_sockfn_get+0x18e/0xd30
[  259.679113][T10847]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[  259.679130][T10847]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  259.679153][T10847]  nf_getsockopt+0x7c/0xe0
[  259.679176][T10847]  ip_getsockopt+0x18c/0x1e0
[  259.679191][T10847]  ? __pfx_ip_getsockopt+0x10/0x10
[  259.679208][T10847]  raw_getsockopt+0x4d/0x1f0
[  259.679222][T10847]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  259.679244][T10847]  do_sock_getsockopt+0x34a/0x440
[  259.679268][T10847]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  259.679291][T10847]  ? lock_release+0x201/0x2f0
[  259.679316][T10847]  __sys_getsockopt+0x123/0x1b0
[  259.679336][T10847]  __ia32_sys_getsockopt+0xbc/0x160
[  259.679354][T10847]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  259.679376][T10847]  __do_fast_syscall_32+0x7c/0x3a0
[  259.679397][T10847]  do_fast_syscall_32+0x32/0x80
[  259.679416][T10847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.679438][T10847] RIP: 0023:0xf710e579
[  259.679453][T10847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.679471][T10847] RSP: 002b:00000000f54fe55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  259.679489][T10847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  259.679500][T10847] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000040
[  259.679511][T10847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.679521][T10847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.679532][T10847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.679549][T10847]  </TASK>
[  259.679609][T10847] syz.1.1327: vmalloc error: size 40, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  259.848850][T10847] CPU: 0 UID: 0 PID: 10847 Comm: syz.1.1327 Not tainted syzkaller #0 PREEMPT(full) 
[  259.848867][T10847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.848874][T10847] Call Trace:
[  259.848879][T10847]  <TASK>
[  259.848884][T10847]  dump_stack_lvl+0x16c/0x1f0
[  259.848902][T10847]  warn_alloc+0x248/0x3a0
[  259.848915][T10847]  ? __pfx_warn_alloc+0x10/0x10
[  259.848927][T10847]  ? kfree+0x2b4/0x4d0
[  259.848939][T10847]  ? __get_vm_area_node+0x208/0x330
[  259.848957][T10847]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  259.848967][T10847]  ? sockopt_release_sock+0x52/0x60
[  259.848982][T10847]  ? __local_bh_enable_ip+0xa4/0x120
[  259.848997][T10847]  ? __pfx___mutex_trylock_common+0x10/0x10
[  259.849011][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.849024][T10847]  ? trace_contention_end+0xdd/0x130
[  259.849039][T10847]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.849050][T10847]  ? rcu_is_watching+0x12/0xc0
[  259.849062][T10847]  ? aa_get_newest_label+0xd2/0x250
[  259.849094][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.849105][T10847]  __vmalloc_node_noprof+0xad/0xf0
[  259.849115][T10847]  ? ip_set_sockfn_get+0x18e/0xd30
[  259.849126][T10847]  ip_set_sockfn_get+0x18e/0xd30
[  259.849137][T10847]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[  259.849148][T10847]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  259.849166][T10847]  nf_getsockopt+0x7c/0xe0
[  259.849181][T10847]  ip_getsockopt+0x18c/0x1e0
[  259.849192][T10847]  ? __pfx_ip_getsockopt+0x10/0x10
[  259.849204][T10847]  raw_getsockopt+0x4d/0x1f0
[  259.849215][T10847]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  259.849231][T10847]  do_sock_getsockopt+0x34a/0x440
[  259.849247][T10847]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  259.849263][T10847]  ? lock_release+0x201/0x2f0
[  259.849279][T10847]  __sys_getsockopt+0x123/0x1b0
[  259.849294][T10847]  __ia32_sys_getsockopt+0xbc/0x160
[  259.849307][T10847]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  259.849322][T10847]  __do_fast_syscall_32+0x7c/0x3a0
[  259.849337][T10847]  do_fast_syscall_32+0x32/0x80
[  259.849351][T10847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.849365][T10847] RIP: 0023:0xf710e579
[  259.849374][T10847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.849391][T10847] RSP: 002b:00000000f54fe55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  259.849407][T10847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  259.849417][T10847] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000040
[  259.849426][T10847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.849437][T10847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.849447][T10847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.849462][T10847]  </TASK>
[  259.849616][T10847] Mem-Info:
[  259.957812][T10847] active_anon:792 inactive_anon:12470 isolated_anon:0
[  259.957812][T10847]  active_file:4188 inactive_file:15416 isolated_file:0
[  259.957812][T10847]  unevictable:1768 dirty:599 writeback:0
[  259.957812][T10847]  slab_reclaimable:6264 slab_unreclaimable:66722
[  259.957812][T10847]  mapped:25191 shmem:9718 pagetables:1592
[  259.957812][T10847]  sec_pagetables:318 bounce:0
[  259.957812][T10847]  kernel_misc_reclaimable:0
[  259.957812][T10847]  free:35239 free_pcp:9680 free_cma:0
[  259.975507][T10847] Node 0 active_anon:28kB inactive_anon:180kB active_file:344kB inactive_file:20kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:4kB writeback:0kB shmem:4556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8028kB pagetables:1896kB sec_pagetables:1152kB all_unreclaimable? no Balloon:0kB
[  259.986101][T10847] Node 1 active_anon:3140kB inactive_anon:49700kB active_file:16408kB inactive_file:61644kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100748kB dirty:2392kB writeback:0kB shmem:34316kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5708kB pagetables:4472kB sec_pagetables:120kB all_unreclaimable? no Balloon:0kB
[  259.997235][T10847] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:48kB local_pcp:0kB free_cma:0kB
[  260.010224][T10847] lowmem_reserve[]: 0 288 288 288 288
[  260.012585][T10847] Node 0 DMA32 free:19916kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:2048KB free_highatomic:1496KB active_anon:28kB inactive_anon:180kB active_file:344kB inactive_file:20kB unevictable:3536kB writepending:4kB present:1032196kB managed:295148kB mlocked:0kB bounce:0kB free_pcp:5308kB local_pcp:1096kB free_cma:0kB
[  260.023069][T10847] lowmem_reserve[]: 0 0 0 0 0
[  260.024695][T10847] Node 1 DMA32 free:118964kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:3140kB inactive_anon:49700kB active_file:16408kB inactive_file:61644kB unevictable:3536kB writepending:2392kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:33316kB local_pcp:9800kB free_cma:0kB
[  260.035935][T10847] lowmem_reserve[]: 0 0 0 0 0
[  260.037498][T10847] Node 0 DMA: 49*4kB (U) 17*8kB (U) 1*16kB (U) 14*32kB (UM) 2*64kB (UM) 1*128kB (M) 0*256kB 2*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2076kB
[  260.042239][T10847] Node 0 DMA32: 13*4kB (MEH) 95*8kB (UMEH) 108*16kB (UMEH) 111*32kB (UMEH) 66*64kB (UMEH) 25*128kB (UMEH) 13*256kB (UMH) 4*512kB (UME) 1*1024kB (U) 0*2048kB 0*4096kB = 19916kB
[  260.047889][T10847] Node 1 DMA32: 787*4kB (UME) 529*8kB (ME) 426*16kB (ME) 250*32kB (ME) 193*64kB (UME) 110*128kB (UME) 40*256kB (ME) 17*512kB (ME) 42*1024kB (UME) 2*2048kB (UM) 1*4096kB (U) = 118772kB
[  260.054453][T10847] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.057609][T10847] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  260.061797][T10847] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.066431][T10847] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  260.070893][T10847] 29958 total pagecache pages
[  260.073381][T10847] 640 pages in swap cache
[  260.075794][T10847] Free swap  = 114988kB
[  260.078516][T10847] Total swap = 124996kB
[  260.080503][T10847] 524155 pages RAM
[  260.084420][T10847] 0 pages HighMem/MovableOnly
[  260.086603][T10847] 209473 pages reserved
[  260.088623][T10847] 0 pages cma reserved
[  260.278662][T10859] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1329'.
[  260.428229][T10856] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1329'.
[  260.732240][T10879] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  261.976202][   T40] audit: type=1400 audit(1755669919.838:28491): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F
[  262.049309][T10918] /dev/nullb0: Can't open blockdev
[  262.119942][   T63] Bluetooth: hci2: unexpected event for opcode 0x2043
[  262.264618][T10930] FAULT_INJECTION: forcing a failure.
[  262.264618][T10930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.268860][T10930] CPU: 1 UID: 0 PID: 10930 Comm: syz.1.1352 Not tainted syzkaller #0 PREEMPT(full) 
[  262.268874][T10930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.268893][T10930] Call Trace:
[  262.268897][T10930]  <TASK>
[  262.268905][T10930]  dump_stack_lvl+0x16c/0x1f0
[  262.268921][T10930]  should_fail_ex+0x512/0x640
[  262.268937][T10930]  _copy_from_user+0x2e/0xd0
[  262.268953][T10930]  get_compat_msghdr+0xa7/0x170
[  262.268966][T10930]  ? __pfx_get_compat_msghdr+0x10/0x10
[  262.268979][T10930]  ? rcu_is_watching+0x12/0xc0
[  262.268991][T10930]  ___sys_recvmsg+0x191/0x1a0
[  262.269004][T10930]  ? __pfx____sys_recvmsg+0x10/0x10
[  262.269020][T10930]  ? __pfx___might_resched+0x10/0x10
[  262.269031][T10930]  do_recvmmsg+0x55d/0x750
[  262.269044][T10930]  ? __pfx_do_recvmmsg+0x10/0x10
[  262.269057][T10930]  ? preempt_count_add+0x76/0x150
[  262.269071][T10930]  ? ksys_write+0x190/0x250
[  262.269082][T10930]  ? rcu_is_watching+0x12/0xc0
[  262.269092][T10930]  ? lock_release+0x201/0x2f0
[  262.269108][T10930]  ? __fget_files+0x20e/0x3c0
[  262.269119][T10930]  __sys_recvmmsg+0x21c/0x280
[  262.269132][T10930]  ? __pfx___sys_recvmmsg+0x10/0x10
[  262.269146][T10930]  ? __pfx_ksys_write+0x10/0x10
[  262.269158][T10930]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  262.269172][T10930]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  262.269186][T10930]  __do_fast_syscall_32+0x7c/0x3a0
[  262.269200][T10930]  do_fast_syscall_32+0x32/0x80
[  262.269213][T10930]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.269226][T10930] RIP: 0023:0xf710e579
[  262.269234][T10930] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.269245][T10930] RSP: 002b:00000000f54fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  262.269255][T10930] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080004c00
[  262.269261][T10930] RDX: 0000000004000032 RSI: 0000000040000021 RDI: 0000000000000000
[  262.269267][T10930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.269273][T10930] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  262.269279][T10930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.269288][T10930]  </TASK>
[  262.270753][T10928] bond0: (slave dummy0): Releasing backup interface
[  262.363710][T10928] bond0: (slave bond_slave_0): Releasing backup interface
[  262.367178][T10928] bond0: (slave bond_slave_1): Releasing backup interface
[  262.374321][T10928] team0: Port device team_slave_0 removed
[  262.377099][T10928] team0: Port device team_slave_1 removed
[  262.395347][T10933] team0: Mode changed to "loadbalance"
[  262.403560][T10936] 9pnet: p9_errstr2errno: server reported unknown error 184467
[  262.427948][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.430586][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.434040][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.441828][T10936] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  262.441913][T10928] netlink: 'syz.0.1351': attribute type 10 has an invalid length.
[  262.459191][T10928] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.463245][T10928] team0: Port device bond0 added
[  262.465114][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.467364][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.469543][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.476692][T10928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1351'.
[  262.481522][T10936] wlan0 speed is unknown, defaulting to 1000
[  262.549859][T10928] team0 (unregistering): Port device bond0 removed
[  263.948551][T10956] lo speed is unknown, defaulting to 1000
[  263.951654][T10956] lo speed is unknown, defaulting to 1000
[  263.956748][T10956] lo speed is unknown, defaulting to 1000
[  263.982679][T10956] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  264.041665][T10956] lo speed is unknown, defaulting to 1000
[  264.056697][T10956] lo speed is unknown, defaulting to 1000
[  264.068645][T10956] lo speed is unknown, defaulting to 1000
[  264.078666][T10956] lo speed is unknown, defaulting to 1000
[  264.168831][T10962] could not allocate digest TFM handle sha1-avx2
[  265.607169][T11009] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'.
[  266.164448][   T63] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  266.167588][   T63] Bluetooth: hci2: Injecting HCI hardware error event
[  266.170026][   T63] Bluetooth: hci2: hardware error 0x00
[  266.457321][T11047] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1380'.
[  266.629140][T11047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1380'.
[  266.984967][T11055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1382'.
[  267.049902][T11057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1383'.
[  267.140050][T11073] nfs: Unknown parameter 'fowner'
[  267.214510][T11075] netlink: 'syz.0.1389': attribute type 10 has an invalid length.
[  267.217135][T11075] syz_tun: entered promiscuous mode
[  267.228402][T11075] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  267.282711][T11077] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1390'.
[  267.516413][T11082] /dev/nullb0: Can't open blockdev
[  267.968342][T11096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'.
[  268.241018][   T63] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  269.076129][T11144] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  269.078242][T11144] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  269.081968][T11144] vhci_hcd vhci_hcd.0: Device attached
[  269.601010][ T4342] usb 41-1: new high-speed USB device number 5 using vhci_hcd
[  269.724456][T11145] vhci_hcd: connection reset by peer
[  269.728956][   T12] vhci_hcd: stop threads
[  269.730468][   T12] vhci_hcd: release socket
[  269.731924][   T12] vhci_hcd: disconnect device
[  271.792537][T11208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1426'.
[  271.863000][   T40] audit: type=1326 audit(1755669929.728:28492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11213 comm="syz.3.1427" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  271.965129][T11218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1427'.
[  272.529024][T11227] geneve2: entered promiscuous mode
[  272.530908][T11227] geneve2: entered allmulticast mode
[  272.533422][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  272.536143][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  272.540717][ T1141] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  272.543264][ T1141] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  272.560891][   T34] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  272.578620][   T40] audit: type=1326 audit(1755669930.439:28493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11230 comm="syz.0.1435" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  272.595242][   T40] audit: type=1326 audit(1755669930.459:28494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.1.1433" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  272.681107][T11234] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1435'.
[  272.697116][T11235] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1433'.
[  272.726123][   T34] usb 7-1: not running at top speed; connect to a high speed hub
[  272.733448][   T34] usb 7-1: config 57 has an invalid interface number: 109 but max is 1
[  272.736633][   T34] usb 7-1: config 57 contains an unexpected descriptor of type 0x1, skipping
[  272.739582][   T34] usb 7-1: config 57 has an invalid interface number: 208 but max is 1
[  272.743299][   T34] usb 7-1: config 57 has an invalid descriptor of length 0, skipping remainder of the config
[  272.747749][   T34] usb 7-1: config 57 has no interface number 0
[  272.751212][   T34] usb 7-1: config 57 has no interface number 1
[  272.754522][   T34] usb 7-1: config 57 interface 109 altsetting 16 has an invalid descriptor for endpoint zero, skipping
[  272.758134][   T34] usb 7-1: config 57 interface 109 altsetting 16 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  272.761939][   T34] usb 7-1: config 57 interface 109 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  272.765703][   T34] usb 7-1: config 57 interface 208 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 6
[  272.769853][   T34] usb 7-1: config 57 interface 109 has no altsetting 0
[  272.772976][T11238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1436'.
[  272.776750][   T34] usb 7-1: config 57 interface 208 has no altsetting 0
[  272.782901][   T34] usb 7-1: New USB device found, idVendor=0ccd, idProduct=008e, bcdDevice=86.4c
[  272.786088][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.788781][   T34] usb 7-1: Product: 〧廙凣ኦⴚ络៞᧕�펮䮆먡爐ࢪᘰ漷��◖㔹᠌랖�굱촃챛⅑�㠑曧ꦴ꙼�彚ଔᨇ푱ý턱扵ㅿ螛鑹얄唴趕廑Ɦ忡ƌ⽎쾟�㮹䦜䟦��朸凼��蔆἗짳⊴ꑧ啬챢�㻯喕ệ㇗㳾隚㶡弙땺딸늯峓ᄺ
[  272.797576][   T34] usb 7-1: Manufacturer: à „
[  272.799275][   T34] usb 7-1: SerialNumber:  
[  272.882013][T11240] netlink: 'syz.3.1437': attribute type 1 has an invalid length.
[  272.890721][T11240] 8021q: adding VLAN 0 to HW filter on device bond2
[  272.908277][T11240] bond2: (slave ip6erspan0): making interface the new active one
[  272.911941][T11240] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[  273.018930][T11221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.024397][T11221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.029452][T11221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.035037][T11221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.061263][T11221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.064397][T11221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.068005][T11221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.072182][T11221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.076907][T11221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.083158][T11221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.097526][   T34] usb 7-1: USB disconnect, device number 14
[  273.552415][   T40] audit: type=1326 audit(1755669931.419:28495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11262 comm="syz.0.1444" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  273.683814][T11267] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1444'.
[  274.165886][   T40] audit: type=1326 audit(1755669932.029:28496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.1.1448" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  274.218649][T11279] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1448'.
[  274.404676][   T40] audit: type=1326 audit(1755669932.269:28497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.0.1449" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  274.506621][T11282] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1449'.
[  274.646136][T11285] nfs: Unknown parameter 'fowner'
[  274.720552][ T4342] vhci_hcd: vhci_device speed not set
[  275.206312][T11288] netlink: 'syz.1.1451': attribute type 21 has an invalid length.
[  275.450651][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1453'.
[  276.387349][T11314] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1459'.
[  276.524395][   T40] audit: type=1326 audit(1755669934.389:28498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11320 comm="syz.1.1461" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  276.626115][T11323] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1461'.
[  276.776122][T11326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1462'.
[  277.334605][T11334] FAULT_INJECTION: forcing a failure.
[  277.334605][T11334] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  277.339085][T11334] CPU: 3 UID: 0 PID: 11334 Comm: syz.2.1464 Not tainted syzkaller #0 PREEMPT(full) 
[  277.339103][T11334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.339110][T11334] Call Trace:
[  277.339116][T11334]  <TASK>
[  277.339121][T11334]  dump_stack_lvl+0x16c/0x1f0
[  277.339138][T11334]  should_fail_ex+0x512/0x640
[  277.339155][T11334]  should_fail_alloc_page+0xe7/0x130
[  277.339171][T11334]  prepare_alloc_pages+0x3c2/0x610
[  277.339187][T11334]  ? rcu_is_watching+0x12/0xc0
[  277.339199][T11334]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  277.339213][T11334]  ? trace_kmem_cache_alloc+0x28/0xc0
[  277.339228][T11334]  ? kmem_cache_alloc_lru_noprof+0x223/0x3b0
[  277.339242][T11334]  ? rcu_is_watching+0x12/0xc0
[  277.339258][T11334]  ? mod_memcg_lruvec_state+0x389/0x5f0
[  277.339284][T11334]  ? __mod_zone_page_state+0xcc/0x1a0
[  277.339303][T11334]  ? css_rstat_updated+0x1c2/0x510
[  277.339321][T11334]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  277.339343][T11334]  ? do_raw_spin_lock+0x12c/0x2b0
[  277.339383][T11334]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  277.339401][T11334]  ? do_raw_spin_unlock+0x172/0x230
[  277.339417][T11334]  ? _raw_spin_unlock+0x28/0x50
[  277.339429][T11334]  ? __dquot_alloc_space+0x520/0xe20
[  277.339444][T11334]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  277.339468][T11334]  ? policy_nodemask+0xea/0x4e0
[  277.339483][T11334]  alloc_pages_mpol+0x1fb/0x550
[  277.339497][T11334]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  277.339511][T11334]  ? __folio_batch_add_and_move+0x602/0xc90
[  277.339525][T11334]  ? rcu_is_watching+0x12/0xc0
[  277.339536][T11334]  ? lock_release+0x201/0x2f0
[  277.339550][T11334]  folio_alloc_mpol_noprof+0x36/0x2f0
[  277.339567][T11334]  shmem_alloc_folio+0x135/0x160
[  277.339584][T11334]  shmem_alloc_and_add_folio+0x499/0xc20
[  277.339597][T11334]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  277.339610][T11334]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  277.339623][T11334]  shmem_get_folio_gfp+0x67f/0x1600
[  277.339637][T11334]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  277.339650][T11334]  shmem_write_begin+0x160/0x300
[  277.339663][T11334]  ? __pfx_shmem_write_begin+0x10/0x10
[  277.339676][T11334]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  277.339695][T11334]  generic_perform_write+0x3c2/0x900
[  277.339709][T11334]  ? __pfx_generic_perform_write+0x10/0x10
[  277.339722][T11334]  ? inode_needs_update_time.part.0+0x191/0x270
[  277.339738][T11334]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  277.339753][T11334]  shmem_file_write_iter+0x10e/0x140
[  277.339768][T11334]  __kernel_write_iter+0x317/0xb10
[  277.339781][T11334]  ? __pfx___kernel_write_iter+0x10/0x10
[  277.339795][T11334]  ? __pfx___might_resched+0x10/0x10
[  277.339807][T11334]  kernel_write+0x1f4/0x6c0
[  277.339819][T11334]  ? __pfx_kernel_write+0x10/0x10
[  277.339831][T11334]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  277.339848][T11334]  ? __shmem_file_setup+0x8e/0x330
[  277.339859][T11334]  big_key_preparse+0x3a3/0x5b0
[  277.339876][T11334]  ? __pfx_big_key_preparse+0x10/0x10
[  277.339891][T11334]  ? __pfx_down_read+0x10/0x10
[  277.339906][T11334]  ? __pfx_big_key_preparse+0x10/0x10
[  277.339922][T11334]  __key_create_or_update+0x458/0xe10
[  277.339938][T11334]  ? __pfx___key_create_or_update+0x10/0x10
[  277.339952][T11334]  ? lookup_user_key+0x2ce/0x1300
[  277.339968][T11334]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  277.339982][T11334]  key_create_or_update+0x42/0x60
[  277.339997][T11334]  __do_sys_add_key+0x298/0x470
[  277.340007][T11334]  ? __pfx___do_sys_add_key+0x10/0x10
[  277.340016][T11334]  ? ksys_write+0x1ac/0x250
[  277.340029][T11334]  ? rcu_is_watching+0x12/0xc0
[  277.340040][T11334]  __do_fast_syscall_32+0x7c/0x3a0
[  277.340055][T11334]  do_fast_syscall_32+0x32/0x80
[  277.340069][T11334]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.340084][T11334] RIP: 0023:0xf70ee579
[  277.340093][T11334] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  277.340105][T11334] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  277.340116][T11334] RAX: ffffffffffffffda RBX: 00000000800018c0 RCX: 0000000080001900
[  277.340123][T11334] RDX: 0000000080001940 RSI: 00000000000fffff RDI: 00000000fffffffe
[  277.340129][T11334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.340135][T11334] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  277.340142][T11334] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.340151][T11334]  </TASK>
[  277.521286][    C3] vkms_vblank_simulate: vblank timer overrun
[  277.581161][T11341] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1467'.
[  277.660065][   T63] Bluetooth: hci1: unexpected event for opcode 0x2043
[  277.834390][T11352] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1471'.
[  277.837706][T11352] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1471'.
[  277.993140][T11360] FAULT_INJECTION: forcing a failure.
[  277.993140][T11360] name failslab, interval 1, probability 0, space 0, times 0
[  277.997343][T11360] CPU: 1 UID: 0 PID: 11360 Comm: syz.1.1473 Not tainted syzkaller #0 PREEMPT(full) 
[  277.997357][T11360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.997364][T11360] Call Trace:
[  277.997368][T11360]  <TASK>
[  277.997372][T11360]  dump_stack_lvl+0x16c/0x1f0
[  277.997401][T11360]  should_fail_ex+0x512/0x640
[  277.997423][T11360]  should_failslab+0xc2/0x120
[  277.997437][T11360]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  277.997451][T11360]  ? push_jmp_history+0x2fa/0x790
[  277.997468][T11360]  krealloc_noprof+0x1ff/0x3a0
[  277.997480][T11360]  push_jmp_history+0x2fa/0x790
[  277.997492][T11360]  do_check_common+0xc52/0xb410
[  277.997509][T11360]  ? __pfx_do_check_common+0x10/0x10
[  277.997520][T11360]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  277.997548][T11360]  ? __pfx_verbose+0x10/0x10
[  277.997557][T11360]  ? __pfx_disasm_kfunc_name+0x10/0x10
[  277.997567][T11360]  ? kfree+0x2b4/0x4d0
[  277.997575][T11360]  ? bpf_check+0x7cf8/0xc4d0
[  277.997588][T11360]  bpf_check+0x8763/0xc4d0
[  277.997604][T11360]  ? __pfx_bpf_check+0x10/0x10
[  277.997615][T11360]  ? pcpu_memcg_post_alloc_hook+0x2c7/0x690
[  277.997628][T11360]  ? 0xffffffff81000000
[  277.997635][T11360]  ? lock_release+0x201/0x2f0
[  277.997649][T11360]  ? pcpu_memcg_post_alloc_hook+0x2d1/0x690
[  277.997661][T11360]  ? __pfx_verbose+0x10/0x10
[  277.997669][T11360]  ? __pfx_disasm_kfunc_name+0x10/0x10
[  277.997679][T11360]  ? rcu_is_watching+0x12/0xc0
[  277.997689][T11360]  ? bpf_prog_load+0xd41/0x2490
[  277.997703][T11360]  ? rcu_is_watching+0x12/0xc0
[  277.997715][T11360]  ? __asan_memset+0x23/0x50
[  277.997725][T11360]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  277.997739][T11360]  bpf_prog_load+0xe41/0x2490
[  277.997754][T11360]  ? __pfx_bpf_prog_load+0x10/0x10
[  277.997774][T11360]  __sys_bpf+0x4a3f/0x4de0
[  277.997788][T11360]  ? lock_release+0x201/0x2f0
[  277.997800][T11360]  ? __pfx___sys_bpf+0x10/0x10
[  277.997815][T11360]  ? ksys_write+0x190/0x250
[  277.997826][T11360]  ? rcu_is_watching+0x12/0xc0
[  277.997836][T11360]  ? lock_release+0x201/0x2f0
[  277.997849][T11360]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  277.997865][T11360]  ? fput+0x9b/0xd0
[  277.997878][T11360]  ? ksys_write+0x1ac/0x250
[  277.997889][T11360]  ? __pfx_ksys_write+0x10/0x10
[  277.997901][T11360]  __ia32_sys_bpf+0x76/0xe0
[  277.997919][T11360]  __do_fast_syscall_32+0x7c/0x3a0
[  277.997933][T11360]  do_fast_syscall_32+0x32/0x80
[  277.997946][T11360]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.997959][T11360] RIP: 0023:0xf710e579
[  277.997966][T11360] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  277.997978][T11360] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  277.997989][T11360] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  277.997995][T11360] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  277.998001][T11360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.998007][T11360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  277.998013][T11360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.998022][T11360]  </TASK>
[  279.926439][T11413] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1483'.
[  280.245346][T11419] nfs: Unknown parameter 'fowner'
[  280.274796][T11420] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1488'.
[  281.061477][   T40] audit: type=1326 audit(280.930:28499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11441 comm="syz.3.1495" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  281.172135][T11443] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1495'.
[  281.680213][   T63] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  281.683842][   T63] Bluetooth: hci1: Injecting HCI hardware error event
[  281.686988][   T63] Bluetooth: hci1: hardware error 0x00
[  281.773922][T11452] Bluetooth: hci4: Frame reassembly failed (-84)
[  281.776260][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[  282.597912][   T40] audit: type=1326 audit(282.470:28500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11478 comm="syz.0.1508" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  282.699318][T11480] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1508'.
[  283.102629][T11494] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1513'.
[  283.464899][T11503] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1517'.
[  283.468069][T11503] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1517'.
[  283.640105][   T61] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  283.760076][   T63] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  283.801833][   T61] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  283.805790][   T61] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  283.810944][   T61] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  283.813734][   T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.840153][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  283.842965][ T5983] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  283.994484][T11516] netlink: zone id is out of range
[  283.996335][T11516] netlink: zone id is out of range
[  283.998157][T11516] netlink: zone id is out of range
[  283.999911][T11516] netlink: zone id is out of range
[  284.001705][T11516] netlink: zone id is out of range
[  284.003423][T11516] netlink: zone id is out of range
[  284.005051][T11516] netlink: zone id is out of range
[  284.006677][T11516] netlink: zone id is out of range
[  284.008417][T11516] netlink: zone id is out of range
[  284.014391][T11516] netlink: zone id is out of range
[  284.019923][   T61] usb 6-1: GET_CAPABILITIES returned 0
[  284.021799][   T61] usbtmc 6-1:16.0: can't read capabilities
[  284.100777][T11521] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1522'.
[  284.237625][T11499] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1515'.
[  284.257424][   T24] usb 6-1: USB disconnect, device number 6
[  284.378142][T11528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1523'.
[  284.790877][   T40] audit: type=1326 audit(284.670:28501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.2.1524" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  285.530065][   T61] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  285.679950][   T61] usb 8-1: Using ep0 maxpacket: 16
[  285.684060][   T40] audit: type=1326 audit(285.560:28502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11551 comm="syz.2.1530" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  285.692830][   T61] usb 8-1: config 1 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.696633][   T61] usb 8-1: config 1 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32
[  285.699654][   T61] usb 8-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  285.707805][   T61] usb 8-1: config 1 interface 0 has no altsetting 0
[  285.712832][   T61] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  285.717931][   T61] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.721274][   T61] usb 8-1: Product: и
[  285.723492][   T61] usb 8-1: Manufacturer: 钂⽯ભ}ᾞ뼈謷�ࠄꄴ�쵩�㠘篤께頀��쌨�焬឴掄笗澩쨸�㺌இ뻹
[  285.728719][   T61] usb 8-1: SerialNumber: 莂浚薅瑷栧�ꗇ擷䓴謣ꥦ蹬絼�䰶ꎞх䞂悟质�惘�쨺鸰䰾㊔ꟺ᪪簪�଼磧⋉�觇�뻽⽱챞鱗᱄�뎺찑ꆥ鰦졗⣚迒咻☜㲙�蟅��쀦꙱뚩郼
[  285.741982][T11550] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  285.744873][T11550] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  285.957742][   T61] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  285.963728][   T61] usb 8-1: USB disconnect, device number 6
[  286.831809][T11585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1536'.
[  286.893206][   T40] audit: type=1326 audit(286.770:28503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11586 comm="syz.2.1538" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  287.217338][T11592] syz.1.1540: attempt to access beyond end of device
[  287.217338][T11592] md0: rw=4096, sector=2, nr_sectors = 2 limit=0
[  287.222310][T11592] EXT4-fs (md0): unable to read superblock
[  287.319893][   T40] audit: type=1326 audit(287.190:28504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11599 comm="syz.1.1542" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  287.411681][T11603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1543'.
[  287.420220][T11604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1542'.
[  288.430220][T11621] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1547'.
[  289.049784][T11627] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1549'.
[  290.015363][   T40] audit: type=1326 audit(289.890:28505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.0.1552" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  290.078079][T11640] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1552'.
[  290.806740][ T5983] Bluetooth: hci0: unexpected event for opcode 0x2043
[  290.953382][T11659] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1560'.
[  291.415668][T11662] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  291.418426][T11662] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  291.421866][T11662] vhci_hcd vhci_hcd.0: Device attached
[  291.538944][   T61] libceph: connect (1)[c::]:6789 error -101
[  291.541764][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  291.544335][   T61] libceph: connect (1)[c::]:6789 error -101
[  291.546663][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  291.560831][T11663] vhci_hcd: connection closed
[  291.561004][ T1141] vhci_hcd: stop threads
[  291.564204][ T1141] vhci_hcd: release socket
[  291.565929][ T1141] vhci_hcd: disconnect device
[  291.585432][T11675] ceph: No mds server is up or the cluster is laggy
[  291.599846][   T34] vhci_hcd: vhci_device speed not set
[  291.600053][T11677] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1565'.
[  291.770127][T11687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1568'.
[  291.789184][T11687] 9pnet: Found fid 0 not clunked
[  292.444842][T11703] wlan0 speed is unknown, defaulting to 1000
[  292.447920][T11703] lo speed is unknown, defaulting to 1000
[  292.605388][   T40] audit: type=1326 audit(292.481:28506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11702 comm="syz.3.1572" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  292.829770][   T40] audit: type=1326 audit(292.711:28507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11713 comm="syz.0.1575" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  292.927267][   T40] audit: type=1326 audit(292.801:28508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11717 comm="syz.1.1576" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  293.037670][T11720] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1576'.
[  294.345626][   T40] audit: type=1326 audit(294.221:28509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.2.1582" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  294.353112][   T40] audit: type=1326 audit(294.221:28510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.2.1582" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  294.359975][   T40] audit: type=1326 audit(294.221:28511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.2.1582" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  294.366893][   T40] audit: type=1326 audit(294.221:28512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.2.1582" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  294.374893][   T40] audit: type=1326 audit(294.221:28513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.2.1582" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  294.486820][   T34] lo speed is unknown, defaulting to 1000
[  294.879734][ T5983] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  294.883006][ T5983] Bluetooth: hci0: Injecting HCI hardware error event
[  294.886415][   T63] Bluetooth: hci0: hardware error 0x00
[  295.365857][T11752] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1586'.
[  295.386323][   T40] audit: type=1326 audit(295.261:28514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.2.1587" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  296.270136][T11777] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  296.272134][T11777] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  296.274618][T11777] vhci_hcd vhci_hcd.0: Device attached
[  296.386312][T11781] nfs: Unknown parameter '00000000000000000000'
[  296.539368][   T34] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  296.959339][   T63] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  297.019687][T11778] vhci_hcd: connection reset by peer
[  297.021958][ T1141] vhci_hcd: stop threads
[  297.023418][ T1141] vhci_hcd: release socket
[  297.025129][ T1141] vhci_hcd: disconnect device
[  297.225479][   T40] audit: type=1326 audit(297.101:28515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.2.1596" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  298.228575][T11813] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1601'.
[  298.392266][T11820] nfs: Unknown parameter 'fowner'
[  299.686492][   T63] Bluetooth: hci3: unexpected event for opcode 0x2043
[  300.057689][T11859] wlan0 speed is unknown, defaulting to 1000
[  300.061414][T11859] lo speed is unknown, defaulting to 1000
[  300.200449][T11875] overlay: ./file0 is not a directory
[  300.329100][ T6009] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  300.392494][T11884] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  300.398145][T11884] batman_adv: batadv0: Adding interface: ip6gretap1
[  300.401351][T11884] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.410930][T11884] batman_adv: batadv0: Interface activated: ip6gretap1
[  300.481674][ T6009] usb 7-1: Using ep0 maxpacket: 8
[  300.485856][ T6009] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  300.498086][ T6009] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  300.503747][ T6009] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  300.513881][ T6009] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  300.520130][ T6009] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  300.529119][ T6009] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.737519][ T6009] usb 7-1: GET_CAPABILITIES returned 0
[  300.739368][ T6009] usbtmc 7-1:16.0: can't read capabilities
[  301.004732][T11895] ptrace attach of ""[11894] was attempted by "/syz-executor exec"[11895]
[  301.270208][ T3245] usb 7-1: USB disconnect, device number 15
[  301.384308][T11901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1625'.
[  301.669050][   T34] vhci_hcd: vhci_device speed not set
[  302.242884][T11913] overlayfs: failed to resolve './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa': -2
[  302.288025][T11899] kexec: Could not allocate control_code_buffer
[  302.305308][T11899] Process accounting resumed
[  302.339376][T11928] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1632'.
[  302.680127][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1637'.
[  303.221700][T11955] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1639'.
[  303.267320][T11957] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1640'.
[  303.697400][T11979] nfs: Unknown parameter 'fown00000000000000000000'
[  303.759064][   T63] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  303.763794][   T63] Bluetooth: hci3: Injecting HCI hardware error event
[  303.767396][   T63] Bluetooth: hci3: hardware error 0x00
[  304.516600][T11993] IPVS: set_ctl: invalid protocol: 59 224.0.0.2:20001
[  304.522058][T11993] netlink: 'syz.2.1650': attribute type 1 has an invalid length.
[  304.541465][T11993] 8021q: adding VLAN 0 to HW filter on device bond1
[  304.565713][T11993] bond1: (slave veth3): Enslaving as an active interface with a down link
[  304.576996][T11993] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1650'.
[  304.732360][T12001] random: crng reseeded on system resumption
[  305.096175][T12013] net_ratelimit: 6 callbacks suppressed
[  305.096187][T12013] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  305.636533][T12025] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  305.838830][   T63] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  305.930171][T12029] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1661'.
[  306.050473][   T40] audit: type=1326 audit(305.931:28516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12034 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7fc00000
[  306.059533][   T40] audit: type=1326 audit(305.931:28517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12034 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7fc00000
[  306.277726][   T40] audit: type=1326 audit(306.151:28518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12046 comm="syz.1.1667" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  306.378665][T12050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1667'.
[  306.857991][   T40] audit: type=1326 audit(306.731:28519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12034 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee598 code=0x7fc00000
[  307.391001][T12077] overlayfs: missing 'lowerdir'
[  308.120133][ T4342] hid_parser_main: 5 callbacks suppressed
[  308.120151][ T4342] hid-generic 0000:0D17:0000.0008: unknown main item tag 0x0
[  308.125314][ T4342] hid-generic 0000:0D17:0000.0008: unknown main item tag 0x0
[  308.139328][ T4342] hid-generic 0000:0D17:0000.0008: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  308.481547][T12106] wg2: left promiscuous mode
[  309.363520][T12129] mmap: syz.1.1691 (12129): VmData 37769216 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  309.398338][   T40] audit: type=1326 audit(309.271:28520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12133 comm="syz.2.1692" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  309.631775][T12146] netlink: 'syz.0.1697': attribute type 1 has an invalid length.
[  309.639729][T12146] 8021q: adding VLAN 0 to HW filter on device bond2
[  309.644572][T12146] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1697'.
[  309.657881][T12146] veth5: entered promiscuous mode
[  310.629555][   T40] audit: type=1326 audit(310.512:28521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12193 comm="syz.0.1714" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  311.090355][T12197] 9pnet_fd: p9_fd_create_unix (12197): problem connecting socket: ./file0/file0: -2
[  311.095006][T12198] 9pnet_fd: p9_fd_create_unix (12198): problem connecting socket: ./file0/file0: -2
[  311.146728][T12206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1718'.
[  311.250340][T12213] nfs: Unknown parameter 'fowner'
[  311.470079][T12219] ubi31: attaching mtd0
[  311.472143][T12219] ubi31: scanning is finished
[  311.473877][T12219] ubi31: empty MTD device detected
[  311.505888][T12223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1723'.
[  311.565267][T12219] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  311.567848][T12219] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  311.571052][T12219] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  311.573413][T12219] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  311.576153][T12219] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  311.578783][T12219] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  311.581612][T12219] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1893131593
[  311.585084][T12219] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  311.591978][T12226] ubi31: background thread "ubi_bgt31d" started, PID 12226
[  311.977671][T12236] bond0: (slave syz_tun): Releasing backup interface
[  312.009435][T12232] bridge0: port 1(veth0_to_team) entered blocking state
[  312.011936][T12232] bridge0: port 1(veth0_to_team) entered disabled state
[  312.014519][T12232] veth0_to_team: entered allmulticast mode
[  312.017624][T12232] veth0_to_team: entered promiscuous mode
[  312.228346][T12247] bond2: (slave ip6erspan0): Releasing active interface
[  312.245695][T12247] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  312.248426][T12247] batman_adv: batadv0: Removing interface: ip6gretap1
[  312.317575][T12247] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1729'.
[  312.324891][T12247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1729'.
[  313.027399][T12275] nfs: Unknown parameter 'fowner'
[  313.503037][T12280] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  313.563351][T12279] FAULT_INJECTION: forcing a failure.
[  313.563351][T12279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.569036][T12279] CPU: 1 UID: 0 PID: 12279 Comm: syz.2.1736 Not tainted syzkaller #0 PREEMPT(full) 
[  313.569073][T12279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  313.569084][T12279] Call Trace:
[  313.569089][T12279]  <TASK>
[  313.569097][T12279]  dump_stack_lvl+0x16c/0x1f0
[  313.569122][T12279]  should_fail_ex+0x512/0x640
[  313.569153][T12279]  _copy_to_user+0x32/0xd0
[  313.569171][T12279]  simple_read_from_buffer+0xcb/0x170
[  313.569189][T12279]  proc_fail_nth_read+0x197/0x240
[  313.569207][T12279]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  313.569225][T12279]  ? security_file_permission+0x71/0x210
[  313.569250][T12279]  ? rw_verify_area+0xcf/0x6c0
[  313.569266][T12279]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  313.569284][T12279]  vfs_read+0x1e4/0xcf0
[  313.569305][T12279]  ? __pfx_vfs_read+0x10/0x10
[  313.569323][T12279]  ? rcu_is_watching+0x12/0xc0
[  313.569344][T12279]  ? __fget_files+0x20e/0x3c0
[  313.569366][T12279]  ksys_read+0x12a/0x250
[  313.569384][T12279]  ? __pfx_ksys_read+0x10/0x10
[  313.569404][T12279]  ? rcu_is_watching+0x12/0xc0
[  313.569422][T12279]  __do_fast_syscall_32+0x7c/0x3a0
[  313.569446][T12279]  do_fast_syscall_32+0x32/0x80
[  313.569467][T12279]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  313.569488][T12279] RIP: 0023:0xf70ee579
[  313.569502][T12279] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  313.569519][T12279] RSP: 002b:00000000f54bd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  313.569536][T12279] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f54bd620
[  313.569547][T12279] RDX: 000000000000000f RSI: 00000000f7454ff4 RDI: 0000000000000000
[  313.569557][T12279] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  313.569567][T12279] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  313.569577][T12279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  313.569593][T12279]  </TASK>
[  313.888490][T12284] comedi comedi3: pcl818: I/O port conflict (0x4f27,16)
[  314.300518][T12303] 9pnet_fd: Insufficient options for proto=fd
[  314.779366][T12311] nfs: Unknown parameter 'fowner'
[  315.625302][T12348] netlink: 'syz.2.1763': attribute type 29 has an invalid length.
[  315.725210][T12354] input: syz1 as /devices/virtual/input/input13
[  315.796589][T12350] /dev/nullb0: Can't open blockdev
[  315.805966][T12350] wlan0 speed is unknown, defaulting to 1000
[  315.808254][T12350] lo speed is unknown, defaulting to 1000
[  316.046495][   T40] audit: type=1326 audit(315.922:28522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12361 comm="syz.1.1767" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  316.099706][T12363] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1767'.
[  316.410313][   T40] audit: type=1326 audit(316.292:28523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.0.1771" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  316.504466][T12376] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1772'.
[  316.513464][T12377] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1771'.
[  316.640376][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  316.643158][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  317.058734][ T1457] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  317.208134][ T1457] usb 7-1: Using ep0 maxpacket: 32
[  317.219352][ T1457] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  317.222234][ T1457] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  317.225622][ T1457] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  317.229131][ T1457] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  317.232291][ T1457] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  317.235700][ T1457] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  317.240053][ T1457] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  317.243012][ T1457] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.253559][ T1457] usb 7-1: config 0 descriptor??
[  318.094821][T12427] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1783'.
[  319.314537][T12458] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1793'.
[  319.427536][ T1457] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 16 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  319.433158][ T1457] usb 7-1: USB disconnect, device number 16
[  319.436024][ T1457] usblp0: removed
[  319.686214][T12478] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  319.691034][T12478] ptrace attach of "/syz-executor exec"[5977] was attempted by ""[12478]
[  319.754704][T12482] FAULT_INJECTION: forcing a failure.
[  319.754704][T12482] name failslab, interval 1, probability 0, space 0, times 0
[  319.768001][T12482] CPU: 1 UID: 0 PID: 12482 Comm: syz.3.1799 Not tainted syzkaller #0 PREEMPT(full) 
[  319.768017][T12482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.768023][T12482] Call Trace:
[  319.768027][T12482]  <TASK>
[  319.768031][T12482]  dump_stack_lvl+0x16c/0x1f0
[  319.768048][T12482]  should_fail_ex+0x512/0x640
[  319.768064][T12482]  ? xprt_alloc+0x32/0x850
[  319.768074][T12482]  should_failslab+0xc2/0x120
[  319.768089][T12482]  __kmalloc_noprof+0xd2/0x510
[  319.768101][T12482]  ? is_bpf_text_address+0x8a/0x1a0
[  319.768114][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768131][T12482]  xprt_alloc+0x32/0x850
[  319.768142][T12482]  xs_setup_xprt+0xaf/0x430
[  319.768156][T12482]  ? lock_release+0x201/0x2f0
[  319.768169][T12482]  xs_setup_local+0x47/0x820
[  319.768179][T12482]  xprt_create_transport+0x169/0x730
[  319.768194][T12482]  rpc_create+0x38e/0x7f0
[  319.768202][T12482]  ? __pfx_stack_trace_save+0x10/0x10
[  319.768214][T12482]  ? __pfx_rpc_create+0x10/0x10
[  319.768222][T12482]  ? __mutex_trylock_common+0xe9/0x250
[  319.768237][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768251][T12482]  ? __pfx___might_resched+0x10/0x10
[  319.768262][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768272][T12482]  rpcb_create_af_local+0x11b/0x310
[  319.768285][T12482]  ? __pfx_rpcb_create_af_local+0x10/0x10
[  319.768301][T12482]  ? rpcb_create_local+0x1da/0x270
[  319.768313][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768323][T12482]  ? lock_release+0x201/0x2f0
[  319.768336][T12482]  rpcb_create_local+0x1ee/0x270
[  319.768349][T12482]  svc_bind+0x1e8/0x260
[  319.768363][T12482]  nfsd_create_serv+0x2d2/0x480
[  319.768374][T12482]  ? __pfx_nfsd_create_serv+0x10/0x10
[  319.768385][T12482]  ? __nla_validate_parse+0x600/0x2880
[  319.768396][T12482]  nfsd_nl_listener_set_doit+0xdd/0x1b10
[  319.768412][T12482]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  319.768425][T12482]  ? __nla_parse+0x40/0x60
[  319.768435][T12482]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  319.768452][T12482]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  319.768469][T12482]  genl_family_rcv_msg_doit+0x206/0x2f0
[  319.768485][T12482]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  319.768500][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768511][T12482]  ? bpf_lsm_capable+0x9/0x10
[  319.768521][T12482]  ? security_capable+0x7e/0x260
[  319.768532][T12482]  genl_rcv_msg+0x55c/0x800
[  319.768547][T12482]  ? __pfx_genl_rcv_msg+0x10/0x10
[  319.768562][T12482]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  319.768577][T12482]  netlink_rcv_skb+0x155/0x420
[  319.768590][T12482]  ? __pfx_genl_rcv_msg+0x10/0x10
[  319.768605][T12482]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.768621][T12482]  ? netlink_deliver_tap+0x1ae/0xd30
[  319.768633][T12482]  ? is_vmalloc_addr+0x86/0xa0
[  319.768645][T12482]  genl_rcv+0x28/0x40
[  319.768659][T12482]  netlink_unicast+0x5aa/0x870
[  319.768672][T12482]  ? __pfx_netlink_unicast+0x10/0x10
[  319.768686][T12482]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  319.768700][T12482]  netlink_sendmsg+0x8d1/0xdd0
[  319.768714][T12482]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.768728][T12482]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  319.768740][T12482]  ____sys_sendmsg+0xa95/0xc70
[  319.768757][T12482]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.768772][T12482]  ? get_compat_msghdr+0x11a/0x170
[  319.768785][T12482]  ? kstrtouint_from_user+0x13c/0x1d0
[  319.768799][T12482]  ___sys_sendmsg+0x134/0x1d0
[  319.768811][T12482]  ? get_pid_task+0xfc/0x250
[  319.768825][T12482]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.768840][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768854][T12482]  __sys_sendmsg+0x16d/0x220
[  319.768866][T12482]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.768882][T12482]  ? rcu_is_watching+0x12/0xc0
[  319.768892][T12482]  __do_fast_syscall_32+0x7c/0x3a0
[  319.768906][T12482]  do_fast_syscall_32+0x32/0x80
[  319.768919][T12482]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.768932][T12482] RIP: 0023:0xf7fb3579
[  319.768940][T12482] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.768950][T12482] RSP: 002b:00000000f549455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  319.768961][T12482] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  319.768967][T12482] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.768973][T12482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.768978][T12482] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.768984][T12482] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.768993][T12482]  </TASK>
[  320.532635][T12510] netlink: 'syz.3.1811': attribute type 1 has an invalid length.
[  320.535122][T12510] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1811'.
[  320.862892][T12528] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  320.937527][T12532] netlink: 'syz.0.1819': attribute type 9 has an invalid length.
[  321.075614][ T5983] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  321.078695][ T5983] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  321.084483][ T5983] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  321.088997][ T5983] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  321.093239][ T5983] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  321.110576][T12540] wlan0 speed is unknown, defaulting to 1000
[  321.114419][T12540] lo speed is unknown, defaulting to 1000
[  321.192355][T12540] chnl_net:caif_netlink_parms(): no params data found
[  321.233986][ T1140] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.239502][T12540] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.241844][T12540] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.244172][T12540] bridge_slave_0: entered allmulticast mode
[  321.246476][T12540] bridge_slave_0: entered promiscuous mode
[  321.249683][T12540] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.252003][T12540] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.254302][T12540] bridge_slave_1: entered allmulticast mode
[  321.256578][T12540] bridge_slave_1: entered promiscuous mode
[  321.274907][T12540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.279108][T12540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.300470][T12540] team0: Port device team_slave_0 added
[  321.303404][T12540] team0: Port device team_slave_1 added
[  321.320551][T12540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.322765][T12540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.331396][T12540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.335404][T12540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.337631][T12540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.345869][T12540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.356160][ T1140] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.366464][T12552] nfs: Unknown parameter 'fowner'
[  321.388759][T12540] hsr_slave_0: entered promiscuous mode
[  321.390950][T12540] hsr_slave_1: entered promiscuous mode
[  321.392976][T12540] debugfs: 'hsr0' already exists in 'hsr'
[  321.394889][T12540] Cannot create hsr debugfs directory
[  321.414590][ T1140] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.513947][ T1140] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  322.110383][ T1140] dvmrp9 (unregistering): left allmulticast mode
[  322.185199][ T1140] bond0 (unregistering): Released all slaves
[  322.207222][ T1140] bond1 (unregistering): Released all slaves
[  322.243343][ T1140] bond2 (unregistering): Released all slaves
[  322.313488][T12559] comedi comedi3: pcl812: I/O port conflict (0x4f27,16)
[  322.441478][ T1140] tipc: Left network mode
[  322.472582][ T1140] IPVS: stopping backup sync thread 8937 ...
[  322.997107][ T1140] hsr_slave_0: left promiscuous mode
[  323.010034][ T1140] hsr_slave_1: left promiscuous mode
[  323.129677][ T5983] Bluetooth: hci4: command tx timeout
[  323.654889][T12540] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  323.659964][T12540] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  323.673949][T12540] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  323.678924][T12540] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  323.751122][T12540] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.761981][T12540] 8021q: adding VLAN 0 to HW filter on device team0
[  323.766253][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.769461][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.776976][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.779275][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.953878][T12540] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.970543][T12540] veth0_vlan: entered promiscuous mode
[  323.974369][T12540] veth1_vlan: entered promiscuous mode
[  323.986787][T12540] veth0_macvtap: entered promiscuous mode
[  323.991427][T12540] veth1_macvtap: entered promiscuous mode
[  323.998244][T12540] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.002735][T12540] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.007538][ T1146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.010610][ T1146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.013659][ T1146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.016734][ T1146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.040280][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.040289][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.042829][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.045293][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.344823][T12641] input: syz1 as /devices/virtual/input/input14
[  324.436836][T12645] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  324.439547][T12645] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  324.444102][T12645] vhci_hcd vhci_hcd.0: Device attached
[  324.688092][  T840] usb 43-1: new high-speed USB device number 3 using vhci_hcd
[  324.791704][T12651] netlink: 'syz.1.1847': attribute type 4 has an invalid length.
[  325.197877][ T5983] Bluetooth: hci4: command tx timeout
[  325.247403][T12646] vhci_hcd: connection reset by peer
[  325.250059][   T72] vhci_hcd: stop threads
[  325.251892][   T72] vhci_hcd: release socket
[  325.253963][   T72] vhci_hcd: disconnect device
[  325.399397][T12662] lo speed is unknown, defaulting to 1000
[  325.406598][T12662] lo speed is unknown, defaulting to 1000
[  325.424416][T12662] lo speed is unknown, defaulting to 1000
[  325.721909][T12662] infiniband s
z1: set active
[  325.723503][ T6164] lo speed is unknown, defaulting to 1000
[  325.725383][T12662] infiniband s
z1: added lo
[  325.745415][T12662] RDS/IB: s
z1: added
[  325.746876][T12662] smc: adding ib device s
z1 with port count 1
[  325.749174][T12662] smc:    ib device s
z1 port 1 has pnetid 
[  325.751360][ T6164] lo speed is unknown, defaulting to 1000
[  325.753688][T12662] lo speed is unknown, defaulting to 1000
[  325.797539][T12662] lo speed is unknown, defaulting to 1000
[  325.830236][T12662] lo speed is unknown, defaulting to 1000
[  325.864606][T12662] lo speed is unknown, defaulting to 1000
[  325.875190][   T40] audit: type=1326 audit(325.752:28524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12677 comm="syz.1.1854" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  327.023027][ T5983] Bluetooth: Frame is too long (len 67, expected len 4)
[  327.065221][T12709] kvm: pic: non byte read
[  327.070057][T12709] kvm: pic: non byte write
[  327.111045][T12696] block nbd1: shutting down sockets
[  327.150550][   T40] audit: type=1326 audit(327.032:28525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12712 comm="syz.1.1865" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  327.287648][ T5983] Bluetooth: hci4: command tx timeout
[  328.367810][T12736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1871'.
[  329.316344][T12766] overlay: Unknown parameter 'uid>00000000000000000000'
[  329.357638][ T5983] Bluetooth: hci4: command tx timeout
[  329.545274][T12777] wlan0 speed is unknown, defaulting to 1000
[  329.547773][T12777] lo speed is unknown, defaulting to 1000
[  329.550024][T12777] lo speed is unknown, defaulting to 1000
[  329.837690][  T840] vhci_hcd: vhci_device speed not set
[  330.281565][T12794] loop7: detected capacity change from 0 to 7
[  330.302418][T12796] Driver unsupported XDP return value 0 on prog  (id 410) dev N/A, expect packet loss!
[  330.407926][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  330.408136][T12794] Dev loop7: unable to read RDB block 7
[  330.412145][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  330.414036][T12794]  loop7: unable to read partition table
[  330.420207][T12794] loop7: partition table beyond EOD, 
[  330.420217][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  330.420223][T12794] truncated
[  330.420235][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  330.426546][T12794] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  330.503735][T12807] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1894'.
[  330.506589][T12807] 0ªX¹¦D: renamed from macvtap0
[  330.511648][T12807] 0ªX¹¦D: entered allmulticast mode
[  330.513395][T12807] veth0_macvtap: entered allmulticast mode
[  330.539222][T12807] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  331.544902][   T40] audit: type=1326 audit(331.423:28526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12829 comm="syz.0.1900" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  331.559033][   T40] audit: type=1326 audit(331.443:28527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.2.1901" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  331.606247][T12834] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1900'.
[  331.614610][T12835] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1901'.
[  332.518928][ T1146] tipc: Subscription rejected, illegal request
[  332.521056][T12845] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1905'.
[  332.801318][T12857] nfs: Unknown parameter 'fowner'
[  333.599803][T12871] nfs: Unknown parameter 'fowner'
[  334.059641][T12875] mkiss: ax0: crc mode is auto.
[  334.079674][T12876] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1911'.
[  334.526017][T12887] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1915'.
[  334.553623][T12889] fuse: Bad value for 'fd'
[  334.705446][T12897] FAULT_INJECTION: forcing a failure.
[  334.705446][T12897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.710197][T12897] CPU: 2 UID: 0 PID: 12897 Comm: syz.2.1917 Not tainted syzkaller #0 PREEMPT(full) 
[  334.710213][T12897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  334.710220][T12897] Call Trace:
[  334.710224][T12897]  <TASK>
[  334.710228][T12897]  dump_stack_lvl+0x16c/0x1f0
[  334.710245][T12897]  should_fail_ex+0x512/0x640
[  334.710262][T12897]  _copy_to_user+0x32/0xd0
[  334.710272][T12897]  simple_read_from_buffer+0xcb/0x170
[  334.710283][T12897]  proc_fail_nth_read+0x197/0x240
[  334.710294][T12897]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  334.710304][T12897]  ? security_file_permission+0x71/0x210
[  334.710319][T12897]  ? rw_verify_area+0xcf/0x6c0
[  334.710330][T12897]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  334.710340][T12897]  vfs_read+0x1e4/0xcf0
[  334.710352][T12897]  ? __pfx_vfs_read+0x10/0x10
[  334.710363][T12897]  ? rcu_is_watching+0x12/0xc0
[  334.710376][T12897]  ? __fget_files+0x20e/0x3c0
[  334.710388][T12897]  ksys_read+0x12a/0x250
[  334.710399][T12897]  ? __pfx_ksys_read+0x10/0x10
[  334.710410][T12897]  ? rcu_is_watching+0x12/0xc0
[  334.710420][T12897]  __do_fast_syscall_32+0x7c/0x3a0
[  334.710435][T12897]  do_fast_syscall_32+0x32/0x80
[  334.710447][T12897]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  334.710460][T12897] RIP: 0023:0xf70ee579
[  334.710468][T12897] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  334.710479][T12897] RSP: 002b:00000000f54de590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  334.710489][T12897] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54de620
[  334.710495][T12897] RDX: 000000000000000f RSI: 00000000f7454ff4 RDI: 0000000000000000
[  334.710501][T12897] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  334.710507][T12897] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  334.710513][T12897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  334.710521][T12897]  </TASK>
[  334.780339][    C2] hpet: Lost 3 RTC interrupts
[  334.861254][T12903] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  334.962549][T12906] netlink: 'syz.2.1924': attribute type 1 has an invalid length.
[  335.710743][T12914] overlayfs: missing 'workdir'
[  335.771500][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  335.773962][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  335.776576][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  335.779703][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  335.782385][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  335.795653][T12916] wlan0 speed is unknown, defaulting to 1000
[  335.798492][T12916] lo speed is unknown, defaulting to 1000
[  335.800774][T12916] lo speed is unknown, defaulting to 1000
[  335.875455][T12918] wlan0 speed is unknown, defaulting to 1000
[  335.883316][T12918] lo speed is unknown, defaulting to 1000
[  335.887125][ T6062] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  335.887277][T12918] lo speed is unknown, defaulting to 1000
[  335.889680][    C1] raw-gadget.0 gadget.0: ignoring, device is not running
[  335.896405][T12916] chnl_net:caif_netlink_parms(): no params data found
[  336.303372][T12916] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.305798][T12916] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.308891][T12916] bridge_slave_0: entered allmulticast mode
[  336.311789][T12916] bridge_slave_0: entered promiscuous mode
[  336.314443][T12916] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.316712][T12916] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.319346][T12916] bridge_slave_1: entered allmulticast mode
[  336.321651][T12916] bridge_slave_1: entered promiscuous mode
[  336.326360][T12932] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  336.329626][T12932] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  336.335941][T12933] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  336.344810][T12933] netlink: 'syz.3.1931': attribute type 1 has an invalid length.
[  336.348686][T12932] netlink: 'syz.3.1931': attribute type 1 has an invalid length.
[  336.356872][T12916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.372949][T12916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.403769][T12916] team0: Port device team_slave_0 added
[  336.409833][T12916] team0: Port device team_slave_1 added
[  336.435222][T12937] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  336.435954][T12916] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.441024][T12916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.450080][T12916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.455067][T12916] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.458576][T12916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.467250][T12916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.504355][T12916] hsr_slave_0: entered promiscuous mode
[  336.506460][T12916] hsr_slave_1: entered promiscuous mode
[  336.508771][T12916] debugfs: 'hsr0' already exists in 'hsr'
[  336.510643][T12916] Cannot create hsr debugfs directory
[  336.588912][T12916] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  336.592543][T12916] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  336.596026][T12916] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  336.601954][T12916] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  336.626964][T12916] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.632290][T12916] 8021q: adding VLAN 0 to HW filter on device team0
[  336.640365][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.643215][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.648466][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.651477][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.728558][T12916] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.820016][T12916] veth0_vlan: entered promiscuous mode
[  336.825567][T12916] veth1_vlan: entered promiscuous mode
[  336.838618][T12916] veth0_macvtap: entered promiscuous mode
[  336.842439][T12916] veth1_macvtap: entered promiscuous mode
[  336.850036][T12916] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.855215][T12916] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.860062][   T60] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.863578][   T60] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.867555][   T60] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.870477][   T60] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.888185][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.891499][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.899781][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.902288][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.054934][T12969] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  337.058829][T12969] overlayfs: missing 'lowerdir'
[  337.411099][   T40] audit: type=1326 audit(337.293:28528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12982 comm="syz.2.1941" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  337.513399][T12984] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1941'.
[  337.837174][   T63] Bluetooth: hci0: command tx timeout
[  339.917130][   T63] Bluetooth: hci0: command tx timeout
[  342.006948][   T63] Bluetooth: hci0: command tx timeout
[  344.076722][   T63] Bluetooth: hci0: command tx timeout
[  356.667182][T13008] netlink: 'syz.0.1946': attribute type 21 has an invalid length.
[  356.669829][T13007] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  356.766801][   T40] audit: type=1326 audit(356.654:28529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13012 comm="syz.0.1947" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  356.819198][T13014] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1947'.
[  357.115945][   T34] wlan0 speed is unknown, defaulting to 1000
[  357.118662][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.121457][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.126518][   T34] wlan0 speed is unknown, defaulting to 1000
[  357.128475][   T34] syz2: Port: 1 Link ACTIVE
[  358.586313][T13031] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1951'.
[  358.695952][   T63] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  358.696013][   T63] Bluetooth: hci0: Unknown advertising packet type: 0x31
[  358.698336][   T63] Bluetooth: hci0: Malformed LE Event: 0x0d
[  358.968211][T13037] Bluetooth: MGMT ver 1.23
[  360.048961][T13051] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1957'.
[  360.569910][T13059] syz.2.1959: attempt to access beyond end of device
[  360.569910][T13059] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  361.585671][   T34] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  362.295650][   T34] usb 9-1: Using ep0 maxpacket: 32
[  362.299352][   T34] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  362.305799][   T34] usb 9-1: config 0 has no interface number 0
[  362.308881][   T34] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  362.313186][   T34] usb 9-1: config 0 interface 85 has no altsetting 0
[  362.317356][   T34] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  362.325639][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.328972][   T34] usb 9-1: Product: syz
[  362.330541][   T34] usb 9-1: Manufacturer: syz
[  362.332150][   T34] usb 9-1: SerialNumber: syz
[  362.346061][   T34] usb 9-1: config 0 descriptor??
[  362.553170][T13089] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  362.555329][T13089] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  362.562652][T13089] vhci_hcd vhci_hcd.0: Device attached
[  362.573613][T13089] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[  362.576405][T13089] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[  362.805608][ T6062] usb 43-1: new low-speed USB device number 4 using vhci_hcd
[  362.877723][   T34] appletouch 9-1:0.85: Failed to read mode from device.
[  362.880842][   T34] appletouch 9-1:0.85: probe with driver appletouch failed with error -5
[  362.904273][   T34] usb 9-1: USB disconnect, device number 2
[  363.463915][T13090] vhci_hcd: connection reset by peer
[  363.466156][ T1141] vhci_hcd: stop threads
[  363.467941][ T1141] vhci_hcd: release socket
[  363.474290][ T1141] vhci_hcd: disconnect device
[  363.662570][ T1457] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  364.154076][ T1457] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  364.215636][T13115] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1972'.
[  364.608009][  T840] IPVS: starting estimator thread 0...
[  364.696145][T13117] IPVS: using max 56 ests per chain, 134400 per kthread
[  364.859951][ T1457] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  364.910996][ T1457] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  364.914083][ T1457] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  364.917661][ T1457] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  364.953515][ T1457] usb 9-1: string descriptor 0 read error: -71
[  364.956190][ T1457] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  364.959044][ T1457] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  364.965567][ T1457] usb 9-1: can't set config #1, error -71
[  364.967755][ T1457] usb 9-1: USB disconnect, device number 3
[  365.294889][T13149] Bluetooth: hci2: Frame reassembly failed (-84)
[  365.299773][ T6802] Bluetooth: hci2: Frame reassembly failed (-84)
[  366.119577][T13156] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1982'.
[  366.133135][T13156] netlink: 'syz.0.1982': attribute type 1 has an invalid length.
[  366.146249][T13156] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1982'.
[  366.385525][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  366.535442][   T24] usb 5-1: Using ep0 maxpacket: 16
[  366.540234][   T24] usb 5-1: config 0 has no interfaces?
[  366.554834][   T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  366.558760][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.561279][   T24] usb 5-1: Product: syz
[  366.562618][   T24] usb 5-1: Manufacturer: syz
[  366.564093][   T24] usb 5-1: SerialNumber: syz
[  366.566557][   T24] usb 5-1: config 0 descriptor??
[  366.831821][   T24] usb 5-1: USB disconnect, device number 5
[  367.001186][T13165] tipc: Started in network mode
[  367.002864][T13165] tipc: Node identity 4, cluster identity 4711
[  367.004800][T13165] tipc: Node number set to 4
[  367.295421][   T34] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  367.355470][   T63] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  367.408016][T13172] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3871408006 (495540224768 ns) > initial count (110597819392 ns). Using initial count to start timer.
[  367.455918][   T34] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  367.459266][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.462190][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.465243][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.468301][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.471098][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.474189][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.477937][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.481918][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.486852][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.490846][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.494448][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.499864][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.504798][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.509458][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.513557][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.519837][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.523033][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.527191][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.529463][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.532465][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.537165][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.538842][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  367.542775][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[  367.549096][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  367.551868][   T34] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  367.551963][   T34] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  367.551998][   T34] usb 9-1: Product: syz
[  367.552119][   T34] usb 9-1: Manufacturer: syz
[  367.552182][   T34] usb 9-1: SerialNumber: syz
[  367.562006][   T34] usb 9-1: config 0 descriptor??
[  367.576399][   T34] yurex 9-1:0.0: Could not find endpoints
[  367.905374][ T6062] vhci_hcd: vhci_device speed not set
[  368.473964][T13194] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1992'.
[  368.997942][T13191] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  369.000360][T13191] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  369.005675][T13191] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  369.008793][T13191] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  369.010905][T13191] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  369.013642][T13191] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  369.276493][T13211] 9pnet_virtio: no channels available for device syz
[  369.290903][   T40] audit: type=1804 audit(369.175:28530): pid=13209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1995" name="/newroot/466/file0/file0" dev="9p" ino=35913859 res=1 errno=0
[  369.548398][T13219] block device autoloading is deprecated and will be removed.
[  369.550961][T13219] syz.0.2001: attempt to access beyond end of device
[  369.550961][T13219] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  370.019563][  T840] usb 9-1: USB disconnect, device number 4
[  370.314049][T13225] netlink: 'syz.3.2004': attribute type 13 has an invalid length.
[  370.412367][T13225] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  370.475597][ T5983] Bluetooth: hci4: command 0x0c1a tx timeout
[  370.605699][ T1457] usb 8-1: new low-speed USB device number 7 using dummy_hcd
[  370.755255][ T1457] usb 8-1: Invalid ep0 maxpacket: 64
[  370.885242][ T1457] usb 8-1: new low-speed USB device number 8 using dummy_hcd
[  371.035323][ T5983] Bluetooth: hci0: command 0x0c1a tx timeout
[  371.085258][ T1457] usb 8-1: Invalid ep0 maxpacket: 64
[  371.088040][ T1457] usb usb8-port1: attempt power cycle
[  371.130155][ T5983] Bluetooth: hci0: unexpected event for opcode 0x2043
[  371.425206][ T1457] usb 8-1: new low-speed USB device number 9 using dummy_hcd
[  371.431386][T13253] netlink: 'syz.0.2012': attribute type 1 has an invalid length.
[  371.445688][ T1457] usb 8-1: Invalid ep0 maxpacket: 64
[  371.575216][ T1457] usb 8-1: new low-speed USB device number 10 using dummy_hcd
[  371.595837][ T1457] usb 8-1: Invalid ep0 maxpacket: 64
[  371.598317][ T1457] usb usb8-port1: unable to enumerate USB device
[  372.032517][T13262] nfs: Unknown parameter 'fowner'
[  372.555955][ T5983] Bluetooth: hci4: command 0x0c1a tx timeout
[  373.259810][T13275] vlan1: entered promiscuous mode
[  373.261512][T13275] vlan1: entered allmulticast mode
[  373.263220][T13275] veth0_vlan: entered allmulticast mode
[  373.265083][T13275] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  373.571481][T13268] delete_channel: no stack
[  373.740283][T13283] sch_tbf: burst 1023 is lower than device lo mtu (65550) !
[  374.081966][T13293] vlan1: entered promiscuous mode
[  374.084156][T13293] vlan1: entered allmulticast mode
[  374.087061][T13293] veth0_vlan: entered allmulticast mode
[  374.322380][T13299] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2026'.
[  374.634998][ T5983] Bluetooth: hci4: command 0x0c1a tx timeout
[  374.926643][T13318] 9p: Unknown Cache mode or invalid value fscach
[  374.974780][T13318] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2030'.
[  375.041586][T13323] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2030'.
[  375.204947][ T5983] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  375.208392][ T5983] Bluetooth: hci0: Injecting HCI hardware error event
[  375.219090][   T63] Bluetooth: hci0: hardware error 0x00
[  375.891538][T13335] smc: net device bond0 applied user defined pnetid SYZ2
[  375.895298][T13335] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2037'.
[  375.966871][T13335] smc: removing net device bond0 with user defined pnetid SYZ2
[  376.002286][T13335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  376.056869][T13335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  376.094047][T13335] bond0 (unregistering): Released all slaves
[  377.285539][   T63] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  377.490756][T13363] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2046'.
[  377.636910][T13374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2049'.
[  377.648982][T13374] wlan0 speed is unknown, defaulting to 1000
[  377.651367][T13374] lo speed is unknown, defaulting to 1000
[  377.653514][T13374] lo speed is unknown, defaulting to 1000
[  378.075886][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  378.077897][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  378.234725][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.377940][   T40] audit: type=1326 audit(378.265:28531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13386 comm="syz.0.2052" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  379.045540][   T40] audit: type=1326 audit(378.935:28532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.089465][   T40] audit: type=1326 audit(378.955:28533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.098401][   T40] audit: type=1326 audit(378.955:28534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.105368][   T40] audit: type=1326 audit(378.965:28535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.113799][   T40] audit: type=1326 audit(378.975:28536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.122278][   T40] audit: type=1326 audit(378.975:28537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.133478][   T40] audit: type=1326 audit(378.975:28538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.142597][   T40] audit: type=1326 audit(378.975:28539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.151008][   T40] audit: type=1326 audit(378.975:28540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13389 comm="syz.2.2053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  379.409622][T13402] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2058'.
[  379.595004][T13406] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2059'.
[  379.646700][T13403] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  380.164767][ T3245] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  380.320284][ T3245] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  380.325207][ T3245] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  380.328935][ T3245] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  380.331948][ T3245] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  380.349346][ T3245] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  380.352933][ T3245] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  380.364792][ T3245] usb 8-1: Manufacturer: syz
[  380.374963][ T3245] usb 8-1: config 0 descriptor??
[  380.624759][ T3245] rc_core: IR keymap rc-hauppauge not found
[  380.626858][ T3245] Registered IR keymap rc-empty
[  380.628575][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.645054][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.666287][ T3245] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  380.674955][ T3245] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input17
[  380.681246][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.696464][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.724803][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.744857][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.764686][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.784684][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.805230][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.824696][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.844652][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.864676][ T3245] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  380.886042][ T3245] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  380.890315][ T3245] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  381.092059][T13439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2067'.
[  381.240393][   T63] Bluetooth: hci4: unexpected event for opcode 0x2043
[  381.815787][T13453] netlink: 'syz.2.2071': attribute type 6 has an invalid length.
[  381.819091][T13453] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2071'.
[  382.117231][T13458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2073'.
[  382.120893][T13458] netlink: 6 bytes leftover after parsing attributes in process `syz.4.2073'.
[  382.308538][T13465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2072'.
[  383.016802][   T24] usb 8-1: USB disconnect, device number 11
[  384.306984][   T24] lo speed is unknown, defaulting to 1000
[  384.734679][T13499] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2085'.
[  384.795764][   T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.799027][   T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.379608][   T63] Bluetooth: hci4: unexpected event for opcode 0x2043
[  385.448737][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  385.448753][   T40] audit: type=1326 audit(385.336:28578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13512 comm="syz.3.2089" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  386.018261][T13521] nfs: Unknown parameter 'fowner'
[  386.021917][T13517] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2090'.
[  386.025191][T13517] veth0_to_team: left allmulticast mode
[  386.027129][T13517] veth0_to_team: left promiscuous mode
[  386.029440][T13517] bridge0: port 1(veth0_to_team) entered disabled state
[  386.844317][  T840] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  386.994287][  T840] usb 7-1: Using ep0 maxpacket: 16
[  386.997675][  T840] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  387.002129][  T840] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  387.005701][  T840] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.009100][  T840] usb 7-1: Product: syz
[  387.011074][  T840] usb 7-1: Manufacturer: syz
[  387.014336][  T840] usb 7-1: SerialNumber: syz
[  387.018206][  T840] usb 7-1: config 0 descriptor??
[  387.021958][  T840] hub 7-1:0.0: bad descriptor, ignoring hub
[  387.024615][  T840] hub 7-1:0.0: probe with driver hub failed with error -5
[  387.029417][  T840] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input18
[  388.339589][T13548] fuse: Unknown parameter 'grou00000000000000000000'
[  389.104235][ T6062] usb 7-1: USB disconnect, device number 17
[  389.444350][   T63] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  389.448584][   T63] Bluetooth: hci4: Injecting HCI hardware error event
[  389.451598][ T5983] Bluetooth: hci4: hardware error 0x00
[  389.590777][T13573] mkiss: ax0: crc mode is auto.
[  389.976506][   T24] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  389.981545][T13577] fuse: Unknown parameter 'grou00000000000000000000'
[  390.082387][T13579] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2109'.
[  390.085696][T13579] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2109'.
[  390.134262][   T24] usb 8-1: device descriptor read/64, error -71
[  390.384223][   T24] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  390.524102][   T24] usb 8-1: device descriptor read/64, error -71
[  390.634424][   T24] usb usb8-port1: attempt power cycle
[  390.974106][   T24] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  390.999036][   T24] usb 8-1: device descriptor read/8, error -71
[  391.063827][T13610] fuse: Unknown parameter 'group_i00000000000000000000'
[  391.097673][   T40] audit: type=1326 audit(390.986:28579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.107833][   T40] audit: type=1326 audit(390.986:28580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.116579][   T40] audit: type=1326 audit(390.986:28581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.123450][   T40] audit: type=1326 audit(390.986:28582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.130094][   T40] audit: type=1326 audit(390.986:28583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.137132][   T40] audit: type=1326 audit(390.986:28584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.143491][   T40] audit: type=1326 audit(390.986:28585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.150619][   T40] audit: type=1326 audit(390.986:28586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.157271][   T40] audit: type=1326 audit(390.986:28587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.164308][   T40] audit: type=1326 audit(390.986:28588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13611 comm="syz.4.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  391.235881][T13615] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2120'.
[  391.244242][   T24] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  391.265129][   T24] usb 8-1: device descriptor read/8, error -71
[  391.374149][   T24] usb usb8-port1: unable to enumerate USB device
[  391.515212][ T5983] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  391.865438][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2125'.
[  392.828161][T13649] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  393.391928][T13665] macsec0: entered promiscuous mode
[  393.397026][T13665] macsec0: entered allmulticast mode
[  393.405437][T13665] veth1_macvtap: entered allmulticast mode
[  393.892855][T13679] comedi comedi3: c6xdigio: I/O port conflict (0x4f2b,3)
[  394.248505][T13688] /dev/nullb0: Can't open blockdev
[  394.252741][T13688] ubi: mtd0 is already attached to ubi31
[  394.624221][T13694] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2143'.
[  395.411577][T13728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2149'.
[  396.584747][T13752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2158'.
[  396.587725][T13752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2158'.
[  396.811128][T13765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2163'.
[  396.940498][T13777] fuse: Bad value for 'user_id'
[  396.942121][T13777] fuse: Bad value for 'user_id'
[  396.987457][T13781] fuse: Unknown parameter 'rootm '
[  397.160958][T13786] comedi comedi3: c6xdigio: I/O port conflict (0x4f2b,3)
[  397.163203][T13786] ==================================================================
[  397.165777][T13786] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[  397.168263][T13786] Read of size 8 at addr ffff88805f7abe30 by task syz.0.2171/13786
[  397.172287][T13786] 
[  397.173184][T13786] CPU: 0 UID: 0 PID: 13786 Comm: syz.0.2171 Not tainted syzkaller #0 PREEMPT(full) 
[  397.173207][T13786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.173216][T13786] Call Trace:
[  397.173222][T13786]  <TASK>
[  397.173227][T13786]  dump_stack_lvl+0x116/0x1f0
[  397.173253][T13786]  print_report+0xcd/0x630
[  397.173276][T13786]  ? __virt_addr_valid+0x81/0x610
[  397.173296][T13786]  ? __phys_addr+0xe8/0x180
[  397.173315][T13786]  ? sysfs_remove_file_ns+0x63/0x70
[  397.173333][T13786]  kasan_report+0xe0/0x110
[  397.173353][T13786]  ? sysfs_remove_file_ns+0x63/0x70
[  397.173369][T13786]  sysfs_remove_file_ns+0x63/0x70
[  397.173391][T13786]  driver_remove_file+0x4a/0x60
[  397.173418][T13786]  bus_remove_driver+0x224/0x2c0
[  397.173436][T13786]  driver_unregister+0x76/0xb0
[  397.173456][T13786]  comedi_device_detach_locked+0x12c/0xa50
[  397.173481][T13786]  comedi_device_detach+0x67/0xb0
[  397.173502][T13786]  comedi_device_attach+0x43d/0x900
[  397.173526][T13786]  do_devconfig_ioctl+0x1b1/0x710
[  397.173538][T13786]  ? __mutex_lock+0x1c5/0x1060
[  397.173557][T13786]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  397.173577][T13786]  ? kasan_save_stack+0x42/0x60
[  397.173595][T13786]  ? kasan_save_stack+0x33/0x60
[  397.173613][T13786]  ? kasan_save_track+0x14/0x30
[  397.173626][T13786]  ? kasan_save_free_info+0x3b/0x60
[  397.173639][T13786]  ? __kasan_slab_free+0x60/0x70
[  397.173657][T13786]  ? kfree+0x2b4/0x4d0
[  397.173671][T13786]  ? tomoyo_path_number_perm+0x470/0x580
[  397.173693][T13786]  comedi_unlocked_ioctl+0x165d/0x2f00
[  397.173714][T13786]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  397.173733][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.173750][T13786]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  397.173778][T13786]  ? tomoyo_path_number_perm+0x295/0x580
[  397.173796][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.173812][T13786]  ? lock_release+0x201/0x2f0
[  397.173835][T13786]  ? tomoyo_path_number_perm+0x18d/0x580
[  397.173852][T13786]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  397.173871][T13786]  comedi_compat_ioctl+0x1d0/0x990
[  397.173889][T13786]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  397.173907][T13786]  ? trace_sched_exit_tp+0xd1/0x120
[  397.173931][T13786]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  397.173951][T13786]  ? do_vfs_ioctl+0x128/0x14f0
[  397.173975][T13786]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  397.174002][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.174018][T13786]  ? __fget_files+0x204/0x3c0
[  397.174031][T13786]  ? hook_file_ioctl_common+0x145/0x410
[  397.174052][T13786]  ? __fget_files+0x20e/0x3c0
[  397.174070][T13786]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  397.174089][T13786]  __ia32_compat_sys_ioctl+0x23f/0x370
[  397.174113][T13786]  __do_fast_syscall_32+0x7c/0x3a0
[  397.174133][T13786]  do_fast_syscall_32+0x32/0x80
[  397.174153][T13786]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.174174][T13786] RIP: 0023:0xf7fd8579
[  397.174187][T13786] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  397.174203][T13786] RSP: 002b:00000000f54d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  397.174214][T13786] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  397.174225][T13786] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  397.174237][T13786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  397.174247][T13786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  397.174256][T13786] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  397.174271][T13786]  </TASK>
[  397.174277][T13786] 
[  397.303599][T13786] Allocated by task 7688:
[  397.305328][T13786]  kasan_save_stack+0x33/0x60
[  397.307239][T13786]  kasan_save_track+0x14/0x30
[  397.309005][T13786]  __kasan_kmalloc+0xaa/0xb0
[  397.310876][T13786]  bus_add_driver+0x92/0x690
[  397.312432][T13786]  driver_register+0x15c/0x4b0
[  397.313983][T13786]  c6xdigio_attach+0xa3/0x4b0
[  397.315490][T13786]  comedi_device_attach+0x3b0/0x900
[  397.317127][T13786]  do_devconfig_ioctl+0x1b1/0x710
[  397.318730][T13786]  comedi_unlocked_ioctl+0x165d/0x2f00
[  397.320573][T13786]  comedi_compat_ioctl+0x1d0/0x990
[  397.322598][T13786]  __ia32_compat_sys_ioctl+0x23f/0x370
[  397.324580][T13786]  __do_fast_syscall_32+0x7c/0x3a0
[  397.326246][T13786]  do_fast_syscall_32+0x32/0x80
[  397.327816][T13786]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.329863][T13786] 
[  397.330639][T13786] Freed by task 13679:
[  397.331965][T13786]  kasan_save_stack+0x33/0x60
[  397.333486][T13786]  kasan_save_track+0x14/0x30
[  397.335000][T13786]  kasan_save_free_info+0x3b/0x60
[  397.336640][T13786]  __kasan_slab_free+0x60/0x70
[  397.338192][T13786]  kfree+0x2b4/0x4d0
[  397.339442][T13786]  kobject_put+0x1e7/0x5a0
[  397.340889][T13786]  bus_remove_driver+0x16e/0x2c0
[  397.342464][T13786]  driver_unregister+0x76/0xb0
[  397.343992][T13786]  comedi_device_detach_locked+0x12c/0xa50
[  397.346136][T13786]  comedi_device_detach+0x67/0xb0
[  397.348160][T13786]  comedi_device_attach+0x43d/0x900
[  397.350088][T13786]  do_devconfig_ioctl+0x1b1/0x710
[  397.352172][T13786]  comedi_unlocked_ioctl+0x165d/0x2f00
[  397.354223][T13786]  comedi_compat_ioctl+0x1d0/0x990
[  397.356276][T13786]  __ia32_compat_sys_ioctl+0x23f/0x370
[  397.358331][T13786]  __do_fast_syscall_32+0x7c/0x3a0
[  397.360383][T13786]  do_fast_syscall_32+0x32/0x80
[  397.362240][T13786]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.364694][T13786] 
[  397.365544][T13786] The buggy address belongs to the object at ffff88805f7abe00
[  397.365544][T13786]  which belongs to the cache kmalloc-256 of size 256
[  397.370918][T13786] The buggy address is located 48 bytes inside of
[  397.370918][T13786]  freed 256-byte region [ffff88805f7abe00, ffff88805f7abf00)
[  397.376093][T13786] 
[  397.377055][T13786] The buggy address belongs to the physical page:
[  397.379091][T13786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805f7abe00 pfn:0x5f7aa
[  397.382248][T13786] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  397.384914][T13786] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  397.387897][T13786] page_type: f5(slab)
[  397.389522][T13786] raw: 04fff00000000240 ffff88801b842b40 ffff888040400708 ffffea0001803d90
[  397.392795][T13786] raw: ffff88805f7abe00 000000000010000e 00000000f5000000 0000000000000000
[  397.395912][T13786] head: 04fff00000000240 ffff88801b842b40 ffff888040400708 ffffea0001803d90
[  397.399296][T13786] head: ffff88805f7abe00 000000000010000e 00000000f5000000 0000000000000000
[  397.402562][T13786] head: 04fff00000000001 ffffea00017dea81 00000000ffffffff 00000000ffffffff
[  397.405883][T13786] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  397.409155][T13786] page dumped because: kasan: bad access detected
[  397.411667][T13786] page_owner tracks the page as allocated
[  397.413807][T13786] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 7001, tgid 6996 (syz.2.249), ts 98567326896, free_ts 94933404856
[  397.421149][T13786]  post_alloc_hook+0x1c0/0x230
[  397.422742][T13786]  get_page_from_freelist+0x132b/0x38e0
[  397.424816][T13786]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  397.427128][T13786]  new_slab+0x94/0x330
[  397.428730][T13786]  ___slab_alloc+0xcf2/0x1740
[  397.430523][T13786]  __slab_alloc.constprop.0+0x56/0xb0
[  397.432535][T13786]  __kmalloc_node_noprof+0x2ed/0x500
[  397.434641][T13786]  alloc_slab_obj_exts+0x41/0xa0
[  397.436506][T13786]  new_slab+0x27d/0x330
[  397.438117][T13786]  ___slab_alloc+0xcf2/0x1740
[  397.440046][T13786]  kmem_cache_alloc_bulk_noprof+0x24e/0xbc0
[  397.442332][T13786]  __io_alloc_req_refill+0x98/0x500
[  397.444436][T13786]  io_submit_sqes+0xde5/0x2590
[  397.446060][T13786]  __do_sys_io_uring_enter+0xd6a/0x1630
[  397.447818][T13786]  __do_fast_syscall_32+0x7c/0x3a0
[  397.449455][T13786]  do_fast_syscall_32+0x32/0x80
[  397.451124][T13786] page last free pid 6897 tgid 6897 stack trace:
[  397.453120][T13786]  free_unref_folios+0xa61/0x16b0
[  397.454759][T13786]  folios_put_refs+0x56f/0x740
[  397.456646][T13786]  truncate_inode_pages_range+0x311/0xe50
[  397.458830][T13786]  blkdev_flush_mapping+0xfb/0x290
[  397.460847][T13786]  blkdev_put_whole+0xc4/0xf0
[  397.462730][T13786]  bdev_release+0x47e/0x6d0
[  397.464423][T13786]  blkdev_release+0x15/0x20
[  397.466284][T13786]  __fput+0x3ff/0xb70
[  397.467770][T13786]  task_work_run+0x14d/0x240
[  397.469657][T13786]  exit_to_user_mode_loop+0xeb/0x110
[  397.471623][T13786]  __do_fast_syscall_32+0x2ac/0x3a0
[  397.473539][T13786]  do_fast_syscall_32+0x32/0x80
[  397.475472][T13786]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.477901][T13786] 
[  397.478866][T13786] Memory state around the buggy address:
[  397.481252][T13786]  ffff88805f7abd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  397.484298][T13786]  ffff88805f7abd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  397.487335][T13786] >ffff88805f7abe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  397.490490][T13786]                                      ^
[  397.492735][T13786]  ffff88805f7abe80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  397.495724][T13786]  ffff88805f7abf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  397.498676][T13786] ==================================================================
[  397.502734][T13786] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  397.505504][T13786] CPU: 0 UID: 0 PID: 13786 Comm: syz.0.2171 Not tainted syzkaller #0 PREEMPT(full) 
[  397.509017][T13786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.513019][T13786] Call Trace:
[  397.514356][T13786]  <TASK>
[  397.515356][T13786]  dump_stack_lvl+0x3d/0x1f0
[  397.516907][T13786]  vpanic+0x6e8/0x7a0
[  397.518230][T13786]  ? __pfx_vpanic+0x10/0x10
[  397.519687][T13786]  ? __pfx_vprintk_emit+0x10/0x10
[  397.521306][T13786]  ? sysfs_remove_file_ns+0x63/0x70
[  397.522953][T13786]  panic+0xca/0xd0
[  397.524178][T13786]  ? __pfx_panic+0x10/0x10
[  397.525885][T13786]  ? sysfs_remove_file_ns+0x63/0x70
[  397.527968][T13786]  ? preempt_schedule_common+0x44/0xc0
[  397.530000][T13786]  ? preempt_schedule_thunk+0x16/0x30
[  397.532135][T13786]  check_panic_on_warn+0xab/0xb0
[  397.534014][T13786]  end_report+0x107/0x170
[  397.535711][T13786]  kasan_report+0xee/0x110
[  397.537433][T13786]  ? sysfs_remove_file_ns+0x63/0x70
[  397.539449][T13786]  sysfs_remove_file_ns+0x63/0x70
[  397.541400][T13786]  driver_remove_file+0x4a/0x60
[  397.543315][T13786]  bus_remove_driver+0x224/0x2c0
[  397.545403][T13786]  driver_unregister+0x76/0xb0
[  397.547243][T13786]  comedi_device_detach_locked+0x12c/0xa50
[  397.549603][T13786]  comedi_device_detach+0x67/0xb0
[  397.551620][T13786]  comedi_device_attach+0x43d/0x900
[  397.553589][T13786]  do_devconfig_ioctl+0x1b1/0x710
[  397.555810][T13786]  ? __mutex_lock+0x1c5/0x1060
[  397.557512][T13786]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  397.559283][T13786]  ? kasan_save_stack+0x42/0x60
[  397.560878][T13786]  ? kasan_save_stack+0x33/0x60
[  397.562469][T13786]  ? kasan_save_track+0x14/0x30
[  397.564058][T13786]  ? kasan_save_free_info+0x3b/0x60
[  397.565713][T13786]  ? __kasan_slab_free+0x60/0x70
[  397.567285][T13786]  ? kfree+0x2b4/0x4d0
[  397.568581][T13786]  ? tomoyo_path_number_perm+0x470/0x580
[  397.570457][T13786]  comedi_unlocked_ioctl+0x165d/0x2f00
[  397.572161][T13786]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  397.574000][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.575346][T13786]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  397.577715][T13786]  ? tomoyo_path_number_perm+0x295/0x580
[  397.579508][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.581016][T13786]  ? lock_release+0x201/0x2f0
[  397.582520][T13786]  ? tomoyo_path_number_perm+0x18d/0x580
[  397.584274][T13786]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  397.586232][T13786]  comedi_compat_ioctl+0x1d0/0x990
[  397.587853][T13786]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  397.589631][T13786]  ? trace_sched_exit_tp+0xd1/0x120
[  397.591214][T13786]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  397.593002][T13786]  ? do_vfs_ioctl+0x128/0x14f0
[  397.594430][T13786]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  397.596412][T13786]  ? rcu_is_watching+0x12/0xc0
[  397.597845][T13786]  ? __fget_files+0x204/0x3c0
[  397.599318][T13786]  ? hook_file_ioctl_common+0x145/0x410
[  397.601156][T13786]  ? __fget_files+0x20e/0x3c0
[  397.602658][T13786]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  397.604390][T13786]  __ia32_compat_sys_ioctl+0x23f/0x370
[  397.606065][T13786]  __do_fast_syscall_32+0x7c/0x3a0
[  397.607665][T13786]  do_fast_syscall_32+0x32/0x80
[  397.609215][T13786]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.611322][T13786] RIP: 0023:0xf7fd8579
[  397.612702][T13786] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  397.619872][T13786] RSP: 002b:00000000f54d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  397.623530][T13786] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  397.626847][T13786] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  397.630300][T13786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  397.633706][T13786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  397.637029][T13786] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  397.640446][T13786]  </TASK>
[  397.642539][T13786] Kernel Offset: disabled
[  397.644367][T13786] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:07:35  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc9000492f178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3530383838666666
R12=0000000000000000 R13=0000000000000035 R14=ffffffff9b0f8640 R15=ffffffff85616ae0
RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000034a02ff8 CR3=00000000667f6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000003 RBX=ffffffff9b0af860 RCX=ffffffff8197adf3 RDX=0000000000000000
RSI=0000000000000004 RDI=ffffffff9b0af860 RBP=0000000000000006 RSP=ffffc9000356f7d8
R8 =0000000000000000 R9 =fffffbfff3615f0c R10=ffffffff9b0af863 R11=ffffffff9b0af860
R12=0000000000000001 R13=ffffc9000356fa58 R14=dffffc0000000000 R15=1ffff920006adf06
RIP=ffffffff8197ae1d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000217e CR3=00000000667f6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b241d40 RCX=ffffffff81af11d1 RDX=ffff888043570000
RSI=ffffffff81af11ab RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90002166f28
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000002c10
R12=dffffc0000000000 R13=ffffed10056483a9 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81af11ad RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557047848240 CR3=00000000775d0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000062e2e4 RBX=0000000000000003 RCX=ffffffff8b908bf9 RDX=ffffed10056a6656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003867000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801c338000 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000344edffc CR3=00000000775d0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5784fe15b7d0faf8 43a39a5020bf09e6
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 074ee1d3ee6793e8 2735457b40f4983f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c9b4dc90259c86d6 f140ef1afbd985f0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6390251b91d1a77e c69b02b00beed5de
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000c00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f100000000 82a3547a0068ef59
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f1000000f1 000000f1000000f1
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f1002f25e2 8259b38c80ec28ee
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 834ac9ce838cf83c 00000000809ab22e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cc479c977eb1f775 4bc6d243e289b800
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b0fc438c0f66a225 5473e20546da395b
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000