last executing test programs:

6m35.243662182s ago: executing program 3 (id=531):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x24, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0xfc}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x0)

6m35.17856549s ago: executing program 3 (id=532):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, r0, 0x4000000)
ftruncate(r1, 0xc17a)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r2, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000500)=""/189, 0xbd}], 0x2, 0x0, 0x68efff7f)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
setsockopt$packet_int(r6, 0x107, 0x8, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17, 0x4c000000}}], 0x400000000000179, 0x0, 0x0)
mount$9p_virtio(&(0x7f00000004c0), 0x0, &(0x7f0000000580), 0x8, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=virtio,hash,fsuuid=90da7'])
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r8, 0x0, 0x0)

6m34.248424338s ago: executing program 3 (id=540):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180000002c000100000000000000000004000080040010"], 0x18}], 0x1}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000640), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r5}})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = openat(r6, &(0x7f0000000000)='./file0\x00', 0x10880, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc})
ioctl$IOMMU_IOAS_COPY(r7, 0x3b83, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r5, 0x3b87, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = gettid()
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d1400bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b44"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r10, 0x2000012, 0xffe, 0x0, &(0x7f0000000c40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c00000043000900fffffffffddbdf250100000008000200", @ANYRES32=r9, @ANYBLOB="1e89b5c832f634b32458f3de4cfcae31ffbbadb986a3f0afed7a4ce95e3033b01fe52b89385629cf9391ef969d2e2b49aa40f0fef7f8fb598de5f6f64e7c5f126db06f629e93272b7d57f7f1bd62bdcac11549b771eb874245204146642b2167aebe6bf7e8b29756145c7aa961d38b65c85b7012f3e6263e6f7027e5cceee18a856bd3e3c40c0cc88c5e8581d037105961a25eeb318c23fd5b35023e2fb9eda2862a4f6a6c27ff2497ef6eab18c6f57c9a78676ae8735093ae3ae4e443b5791973354e719579c767d2889a75781d2a1005afbbbed359a0bcc7777f03eb6063d74f17321f95e65fffec2d"], 0x1c}}, 0x44850)
ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})

6m33.390255446s ago: executing program 3 (id=545):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r0 = syz_open_procfs(0x0, &(0x7f00000190c0)='map_files\x00')
pread64(r0, &(0x7f0000000080)=""/102342, 0x18fc6, 0xc2a)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
write(r1, &(0x7f00000000c0)="822a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x20004f)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
inotify_init1(0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c250000000000206ea37b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ni\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendto$inet(r4, &(0x7f0000000440)="308f6fdcd8ef95ac180e28e3b7dafa546e208e23230c54cd672deb128dccb3484fc090000000000000abc8c5ed1d0658fe873325c8de8347cf2d7dbcf7", 0xfffffffffffffc65, 0x240400c4, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="04ff01"], 0x4)
unshare(0x2020400)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xb4b, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x2a}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
epoll_create(0xf)
writev(r5, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
syz_clone(0xb00000, 0x0, 0x0, 0x0, 0x0, 0x0)

6m33.223860954s ago: executing program 3 (id=546):
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$uhid(0xffffff9c, &(0x7f00000000c0), 0x802, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x6ad01, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8bd, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x38, 0x1, 0x1, "d52b3d000000fa44166262631e8ac11e000000000000000000000000ebff00", 0x47504a4d})
syz_io_uring_setup(0x222f, &(0x7f0000000280)={0x0, 0x2, 0x10100}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000200))
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x6000, @fd_index=0x3, 0x800000, 0x0, 0x0, 0x13})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}, 0x1, 0x0, 0x0, 0x40850}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r7], 0x3c}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x2b, &(0x7f0000000700)=ANY=[@ANYBLOB="23b4ec4b6dbf0180c20000020806030c00030600"], 0x0)

6m33.047551491s ago: executing program 3 (id=547):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0x0, {0x40, 0x4, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x120, 0x6000, 0x2, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x8}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x64100, 0xa1)
ioctl$TIOCGPTPEER(r2, 0x935, 0x8000000a)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)

6m33.006484993s ago: executing program 32 (id=547):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0x0, {0x40, 0x4, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x120, 0x6000, 0x2, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x8}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x64100, 0xa1)
ioctl$TIOCGPTPEER(r2, 0x935, 0x8000000a)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)

4m38.137853117s ago: executing program 0 (id=1329):
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf4fffff7, 0x12, r0, 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x100, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000280)={{0x5, 0x0, 0x0, 0x200}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r6, 0x5501)
write$qrtrtun(r4, &(0x7f0000000780)="026126d40eb8b249", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1}}, 0x3c)

4m37.937253224s ago: executing program 0 (id=1330):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x400ad80, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001280)=[{{0x0, 0x0, 0x0}, 0x6000}, {{&(0x7f0000000340)={0xa, 0x4e21, 0xa, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000640)=[@hopopts={{0x14, 0x29, 0x36, {0x1d}}}], 0x14}}], 0x2, 0x0)

4m37.937078496s ago: executing program 0 (id=1331):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x2, 0xb}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r1, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x4e20, @empty=0x7000000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1c}}}}, 0x118)

4m37.936481608s ago: executing program 0 (id=1333):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x4e23, 0x0, @mcast2}, r1}}, 0x48)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
unshare(0x24020400)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r3, 0x89f0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ff, 0x0, "5dee000000594000"})
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @empty}, {0xa, 0x0, 0x0, @remote}, r5, 0x4}}, 0x48)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x4010003, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000040)=0x6)
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000080)=0x3)

4m37.206045434s ago: executing program 0 (id=1341):
r0 = open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r2 = syz_open_dev$evdev(&(0x7f0000000340), 0x0, 0x2000)
ioctl$EVIOCGVERSION(r2, 0x5452, &(0x7f0000002200)=""/188)
openat$mixer(0xffffff9c, &(0x7f00000001c0), 0x40a400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
ioctl$VIDIOC_S_FMT(r3, 0xc0cc5605, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x20002)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000300)={@random="44f98832c8da", @empty, @val={@void, {0x8100, 0x3, 0x0, 0x1}}, {@ipv4={0x800, @tipc={{0xc, 0x4, 0x1, 0x2b, 0x5c, 0x67, 0x0, 0x4, 0x6, 0x0, @loopback, @multicast2, {[@ssrr={0x89, 0x7, 0x13, [@multicast1]}, @lsrr={0x83, 0xb, 0x5, [@loopback, @remote]}, @timestamp={0x44, 0x8, 0xd8, 0x0, 0x8, [0x5]}]}}, @payload_mcast={{{{{{0x2c, 0x0, 0x0, 0x1, 0x1, 0xb, 0x1, 0x2, 0x4, 0x0, 0x0, 0x9, 0x2, 0x1, 0x5359, 0x3, 0x4, 0x4e20, 0x4e20}, 0x1, 0x2}, 0x3, 0x3}, 0x3}}}}}}}, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
syz_open_pts(r0, 0x10400)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0xd)
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000001000200000302000400000000000000100001000000000020"], 0x24, 0x0)

4m37.1465472s ago: executing program 0 (id=1342):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000dd897b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a600f0ffff00000000", 0x0, 0x8441, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4m37.136508435s ago: executing program 33 (id=1342):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000dd897b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a600f0ffff00000000", 0x0, 0x8441, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3m39.426011838s ago: executing program 1 (id=1733):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m39.287161335s ago: executing program 1 (id=1734):
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e24, @private=0xa010100}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async, rerun: 32)
r0 = userfaultfd(0x80001) (rerun: 32)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) (async)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000004c0)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) (async, rerun: 64)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3}) (async, rerun: 64)
unshare(0x41000100) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

3m39.286951197s ago: executing program 1 (id=1735):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000820000c000000000ff"])

3m39.166881908s ago: executing program 1 (id=1738):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
mkdir(&(0x7f0000001e00)='./file0\x00', 0x58)
mount$9p_tcp(&(0x7f00000024c0), &(0x7f0000002500)='./file0\x00', &(0x7f0000002540), 0x0, &(0x7f0000002580)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@ignoreqv}, {@access_any}, {@version_L}, {@privport}], [{@hash}]}})
read(r1, &(0x7f0000000200)=""/202, 0xca)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000000)={0x1, 0x2, 0x0, 'queue0\x00', 0x8000})
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
symlink(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00')
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

3m38.997222199s ago: executing program 1 (id=1740):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r1)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x110, r2, 0xe701ac47a3d23ecd, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\x00\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010102}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @multicast2}}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000002340))

3m38.906988104s ago: executing program 1 (id=1741):
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x20)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000002600)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/117, 0x75}], 0x1}}], 0x3, 0x40002023, 0x0)
r2 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000914b07e205a07cf84054d28776967b967c0e2fc900653c00"/43], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000850000000700000095000000000000007f60032222b09be1c6e96a32a5addc89ee8218067f253939b0c85dbbb59cc94289f2446b3f1bf2a5f424a8589fa21850f0973929a513bab85fecbafd60033861f908e56e5812b6f7d9d5c236714c2fb9ad06686e4744c7c43e79fe769e80f670531ce7f4af72964dad8f29cf7dea8f181eb200eefe7a659574c6a735c24f6e499939d45855d44fb69bf3d1ee717011760b4b6bc34495e1929f517d6e502d1c298da91b4ee5008dc385a0bd9192907a9e203c986d62601a1131823f5ada425d3737f87f0f6c846715bff79f618e22d8feedff2708262d32639772d2b92c74e091d48beb07a02890885884c613d12aaca656e04c062c4ef17edade1164"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003d0009000000000000000000010000000400000014000180100010800c0000000900000000000000080002"], 0x34}}, 0x0)
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f00000000c0))
read$dsp(r6, &(0x7f00000001c0)=""/97, 0x61)
shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil)
close(r6)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x4, 0x9, 0x1, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x3]})
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r7, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
init_module(0x0, 0x78, &(0x7f0000000240)='\x00')
bind$inet6(r8, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x5e, &(0x7f0000000440)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@val={0x88a8, 0x7, 0x0, 0x4}, {0x8100, 0x0, 0x1, 0x2}}, {@canfd={0xd, {{0x2, 0x1, 0x1, 0x1}, 0x35, 0x3, 0x0, 0x0, "1f50e6f98d7584ebb179de313f0cbfa3afb2a05bdbffce0bd4a8a9eeb05c0d8398f62955d52a735b515d8ce1785d88d4454c2c1d605599ab41be4305118cd5e4"}}}}, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x1, 0x2, 0x4, 0x8, "562530d6e597ca5402000000295d3513b07ad7aca89500", "012a519a670231ce4623c52b637a4bffffce6a392e161f8e3005abf4f73f48a2", [0x203, 0xd]})

3m38.897763637s ago: executing program 34 (id=1741):
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x20)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000002600)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000100)=""/18, 0x12}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/117, 0x75}], 0x1}}], 0x3, 0x40002023, 0x0)
r2 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000914b07e205a07cf84054d28776967b967c0e2fc900653c00"/43], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000850000000700000095000000000000007f60032222b09be1c6e96a32a5addc89ee8218067f253939b0c85dbbb59cc94289f2446b3f1bf2a5f424a8589fa21850f0973929a513bab85fecbafd60033861f908e56e5812b6f7d9d5c236714c2fb9ad06686e4744c7c43e79fe769e80f670531ce7f4af72964dad8f29cf7dea8f181eb200eefe7a659574c6a735c24f6e499939d45855d44fb69bf3d1ee717011760b4b6bc34495e1929f517d6e502d1c298da91b4ee5008dc385a0bd9192907a9e203c986d62601a1131823f5ada425d3737f87f0f6c846715bff79f618e22d8feedff2708262d32639772d2b92c74e091d48beb07a02890885884c613d12aaca656e04c062c4ef17edade1164"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003d0009000000000000000000010000000400000014000180100010800c0000000900000000000000080002"], 0x34}}, 0x0)
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f00000000c0))
read$dsp(r6, &(0x7f00000001c0)=""/97, 0x61)
shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil)
close(r6)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x4, 0x9, 0x1, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x3]})
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r7, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
init_module(0x0, 0x78, &(0x7f0000000240)='\x00')
bind$inet6(r8, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x5e, &(0x7f0000000440)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@val={0x88a8, 0x7, 0x0, 0x4}, {0x8100, 0x0, 0x1, 0x2}}, {@canfd={0xd, {{0x2, 0x1, 0x1, 0x1}, 0x35, 0x3, 0x0, 0x0, "1f50e6f98d7584ebb179de313f0cbfa3afb2a05bdbffce0bd4a8a9eeb05c0d8398f62955d52a735b515d8ce1785d88d4454c2c1d605599ab41be4305118cd5e4"}}}}, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x1, 0x2, 0x4, 0x8, "562530d6e597ca5402000000295d3513b07ad7aca89500", "012a519a670231ce4623c52b637a4bffffce6a392e161f8e3005abf4f73f48a2", [0x203, 0xd]})

1m44.576155244s ago: executing program 5 (id=2601):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="013f476501bafdee622508000000180004801300018062726f6164636173742d6c696e6b83"], 0x2c}, 0x1, 0x34000, 0x0, 0x844}, 0x4000000)

1m44.57605112s ago: executing program 5 (id=2602):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x3, 0x8, @remote, 0x7}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2b}, 0x4)

1m44.575787558s ago: executing program 5 (id=2603):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000200001002abd700000000100020000000000000000000000080017004e234e24"], 0x24}, 0x1, 0x0, 0x0, 0x24048084}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) (async)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r2) (async)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000007640)=ANY=[], 0x3aa0}}, 0x0) (async)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000012c0)={0xb8, r3, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0xc}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x4}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20044800}, 0x80)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00!'], 0x28}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x8, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61145000000000001d430000000000007a0a00fe00581c1f61144c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1m44.413393698s ago: executing program 5 (id=2604):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='uid_map\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x4, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m44.407836236s ago: executing program 5 (id=2605):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0), 0x0, 0x11, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

1m44.274737075s ago: executing program 5 (id=2607):
openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) (fail_nth: 22)

1m44.232408044s ago: executing program 35 (id=2607):
openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) (fail_nth: 22)

1m44.086039401s ago: executing program 2 (id=2610):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = getuid()
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, r1, &(0x7f0000000380))
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, 0x0, 0x0)
sendmsg$inet(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000240)='n7', 0x2}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000180)={0x30}, 0x30)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0f}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1m43.185973286s ago: executing program 2 (id=2616):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001300)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0xffff}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x3c, 0x2, [@TCA_CGROUP_ACT={0x38, 0x1, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x2000000}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x4800)

1m43.02984551s ago: executing program 2 (id=2620):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x2000000, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa0}}, 0x0)

1m42.903334472s ago: executing program 2 (id=2621):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='uid_map\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x4, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m42.897883265s ago: executing program 2 (id=2622):
r0 = socket$inet(0x2, 0xa, 0x45)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000380)=""/136, &(0x7f0000000100)=0x10)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000000))
fanotify_init(0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x71)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x800000000000026, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000440)={0x0, 0x9}, 0x8)
bind$inet6(r1, &(0x7f00000004c0)={0xa, 0x4e23, 0x9, @mcast2, 0x1fffff}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000040), 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000140)=@md0, 0x0, &(0x7f0000000300)={0x5, 0x6, 0x401, 0x9, 0x0, 0x2, 0xffffffff00000001, 0x2, 0x1bf1})
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3, @ANYRES32=r0, @ANYRESDEC=r4, @ANYRES16=r4], 0x8)
close_range(r2, 0xffffffffffffffff, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_buf(r5, 0x6, 0x3, 0x0, 0x300)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100))

1m42.585981286s ago: executing program 2 (id=2623):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700d}}], 0x1, 0x34000, 0x0)

1m42.551480536s ago: executing program 36 (id=2623):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700d}}], 0x1, 0x34000, 0x0)

32.405080131s ago: executing program 4 (id=3258):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
timer_create(0x0, 0x0, &(0x7f00000000c0))
timer_settime(0x0, 0x5, 0x0, 0x0)
shutdown(r0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x32525942, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003700010320bd7002f4dbdf2509"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x4)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
signalfd(r1, &(0x7f0000000080)={[0x4]}, 0x8)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20050800)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe4)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
r6 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)

31.486914869s ago: executing program 4 (id=3261):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
timer_create(0x0, 0x0, &(0x7f00000000c0))
timer_settime(0x0, 0x5, 0x0, 0x0)
shutdown(r0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x32525942, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003700010320bd7002f4dbdf2509"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x4)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
signalfd(r1, &(0x7f0000000080)={[0x4]}, 0x8)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20050800)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe4)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4048aecb, &(0x7f0000000040))
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
r5 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)

30.475559174s ago: executing program 4 (id=3268):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000002c0)="88", 0x1, 0x31, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

30.393664243s ago: executing program 4 (id=3269):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x112, 0xe, 0x0, &(0x7f0000000000))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r1 = openat$uhid(0xffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000680)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0xec, 0x2, 0x7623, 0x9, 0xff, 0x2, "8f59d4daccc098b1fda7e39a95b31651aa9618c878768a73fba2e72ba894a75b0bcf925e0dc47fe8a91dc6777a1d2fa44744aa125780b903a17233eb2c32e4781030108346f9d3d28ec0aa81790fc9e4aa2138df0d2bd2c8dedc2b115e24e068f9dfe1c6e7e4d462b8ca3432db1e8e36d260c97932a5f6948dc6be7d66eac0a30b8eb7e1e91e08c7f0591d74795123a28aab45c763eb9b6ec21fbad631f02b661edce88b5bb53eaea89a3de689086ab18304ba6737604c7d762c91db9fd914253918df3eec1b92c851e9c886748e504173f95429949aea2dc6f597c497e07e06d2439d52eb8d70f36d23c66b"}}, 0x204)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x28ad804, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$bind(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

30.345079791s ago: executing program 4 (id=3270):
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet_dccp(0x2, 0x6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000001008000140000000020900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x78}}, 0x0)
r7 = socket$kcm(0x2, 0x1, 0x0)
shutdown(r7, 0x1)
r8 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r10 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r10], 0x3c}}, 0x0)
close(r10)
sync()
socket$inet6_mptcp(0xa, 0x1, 0x106)
r11 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$sock_attach_bpf(r11, 0x119, 0x8, &(0x7f0000000000), 0x4)

30.195347415s ago: executing program 4 (id=3272):
r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f0000000040)={0x0, 0x2, 0x36, 0x1, &(0x7f0000000100)=[{0x7, 0x1, 0xcc, 0x3}]})

30.195244985s ago: executing program 37 (id=3272):
r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f0000000040)={0x0, 0x2, 0x36, 0x1, &(0x7f0000000100)=[{0x7, 0x1, 0xcc, 0x3}]})

4.35504241s ago: executing program 8 (id=3510):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r0, &(0x7f0000019380)={'#! ', './file0', [{0x20, '\x15\xe6\x8e\\\xfe\x15^\xca\xbb\x88B\xeb\x90FAv\xdc\xbc\x1eiU\b\xc2D\xdb\xca\x9d\xb4oL\xe92\x7f+\f\x0e\xfd\xceTC\x1f;u\x84E\x04\xe3B19xO\xc2\xd4.Mp\xf4\x80{e\x87\xc4V\xe0\x99\x99\x8b\x93I\x8a\xb3\xce*\x9b\xd0X\aA0S\x02k\xdb\x12\v\x9c\x10nY\x85\x92\xf6\x93\xc4%\x0f\x80.\x8d\x9b\x15\x8e\xf4LWr\x14\x9eKh\x97L\xb4\x03\xe9=\x8e\xff\xf0\xb1al\xb6\xc9\xa1/L\x8c7\xa0\x8eD\x1f,\x93`\xc0h\xacjGx\xb8\x9cv\x99bA\xc5]\b\xf8\xa5\x9b\x1c\xeeKB\xdd\xe8\xbboT\x90\x84k\xae\xb5\xfa\xd9\x0f\xd4T<\x0f\xdb\xec\x05HcN\xae;\x87\x00\x00\x00\x00\b\x92\xa7\xdf\x1dS\x00\x8b\x81\xf4\x84X*\xa6e\x922|FO\v\xa6\x17jG\xe3]'}]}, 0xe4)
close(r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r1, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000019100)={[&(0x7f0000000200)=' ']}) (fail_nth: 41)

4.295111367s ago: executing program 8 (id=3511):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200023000307050000000000000000000c0000020900011073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
ioctl$TUNGETVNETLE(r2, 0x40047459, &(0x7f00000017c0))
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00010000000000000000000a001000c3"], 0x1c}}, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x7)
ioctl$TCFLSH(r1, 0x8910, 0x2)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x5, 0x7, 0xd, 0x3f, 0xa, "3e09000000010000f1fff3f770a631ca00"})

4.185071378s ago: executing program 8 (id=3512):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) (async)
r1 = openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
connect$l2tp6(r1, &(0x7f0000000100)={0xa, 0x0, 0x3, @loopback, 0x1}, 0x20) (async)
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r3 = socket$inet6_dccp(0xa, 0x6, 0x0)
r4 = userfaultfd(0x80001) (async)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) (async)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) (async)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) (async)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
close_range(r3, r5, 0x0)

4.184691121s ago: executing program 8 (id=3513):
open(&(0x7f0000000040)='./bus\x00', 0x1c1242, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="2464a9f2df8596740000001600010a00000000000000000a000000040000000c000b0000"], 0x24}, 0x1, 0xe0ffff}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'wg1\x00', 0x40001}, 0x18)
io_uring_setup(0x3936, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x0, 0xffffff01, 0x34324152, 0x1, 0x0, [{0x80000, 0x3}, {0xfffffffc, 0x3}, {}, {0x2}, {0x0, 0x7}, {0xfffffffa, 0x6}, {0x0, 0xd65}], 0x6, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socketpair(0x8, 0x80000, 0x7, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1f000000070000000c000000ffffffff00000000", @ANYRES32, @ANYBLOB="004002847e9954549c35e70400"/31, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000500)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(sha1-avx2,xchacha20-simd)\x00'}, 0x58)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x44800)
munlockall()
r5 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
io_uring_setup(0x1de6, &(0x7f00000002c0)={0x0, 0x0, 0x400, 0x2, 0xfffffffc, 0x0, r5})
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0)
io_setup(0x1, &(0x7f0000000040))
read$FUSE(r5, &(0x7f0000002140)={0x2020}, 0x2020)

3.491246737s ago: executing program 8 (id=3519):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x2b, 0x0, 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
dup(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB="7a0af8ff75257078bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce72d75946c2b638d91dbef661962239c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e6fff4942eb613eff289026d5045ef76d7d864409eb2dc9518a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be3cdda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed544126fabe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a6a8ca9d4aa797a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f00000000008000000000000000000000000040000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r4, 0x4)
sendmsg$unix(r3, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00}, 0x0)

3.304575385s ago: executing program 8 (id=3520):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0x99f}, 0x1c)
connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @private2}, 0x1c)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r4, &(0x7f00000010c0)={0x8, {"eddd025b60fdc30a063f172d718c2bd6b3645eadae0f767eb61f2421975b0064d30faba72ba63ab33c4ee2a6cb2f0cb187830255738dd670e8e178672a7473488a157b83ca0ed9657299e98243c15b6b8e08f34570dda445b526949a9b3aebdb97dda475e54a098f1ae57c4774c8ef81d36c77d309e0c817fba3415591dd26a637e43bec5f0fb193d8671889d89ac77bd90ee5efac63bf9eafc61f393e33aaa503760afad0e395042048defbc27ecc254790f419072feb3d5fb4815364072248a42bb88952f316952ea727ae850143819fb80a77407a2309c90ee7894bee7c5862bf14672cc9036bf0ccba7769b5d57b757b550180000000000000a7f0840d7040084b449eb5445ea40b3b9811a66d5228839907fba91ba8a5ca95b4600fcd98f93af794a412e97404d6f40a61e802f6112ff259a29ca8fb98ffce8fd12509883e812e7edb4a643fe4aac56bb01f69823bd6f4ebd618d81cb3d463eea2c9bae30b888a824043a71d5f3319b146848d63a5415f5ed47b33cafa473cc2c91c425a2d24bf5d8e627e6fc63f58a7b08180ce16e5aa7015478cfbebba3045ec5dd620f69659f3fe11af23b095b43ced6a48afaf3d9a78762d40ada3b1fead7884620e213f28a9a2e6bcda0b88347c8eb3f6be8be3fc2d507eaae0430ccd836d4790038d25d65091e6e7ee9bec612b4a5d90e9e878c9c57fd1aa28ee9fab64d2d3bec12ae68a974c0f64365548a5db8a1d8fc9e32b38df32e826a3d2a88ae824a5faa87d7a25373728da5322ebc73db3d9ac8c64db9c90b18d67b7770966a3b8a1079f5b83f21482ff8b1cc1c699a0a5a135b6fe2791abb556603e3255e89922de5bca02d57ace9f6d486a363891b6c15e3c0000000047e9617351e98a040f2e7019ddee08f2d6cdc9de2f7a32ea65d266513fa7821c24c90ae39268757eefacfe94d53c740747c86429eadbead0a3576549442f4f77d846df8d54b37fc280bd5b9320f872756706357b9813318a6bfeb77d4ddec55ab5592da2c6d05b3c021182485b96a634013c5ad5ba55f07d07211c0db03ccb5981f5955df2e86cd0f62f6ba66fe4abf695ebc6629e42f6ce96a132883f148eeeacdff13b1cbfa73cbc70b8c5b677682d7c60d1a1311b1222aef1edb4e231c869a18f9ae8eeba4eb4cba8a4a56703cd90710b2208bce8e9a18aaf4e7c47474c08ff85c307d660607bddfe49ac714e0fcdfefedddafa452dfe0341c8a8f07e62e4486699a740feda4b7b2bc635308eb6990f3dfa9065aa8b26ad0ac66fe86dbf2dfb5f0c4b0cad557d4fa4b61116aa57a285a705e1d87d3f8d560b5fd3f8c5df3dc22bd4edb36c1c2e78c0b69863f576d3053ceb21ecb287faf64bb7a3cfe3c28eb7c2335a3af5a29308dac5f7d6f48f46da8370124c37e5a3c9fdfd3d78a082030b2233f02fae54012d2ad2b1c1ec2a35a130a5d3f76b5f9a10a4d31ca41c5c2f58a40c058a48e5dd8a71adbabcbca341e46a6ad538491025e79db3c59350b229ae433537e54b62968ff582f041080719fb88778884da1c79ff28398d8edfcd931043b64bf75b944e735d6d0fa62ed1e3550fe9fa5c1f063b06fb8e13909c87efffe72481ada2d01522a93c70266aa3991c7141ecca2bc618fe54d7529a0c2a46469ca4b2086e112fdf4e1266ca6b5fd4b0fbea280dd246f622f0da6d0f3e3b0357dc0744132e66d8b035662ad5cd3faedd2f743e24ecfed2efd6fd3aed1402bdbc66af3c0b77b7962966649591d7d5985c81a063d46ddf07656f2b049f5811b310e567027bc1b6d44fc892d37aeda8cacc704c1dcc1a7ef759937416e01163027b81befa86772ddf576c37f3151792c4358d1fa418bcd250dc41effa988116589b110d31a59486123769e50f5b3985b4660919f08dd5c96ab8ab03322d0c61890f90e56970f0aa13a96bcfa97139d5627ed6a5558dee292bf0a6e5ad23341c7dc3464a05b9045cc3abbfc0448bf9ca044fd188569cc0c57e07105d1fa1efd44529b6592fa718e092c1a3fa3e56689c9c5168a5619bf2109bde2dca59ad16735e597402c1896d4e24f56c9d4bbc1f0b3a0135b7028a402c6a1a78de57a838b1871477d7b43dff3779fdb50b2ec9a3ae11fab7f715e7979e64a0f0d54d025105d1f768cdad112aeb2eac1c8042aff6fb975a16c64080ba4e0de0af9b8a975a2b6af6a05dff8ae848f6b80f2bd80c56e4683e67a3aaad0e72242b0f0f07d7d7a64a8669e75a99ba4fdb2ba239c5ef28c8f1dc0b2459698b374f1035a75eafde3d90d69afa489ee2d7f7958a5cc51e574203bab464ddd4d08abbb77c8874c6ce692d078bdc309d73ccb49c9d60a269c77601e82e1c824fca2a43605f8453943d23794785096da2ff56547389009e27a908cfcea03ede09c392e0bafa30891e23fbacdf08b49cbd2f4083f94c3c71877ffac86d426e5fe08fa9541f837f2de8440e0b2226b664a45a564f1357e804c24cd2cef95564a1e0041736ced508a63af4e9f4ae9f690084f8c67db3b3569fb86225b6cce291da8057200d1f86899081ebfa5274625ada6ee793fe4246d97157d608099a6adf81eb88bb37cdb64a18ed0e13a0cfeea3af2164a59b8a90a4a1dfad6f03cc27ccbcc879c2b54a57a6d81e01dbd9d7440e9f1a1f608617a308214b58a9090022b7c6631cda308a0aa13dd68159bd8578afeb5402b0e227ef709d8c58929fba262ff4ec70c3a8f68b98f92380201112f560c216d5dc61ad466ee08c1af18982617597436c6a0e0077bb2dab8932175fb30aafceb4d63b4b8aa4a1c2f3867a83855d418ae75b3029dff960a5a4fcbe0fb84828633d535413e0c70a26b2485dddaa7c52256ad85d5f71778af39692fb8553850bbac096d8d9c9145e0ed7903b5d530005f29493a5aa7e0c04b62cc07f2bcfa31a48ce7c167abdd145af8c25fb882b64e41a9b51ae77209d82a9095e1d80711e1c802302b92ad8e413bc9b200e57c6038a46bfc9468b5fdda7f3e57e676c99d4dde6b3a86ed2cb9a55cf199835ef9d858f5a692c4036b32ea07c76c29faa5e2241afab129340b6e2ad94baea982429225cfac726dbf137f6477432a31808a281c9af3c4bef4a2f508721ec71fc1c374fca4d4e25ed9754a41ebfcaaac7637caa13791a64ff995d3cd984ed8cecccc491de80596f8db8d3fe6a6f2b208d065fb6fbb5569bf7cd8a8162271ca5e5ed2b3b98f28d81b3b498345c48492c8fe2e6181f527bbe4ce6600f9e33fb65609bc4318ecf4ca151d3095232820a84704311f0bd3532178cf1e6ef9483b1f52ec2992e84aaf1239c99faeab989bd9848223e90093e71eb650660255fce7bd85872e413fe219859d18ef67f1f07a590ceadc1c687820c3c7cf9e2ff9609199c4b49fd74553507c1c7f45b5b1b40c96c0c984977f476ed686f8710248677847f5c0989df0eca6be3df498acfcfbca85bb986c8d844c19f62b06b95d8d6f4e4367040d45e494271f29546f1086f88fdc549402bd669e9aed5fe000000ef7668d3abeadb430d30534aef0a3a9a125bdeaa11647bafe6e1303b967d29718ac301cadbb43654a36b78ff91836584a5e3472db8db4ded526ecfef2efa2279c17639d3aef1587d5b8bbc8abec3a28dba276613c514a50fe243a588ecdb77ab1525088507f5a0537ba59062416beb479538806f04e70bc192c1fd46377c6105116cd21b75f29f91b67317ce4bd67dea18f560765dabf8f0cebfb770339aa2558df698e1ee22adc7b81b16b2e7fb06e7b5c2ca98c71aec18bc23b11d3b84c6a10aa866c5f438fc2d928fc89ce0902492cd79d6a1ffce27a66031cc24d1b82e9e8b6bdcb6b37f89531e048ae5ee10483dccbb734ba20a15b145fdeadfc461e146d8882133b4e6c6ba30d316ee0bf0bf40f26639077d090d1df3b943e78ba5ece82fcd4576cf3a87d7a9ad080b2cce7371e5bd671ad37e35ff03dfb6684ac0d4eda69154444aef2a173ba093bc87839e41388b2101f72a9b6cf675efbb231b007c11a7b452df89a584f459b23340c0dae21a4146968b66ac9b08d2408830ccec4e6fb1dd665c3023a3b32042b1facfb0bd4d5b9861fe5b0abee3313264b5abe61b1e145bc11121dc87bf1a6008433dedd4d7977b082400136bfceb33a2a3ceea9a6b67b8f85b604970c3ad474db7356f802bc840afe833c9056c037b2ea240b5846149682e14e4e126c7f88b9eb2c7384da631fbab63754611d52b4107dfd10fdf46e557be95a07e6ae64cbeb2d420bcfd87a2f52ecbfe5eba301e3c86761c1545b876e5951106e91be75e9d22301674bca4d729fffd9812cb984910b976c2a74966caf3d75ba7dc7f4275d24caf3bc94376a3579e8575c69401ea75d14e27f98eb7a05eccebd36ea89c4ac0dec65eb613d7f052c6b75b398c65249449b0693164a51c0c224ac1bb4f0781d2d10b96519131b6df9541aa1e7511820f71ab1d497234862f475356d9664a9fbbf0285738a143842820d5b795dcca64a24de4bae802fae01d82fec5548e108c4e750e8f1580d2ebd6bde06622db32c1f47eca183a81ecfde3b6a187c47f7984d2c6051f2ace7ac2bfc5da0cd4b0e57e69bf39551cc5443e12e9ce113cff2cecdd2802e5b9c5a1107e1ed982b93b8e986afa379ac1c6a5ee67e966c72bf149f9ba1c169bafe3d58e18e56438ad4a4db4826edb5eb4ff27808ddd7f87eb31cf232effc9bfff7305d91696e17058217d2d5596ae9082a1cc98d60b854b2ff76718d981c20d68ecf4f1a8dcd5f9f06162df324b84b246e5e11d6722003f32e3396e30c11724db17210c37dfa080c1be2fbeea1c92e084f72386fb29856bc25a16a53f97f44a5e81fd55872772eebdd0db3a5bdf0c28d34a48f8d707a97a3b89367c98e30dbe9c02444177a8fbaa605c6051157e41fade8432af5233ee030ad6fb7572ee4e7bd687dd855fe112ac46a7b1abe88771eb3b49e3d583efe7b79394ca4687acfc262af45dbf4736e9e17d39ea5f8e81f6ed7f242c5a09da7f22f37ce9d5e6222fa71aed8ee69e501d30cd98f5c5275d5dcc1f112c3dbd2cca465f7442d952353613ac5b30222cf153c598c15c102b0dd0d99e45595d98ab365fda3f6e3bdf29b66a8d0a43c1c6a109e3056015a49e4f9ed7522163da86b9e2bf14d7c0ff026261f96feabc0b1c64ba130acb2c4927a783bed9f4e1d38f0a1351000334010b99585c24fb9a7a24809e4bffc3448c778dbeeed816225b2173fae0975e1b9c19213dc33bab3a9bbe8f62e306a1aecac5484d3f23421f5064c16aa4fa67de32222115928c0f3b114593dd0c791c590be61e0b97ed0b0e0dcdb238eb1290466d9c10dfaa8c7fcd0bf659897d945df86d936c67e42924d47a4245fb3d6f8ec538d59c100c6e52100317ea41a1fd253ddd54b13b6a2807ea729d3fd7e1b0461cc78b2c7c889b9ad3ec0398399ff645f3ab988b8a52d9f09a430cfa0390c4c5ad3a392ef28a9f4056d77b712df09b69d7d93617c4783133f9abab2d6935d54f59d0c1b5ea4dba28af7bbfeaf29009618c436ddec116f8966b4ae89ceca545daef5a48f1668231731af7abc502df9f7d308998b92adbfdf0937186a9cbcd4267dc1d0e399b27dacc07ca37f76ceb42f13e4de89dd484a91dc8a2bebece95c6400fde8bdc6d2857454f562f04422b632925c84fb501998ab096363acafea06790c298a76267ca63d81763343fa1fbbbeecba24ca939b3f4d577a5129fd3c407cada9151a12b04e76d664b232cf05c9ad000", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x20]}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71006000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x7}, 0x1c)
r6 = syz_open_procfs(0x0, &(0x7f0000000240)='net/tcp\x00')
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
madvise(&(0x7f0000794000/0x5000)=nil, 0x5000, 0x11)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000, @void, @value}, 0x94)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r9, 0x0)
listen(r9, 0x8)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x27f0a0f1, 0x1, 0x20c00, r6, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5, 0x5, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r10, 0x0, 0xa0028000}, 0x38)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
r11 = epoll_create1(0x0)
epoll_pwait(r11, &(0x7f00000038c0)=[{}], 0x1, 0x10, 0x0, 0x0)
ioctl$SNAPSHOT_CREATE_IMAGE(r7, 0x40043311, 0x0)

2.915145354s ago: executing program 7 (id=3521):
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r1=>0x0})
r2 = socket$caif_stream(0x25, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xc, &(0x7f0000000300)=0x3ff, 0x4)
connect$caif(r2, &(0x7f0000000100)=@rfm={0x25, 0x0, "d034e68fae880aca9de7751355b0eb74"}, 0x18) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r0, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) (async)
r4 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x6, &(0x7f0000000040), 0x4) (async)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000000)={0x3, 0x14, 0x3, 0x7, 0x0, 0x10001, 0x0})

2.9147995s ago: executing program 7 (id=3522):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x8)
flistxattr(r1, &(0x7f0000000480)=""/238, 0xee)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0x4, 0xc2981)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000080)={0x80, 0x6, 0x101, 0x0, 0xec, 0x2, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00'})
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0xe6a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0xfffffe68}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000500), 0x2, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0x5460, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$midi(&(0x7f00000001c0), 0xab, 0x404000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000580)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb6d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5255ee09e429ee76cb10f3a849784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce30000000000"], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
fcntl$setlease(r1, 0x400, 0x1)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000000)=0x8)
ioctl$TCSETS(r7, 0x5435, 0x0)
pwritev(r0, &(0x7f0000000380), 0x0, 0x4, 0x800)

2.764774315s ago: executing program 9 (id=3523):
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r1=>0x0})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
r5 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000380)={0x1, 0x4e85})
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f0000000080)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4048085)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x5b81, 0xc0, 0x2, 0x9, 0x9, 0x0, 0x0, 0xde})
mkdir(&(0x7f0000000280)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r7, 0x113, 0x3, &(0x7f0000000000)=0x85f1, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000180), 0xc00, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000340)={'syztnl1\x00', &(0x7f0000000280)={'ip6_vti0\x00', r1, 0x2f, 0x5, 0xb9, 0x2, 0x42, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa42fbbebe5f2140a, 0x7f27, 0x7, 0x9}})

2.762672943s ago: executing program 9 (id=3525):
socket$nl_netfilter(0x10, 0x3, 0xc)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfeea)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e23, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x1, 0x6}, 0x8, 0x1, 0x1}, [@mark={0xc, 0x15, {0x1, 0xffff}}]}, 0xc4}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0xf, 0x8, 0x0, 0x10, 0x0, 0x0, 0x25dfdbfe, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x20, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x20, {0x6, 0x32, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev={0xfe, 0x80, '\x00', 0x18}}}, @sadb_address={0x3, 0x6, 0x0, 0x20, 0x0, @in={0x2, 0x4e24, @private=0xa010101}}]}, 0x80}}, 0x0)

2.524407566s ago: executing program 9 (id=3527):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a0000000480001ffffff8000000000000a000000", @ANYRES32=0x0, @ANYBLOB="0000000014000100fe800000002000000000000000000000080002"], 0xa0}}, 0x0)

2.454525841s ago: executing program 9 (id=3528):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000780), 0xffffffffffffffff)
write(0xffffffffffffffff, &(0x7f0000000340), 0x11000)
rt_sigaction(0x21, 0x0, 0x0, 0x0, 0x0)
tkill(0x0, 0x21)
poll(0x0, 0x0, 0x3f6)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r0, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x0, 0x0, 0x0, 0xfffffffd}}, 0xffe7)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000200)={0x1fe, 0x1, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000002280)={0xe8, 0x15, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_USERDATA={0x7a, 0x8, "4ddf3a3064fdf98e47cb88f14541dbfbc8c251748ce32e6f8f5923e7cc577fa020fccf1ca429cbc6d23a8e18c24717fe884ab2712feb91ccdfd91a2fe4e3cc36aa5b7594983b1613de0c6d2d14adb5797c71f27fc527609d0ac85d1a0824993c13d56dabece4e100"/118}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x4ab651e7c08b8b36}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}]}, 0xe8}, 0x1, 0x0, 0x0, 0x40}, 0x48000)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x210002, 0x0)
read$FUSE(r4, &(0x7f0000000240)={0x2020}, 0xffa6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x10000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

1.935005903s ago: executing program 7 (id=3529):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x1f0, 0x30, 0x1, 0x0, 0x0, {}, [{0x1dc, 0x1, [@m_nat={0x190, 0x13, 0x0, 0x0, {{0x8}, {0x144, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0x1, 0x10000000, 0x2, 0x8}, @loopback, @loopback, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x6, 0x1, 0x1, 0x9, 0x3}, @remote, @multicast1, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x8000, 0x0, 0x7, 0x7fffffff}, @dev={0xac, 0x14, 0x14, 0x2c}, @initdev={0xac, 0x1e, 0x1, 0x0}}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4543376b, 0xb, 0x2, 0x6ee9, 0x2e}, @loopback, @multicast1, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0xb, 0x2, 0xfffffff7, 0x4}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x3, 0x0, 0x2, 0x7fffffff}, @remote, @empty, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x54b, 0x4, 0x8, 0x8, 0xdc}, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x5, 0x7, 0x2c, 0x2}, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x40}, 0xffffff00, 0x1}}]}, {0x27, 0x6, "db053495c121a3ecb91dc4cf9c332ccdb2d51e9fb6eab3f1d33b1b0342aa4cdb370dc9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r4, 0x0, 0x0}, 0x10)
ioctl$VIDIOC_DBG_S_REGISTER(r2, 0x4038564f, &(0x7f0000000300)={{0x1, @name="c42a6838d28443227483ec8fe343db49cbeecd991aef557d83b98b12db1f5b3d"}, 0x8, 0x4, 0x47})
connect$bt_sco(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1.574959912s ago: executing program 9 (id=3535):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000fcffffffb702000000000000b703000001000100850000002d000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d", 0x29}], 0x1)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a32000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

717.21548ms ago: executing program 9 (id=3538):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x8)
flistxattr(r1, &(0x7f0000000480)=""/238, 0xee)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0x4, 0xc2981)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000080)={0x80, 0x6, 0x101, 0x0, 0xec, 0x2, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00'})
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0xe6a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0xfffffe68}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000500), 0x2, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0x5460, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$midi(&(0x7f00000001c0), 0xab, 0x404000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000580)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb6d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5255ee09e429ee76cb10f3a849784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce30000000000"], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
fcntl$setlease(r1, 0x400, 0x1)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000000)=0x8)
ioctl$TCSETS(r7, 0x5435, 0x0)
pwritev(r0, &(0x7f0000000380), 0x0, 0x4, 0x800)

715.51907ms ago: executing program 7 (id=3546):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = gettid()
iopl(0x3)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x10000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r3, 0x0, 0x83, &(0x7f00000001c0)={'nat\x00', 0x0, 0x0, 0x49, [0x600], 0x0, 0x0, 0x0}, &(0x7f0000000240)=0x108)
wait4(0x0, 0x0, 0x40000000, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r4, 0x40087447, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0xce, 0x0, 0x3ff}]})
iopl(0xf)
close_range(r0, 0xffffffffffffffff, 0x0)

495.469411ms ago: executing program 7 (id=3539):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0)
ioctl$DVD_READ_STRUCT(r1, 0x5392, &(0x7f00000002c0)=@physical={0x0, 0x1, [{0xb, 0x0, 0x6, 0x1, 0x4, 0x0, 0x0, 0x3, 0xe, 0x0, 0x3ff, 0xc8, 0x6}, {0x6, 0x1, 0x5, 0x1, 0x8, 0x1, 0x3, 0x0, 0x4, 0x1, 0x0, 0x4, 0x80}, {0x5, 0xf, 0x5, 0xa, 0x2, 0x0, 0x3, 0x6, 0x0, 0x0, 0x5, 0x9, 0x4000}, {0xa, 0xf, 0x7, 0x3, 0x4, 0x0, 0x3, 0x3, 0x5, 0x0, 0xb9, 0x9, 0x5}]})
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000340), 0x2440, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r2, 0xc4c03d12, &(0x7f0000000040)={0x5, 0x4})
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x1c, r3, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x1c}}, 0x0)

491.878415ms ago: executing program 6 (id=3540):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="870a001000"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x11, &(0x7f0000000840)=ANY=[@ANYBLOB="18020000ffffffff00000000000000008500000017000000b7080000000000007b8af8ff00000000b7080000ff0100007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="fdffffffffffff7eb7050000e8ffffff84000000a50000009500c7c5000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$radio(&(0x7f0000001080), 0x0, 0x2)
write(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)={0x10c, 0xa, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_USERDATA={0xf7, 0xd, 0x1, 0x0, "1f9c2560f88eb9e5ab9c5c2ff9633e7f4f918c9bbc29e5a84add391e61ccfd841b0e59ae83a95a2a453c2c6f36f770fa0cd7de2dc14e73e4f53d0c09696058b928eed2d3075f33e985e363aa31a5fb973f0acc911a547f00a5756d4ed4f0d2544b3abce64d9fb670888b2e6ec075ab1f5eeaf4fad54bb74a60527f40b93dd7ce997f21ba9b421b54e95c384a57dfd33befd05430d12853b0b4f16e1ad4aaafe05a586691c0b8cd4048371420f968332cdf12119f3afade663127a8d2b5b7cb2c0aea3ed42c7c826fdff6acfda6288f34d01fd383735e9b01f7380762deb9751c6f2480a580147deb1aac9bce344929efc8e397"}]}, 0x10c}, 0x1, 0x0, 0x0, 0x20002040}, 0xc0a0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000b1000000000000002700000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r5, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000a09fa4446129fcab122cfc048e0dfa98f311ddaeb7abb528de777ecabc6a2facfe74b7884629918054e5e211985906f4e7515e27b2ce75478f8da4683924b429e739ff8475cf42b0099248cf22d681349c57b3468ed6f1f810971f0c46230e8279c006b65b51e9d15b65c57f9e607d6233c1afffb63d7a25e3af9adb337cfe69f78223962d61ad2301cf8cb0203ef8b1fefd4cd09b39c67e4f308914a9bcfdc6335bda67a3b048e4af07093c"], 0x50)

405.214005ms ago: executing program 6 (id=3541):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)=0x6)
r1 = openat$cuse(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r1, &(0x7f00000000c0)={0x2a, 0x6, 0x0, {0x2, 0x2, 0x1, 0x0, '!'}}, 0x2a)
r2 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r2, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x7f, 0xb, 0x49, 0x3ff}})

403.207203ms ago: executing program 7 (id=3542):
open(&(0x7f0000000040)='./bus\x00', 0x1c1242, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="2464a9f2df8596740000001600010a00000000000000000a000000040000000c000b0000"], 0x24}, 0x1, 0xe0ffff}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'wg1\x00', 0x40001}, 0x18)
io_uring_setup(0x3936, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x0, 0xffffff01, 0x34324152, 0x1, 0x0, [{0x80000, 0x3}, {0xfffffffc, 0x3}, {}, {0x2}, {0x0, 0x7}, {0xfffffffa, 0x6}, {0x0, 0xd65}], 0x6, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socketpair(0x8, 0x80000, 0x7, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1f000000070000000c000000ffffffff00000000", @ANYRES32, @ANYBLOB="004002847e9954549c35e70400"/31, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000500)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(sha1-avx2,xchacha20-simd)\x00'}, 0x58)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x44800)
munlockall()
r5 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
io_uring_setup(0x1de6, &(0x7f00000002c0)={0x0, 0x0, 0x400, 0x2, 0xfffffffc, 0x0, r5})
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0)
io_setup(0x1, &(0x7f0000000040))
read$FUSE(r5, &(0x7f0000002140)={0x2020}, 0x2020)

403.109157ms ago: executing program 6 (id=3543):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x33, 0x7f, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}})
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28)
socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x82, &(0x7f0000000680)={@local, @empty, @val, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "00be2e", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x860}, {}, {0x8, 0x88be, 0x86ddffff}}}}}}}, 0x0)

304.7906ms ago: executing program 6 (id=3544):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, {0xc, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5, 0x8}}}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r6)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

15.089301ms ago: executing program 6 (id=3545):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)

0s ago: executing program 6 (id=3547):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000fcffffffb702000000000000b703000001000100850000002d000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d", 0x29}], 0x1)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a32000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

2.350489][   T40] audit: type=1326 audit(2000000288.969:10718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16847 comm="syz.4.2679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  422.356918][   T40] audit: type=1326 audit(2000000288.969:10719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16847 comm="syz.4.2679" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  423.044420][T16876] netlink: 84 bytes leftover after parsing attributes in process `syz.6.2687'.
[  423.048389][T16875] netlink: 84 bytes leftover after parsing attributes in process `syz.6.2687'.
[  423.153473][ T5954] Bluetooth: hci1: command tx timeout
[  423.219152][T16891] netlink: 14 bytes leftover after parsing attributes in process `syz.6.2688'.
[  423.480240][T16895] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  423.595004][T16895] /dev/sr0: Can't open blockdev
[  423.733707][T16896] /dev/sr0: Can't open blockdev
[  425.180281][T16916] net_ratelimit: 11 callbacks suppressed
[  425.180293][T16916] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  426.427027][T16938] netlink: 148 bytes leftover after parsing attributes in process `syz.6.2703'.
[  426.430502][T16938] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  426.731362][T16948] umip_printk: 1 callbacks suppressed
[  427.166955][T16961] FAULT_INJECTION: forcing a failure.
[  427.166955][T16961] name failslab, interval 1, probability 0, space 0, times 0
[  427.170658][T16961] CPU: 2 UID: 0 PID: 16961 Comm: syz.7.2709 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  427.170673][T16961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  427.170680][T16961] Call Trace:
[  427.170683][T16961]  <TASK>
[  427.170687][T16961]  dump_stack_lvl+0x16c/0x1f0
[  427.170714][T16961]  should_fail_ex+0x512/0x640
[  427.170726][T16961]  ? __kmalloc_noprof+0xbf/0x510
[  427.170741][T16961]  ? ovl_cache_entry_new+0x3d/0x730
[  427.170757][T16961]  should_failslab+0xc2/0x120
[  427.170772][T16961]  __kmalloc_noprof+0xd2/0x510
[  427.170788][T16961]  ovl_cache_entry_new+0x3d/0x730
[  427.170805][T16961]  ovl_fill_merge+0x601/0xa90
[  427.170822][T16961]  ? __pfx_ovl_fill_merge+0x10/0x10
[  427.170837][T16961]  offset_readdir+0x455/0x6d0
[  427.170850][T16961]  ? apparmor_file_permission+0x251/0x400
[  427.170865][T16961]  iterate_dir+0x293/0xb40
[  427.170879][T16961]  ovl_dir_read_merged+0x21c/0x5d0
[  427.170895][T16961]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  427.170912][T16961]  ? __pfx_ovl_fill_merge+0x10/0x10
[  427.170930][T16961]  ? kasan_save_track+0x14/0x30
[  427.170945][T16961]  ovl_iterate+0x86c/0xe40
[  427.170954][T16961]  ? __pfx_down_read_killable+0x10/0x10
[  427.170970][T16961]  ? __pfx_ovl_iterate+0x10/0x10
[  427.170978][T16961]  wrap_directory_iterator+0x9f/0xe0
[  427.170991][T16961]  iterate_dir+0x293/0xb40
[  427.171004][T16961]  __ia32_sys_getdents64+0x14d/0x2d0
[  427.171017][T16961]  ? __pfx___ia32_sys_getdents64+0x10/0x10
[  427.171030][T16961]  ? fput+0x70/0xf0
[  427.171038][T16961]  ? __pfx_filldir64+0x10/0x10
[  427.171052][T16961]  ? rcu_is_watching+0x12/0xc0
[  427.171063][T16961]  __do_fast_syscall_32+0x73/0x120
[  427.171077][T16961]  do_fast_syscall_32+0x32/0x80
[  427.171090][T16961]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.171103][T16961] RIP: 0023:0xf73ee579
[  427.171111][T16961] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  427.171121][T16961] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 00000000000000dc
[  427.171131][T16961] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000300
[  427.171137][T16961] RDX: 000000000000009a RSI: 0000000000000000 RDI: 0000000000000000
[  427.171142][T16961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  427.171148][T16961] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  427.171154][T16961] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  427.171165][T16961]  </TASK>
[  427.435514][T16991] netlink: 'syz.8.2717': attribute type 1 has an invalid length.
[  427.491384][T16992] ip6erspan0: entered promiscuous mode
[  427.498334][T16994] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2718'.
[  427.846307][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  427.846320][   T40] audit: type=1326 audit(2000000294.509:10766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16999 comm="syz.8.2720" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7fc00000
[  428.351098][   T40] audit: type=1326 audit(2000000295.019:10767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17013 comm="syz.4.2722" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  428.408990][T17017] FAULT_INJECTION: forcing a failure.
[  428.408990][T17017] name failslab, interval 1, probability 0, space 0, times 0
[  428.412616][T17017] CPU: 2 UID: 0 PID: 17017 Comm: syz.6.2723 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  428.412633][T17017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  428.412641][T17017] Call Trace:
[  428.412645][T17017]  <TASK>
[  428.412750][T17017]  dump_stack_lvl+0x16c/0x1f0
[  428.412780][T17017]  should_fail_ex+0x512/0x640
[  428.412794][T17017]  ? fs_reclaim_acquire+0xae/0x150
[  428.412809][T17017]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  428.412826][T17017]  should_failslab+0xc2/0x120
[  428.412845][T17017]  __kmalloc_noprof+0xd2/0x510
[  428.412863][T17017]  tomoyo_realpath_from_path+0xc2/0x6e0
[  428.412881][T17017]  ? tomoyo_profile+0x47/0x60
[  428.412893][T17017]  tomoyo_path_number_perm+0x245/0x580
[  428.412907][T17017]  ? tomoyo_path_number_perm+0x237/0x580
[  428.412922][T17017]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  428.412937][T17017]  ? find_held_lock+0x2b/0x80
[  428.412958][T17017]  ? find_held_lock+0x2b/0x80
[  428.412968][T17017]  ? __fget_files+0x204/0x3c0
[  428.412986][T17017]  ? __fget_files+0x20e/0x3c0
[  428.413002][T17017]  security_file_ioctl_compat+0x9b/0x240
[  428.413019][T17017]  __do_compat_sys_ioctl+0x4e/0x2c0
[  428.413033][T17017]  __do_fast_syscall_32+0x73/0x120
[  428.413050][T17017]  do_fast_syscall_32+0x32/0x80
[  428.413064][T17017]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  428.413079][T17017] RIP: 0023:0xf7fe6579
[  428.413089][T17017] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  428.413100][T17017] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  428.413111][T17017] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0d05604
[  428.413119][T17017] RDX: 0000000080000480 RSI: 0000000000000000 RDI: 0000000000000000
[  428.413125][T17017] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  428.413131][T17017] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  428.413138][T17017] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  428.413149][T17017]  </TASK>
[  428.413156][T17017] ERROR: Out of memory at tomoyo_realpath_from_path.
[  428.520323][   T40] audit: type=1326 audit(2000000295.189:10768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16999 comm="syz.8.2720" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73be579 code=0x7fc00000
[  428.621466][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0804
[  429.229321][T17039] Bluetooth: MGMT ver 1.23
[  430.199751][T17083] FAULT_INJECTION: forcing a failure.
[  430.199751][T17083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.204357][T17083] CPU: 2 UID: 0 PID: 17083 Comm: syz.6.2744 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  430.204373][T17083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.204379][T17083] Call Trace:
[  430.204383][T17083]  <TASK>
[  430.204387][T17083]  dump_stack_lvl+0x16c/0x1f0
[  430.204405][T17083]  should_fail_ex+0x512/0x640
[  430.204425][T17083]  _copy_from_user+0x2e/0xd0
[  430.204437][T17083]  __sys_bpf+0x226/0x4c80
[  430.204454][T17083]  ? __pfx___sys_bpf+0x10/0x10
[  430.204469][T17083]  ? ksys_write+0x190/0x240
[  430.204484][T17083]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  430.204503][T17083]  ? fput+0x70/0xf0
[  430.204512][T17083]  ? ksys_write+0x1b9/0x240
[  430.204525][T17083]  ? __pfx_ksys_write+0x10/0x10
[  430.204540][T17083]  __ia32_sys_bpf+0x76/0xe0
[  430.204555][T17083]  __do_fast_syscall_32+0x73/0x120
[  430.204571][T17083]  do_fast_syscall_32+0x32/0x80
[  430.204584][T17083]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.204597][T17083] RIP: 0023:0xf7fe6579
[  430.204606][T17083] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.204617][T17083] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  430.204626][T17083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  430.204651][T17083] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  430.204661][T17083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.204669][T17083] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.204675][T17083] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.204685][T17083]  </TASK>
[  430.281746][T17087] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2745'.
[  430.305827][T17087] kvm: kvm [17086]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0xc2) = 0x8000
[  430.387253][ T5954] Bluetooth: hci2: unexpected event for opcode 0x0804
[  431.533162][   T40] audit: type=1804 audit(2000000298.199:10769): pid=17146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2755" name="/newroot/576/file0" dev="tmpfs" ino=3131 res=1 errno=0
[  431.536944][T17146] ref_ctr going negative. vaddr: 0x80ffc004, curr val: -15417, delta: 1
[  431.542761][T17146] ref_ctr increment failed for inode: 0xc3b offset: 0x7 ref_ctr_offset: 0x4 of mm: 0xffff8880557a4600
[  433.239504][   T40] audit: type=1326 audit(2000000299.909:10770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.246137][   T40] audit: type=1326 audit(2000000299.909:10771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.252215][   T40] audit: type=1326 audit(2000000299.919:10772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.258422][   T40] audit: type=1326 audit(2000000299.919:10773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.264458][   T40] audit: type=1326 audit(2000000299.919:10774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.271172][   T40] audit: type=1326 audit(2000000299.919:10775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.277276][   T40] audit: type=1326 audit(2000000299.919:10776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.283195][   T40] audit: type=1326 audit(2000000299.919:10777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.289089][   T40] audit: type=1326 audit(2000000299.919:10778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.294953][   T40] audit: type=1326 audit(2000000299.919:10779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17228 comm="syz.6.2768" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x7ffc0000
[  433.335935][T17231] macsec0: entered promiscuous mode
[  433.337809][T17231] macsec0: entered allmulticast mode
[  433.339334][T17231] veth1_macvtap: entered allmulticast mode
[  433.732219][T17262] input: syz1 as /devices/virtual/input/input102
[  433.735341][T17262] FAULT_INJECTION: forcing a failure.
[  433.735341][T17262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.740781][T17262] CPU: 3 UID: 0 PID: 17262 Comm: syz.7.2772 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  433.740796][T17262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.740802][T17262] Call Trace:
[  433.740805][T17262]  <TASK>
[  433.740809][T17262]  dump_stack_lvl+0x16c/0x1f0
[  433.740827][T17262]  should_fail_ex+0x512/0x640
[  433.740839][T17262]  _copy_from_user+0x2e/0xd0
[  433.740852][T17262]  input_event_from_user+0x22b/0x3b0
[  433.740865][T17262]  ? __pfx_input_event_from_user+0x10/0x10
[  433.740879][T17262]  ? input_event+0x57/0xb0
[  433.740891][T17262]  uinput_write+0xbb4/0x12b0
[  433.740907][T17262]  ? __pfx_uinput_write+0x10/0x10
[  433.740921][T17262]  ? bpf_lsm_file_permission+0x9/0x10
[  433.740936][T17262]  ? security_file_permission+0x71/0x210
[  433.740952][T17262]  ? rw_verify_area+0xcf/0x680
[  433.740965][T17262]  vfs_write+0x25c/0x1180
[  433.740978][T17262]  ? __pfx_uinput_write+0x10/0x10
[  433.740993][T17262]  ? __pfx_vfs_write+0x10/0x10
[  433.741005][T17262]  ? find_held_lock+0x2b/0x80
[  433.741017][T17262]  ? __fget_files+0x204/0x3c0
[  433.741032][T17262]  ? __fget_files+0x20e/0x3c0
[  433.741048][T17262]  ksys_write+0x205/0x240
[  433.741060][T17262]  ? __pfx_ksys_write+0x10/0x10
[  433.741074][T17262]  ? rcu_is_watching+0x12/0xc0
[  433.741086][T17262]  __do_fast_syscall_32+0x73/0x120
[  433.741100][T17262]  do_fast_syscall_32+0x32/0x80
[  433.741113][T17262]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.741126][T17262] RIP: 0023:0xf73ee579
[  433.741134][T17262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.741147][T17262] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  433.741161][T17262] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000680
[  433.741170][T17262] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[  433.741178][T17262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.741187][T17262] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.741196][T17262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.741210][T17262]  </TASK>
[  433.924839][T17260] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  434.036344][T17281] overlayfs: conflicting options: userxattr,redirect_dir=on
[  434.207594][T17297] fuse: Bad value for 'fd'
[  434.399264][ T6007] IPVS: starting estimator thread 0...
[  434.546124][T17306] IPVS: using max 48 ests per chain, 115200 per kthread
[  434.619740][T17309] macsec0: entered promiscuous mode
[  434.621544][T17309] macsec0: entered allmulticast mode
[  434.623325][T17309] veth1_macvtap: entered allmulticast mode
[  435.070236][T17323] FAULT_INJECTION: forcing a failure.
[  435.070236][T17323] name failslab, interval 1, probability 0, space 0, times 0
[  435.075272][T17323] CPU: 2 UID: 0 PID: 17323 Comm: syz.8.2791 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  435.075294][T17323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  435.075310][T17323] Call Trace:
[  435.075316][T17323]  <TASK>
[  435.075323][T17323]  dump_stack_lvl+0x16c/0x1f0
[  435.075348][T17323]  should_fail_ex+0x512/0x640
[  435.075366][T17323]  ? fs_reclaim_acquire+0xae/0x150
[  435.075386][T17323]  ? tomoyo_supervisor+0x45b/0x13b0
[  435.075402][T17323]  should_failslab+0xc2/0x120
[  435.075427][T17323]  __kmalloc_noprof+0xd2/0x510
[  435.075447][T17323]  ? tomoyo_profile+0x47/0x60
[  435.075461][T17323]  ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0
[  435.075482][T17323]  tomoyo_supervisor+0x45b/0x13b0
[  435.075501][T17323]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  435.075531][T17323]  ? tomoyo_check_acl+0x1f7/0x410
[  435.075548][T17323]  ? tomoyo_check_acl+0x31c/0x410
[  435.075567][T17323]  tomoyo_env_perm+0x191/0x200
[  435.075585][T17323]  ? __pfx_tomoyo_env_perm+0x10/0x10
[  435.075604][T17323]  ? tomoyo_find_next_domain+0xd8c/0x20b0
[  435.075624][T17323]  tomoyo_find_next_domain+0xec2/0x20b0
[  435.075648][T17323]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  435.075673][T17323]  tomoyo_bprm_check_security+0x12e/0x1d0
[  435.075690][T17323]  ? tomoyo_bprm_check_security+0x120/0x1d0
[  435.075712][T17323]  security_bprm_check+0x1b9/0x1e0
[  435.075731][T17323]  bprm_execve+0x82d/0x1700
[  435.075754][T17323]  ? __pfx_bprm_execve+0x10/0x10
[  435.075774][T17323]  ? copy_string_kernel+0x210/0x250
[  435.075796][T17323]  do_execveat_common.isra.0+0x4a5/0x610
[  435.075819][T17323]  __ia32_compat_sys_execve+0x92/0xc0
[  435.075841][T17323]  __do_fast_syscall_32+0x73/0x120
[  435.075864][T17323]  do_fast_syscall_32+0x32/0x80
[  435.075884][T17323]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  435.075903][T17323] RIP: 0023:0xf73be579
[  435.075915][T17323] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  435.075930][T17323] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 000000000000000b
[  435.075945][T17323] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  435.075955][T17323] RDX: 0000000080019100 RSI: 0000000000000000 RDI: 0000000000000000
[  435.075964][T17323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  435.075985][T17323] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  435.075996][T17323] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  435.076015][T17323]  </TASK>
[  435.437888][T17333] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  435.747196][T17333] /dev/sr0: Can't open blockdev
[  435.878773][T17329] /dev/sr0: Can't open blockdev
[  436.765420][T17370] kernel read not supported for file /!s (pid: 17370 comm: syz.4.2801)
[  437.313922][T17390] netdevsim netdevsim6: Direct firmware load for .
[  437.313922][T17390]  failed with error -2
[  437.317716][T17390] netdevsim netdevsim6: Falling back to sysfs fallback for: .
[  437.317716][T17390] 
[  438.575010][   T40] kauditd_printk_skb: 97 callbacks suppressed
[  438.575022][   T40] audit: type=1326 audit(2000000305.239:10877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.7.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  438.583832][   T40] audit: type=1326 audit(2000000305.239:10878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.7.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  438.743849][T17430] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2827'.
[  438.827949][ T6006] libceph: connect (1)[c::]:6789 error -101
[  438.829701][ T6006] libceph: mon0 (1)[c::]:6789 connect error
[  438.958235][ T1331] libceph: connect (1)[c::]:6789 error -101
[  438.964235][ T1331] libceph: mon0 (1)[c::]:6789 connect error
[  439.109851][ T1331] libceph: connect (1)[c::]:6789 error -101
[  439.111637][ T1331] libceph: mon0 (1)[c::]:6789 connect error
[  439.127482][T17447] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  439.236257][ T6006] libceph: connect (1)[c::]:6789 error -101
[  439.238066][ T6006] libceph: mon0 (1)[c::]:6789 connect error
[  439.426108][ T1331] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  439.539392][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  439.575784][T17439] ceph: No mds server is up or the cluster is laggy
[  439.575840][T17433] ceph: No mds server is up or the cluster is laggy
[  439.577436][ T1331] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.577453][ T1331] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.577465][ T1331] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  439.577482][ T1331] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  439.577493][ T1331] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.586552][ T1331] usb 11-1: config 0 descriptor??
[  439.655918][T17462] gre1: entered promiscuous mode
[  439.800999][   T40] audit: type=1326 audit(2000000306.469:10879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17465 comm="syz.8.2839" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  439.807960][   T40] audit: type=1326 audit(2000000306.469:10880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17465 comm="syz.8.2839" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  439.825923][T17473] netlink: 'syz.8.2840': attribute type 3 has an invalid length.
[  439.842282][T17475] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2841'.
[  440.020092][T17485] netlink: 104 bytes leftover after parsing attributes in process `syz.8.2844'.
[  440.176138][    C3] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  440.186311][ T1331] usbhid 11-1:0.0: can't add hid device: -71
[  440.188027][ T1331] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  440.193076][ T1331] usb 11-1: USB disconnect, device number 4
[  440.742573][T14651] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  440.746940][T14651] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  440.749562][T14651] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  440.765835][T14651] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  440.768602][T14651] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  440.770674][T14651] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  440.797457][ T8173] bond0: (slave syz_tun): Releasing backup interface
[  440.822614][T17503] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  440.899290][ T7220] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  440.902236][ T7220] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.912721][T17498] chnl_net:caif_netlink_parms(): no params data found
[  440.963869][T17498] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.967599][T17498] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.970196][T17498] bridge_slave_0: entered allmulticast mode
[  440.972789][T17498] bridge_slave_0: entered promiscuous mode
[  440.975809][T17498] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.978246][T17498] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.980242][T17498] bridge_slave_1: entered allmulticast mode
[  440.982333][T17498] bridge_slave_1: entered promiscuous mode
[  441.000621][T17498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  441.004131][T17498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  441.024603][ T7220] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  441.027798][ T7220] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.038542][T17498] team0: Port device team_slave_0 added
[  441.041270][T17498] team0: Port device team_slave_1 added
[  441.066676][T17498] batman_adv: batadv0: Adding interface: batadv_slave_0
[  441.068621][T17498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.077346][T17498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  441.081755][T17498] batman_adv: batadv0: Adding interface: batadv_slave_1
[  441.083877][T17498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.091529][T17519] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2852'.
[  441.093111][T17498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.120917][ T7220] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  441.123935][ T7220] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.143458][T17498] hsr_slave_0: entered promiscuous mode
[  441.145690][T17498] hsr_slave_1: entered promiscuous mode
[  441.149004][T17498] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  441.151510][T17498] Cannot create hsr debugfs directory
[  441.217725][ T7220] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  441.220966][ T7220] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.322277][ T7220] bridge_slave_1: left allmulticast mode
[  441.324477][ T7220] bridge_slave_1: left promiscuous mode
[  441.326968][ T7220] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.338578][ T7220] bridge_slave_0: left allmulticast mode
[  441.340817][ T7220] bridge_slave_0: left promiscuous mode
[  441.343120][ T7220] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.358928][ T7220] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  441.411950][ T7220] bond1 (unregistering): (slave ip6erspan0): Releasing active interface
[  441.422513][ T7220] batman_adv: batadv0: Removing interface: ip6gretap1
[  441.470199][ T7220] batman_adv: batadv0: Removing interface: gretap1
[  441.474000][ T7220] batman_adv: batadv0: Removing interface: gretap3
[  441.964949][T17532] netlink: 'syz.7.2856': attribute type 11 has an invalid length.
[  442.050531][ T7220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  442.056877][ T7220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  442.061421][ T7220] bond0 (unregistering): Released all slaves
[  442.148794][ T7220] bond1 (unregistering): Released all slaves
[  442.225671][ T7220] bond2 (unregistering): (slave veth3): Releasing backup interface
[  442.228899][ T7220] bond2 (unregistering): Released all slaves
[  442.259271][T17539] vlan2: entered allmulticast mode
[  442.261087][T17539] bond0: entered allmulticast mode
[  442.262651][T17539] bond_slave_0: entered allmulticast mode
[  442.264319][T17539] bond_slave_1: entered allmulticast mode
[  442.266614][T17539] bond0: left allmulticast mode
[  442.268050][T17539] bond_slave_0: left allmulticast mode
[  442.269688][T17539] bond_slave_1: left allmulticast mode
[  442.305112][ T7220] tipc: Disabling bearer <udp:s>
[  442.306952][ T7220] tipc: Left network mode
[  442.429302][T17549] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2860'.
[  442.591688][ T7220] hsr_slave_1: left promiscuous mode
[  442.593412][ T7220] batman_adv: batadv0: Interface deactivated: dummy0
[  442.595294][ T7220] batman_adv: batadv0: Removing interface: dummy0
[  442.599580][ T7220] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.603893][ T7220] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.606476][ T7220] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.608651][ T7220] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.627091][ T7220] veth1_macvtap: left allmulticast mode
[  442.629412][ T7220] veth1_macvtap: left promiscuous mode
[  442.630969][ T7220] veth0_macvtap: left promiscuous mode
[  442.796155][T17576] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2863'.
[  442.827993][ T5954] Bluetooth: hci4: command tx timeout
[  443.639872][ T7220] team0 (unregistering): Port device team_slave_1 removed
[  443.737805][ T7220] team0 (unregistering): Port device team_slave_0 removed
[  444.382709][T17498] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  444.391493][T17498] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  444.394107][T17592] FAULT_INJECTION: forcing a failure.
[  444.394107][T17592] name failslab, interval 1, probability 0, space 0, times 0
[  444.399346][T17592] CPU: 0 UID: 0 PID: 17592 Comm: syz.6.2870 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  444.399363][T17592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.399373][T17592] Call Trace:
[  444.399376][T17592]  <TASK>
[  444.399381][T17592]  dump_stack_lvl+0x16c/0x1f0
[  444.399400][T17592]  should_fail_ex+0x512/0x640
[  444.399412][T17592]  ? fs_reclaim_acquire+0xae/0x150
[  444.399425][T17592]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  444.399442][T17592]  should_failslab+0xc2/0x120
[  444.399458][T17592]  __kmalloc_noprof+0xd2/0x510
[  444.399475][T17592]  tomoyo_realpath_from_path+0xc2/0x6e0
[  444.399493][T17592]  ? tomoyo_profile+0x47/0x60
[  444.399504][T17592]  tomoyo_path_number_perm+0x245/0x580
[  444.399517][T17592]  ? tomoyo_path_number_perm+0x237/0x580
[  444.399532][T17592]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  444.399547][T17592]  ? find_held_lock+0x2b/0x80
[  444.399566][T17592]  ? find_held_lock+0x2b/0x80
[  444.399576][T17592]  ? __fget_files+0x204/0x3c0
[  444.399593][T17592]  ? __fget_files+0x20e/0x3c0
[  444.399608][T17592]  security_file_ioctl_compat+0x9b/0x240
[  444.399631][T17592]  __do_compat_sys_ioctl+0x4e/0x2c0
[  444.399645][T17592]  __do_fast_syscall_32+0x73/0x120
[  444.399660][T17592]  do_fast_syscall_32+0x32/0x80
[  444.399674][T17592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.399687][T17592] RIP: 0023:0xf7fe6579
[  444.399696][T17592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.399706][T17592] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  444.399717][T17592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b65
[  444.399724][T17592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  444.399730][T17592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.399736][T17592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  444.399742][T17592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.399753][T17592]  </TASK>
[  444.399757][T17592] ERROR: Out of memory at tomoyo_realpath_from_path.
[  444.468544][T17498] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  444.472033][T17498] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  444.533614][T17498] 8021q: adding VLAN 0 to HW filter on device bond0
[  444.562743][T17498] 8021q: adding VLAN 0 to HW filter on device team0
[  444.577471][ T7179] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.579493][ T7179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.597828][ T7204] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.599920][ T7204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.616596][T17612] can0: slcan on ptm1.
[  444.794292][ T7220] IPVS: stop unused estimator thread 0...
[  444.840912][T17498] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.896080][ T5954] Bluetooth: hci4: command tx timeout
[  445.082086][T17498] veth0_vlan: entered promiscuous mode
[  445.089120][T17498] veth1_vlan: entered promiscuous mode
[  445.126617][T17498] veth0_macvtap: entered promiscuous mode
[  445.127598][T17649] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2879'.
[  445.141942][T17498] veth1_macvtap: entered promiscuous mode
[  445.159385][T17498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  445.162235][T17498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.164803][T17498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  445.167701][T17498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.171647][T17498] batman_adv: batadv0: Interface activated: batadv_slave_0
[  445.182871][T17498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  445.185802][T17498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.189568][T17498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  445.192477][T17498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.196434][T17498] batman_adv: batadv0: Interface activated: batadv_slave_1
[  445.203255][T17498] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.205709][T17498] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.209894][T17498] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.212426][T17498] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.263896][ T7212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.268361][ T7212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.290906][ T7212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.293201][ T7212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.536255][T17611] can0 (unregistered): slcan off ptm1.
[  445.874428][T17682] netlink: 160 bytes leftover after parsing attributes in process `syz.8.2885'.
[  445.905148][T17682] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer.
[  446.134764][   T40] audit: type=1326 audit(2000000312.799:10881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17680 comm="syz.7.2884" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0
[  446.369488][T17703] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  446.373126][T17703] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.480973][T17703] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  446.483857][T17703] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.640045][T17703] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  446.643156][T17703] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.882312][T17703] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  446.885340][T17703] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.976122][ T5954] Bluetooth: hci4: command tx timeout
[  446.986673][   T40] audit: type=1326 audit(2000000313.639:10882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  446.992761][   T40] audit: type=1326 audit(2000000313.639:10883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  446.999387][   T40] audit: type=1326 audit(2000000313.639:10884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.005280][   T40] audit: type=1326 audit(2000000313.639:10885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.011310][   T40] audit: type=1326 audit(2000000313.639:10886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.017406][   T40] audit: type=1326 audit(2000000313.639:10887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.023801][   T40] audit: type=1326 audit(2000000313.639:10888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=247 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.029780][   T40] audit: type=1326 audit(2000000313.699:10889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.034513][T17703] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  447.035819][   T40] audit: type=1326 audit(2000000313.699:10890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17708 comm="syz.7.2893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  447.038803][T17703] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  447.050824][T17703] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  447.053168][T17703] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  447.058073][T17703] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  447.060409][T17703] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  447.065751][T17703] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  447.068274][T17703] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.509072][T17724] "syz.7.2896" (17724) uses obsolete ecb(arc4) skcipher
[  448.136262][T17733] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4234274794 (67748396704 ns) > initial count (26801589552 ns). Using initial count to start timer.
[  449.056088][ T5954] Bluetooth: hci4: command tx timeout
[  449.254058][T17750] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  449.335361][T17736] FAULT_INJECTION: forcing a failure.
[  449.335361][T17736] name failslab, interval 1, probability 0, space 0, times 0
[  449.339062][T17736] CPU: 1 UID: 0 PID: 17736 Comm: syz.7.2900 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  449.339077][T17736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.339083][T17736] Call Trace:
[  449.339087][T17736]  <TASK>
[  449.339091][T17736]  dump_stack_lvl+0x16c/0x1f0
[  449.339109][T17736]  should_fail_ex+0x512/0x640
[  449.339121][T17736]  should_failslab+0xc2/0x120
[  449.339137][T17736]  __kmalloc_cache_noprof+0x6a/0x3e0
[  449.339151][T17736]  ? sctp_add_bind_addr+0xae/0x3f0
[  449.339163][T17736]  sctp_add_bind_addr+0xae/0x3f0
[  449.339174][T17736]  sctp_copy_local_addr_list+0x39d/0x5a0
[  449.339189][T17736]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  449.339203][T17736]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  449.339218][T17736]  ? sctp_bind_addr_copy+0xe0/0x530
[  449.339228][T17736]  sctp_bind_addr_copy+0xe0/0x530
[  449.339241][T17736]  sctp_connect_new_asoc+0x1d7/0x790
[  449.339256][T17736]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  449.339273][T17736]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  449.339289][T17736]  sctp_sendmsg+0x15f9/0x1ee0
[  449.339306][T17736]  ? __pfx_sctp_sendmsg+0x10/0x10
[  449.339325][T17736]  ? __might_fault+0xe3/0x190
[  449.339335][T17736]  ? __pfx_aa_sk_perm+0x10/0x10
[  449.339349][T17736]  ? __pfx_sctp_sendmsg+0x10/0x10
[  449.339364][T17736]  inet_sendmsg+0x119/0x140
[  449.339380][T17736]  __sys_sendto+0x431/0x510
[  449.339393][T17736]  ? __pfx___sys_sendto+0x10/0x10
[  449.339412][T17736]  ? ksys_write+0x1b9/0x240
[  449.339426][T17736]  ? __pfx_ksys_write+0x10/0x10
[  449.339440][T17736]  __ia32_sys_sendto+0xdd/0x1b0
[  449.339452][T17736]  ? lockdep_hardirqs_on+0x7c/0x110
[  449.339464][T17736]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  449.339478][T17736]  __do_fast_syscall_32+0x73/0x120
[  449.339491][T17736]  do_fast_syscall_32+0x32/0x80
[  449.339505][T17736]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.339517][T17736] RIP: 0023:0xf73ee579
[  449.339525][T17736] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.339535][T17736] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  449.339551][T17736] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000500
[  449.339558][T17736] RDX: 0000000000034000 RSI: 0000000000000040 RDI: 0000000080000000
[  449.339564][T17736] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  449.339570][T17736] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.339575][T17736] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.339586][T17736]  </TASK>
[  449.967801][T17765] syz.8.2908: attempt to access beyond end of device
[  449.967801][T17765] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  450.629455][T17789] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2913'.
[  451.168993][T17801] wireguard0: entered promiscuous mode
[  451.174758][T17801] wireguard0: entered allmulticast mode
[  451.440233][T17809] x_tables: duplicate underflow at hook 2
[  452.391322][T17838] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2924'.
[  452.696571][T17838] mac80211_hwsim hwsim171 wlan1: entered allmulticast mode
[  452.797494][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  452.797505][   T40] audit: type=1326 audit(2000000319.459:10928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17832 comm="syz.6.2928" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe6579 code=0x0
[  453.171962][T17825] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2924'.
[  453.202219][T14651] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  453.202358][T17847] x_tables: duplicate underflow at hook 2
[  454.288991][T17867] netlink: 209852 bytes leftover after parsing attributes in process `syz.8.2942'.
[  454.311114][T17869] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2937'.
[  454.368869][T17869] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer.
[  454.442591][T17879] FAULT_INJECTION: forcing a failure.
[  454.442591][T17879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.446888][T17879] CPU: 1 UID: 0 PID: 17879 Comm: syz.6.2948 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  454.446905][T17879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  454.446911][T17879] Call Trace:
[  454.446915][T17879]  <TASK>
[  454.446919][T17879]  dump_stack_lvl+0x16c/0x1f0
[  454.446985][T17879]  should_fail_ex+0x512/0x640
[  454.447015][T17879]  _copy_from_user+0x2e/0xd0
[  454.447028][T17879]  io_submit_one+0xbb/0x1da0
[  454.447044][T17879]  ? __lock_acquire+0xaa4/0x1ba0
[  454.447059][T17879]  ? __pfx_io_submit_one+0x10/0x10
[  454.447076][T17879]  ? __might_fault+0xe3/0x190
[  454.447085][T17879]  ? __might_fault+0x13b/0x190
[  454.447095][T17879]  ? __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  454.447110][T17879]  __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  454.447125][T17879]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  454.447140][T17879]  ? fput+0x70/0xf0
[  454.447151][T17879]  ? rcu_is_watching+0x12/0xc0
[  454.447162][T17879]  __do_fast_syscall_32+0x73/0x120
[  454.447176][T17879]  do_fast_syscall_32+0x32/0x80
[  454.447189][T17879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  454.447202][T17879] RIP: 0023:0xf7fe6579
[  454.447210][T17879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  454.447220][T17879] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  454.447230][T17879] RAX: ffffffffffffffda RBX: 00000000f50c6000 RCX: 0000000000000001
[  454.447237][T17879] RDX: 0000000080000640 RSI: 0000000000000000 RDI: 0000000000000000
[  454.447243][T17879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  454.447248][T17879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  454.447254][T17879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  454.447264][T17879]  </TASK>
[  455.066180][T14651] Bluetooth: hci4: command 0x0405 tx timeout
[  455.629029][   T40] audit: type=1326 audit(2000000322.299:10929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17881 comm="syz.8.2940" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73be579 code=0x0
[  456.172957][T17909] netlink: 209852 bytes leftover after parsing attributes in process `syz.7.2951'.
[  456.354040][T17915] netlink: 44 bytes leftover after parsing attributes in process `syz.8.2947'.
[  456.398184][T17915] mac80211_hwsim hwsim168 wlan1: entered allmulticast mode
[  456.520559][T17915] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2947'.
[  457.439479][T17929] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2957'.
[  457.442011][T17929] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2957'.
[  457.449851][T17929] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2957'.
[  457.767929][T17948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2963'.
[  457.772590][T17948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2963'.
[  458.625919][T17967] ������: renamed from lo (while UP)
[  459.236281][T17984] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2979'.
[  459.598431][T17974] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  459.897209][T17999] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2985'.
[  459.900586][T17999] netlink: 'syz.8.2985': attribute type 6 has an invalid length.
[  460.020262][T18009] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  460.818808][ T5954] Bluetooth: hci3: command 0x0406 tx timeout
[  461.652660][T18043] __nla_validate_parse: 2 callbacks suppressed
[  461.652672][T18043] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3001'.
[  461.787469][T18051] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3005'.
[  461.818877][T18054] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3004'.
[  461.825173][T18054] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3004'.
[  461.862836][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3008'.
[  461.865400][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3008'.
[  461.868245][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3008'.
[  461.871550][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3008'.
[  461.874074][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3008'.
[  463.743278][T18099] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3022'.
[  465.206707][T18124] FAULT_INJECTION: forcing a failure.
[  465.206707][T18124] name failslab, interval 1, probability 0, space 0, times 0
[  465.210168][T18124] CPU: 3 UID: 0 PID: 18124 Comm: syz.6.3029 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  465.210183][T18124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  465.210189][T18124] Call Trace:
[  465.210192][T18124]  <TASK>
[  465.210197][T18124]  dump_stack_lvl+0x16c/0x1f0
[  465.210266][T18124]  should_fail_ex+0x512/0x640
[  465.210295][T18124]  ? fs_reclaim_acquire+0xae/0x150
[  465.210308][T18124]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  465.210324][T18124]  should_failslab+0xc2/0x120
[  465.210343][T18124]  __kmalloc_noprof+0xd2/0x510
[  465.210359][T18124]  tomoyo_realpath_from_path+0xc2/0x6e0
[  465.210376][T18124]  ? tomoyo_profile+0x47/0x60
[  465.210386][T18124]  tomoyo_path_number_perm+0x245/0x580
[  465.210399][T18124]  ? tomoyo_path_number_perm+0x237/0x580
[  465.210413][T18124]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  465.210427][T18124]  ? find_held_lock+0x2b/0x80
[  465.210446][T18124]  ? find_held_lock+0x2b/0x80
[  465.210456][T18124]  ? __fget_files+0x204/0x3c0
[  465.210471][T18124]  ? __fget_files+0x20e/0x3c0
[  465.210486][T18124]  security_file_ioctl_compat+0x9b/0x240
[  465.210502][T18124]  __do_compat_sys_ioctl+0x4e/0x2c0
[  465.210515][T18124]  __do_fast_syscall_32+0x73/0x120
[  465.210529][T18124]  do_fast_syscall_32+0x32/0x80
[  465.210542][T18124]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  465.210555][T18124] RIP: 0023:0xf7fe6579
[  465.210563][T18124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  465.210574][T18124] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  465.210584][T18124] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040044590
[  465.210590][T18124] RDX: 0000000080001180 RSI: 0000000000000000 RDI: 0000000000000000
[  465.210596][T18124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  465.210601][T18124] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  465.210607][T18124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  465.210617][T18124]  </TASK>
[  465.210622][T18124] ERROR: Out of memory at tomoyo_realpath_from_path.
[  465.447045][   T40] audit: type=1326 audit(2000000332.119:10930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18142 comm="syz.6.3036" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe6579 code=0x0
[  465.696120][ T1331] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  465.751197][T18151] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  465.782655][T18152] No source specified
[  465.867291][ T1331] usb 9-1: config index 0 descriptor too short (expected 45, got 36)
[  465.869390][ T1331] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  465.876080][ T1331] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  465.880352][ T1331] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  465.885526][ T1331] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  465.888861][T18154] netlink: 'syz.8.3040': attribute type 10 has an invalid length.
[  465.889173][ T1331] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  465.891293][T18154] mac80211_hwsim hwsim168 wlan1: left allmulticast mode
[  465.894490][ T1331] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.895627][T18143] autofs: Unknown parameter '��0x0000000000000000'
[  465.905051][ T1331] usb 9-1: config 0 descriptor??
[  465.907482][T18147] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  466.313650][ T1331] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xe
[  466.316616][ T1331] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  466.326159][ T1331] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  466.399355][T18172] syzkaller0: entered promiscuous mode
[  466.401003][T18172] syzkaller0: entered allmulticast mode
[  466.513105][   T10] usb 9-1: USB disconnect, device number 5
[  467.973566][T18190] __nla_validate_parse: 8 callbacks suppressed
[  467.973576][T18190] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3051'.
[  468.073361][T18199] batman_adv: batadv0: Adding interface: ip6gretap1
[  468.076115][T18199] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  468.083219][T18199] batman_adv: batadv0: Interface activated: ip6gretap1
[  468.085287][T18199] batadv0: mtu less than device minimum
[  468.087494][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.091035][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.094422][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.097827][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.101277][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.104568][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.107933][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.111353][T18199] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  468.196169][T18199] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input104
[  469.747263][ T7237] bond0: (slave bond_slave_0): interface is now down
[  469.750302][ T7237] bond0: (slave bond_slave_1): interface is now down
[  469.755121][T18238] netlink: 'syz.4.3064': attribute type 10 has an invalid length.
[  469.757779][ T7237] bond0: now running without any active interface!
[  469.761958][T18238] syz_tun: entered promiscuous mode
[  469.765309][T18238] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  469.768140][T18238] FAULT_INJECTION: forcing a failure.
[  469.768140][T18238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.771783][T18238] CPU: 0 UID: 0 PID: 18238 Comm: syz.4.3064 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  469.771798][T18238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.771804][T18238] Call Trace:
[  469.771808][T18238]  <TASK>
[  469.771812][T18238]  dump_stack_lvl+0x16c/0x1f0
[  469.771829][T18238]  should_fail_ex+0x512/0x640
[  469.771842][T18238]  _copy_from_iter+0x2a4/0x15b0
[  469.771857][T18238]  ? __pfx__copy_from_iter+0x10/0x10
[  469.771868][T18238]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  469.771888][T18238]  copy_page_from_iter+0xa5/0x120
[  469.771901][T18238]  tun_build_skb.constprop.0+0x293/0xf00
[  469.771916][T18238]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  469.771928][T18238]  ? __lock_acquire+0x5ca/0x1ba0
[  469.771946][T18238]  ? find_held_lock+0x2b/0x80
[  469.771957][T18238]  tun_get_user+0x87a/0x3f20
[  469.771970][T18238]  ? __lock_acquire+0x5ca/0x1ba0
[  469.771983][T18238]  ? __pfx_tun_get_user+0x10/0x10
[  469.771993][T18238]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  469.772007][T18238]  ? find_held_lock+0x2b/0x80
[  469.772017][T18238]  ? tun_get+0x191/0x370
[  469.772027][T18238]  tun_chr_write_iter+0xdc/0x210
[  469.772038][T18238]  vfs_write+0x5ba/0x1180
[  469.772052][T18238]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  469.772064][T18238]  ? __pfx_vfs_write+0x10/0x10
[  469.772076][T18238]  ? find_held_lock+0x2b/0x80
[  469.772095][T18238]  ksys_write+0x12a/0x240
[  469.772108][T18238]  ? __pfx_ksys_write+0x10/0x10
[  469.772121][T18238]  ? rcu_is_watching+0x12/0xc0
[  469.772133][T18238]  __do_fast_syscall_32+0x73/0x120
[  469.772147][T18238]  do_fast_syscall_32+0x32/0x80
[  469.772161][T18238]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.772173][T18238] RIP: 0023:0xf7f15579
[  469.772181][T18238] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.772191][T18238] RSP: 002b:00000000f5036520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  469.772201][T18238] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000700
[  469.772208][T18238] RDX: 000000000000002b RSI: 00000000f739cff4 RDI: 0000000000000000
[  469.772214][T18238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.772219][T18238] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.772225][T18238] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.772236][T18238]  </TASK>
[  469.780128][ T7220] bond0: (slave syz_tun): interface is now down
[  469.850280][ T7220] bond0: now running without any active interface!
[  470.874552][T18258] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  470.885346][T18263] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in;
[  470.885346][T18263]    program syz.7.3070 not setting count and/or reply_len properly
[  471.813326][T18294] bond2: entered promiscuous mode
[  471.818313][T18294] bond2: entered allmulticast mode
[  471.820157][T18294] 8021q: adding VLAN 0 to HW filter on device bond2
[  471.911449][T18294] bond2 (unregistering): Released all slaves
[  471.990722][T18299] fuse: Bad value for 'rootmode'
[  471.992997][T18299] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  472.069077][T18303] batman_adv: batadv0: Adding interface: ip6gretap1
[  472.071870][T18303] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.079635][T18303] batman_adv: batadv0: Interface activated: ip6gretap1
[  472.907550][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3105'.
[  472.910108][T18355] netlink: 93 bytes leftover after parsing attributes in process `syz.6.3105'.
[  472.984659][T18360] netlink: 136 bytes leftover after parsing attributes in process `syz.6.3107'.
[  472.987284][T18360] net_ratelimit: 11 callbacks suppressed
[  472.987291][T18360] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  473.020391][T18362] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3108'.
[  473.270305][T18375] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  473.520844][T18389] serio: Serial port ptm0
[  474.508429][T18406] syz.4.3119: attempt to access beyond end of device
[  474.508429][T18406] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  474.512373][T18406] gfs2: error -5 reading superblock
[  474.700902][T18410] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3122'.
[  474.703885][T18410] netlink: 56 bytes leftover after parsing attributes in process `syz.8.3122'.
[  474.722485][T18411] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3121'.
[  474.728155][T18413] bridge0: port 3(syz_tun) entered blocking state
[  474.730242][T18413] bridge0: port 3(syz_tun) entered disabled state
[  474.732145][T18413] syz_tun: entered allmulticast mode
[  474.734295][T18413] syz_tun: entered promiscuous mode
[  474.736409][T18413] bridge0: port 3(syz_tun) entered blocking state
[  474.739536][T18413] bridge0: port 3(syz_tun) entered forwarding state
[  474.824912][T18416] netlink: 'syz.8.3124': attribute type 1 has an invalid length.
[  474.829127][T18416] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3124'.
[  474.885184][T18417] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3124'.
[  475.029753][T18419] CIFS mount error: No usable UNC path provided in device string!
[  475.029753][T18419] 
[  475.032678][T18419] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  475.075299][T18424] netlink: 'syz.6.3127': attribute type 2 has an invalid length.
[  475.130162][T18435] netlink: 'syz.6.3127': attribute type 2 has an invalid length.
[  475.138954][T18438] random: crng reseeded on system resumption
[  475.548051][T18452] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  475.692829][T18463] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  475.837743][T18475] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3143'.
[  475.897682][ T9082] IPVS: starting estimator thread 0...
[  475.996742][T18482] IPVS: using max 47 ests per chain, 112800 per kthread
[  476.069053][T18488] bond1: entered promiscuous mode
[  476.070786][T18488] bond1: entered allmulticast mode
[  476.071771][T18480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.072342][T18488] 8021q: adding VLAN 0 to HW filter on device bond1
[  476.074346][T18480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.952519][T18509] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[  476.953306][T18488] bond1 (unregistering): Released all slaves
[  476.983447][T18511] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3155'.
[  477.008738][T18514] program syz.7.3156 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  477.282852][T18529] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3158'.
[  477.976334][T18540] syzkaller1: entered promiscuous mode
[  477.977868][T18540] syzkaller1: entered allmulticast mode
[  478.015868][T18540] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3165'.
[  478.020493][T18540] gre0: entered promiscuous mode
[  478.684970][T18587] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3176'.
[  478.721462][T18591] netlink: 'syz.6.3180': attribute type 10 has an invalid length.
[  478.724833][T18591] netlink: 'syz.6.3180': attribute type 10 has an invalid length.
[  478.963382][T18594] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3181'.
[  478.992912][T18598] tipc: Started in network mode
[  478.994391][T18598] tipc: Node identity ac1414aa, cluster identity 4711
[  478.996779][T18598] tipc: Enabled bearer <udp:s>, priority 10
[  479.472485][T18618] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  479.510945][T18623] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3193'.
[  479.519702][T18625] batman_adv: batadv0: Adding interface: dummy0
[  479.521485][T18625] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.529193][T18625] batman_adv: batadv0: Interface activated: dummy0
[  479.790051][T18639] netlink: 'syz.4.3198': attribute type 10 has an invalid length.
[  479.803647][T18639] team0: Port device netdevsim0 added
[  479.812477][T18639] netlink: 'syz.4.3198': attribute type 10 has an invalid length.
[  479.822094][T18639] team0: Port device netdevsim0 removed
[  479.830823][T18639] bond0: (slave netdevsim0): Enslaving as an active interface with a down link
[  480.126052][ T1331] tipc: Node number set to 2886997162
[  480.129928][T18653] usb usb8: usbfs: process 18653 (syz.7.3204) did not claim interface 0 before use
[  480.840206][T18671] FAULT_INJECTION: forcing a failure.
[  480.840206][T18671] name failslab, interval 1, probability 0, space 0, times 0
[  480.843763][T18671] CPU: 2 UID: 0 PID: 18671 Comm: syz.6.3210 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  480.843779][T18671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  480.843785][T18671] Call Trace:
[  480.843789][T18671]  <TASK>
[  480.843793][T18671]  dump_stack_lvl+0x16c/0x1f0
[  480.843810][T18671]  should_fail_ex+0x512/0x640
[  480.843821][T18671]  ? __kmalloc_noprof+0xbf/0x510
[  480.843837][T18671]  ? ima_write_template_field_data+0x5d/0x1f0
[  480.843850][T18671]  should_failslab+0xc2/0x120
[  480.843866][T18671]  __kmalloc_noprof+0xd2/0x510
[  480.843882][T18671]  ima_write_template_field_data+0x5d/0x1f0
[  480.843897][T18671]  ima_eventdigest_init_common+0x154/0x430
[  480.843911][T18671]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  480.843931][T18671]  ? rcu_is_watching+0x12/0xc0
[  480.843941][T18671]  ? trace_kmalloc+0x2b/0xd0
[  480.843950][T18671]  ? __kmalloc_noprof+0x242/0x510
[  480.843966][T18671]  ima_alloc_init_template+0x39d/0x720
[  480.843978][T18671]  ? rcu_is_watching+0x12/0xc0
[  480.843994][T18671]  ima_store_measurement+0x1eb/0x5c0
[  480.844006][T18671]  ? __pfx_ima_store_measurement+0x10/0x10
[  480.844017][T18671]  ? vfs_getxattr_alloc+0xec/0x340
[  480.844034][T18671]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  480.844051][T18671]  process_measurement+0x1bc6/0x2360
[  480.844065][T18671]  ? __pfx_process_measurement+0x10/0x10
[  480.844073][T18671]  ? __lock_acquire+0x5ca/0x1ba0
[  480.844097][T18671]  ? get_pid_task+0x106/0x250
[  480.844112][T18671]  ? proc_fail_nth_write+0x9f/0x250
[  480.844126][T18671]  ? find_held_lock+0x2b/0x80
[  480.844138][T18671]  ima_file_mmap+0x1b1/0x1d0
[  480.844146][T18671]  ? __pfx_ima_file_mmap+0x10/0x10
[  480.844158][T18671]  security_mmap_file+0x88c/0x990
[  480.844189][T18671]  vm_mmap_pgoff+0xec/0x450
[  480.844203][T18671]  ? find_held_lock+0x2b/0x80
[  480.844213][T18671]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  480.844227][T18671]  ? __fget_files+0x20e/0x3c0
[  480.844243][T18671]  ksys_mmap_pgoff+0x32c/0x5c0
[  480.844255][T18671]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  480.844267][T18671]  __do_fast_syscall_32+0x73/0x120
[  480.844282][T18671]  do_fast_syscall_32+0x32/0x80
[  480.844295][T18671]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  480.844308][T18671] RIP: 0023:0xf7fe6579
[  480.844315][T18671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  480.844325][T18671] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  480.844335][T18671] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000b36000
[  480.844342][T18671] RDX: 0000000002000006 RSI: 0000000000000012 RDI: 0000000000000004
[  480.844348][T18671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  480.844353][T18671] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  480.844359][T18671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  480.844370][T18671]  </TASK>
[  480.844469][   T40] audit: type=1804 audit(2000000347.509:10931): pid=18671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.6.3210" name="/newroot/371/blkio.bfq.io_merged_recursive" dev="tmpfs" ino=2008 res=0 errno=0
[  481.043701][T18686] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3215'.
[  481.054555][T18686] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  481.058159][T18686] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.120993][T18686] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  481.123733][T18686] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.218331][T18686] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  481.221079][T18686] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.349542][T18686] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  481.352157][T18686] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.447656][T18697] netlink: 'syz.7.3217': attribute type 10 has an invalid length.
[  481.450632][T18686] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  481.452936][T18686] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  481.465525][T18697] team0: Port device netdevsim0 added
[  481.471606][T18686] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  481.473881][T18686] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  481.476550][T18697] netlink: 'syz.7.3217': attribute type 10 has an invalid length.
[  481.478464][T18686] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  481.481044][T18686] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  481.492670][T18697] team0: Port device netdevsim0 removed
[  481.500407][T18697] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  481.505603][T18686] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  481.507896][T18686] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  481.727649][T18708] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3223'.
[  481.730580][T18708] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3223'.
[  481.733615][T18708] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3223'.
[  482.150868][T18732] netlink: 'syz.8.3230': attribute type 4 has an invalid length.
[  482.271726][T18737] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3235'.
[  483.130468][T18768] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3244'.
[  483.618747][T18777] FAULT_INJECTION: forcing a failure.
[  483.618747][T18777] name failslab, interval 1, probability 0, space 0, times 0
[  483.623211][T18777] CPU: 2 UID: 0 PID: 18777 Comm: syz.4.3247 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  483.623233][T18777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.623243][T18777] Call Trace:
[  483.623249][T18777]  <TASK>
[  483.623255][T18777]  dump_stack_lvl+0x16c/0x1f0
[  483.623279][T18777]  should_fail_ex+0x512/0x640
[  483.623294][T18777]  ? fs_reclaim_acquire+0xae/0x150
[  483.623312][T18777]  ? tomoyo_encode2+0x100/0x3e0
[  483.623333][T18777]  should_failslab+0xc2/0x120
[  483.623357][T18777]  __kmalloc_noprof+0xd2/0x510
[  483.623377][T18777]  ? d_absolute_path+0x136/0x1a0
[  483.623395][T18777]  tomoyo_encode2+0x100/0x3e0
[  483.623415][T18777]  tomoyo_encode+0x29/0x50
[  483.623435][T18777]  tomoyo_realpath_from_path+0x18f/0x6e0
[  483.623462][T18777]  tomoyo_mount_acl+0x664/0x850
[  483.623481][T18777]  ? kernel_text_address+0x8d/0x100
[  483.623497][T18777]  ? __kernel_text_address+0xd/0x40
[  483.623510][T18777]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  483.623547][T18777]  ? tomoyo_domain+0xbb/0x150
[  483.623563][T18777]  ? tomoyo_profile+0x47/0x60
[  483.623579][T18777]  tomoyo_mount_permission+0x16d/0x420
[  483.623600][T18777]  ? tomoyo_mount_permission+0x14f/0x420
[  483.623617][T18777]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  483.623644][T18777]  ? get_current_fs_domain+0x184/0x1f0
[  483.623666][T18777]  security_sb_mount+0x9b/0x260
[  483.623686][T18777]  path_mount+0x128/0x1f30
[  483.623701][T18777]  ? kmem_cache_free+0x2d4/0x4d0
[  483.623719][T18777]  ? __pfx_path_mount+0x10/0x10
[  483.623730][T18777]  ? putname+0x154/0x1a0
[  483.623747][T18777]  __ia32_sys_mount+0x28b/0x310
[  483.623761][T18777]  ? __pfx___ia32_sys_mount+0x10/0x10
[  483.623777][T18777]  ? rcu_is_watching+0x12/0xc0
[  483.623795][T18777]  __do_fast_syscall_32+0x73/0x120
[  483.623817][T18777]  do_fast_syscall_32+0x32/0x80
[  483.623833][T18777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  483.623850][T18777] RIP: 0023:0xf7f15579
[  483.623863][T18777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  483.623877][T18777] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  483.623892][T18777] RAX: ffffffffffffffda RBX: 0000000080000880 RCX: 00000000800008c0
[  483.623901][T18777] RDX: 0000000080000900 RSI: 0000000000000010 RDI: 0000000000000000
[  483.623911][T18777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  483.623920][T18777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  483.623928][T18777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  483.623941][T18777]  </TASK>
[  483.623954][T18777] ERROR: Out of memory at tomoyo_realpath_from_path.
[  483.908102][T18786] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3250'.
[  483.984714][T18789] 9pnet_fd: Insufficient options for proto=fd
[  484.117499][T18802] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  484.123453][ T7169] Bluetooth: hci2: Frame reassembly failed (-84)
[  484.125859][ T7169] Bluetooth: hci2: Frame reassembly failed (-84)
[  486.176227][T14651] Bluetooth: hci2: command 0x1003 tx timeout
[  486.178618][ T5954] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  486.691021][   T24] hid (null): invalid report_count 51224
[  486.693014][   T24] hid (null): invalid report_size 29578
[  486.694582][   T24] hid (null): report_id 36468 is invalid
[  486.698239][   T24] hid-generic 0002:7623:0009.000B: collection stack underflow
[  486.700657][   T24] hid-generic 0002:7623:0009.000B: item 0 0 0 12 parsing failed
[  486.703104][   T24] hid-generic 0002:7623:0009.000B: probe with driver hid-generic failed with error -22
[  486.770134][T17498] bond0: (slave syz_tun): Releasing backup interface
[  486.882249][ T7188] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.945597][ T7188] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.025511][ T7188] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.035151][T14651] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  487.039414][T14651] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  487.044049][T14651] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  487.047142][T14651] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  487.049633][T14651] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  487.051891][T14651] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  487.128494][T18875] chnl_net:caif_netlink_parms(): no params data found
[  487.177442][ T7188] bond0: (slave netdevsim0): Releasing backup interface
[  487.181267][ T7188] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.315098][T18875] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.326616][T18875] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.329398][T18875] bridge_slave_0: entered allmulticast mode
[  487.332444][T18875] bridge_slave_0: entered promiscuous mode
[  487.342069][T18875] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.344892][T18875] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.347818][T18875] bridge_slave_1: entered allmulticast mode
[  487.349864][T18875] bridge_slave_1: entered promiscuous mode
[  487.388595][T18875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  487.393692][T18875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  487.449664][T18875] team0: Port device team_slave_0 added
[  487.452662][T18875] team0: Port device team_slave_1 added
[  487.498655][ T7188] bridge_slave_1: left allmulticast mode
[  487.500815][ T7188] bridge_slave_1: left promiscuous mode
[  487.502950][ T7188] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.507555][ T7188] bridge_slave_0: left allmulticast mode
[  487.509725][ T7188] bridge_slave_0: left promiscuous mode
[  487.513780][ T7188] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.725959][T18908] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3281'.
[  487.728847][T18908] openvswitch: netlink: Flow actions attr not present in new flow.
[  487.866398][ T7188] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.870957][ T7188] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  487.875557][ T7188] bond0 (unregistering): Released all slaves
[  487.886475][T18875] batman_adv: batadv0: Adding interface: batadv_slave_0
[  487.889030][T18875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.896978][T18875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  487.901573][T18875] batman_adv: batadv0: Adding interface: batadv_slave_1
[  487.903875][T18875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.913165][T18875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  487.926548][T18914] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  487.931330][T18914] batman_adv: batadv0: Adding interface: gretap1
[  487.933289][T18914] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.940297][T18914] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  488.054513][T18875] hsr_slave_0: entered promiscuous mode
[  488.057886][T18875] hsr_slave_1: entered promiscuous mode
[  488.059653][T18875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  488.061655][T18875] Cannot create hsr debugfs directory
[  488.194374][T18875] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  488.198393][T18875] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  488.201597][T18875] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  488.204700][T18875] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  488.260505][T18875] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.291639][T18875] 8021q: adding VLAN 0 to HW filter on device team0
[  488.320622][ T7225] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.322616][ T7225] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.332887][ T7188] hsr_slave_0: left promiscuous mode
[  488.343368][ T7188] hsr_slave_1: left promiscuous mode
[  488.345933][ T7188] batman_adv: batadv0: Interface deactivated: dummy0
[  488.354494][ T7188] batman_adv: batadv0: Removing interface: dummy0
[  488.362730][ T7188] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  488.365892][ T7188] batman_adv: batadv0: Removing interface: batadv_slave_0
[  488.369469][ T7188] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  488.371548][ T7188] batman_adv: batadv0: Removing interface: batadv_slave_1
[  488.383406][T18933] netlink: 'syz.6.3291': attribute type 2 has an invalid length.
[  488.386499][T18933] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3291'.
[  488.401756][ T7188] veth1_macvtap: left promiscuous mode
[  488.403832][ T7188] veth0_macvtap: left promiscuous mode
[  488.406209][ T7188] veth1_vlan: left promiscuous mode
[  488.407835][ T7188] veth0_vlan: left promiscuous mode
[  488.683885][   T40] audit: type=1326 audit(2000000355.349:10932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.3293" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe6579 code=0x0
[  489.138102][ T5954] Bluetooth: hci2: command tx timeout
[  489.219838][ T7188] team0 (unregistering): Port device team_slave_1 removed
[  489.310165][ T7188] team0 (unregistering): Port device team_slave_0 removed
[  489.881016][ T7225] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.883463][ T7225] bridge0: port 2(bridge_slave_1) entered forwarding state
[  489.895502][T18949] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  489.983568][T18875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  490.090276][T18973] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  490.134906][T18875] veth0_vlan: entered promiscuous mode
[  490.140612][T18875] veth1_vlan: entered promiscuous mode
[  490.201054][T18875] veth0_macvtap: entered promiscuous mode
[  490.205675][T18875] veth1_macvtap: entered promiscuous mode
[  490.214510][T18875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.220315][T18875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.225516][T18875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  490.228912][T18875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.232047][T18875] batman_adv: batadv0: Interface activated: batadv_slave_0
[  490.239128][T18875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.242040][T18875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.244808][T18875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.247883][T18875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.251213][T18875] batman_adv: batadv0: Interface activated: batadv_slave_1
[  490.254884][T18875] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.259349][T18875] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.261927][T18875] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.272229][T18875] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  490.359961][ T7188] IPVS: stop unused estimator thread 0...
[  490.381632][ T7169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.383853][ T7169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  490.408878][ T7220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.412149][ T7220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.226187][ T5954] Bluetooth: hci2: command tx timeout
[  491.707018][T19064] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3310'.
[  492.019176][T19079] mac80211_hwsim hwsim166 wlan1: entered allmulticast mode
[  492.037106][T19079] netlink: 'syz.7.3315': attribute type 10 has an invalid length.
[  492.040743][T19079] mac80211_hwsim hwsim166 wlan1: left allmulticast mode
[  492.479523][T19103] syz.7.3319 (19103): drop_caches: 2
[  492.481435][T19103] syz.7.3319 (19103): drop_caches: 2
[  492.612305][T19103] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3319'.
[  492.876467][T19117] team0: No ports can be present during mode change
[  492.900874][T19119] FAULT_INJECTION: forcing a failure.
[  492.900874][T19119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.905764][T19119] CPU: 2 UID: 0 PID: 19119 Comm: syz.9.3325 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  492.905786][T19119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  492.905797][T19119] Call Trace:
[  492.905802][T19119]  <TASK>
[  492.905808][T19119]  dump_stack_lvl+0x16c/0x1f0
[  492.905832][T19119]  should_fail_ex+0x512/0x640
[  492.905851][T19119]  _copy_from_user+0x2e/0xd0
[  492.905869][T19119]  input_event_from_user+0x22b/0x3b0
[  492.905889][T19119]  ? __pfx_input_event_from_user+0x10/0x10
[  492.905908][T19119]  ? input_inject_event+0x1a5/0x390
[  492.905928][T19119]  evdev_write+0x37b/0x750
[  492.905947][T19119]  ? __pfx_evdev_write+0x10/0x10
[  492.905965][T19119]  ? bpf_lsm_file_permission+0x9/0x10
[  492.906002][T19119]  ? security_file_permission+0x71/0x210
[  492.906024][T19119]  ? rw_verify_area+0xcf/0x680
[  492.906043][T19119]  vfs_write+0x25c/0x1180
[  492.906061][T19119]  ? __pfx_evdev_write+0x10/0x10
[  492.906081][T19119]  ? __pfx_vfs_write+0x10/0x10
[  492.906098][T19119]  ? find_held_lock+0x2b/0x80
[  492.906114][T19119]  ? __fget_files+0x204/0x3c0
[  492.906137][T19119]  ? __fget_files+0x20e/0x3c0
[  492.906161][T19119]  ksys_write+0x205/0x240
[  492.906184][T19119]  ? __pfx_ksys_write+0x10/0x10
[  492.906204][T19119]  ? rcu_is_watching+0x12/0xc0
[  492.906221][T19119]  __do_fast_syscall_32+0x73/0x120
[  492.906242][T19119]  do_fast_syscall_32+0x32/0x80
[  492.906261][T19119]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  492.906279][T19119] RIP: 0023:0xf749e579
[  492.906291][T19119] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  492.906305][T19119] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  492.906320][T19119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  492.906329][T19119] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  492.906338][T19119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  492.906347][T19119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  492.906356][T19119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  492.906385][T19119]  </TASK>
[  493.296132][ T5954] Bluetooth: hci2: command tx timeout
[  493.561397][   T40] audit: type=1800 audit(2000000360.229:10933): pid=19163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.3326" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  494.422767][T19187] batman_adv: batadv0: Adding interface: gretap1
[  494.425495][T19187] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  494.468115][T19189] sp0: Synchronizing with TNC
[  494.626298][T19197] vivid-003: disconnect
[  494.629271][T19196] vivid-003: reconnect
[  494.948443][T19209] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3353'.
[  495.020228][T19214] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3355'.
[  495.122808][T19230] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3361'.
[  495.142437][T19230] netlink: 76 bytes leftover after parsing attributes in process `syz.7.3361'.
[  495.376631][ T5954] Bluetooth: hci2: command tx timeout
[  495.696971][T19245] batman_adv: batadv0: Interface deactivated: dummy0
[  495.699022][T19245] batman_adv: batadv0: Removing interface: dummy0
[  495.745929][T19245] bond0: (slave batadv0): Releasing backup interface
[  495.760991][T19245] bridge_slave_0: left allmulticast mode
[  495.762763][T19245] bridge_slave_0: left promiscuous mode
[  495.764671][T19245] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.771309][T19245] bridge_slave_1: left allmulticast mode
[  495.773116][T19245] bridge_slave_1: left promiscuous mode
[  495.774854][T19245] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.782854][T19245] bond0: (slave bond_slave_0): Releasing backup interface
[  495.802251][T19245] bond0: (slave bond_slave_1): Releasing backup interface
[  495.823873][T19245] team0: Port device team_slave_0 removed
[  495.908019][T19245] team0: Port device team_slave_1 removed
[  495.911361][T19245] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  495.914062][T19245] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.919069][T19245] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  495.921302][T19245] batman_adv: batadv0: Removing interface: batadv_slave_1
[  495.945517][T19245] bond0: (slave netdevsim0): Releasing backup interface
[  495.964070][T19245] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  495.969791][T19245] batman_adv: batadv0: Removing interface: ip6gretap1
[  496.001495][T19245] batman_adv: batadv0: Removing interface: gretap1
[  496.049425][   T40] audit: type=1804 audit(2000000362.719:10934): pid=19250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.3366" name="/newroot/14/file0" dev="tmpfs" ino=89 res=1 errno=0
[  496.064809][   T40] audit: type=1804 audit(2000000362.729:10935): pid=19250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.3366" name="/newroot/14/file0" dev="tmpfs" ino=89 res=1 errno=0
[  496.065044][T19250] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -11226, delta: 1
[  496.073471][T19250] ref_ctr increment failed for inode: 0x59 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888012e26e00
[  496.312770][   T40] audit: type=1804 audit(2000000362.979:10936): pid=19262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.3371" name="/newroot/202/file0" dev="tmpfs" ino=1091 res=1 errno=0
[  496.325501][   T40] audit: type=1804 audit(2000000362.989:10937): pid=19262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3371" name="/newroot/202/file0" dev="tmpfs" ino=1091 res=1 errno=0
[  497.498840][T19296] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3379'.
[  497.568292][T19296] 8021q: adding VLAN 0 to HW filter on device bond1
[  497.588063][T19299] team_slave_0: entered promiscuous mode
[  497.589808][T19299] team_slave_0: entered allmulticast mode
[  497.598633][T19299] syz.9.3380: vmalloc error: size 2147483264, exceeds total pages, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  497.615218][T19299] CPU: 3 UID: 0 PID: 19299 Comm: syz.9.3380 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  497.615238][T19299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  497.615244][T19299] Call Trace:
[  497.615248][T19299]  <TASK>
[  497.615253][T19299]  dump_stack_lvl+0x16c/0x1f0
[  497.615270][T19299]  warn_alloc+0x248/0x3a0
[  497.615287][T19299]  ? __pfx_warn_alloc+0x10/0x10
[  497.615301][T19299]  ? __lock_acquire+0xaa4/0x1ba0
[  497.615316][T19299]  ? find_held_lock+0x2b/0x80
[  497.615329][T19299]  ? __lock_acquire+0xaa4/0x1ba0
[  497.615344][T19299]  ? do_replace+0x1c3/0x470
[  497.615357][T19299]  __vmalloc_node_range_noprof+0x10ea/0x1540
[  497.615374][T19299]  ? find_held_lock+0x2b/0x80
[  497.615384][T19299]  ? do_replace+0x1c3/0x470
[  497.615395][T19299]  ? __might_fault+0x13b/0x190
[  497.615405][T19299]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  497.615418][T19299]  ? _copy_from_user+0x59/0xd0
[  497.615430][T19299]  ? copy_from_sockptr_offset.constprop.0+0xe5/0x170
[  497.615443][T19299]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  497.615456][T19299]  ? copy_from_sockptr_offset.constprop.0+0xe5/0x170
[  497.615469][T19299]  ? do_replace+0x1c3/0x470
[  497.615481][T19299]  __vmalloc_noprof+0x6d/0x90
[  497.615494][T19299]  ? do_replace+0x1c3/0x470
[  497.615506][T19299]  do_replace+0x1c3/0x470
[  497.615518][T19299]  ? __pfx_do_replace+0x10/0x10
[  497.615535][T19299]  ? __lock_acquire+0xaa4/0x1ba0
[  497.615549][T19299]  compat_do_replace+0x57d/0x7c0
[  497.615562][T19299]  ? __pfx_compat_do_replace+0x10/0x10
[  497.615574][T19299]  ? aa_get_newest_label+0x375/0x680
[  497.615587][T19299]  ? __pfx_aa_get_newest_label+0x10/0x10
[  497.615602][T19299]  ? bpf_lsm_capable+0x9/0x10
[  497.615612][T19299]  ? security_capable+0x7e/0x260
[  497.615624][T19299]  do_ebt_set_ctl+0x429/0x4d0
[  497.615637][T19299]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  497.615651][T19299]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  497.615667][T19299]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  497.615682][T19299]  nf_setsockopt+0x8a/0xf0
[  497.615694][T19299]  ip_setsockopt+0xcb/0xf0
[  497.615709][T19299]  tcp_setsockopt+0xa4/0x100
[  497.615719][T19299]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  497.615736][T19299]  do_sock_setsockopt+0x221/0x470
[  497.615751][T19299]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  497.615771][T19299]  __sys_setsockopt+0x1a0/0x230
[  497.615786][T19299]  __ia32_sys_setsockopt+0xbc/0x160
[  497.615798][T19299]  ? lockdep_hardirqs_on+0x7c/0x110
[  497.615810][T19299]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  497.615823][T19299]  __do_fast_syscall_32+0x73/0x120
[  497.615837][T19299]  do_fast_syscall_32+0x32/0x80
[  497.615850][T19299]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  497.615862][T19299] RIP: 0023:0xf749e579
[  497.615871][T19299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  497.615880][T19299] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  497.615890][T19299] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  497.615896][T19299] RDX: 0000000000000080 RSI: 0000000080000640 RDI: 00000000000001e8
[  497.615902][T19299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  497.615907][T19299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.615913][T19299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  497.615923][T19299]  </TASK>
[  497.615927][T19299] Mem-Info:
[  497.709744][T19303] vivid-007: disconnect
[  497.710631][T19299] active_anon:1467 inactive_anon:2538 isolated_anon:0
[  497.710631][T19299]  active_file:3525 inactive_file:15617 isolated_file:0
[  497.710631][T19299]  unevictable:1770 dirty:268 writeback:11
[  497.710631][T19299]  slab_reclaimable:6289 slab_unreclaimable:64769
[  497.710631][T19299]  mapped:24880 shmem:1866 pagetables:1413
[  497.710631][T19299]  sec_pagetables:322 bounce:0
[  497.710631][T19299]  kernel_misc_reclaimable:0
[  497.710631][T19299]  free:60998 free_pcp:3304 free_cma:0
[  497.723240][T19302] vivid-007: reconnect
[  497.739484][T19299] Node 0 active_anon:448kB inactive_anon:4kB active_file:48kB inactive_file:4kB unevictable:3532kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:0kB writeback:0kB shmem:3748kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10376kB pagetables:1020kB sec_pagetables:1132kB all_unreclaimable? yes
[  497.768546][T19299] Node 1 active_anon:5220kB inactive_anon:10148kB active_file:14052kB inactive_file:62464kB unevictable:3548kB isolated(anon):0kB isolated(file):0kB mapped:95368kB dirty:1072kB writeback:44kB shmem:3716kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5100kB pagetables:4732kB sec_pagetables:156kB all_unreclaimable? no
[  497.780400][T19299] Node 0 DMA free:2092kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:344kB local_pcp:80kB free_cma:0kB
[  497.796957][T19299] lowmem_reserve[]: 0 294 294 294 294
[  497.798754][T19299] Node 0 DMA32 free:15396kB boost:10240kB min:23804kB low:27192kB high:30580kB reserved_highatomic:4096KB active_anon:420kB inactive_anon:4kB active_file:48kB inactive_file:4kB unevictable:3532kB writepending:0kB present:1032196kB managed:301448kB mlocked:0kB bounce:0kB free_pcp:4088kB local_pcp:136kB free_cma:0kB
[  497.810067][T19299] lowmem_reserve[]: 0 0 0 0 0
[  497.811422][T19299] Node 1 DMA32 free:267200kB boost:6144kB min:53292kB low:65076kB high:76860kB reserved_highatomic:2048KB active_anon:6420kB inactive_anon:10148kB active_file:14052kB inactive_file:62464kB unevictable:3548kB writepending:1116kB present:1048432kB managed:948292kB mlocked:0kB bounce:0kB free_pcp:4072kB local_pcp:1128kB free_cma:0kB
[  497.821136][T19299] lowmem_reserve[]: 0 0 0 0 0
[  497.826034][T19299] Node 0 DMA: 17*4kB (UM) 25*8kB (UM) 31*16kB (UM) 8*32kB (UM) 1*64kB (M) 2*128kB (UM) 3*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2108kB
[  497.830161][T19299] Node 0 DMA32: 209*4kB (UME) 157*8kB (UM) 137*16kB (UMEH) 90*32kB (UMEH) 40*64kB (UMEH) 28*128kB (UMEH) 8*256kB (UMH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 15356kB
[  497.834789][T19299] Node 1 DMA32: 233*4kB (UMEH) 1470*8kB (UMEH) 622*16kB (UMEH) 518*32kB (UMEH) 267*64kB (UMEH) 174*128kB (UMEH) 255*256kB (UMEH) 123*512kB (UMH) 48*1024kB (UM) 4*2048kB (U) 0*4096kB = 264180kB
[  497.840563][T19299] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  497.843160][T19299] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  497.845764][T19299] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  497.848502][T19299] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  497.851023][T19299] 23413 total pagecache pages
[  497.852364][T19299] 326 pages in swap cache
[  497.870119][T19299] Free swap  = 98404kB
[  497.871310][T19299] Total swap = 124996kB
[  497.872484][T19299] 524155 pages RAM
[  497.873542][T19299] 0 pages HighMem/MovableOnly
[  497.874867][T19299] 207880 pages reserved
[  497.876225][T19299] 0 pages cma reserved
[  497.951856][T19326] i2c i2c-1: Invalid block write size 34
[  497.998293][ T5954] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  498.089865][T19342] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3387'.
[  498.852666][T19360] input: syz1 as /devices/virtual/input/input109
[  498.890515][T19368] netlink: 15512 bytes leftover after parsing attributes in process `syz.8.3401'.
[  498.929527][T19371] netlink: 84 bytes leftover after parsing attributes in process `syz.9.3407'.
[  498.932971][T19371] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3407'.
[  498.938296][T19371] mac80211_hwsim hwsim172 wlan0: entered promiscuous mode
[  498.942258][T19371] macsec1: entered allmulticast mode
[  498.943793][T19371] mac80211_hwsim hwsim172 wlan0: entered allmulticast mode
[  498.948464][T19371] mac80211_hwsim hwsim172 wlan0: left allmulticast mode
[  498.950950][T19371] mac80211_hwsim hwsim172 wlan0: left promiscuous mode
[  499.069295][T19378] netlink: 188 bytes leftover after parsing attributes in process `syz.6.3410'.
[  499.617325][T19402] FAULT_INJECTION: forcing a failure.
[  499.617325][T19402] name failslab, interval 1, probability 0, space 0, times 0
[  499.621389][T19402] CPU: 2 UID: 0 PID: 19402 Comm: syz.9.3417 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  499.621409][T19402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.621419][T19402] Call Trace:
[  499.621425][T19402]  <TASK>
[  499.621431][T19402]  dump_stack_lvl+0x16c/0x1f0
[  499.621455][T19402]  should_fail_ex+0x512/0x640
[  499.621472][T19402]  ? __kmalloc_noprof+0xbf/0x510
[  499.621494][T19402]  ? lsm_blob_alloc+0x68/0x90
[  499.621509][T19402]  should_failslab+0xc2/0x120
[  499.621533][T19402]  __kmalloc_noprof+0xd2/0x510
[  499.621552][T19402]  ? __pfx_perf_event_init_task+0x10/0x10
[  499.621575][T19402]  ? audit_alloc+0xa2/0x7b0
[  499.621589][T19402]  ? __pfx_audit_alloc+0x10/0x10
[  499.621604][T19402]  lsm_blob_alloc+0x68/0x90
[  499.621619][T19402]  security_task_alloc+0x2d/0x260
[  499.621641][T19402]  copy_process+0x24c2/0x9130
[  499.621661][T19402]  ? _kstrtoull+0x145/0x200
[  499.621682][T19402]  ? __pfx__kstrtoull+0x10/0x10
[  499.621706][T19402]  ? find_held_lock+0x2b/0x80
[  499.621725][T19402]  ? __pfx_copy_process+0x10/0x10
[  499.621749][T19402]  ? find_held_lock+0x2b/0x80
[  499.621771][T19402]  kernel_clone+0xfc/0x960
[  499.621790][T19402]  ? __pfx_kernel_clone+0x10/0x10
[  499.621815][T19402]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  499.621837][T19402]  __do_compat_sys_ia32_clone+0xcb/0x110
[  499.621860][T19402]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  499.621889][T19402]  ? ksys_write+0x1b9/0x240
[  499.621908][T19402]  ? __pfx_ksys_write+0x10/0x10
[  499.621928][T19402]  ? rcu_is_watching+0x12/0xc0
[  499.621946][T19402]  __do_fast_syscall_32+0x73/0x120
[  499.621968][T19402]  do_fast_syscall_32+0x32/0x80
[  499.621987][T19402]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  499.622005][T19402] RIP: 0023:0xf749e579
[  499.622017][T19402] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  499.622031][T19402] RSP: 002b:00000000f510550c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  499.622046][T19402] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  499.622055][T19402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  499.622069][T19402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  499.622078][T19402] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  499.622087][T19402] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  499.622103][T19402]  </TASK>
[  500.115729][T19418] IPv6: addrconf: prefix option has invalid lifetime
[  500.119966][T19419] IPv6: addrconf: prefix option has invalid lifetime
[  500.554866][T19438] Cannot find add_set index 3 as target
[  500.981392][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  501.503394][T19464] lo speed is unknown, defaulting to 1000
[  501.505056][T19464] lo speed is unknown, defaulting to 1000
[  501.507277][T19464] lo speed is unknown, defaulting to 1000
[  501.511077][T19464] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  501.519799][T19464] lo speed is unknown, defaulting to 1000
[  501.521748][T19464] lo speed is unknown, defaulting to 1000
[  501.523691][T19464] lo speed is unknown, defaulting to 1000
[  501.525648][T19464] lo speed is unknown, defaulting to 1000
[  501.609272][T19471] __nla_validate_parse: 1 callbacks suppressed
[  501.609283][T19471] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3440'.
[  501.706832][T19475] set match dimension is over the limit!
[  501.728477][T19481] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3443'.
[  502.067965][T19500] Cannot find set identified by id 0 to match
[  504.544832][T19535] netlink: 148 bytes leftover after parsing attributes in process `syz.9.3447'.
[  504.549064][T19535] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  504.553294][T19537] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3448'.
[  504.909959][T19551] random: crng reseeded on system resumption
[  505.806063][T19559] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  505.956348][T19561] lo speed is unknown, defaulting to 1000
[  505.961821][T19561] lo speed is unknown, defaulting to 1000
[  505.964369][T19561] lo speed is unknown, defaulting to 1000
[  506.003035][T19561] infiniband s
z1: set active
[  506.004442][T19561] infiniband s
z1: added lo
[  506.034575][ T6007] lo speed is unknown, defaulting to 1000
[  506.040556][T19561] RDS/IB: s
z1: added
[  506.041826][T19561] smc: adding ib device s
z1 with port count 1
[  506.043543][T19561] smc:    ib device s
z1 port 1 has pnetid 
[  506.046439][T19561] lo speed is unknown, defaulting to 1000
[  506.078343][T19561] lo speed is unknown, defaulting to 1000
[  506.109051][T19561] lo speed is unknown, defaulting to 1000
[  506.140407][T19561] lo speed is unknown, defaulting to 1000
[  506.197430][ T6007] lo speed is unknown, defaulting to 1000
[  506.503715][T19573] /dev/nullb0: Can't lookup blockdev
[  506.625577][ T5954] Bluetooth: hci2: SCO packet for unknown connection handle 172
[  506.649448][T19578] FAULT_INJECTION: forcing a failure.
[  506.649448][T19578] name failslab, interval 1, probability 0, space 0, times 0
[  506.655157][T19578] CPU: 0 UID: 0 PID: 19578 Comm: syz.7.3460 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  506.655173][T19578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  506.655179][T19578] Call Trace:
[  506.655184][T19578]  <TASK>
[  506.655188][T19578]  dump_stack_lvl+0x16c/0x1f0
[  506.655207][T19578]  should_fail_ex+0x512/0x640
[  506.655218][T19578]  ? __kmalloc_noprof+0xbf/0x510
[  506.655233][T19578]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  506.655250][T19578]  should_failslab+0xc2/0x120
[  506.655266][T19578]  __kmalloc_noprof+0xd2/0x510
[  506.655280][T19578]  ? __pfx___mutex_lock+0x10/0x10
[  506.655295][T19578]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  506.655324][T19578]  genl_start+0x18f/0x980
[  506.655339][T19578]  __netlink_dump_start+0x60b/0x990
[  506.655354][T19578]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  506.655370][T19578]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  506.655387][T19578]  ? __pfx_genl_get_cmd+0x10/0x10
[  506.655400][T19578]  ? __pfx_genl_start+0x10/0x10
[  506.655413][T19578]  ? __pfx_genl_dumpit+0x10/0x10
[  506.655426][T19578]  ? __pfx_genl_done+0x10/0x10
[  506.655442][T19578]  ? __local_bh_enable_ip+0xa4/0x120
[  506.655454][T19578]  ? __dev_queue_xmit+0x896/0x43e0
[  506.655465][T19578]  ? __radix_tree_lookup+0x21f/0x2c0
[  506.655478][T19578]  genl_rcv_msg+0x46e/0x800
[  506.655494][T19578]  ? __pfx_genl_rcv_msg+0x10/0x10
[  506.655508][T19578]  ? __pfx___dev_queue_xmit+0x10/0x10
[  506.655519][T19578]  ? __pfx_tipc_nl_publ_dump+0x10/0x10
[  506.655534][T19578]  ? __lock_acquire+0xaa4/0x1ba0
[  506.655550][T19578]  netlink_rcv_skb+0x16a/0x440
[  506.655562][T19578]  ? __pfx_genl_rcv_msg+0x10/0x10
[  506.655577][T19578]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  506.655595][T19578]  ? __pfx_down_read+0x10/0x10
[  506.655609][T19578]  ? netlink_deliver_tap+0x1ae/0xd30
[  506.655622][T19578]  genl_rcv+0x28/0x40
[  506.655635][T19578]  netlink_unicast+0x53a/0x7f0
[  506.655649][T19578]  ? __pfx_netlink_unicast+0x10/0x10
[  506.655662][T19578]  ? __phys_addr_symbol+0x30/0x80
[  506.655676][T19578]  ? __check_object_size+0x4c7/0x710
[  506.655692][T19578]  netlink_sendmsg+0x8da/0xd70
[  506.655707][T19578]  ? __pfx_netlink_sendmsg+0x10/0x10
[  506.655720][T19578]  ? __import_iovec+0x1c8/0x660
[  506.655736][T19578]  ____sys_sendmsg+0xa8d/0xc60
[  506.655747][T19578]  ? __pfx_____sys_sendmsg+0x10/0x10
[  506.655757][T19578]  ? get_compat_msghdr+0x11a/0x170
[  506.655772][T19578]  ___sys_sendmsg+0x134/0x1d0
[  506.655786][T19578]  ? __pfx____sys_sendmsg+0x10/0x10
[  506.655811][T19578]  __sys_sendmsg+0x16d/0x220
[  506.655825][T19578]  ? __pfx___sys_sendmsg+0x10/0x10
[  506.655841][T19578]  ? rcu_is_watching+0x12/0xc0
[  506.655852][T19578]  ? rcu_is_watching+0x12/0xc0
[  506.655863][T19578]  __do_fast_syscall_32+0x73/0x120
[  506.655877][T19578]  do_fast_syscall_32+0x32/0x80
[  506.655890][T19578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  506.655903][T19578] RIP: 0023:0xf73ee579
[  506.655911][T19578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  506.655921][T19578] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  506.655947][T19578] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800014c0
[  506.655958][T19578] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[  506.655969][T19578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  506.655974][T19578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  506.655980][T19578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  506.655991][T19578]  </TASK>
[  507.651545][T19610] sp0: Synchronizing with TNC
[  507.751433][T19614] rdma_rxe: rxe_newlink: failed to add lo
[  507.892375][T19609] [U] �
[  508.546511][T19628] 9pnet_virtio: no channels available for device syz
[  508.705037][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0804
[  508.771338][T19638] dvmrp0: entered allmulticast mode
[  509.142320][T19651] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3482'.
[  509.508439][T19654] FAULT_INJECTION: forcing a failure.
[  509.508439][T19654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.512039][T19654] CPU: 2 UID: 0 PID: 19654 Comm: syz.9.3483 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  509.512054][T19654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  509.512061][T19654] Call Trace:
[  509.512064][T19654]  <TASK>
[  509.512068][T19654]  dump_stack_lvl+0x16c/0x1f0
[  509.512085][T19654]  should_fail_ex+0x512/0x640
[  509.512098][T19654]  _copy_to_user+0x32/0xd0
[  509.512111][T19654]  simple_read_from_buffer+0xe0/0x170
[  509.512126][T19654]  proc_fail_nth_read+0x197/0x270
[  509.512139][T19654]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  509.512152][T19654]  ? rw_verify_area+0xcf/0x680
[  509.512164][T19654]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  509.512177][T19654]  vfs_read+0x1de/0xc70
[  509.512191][T19654]  ? fdget_pos+0x2a2/0x370
[  509.512206][T19654]  ? __pfx___mutex_lock+0x10/0x10
[  509.512219][T19654]  ? __pfx_vfs_read+0x10/0x10
[  509.512235][T19654]  ? __fget_files+0x20e/0x3c0
[  509.512251][T19654]  ksys_read+0x12a/0x240
[  509.512264][T19654]  ? __pfx_ksys_read+0x10/0x10
[  509.512276][T19654]  ? rcu_is_watching+0x12/0xc0
[  509.512287][T19654]  ? rcu_is_watching+0x12/0xc0
[  509.512298][T19654]  __do_fast_syscall_32+0x73/0x120
[  509.512313][T19654]  do_fast_syscall_32+0x32/0x80
[  509.512326][T19654]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  509.512339][T19654] RIP: 0023:0xf749e579
[  509.512347][T19654] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  509.512357][T19654] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  509.512366][T19654] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[  509.512373][T19654] RDX: 000000000000000f RSI: 00000000f748cff4 RDI: 0000000000000000
[  509.512379][T19654] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  509.512384][T19654] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  509.512390][T19654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  509.512401][T19654]  </TASK>
[  509.789103][T19668] FAULT_INJECTION: forcing a failure.
[  509.789103][T19668] name failslab, interval 1, probability 0, space 0, times 0
[  509.792713][T19668] CPU: 2 UID: 0 PID: 19668 Comm: syz.8.3487 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  509.792728][T19668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  509.792735][T19668] Call Trace:
[  509.792738][T19668]  <TASK>
[  509.792742][T19668]  dump_stack_lvl+0x16c/0x1f0
[  509.792759][T19668]  should_fail_ex+0x512/0x640
[  509.792770][T19668]  ? fs_reclaim_acquire+0xae/0x150
[  509.792783][T19668]  ? tomoyo_encode2+0x100/0x3e0
[  509.792798][T19668]  should_failslab+0xc2/0x120
[  509.792814][T19668]  __kmalloc_noprof+0xd2/0x510
[  509.792828][T19668]  ? d_absolute_path+0x136/0x1a0
[  509.792840][T19668]  tomoyo_encode2+0x100/0x3e0
[  509.792856][T19668]  tomoyo_encode+0x29/0x50
[  509.792871][T19668]  tomoyo_realpath_from_path+0x18f/0x6e0
[  509.792889][T19668]  tomoyo_path_number_perm+0x245/0x580
[  509.792902][T19668]  ? tomoyo_path_number_perm+0x237/0x580
[  509.792916][T19668]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  509.792930][T19668]  ? find_held_lock+0x2b/0x80
[  509.792948][T19668]  ? find_held_lock+0x2b/0x80
[  509.792958][T19668]  ? __fget_files+0x204/0x3c0
[  509.792973][T19668]  ? __fget_files+0x20e/0x3c0
[  509.792988][T19668]  security_file_ioctl_compat+0x9b/0x240
[  509.793004][T19668]  __do_compat_sys_ioctl+0x4e/0x2c0
[  509.793016][T19668]  __do_fast_syscall_32+0x73/0x120
[  509.793031][T19668]  do_fast_syscall_32+0x32/0x80
[  509.793044][T19668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  509.793058][T19668] RIP: 0023:0xf73be579
[  509.793066][T19668] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  509.793076][T19668] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  509.793086][T19668] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000401c5820
[  509.793093][T19668] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  509.793099][T19668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  509.793104][T19668] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  509.793110][T19668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  509.793121][T19668]  </TASK>
[  509.793129][T19668] ERROR: Out of memory at tomoyo_realpath_from_path.
[  510.008268][T19674] FAULT_INJECTION: forcing a failure.
[  510.008268][T19674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  510.011992][T19674] CPU: 3 UID: 0 PID: 19674 Comm: syz.7.3489 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  510.012006][T19674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  510.012013][T19674] Call Trace:
[  510.012016][T19674]  <TASK>
[  510.012020][T19674]  dump_stack_lvl+0x16c/0x1f0
[  510.012038][T19674]  should_fail_ex+0x512/0x640
[  510.012050][T19674]  _copy_to_user+0x32/0xd0
[  510.012063][T19674]  msr_read+0x14e/0x250
[  510.012078][T19674]  ? __pfx_msr_read+0x10/0x10
[  510.012091][T19674]  ? bpf_lsm_file_permission+0x9/0x10
[  510.012106][T19674]  ? security_file_permission+0x71/0x210
[  510.012122][T19674]  ? rw_verify_area+0xcf/0x680
[  510.012133][T19674]  ? __pfx_msr_read+0x10/0x10
[  510.012147][T19674]  vfs_read+0x1de/0xc70
[  510.012162][T19674]  ? __pfx_vfs_read+0x10/0x10
[  510.012173][T19674]  ? find_held_lock+0x2b/0x80
[  510.012184][T19674]  ? __fget_files+0x204/0x3c0
[  510.012200][T19674]  ? __fget_files+0x20e/0x3c0
[  510.012216][T19674]  ksys_read+0x12a/0x240
[  510.012228][T19674]  ? __pfx_ksys_read+0x10/0x10
[  510.012242][T19674]  ? rcu_is_watching+0x12/0xc0
[  510.012254][T19674]  __do_fast_syscall_32+0x73/0x120
[  510.012269][T19674]  do_fast_syscall_32+0x32/0x80
[  510.012282][T19674]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  510.012296][T19674] RIP: 0023:0xf73ee579
[  510.012304][T19674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  510.012314][T19674] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  510.012324][T19674] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080019680
[  510.012330][T19674] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000
[  510.012336][T19674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  510.012341][T19674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  510.012347][T19674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  510.012357][T19674]  </TASK>
[  510.206238][T19120] usb 13-1: new high-speed USB device number 3 using dummy_hcd
[  510.356098][T19120] usb 13-1: Using ep0 maxpacket: 16
[  510.359235][T19120] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.362976][T19120] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.366637][T19120] usb 13-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  510.369777][T19120] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.373821][T19120] usb 13-1: config 0 descriptor??
[  510.770878][T19694] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3496'.
[  510.776748][T19694] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3496'.
[  510.787867][T19120] macally 0003:060B:0001.000C: unknown main item tag 0x0
[  510.790317][T19120] macally 0003:060B:0001.000C: unexpected long global item
[  510.792552][T19120] macally 0003:060B:0001.000C: probe with driver macally failed with error -22
[  510.981467][   T75] usb 13-1: USB disconnect, device number 3
[  511.548874][T19705] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3499'.
[  511.552333][T19705] netlink: 'syz.9.3499': attribute type 1 has an invalid length.
[  511.554641][T19705] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  511.573694][T19710] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3500'.
[  511.579739][T19710] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3500'.
[  511.658231][ T5954] Bluetooth: Unknown BR/EDR signaling command 0x0c
[  511.660628][ T5954] Bluetooth: Wrong link type (-22)
[  511.662079][ T5954] Bluetooth: Unknown BR/EDR signaling command 0x0c
[  511.663874][ T5954] Bluetooth: Wrong link type (-22)
[  511.665561][ T5954] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  511.670064][ T5954] Bluetooth: Wrong link type (-22)
[  511.736464][   T40] audit: type=1326 audit(2000000378.409:10938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.742689][   T40] audit: type=1326 audit(2000000378.409:10939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.746169][T19722] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3503'.
[  511.749504][   T40] audit: type=1326 audit(2000000378.409:10940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.763273][   T40] audit: type=1326 audit(2000000378.409:10941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.769466][   T40] audit: type=1326 audit(2000000378.409:10942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.777568][   T40] audit: type=1326 audit(2000000378.409:10943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.783390][   T40] audit: type=1326 audit(2000000378.409:10944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.789495][   T40] audit: type=1326 audit(2000000378.409:10945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.795400][   T40] audit: type=1326 audit(2000000378.409:10946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73be579 code=0x7ffc0000
[  511.801386][   T40] audit: type=1326 audit(2000000378.409:10947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19720 comm="syz.8.3505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  512.379236][T19733] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3507'.
[  512.748547][T19741] ERROR: Out of memory at tomoyo_memory_ok.
[  512.784524][T19743] sp0: Synchronizing with TNC
[  512.946222][T19751] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[  513.128432][T19757] libceph: resolve '.
[  513.128432][T19757] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  513.128432][T19757] ' (ret=-3): failed
[  513.176824][T19756] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  513.775248][T19775] loop9: detected capacity change from 0 to 8
[  513.778904][T19775]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  513.780501][T19775] loop9: partition table partially beyond EOD, truncated
[  513.783247][T19775] loop9: p1 size 81768186 extends beyond EOD, truncated
[  513.830096][T19775]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  513.831674][T19775] loop9: partition table partially beyond EOD, truncated
[  513.833697][T19775] loop9: p1 size 81768186 extends beyond EOD, truncated
[  514.076053][T19100] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  514.236046][T19100] usb 13-1: Using ep0 maxpacket: 8
[  514.237168][T19100] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 218, changing to 11
[  514.240809][T19100] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[  514.243949][T19100] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  514.246552][T19100] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.249575][T19100] usb 13-1: config 0 descriptor??
[  514.293065][ T5362]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  514.294644][ T5362] loop9: partition table partially beyond EOD, truncated
[  514.296764][ T5362] loop9: p1 size 81768186 extends beyond EOD, truncated
[  514.348218][ T5362]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  514.350065][ T5362] loop9: partition table partially beyond EOD, truncated
[  514.352063][ T5362] loop9: p1 size 81768186 extends beyond EOD, truncated
[  514.452952][T19791] lo speed is unknown, defaulting to 1000
[  514.455349][T19775] random: crng reseeded on system resumption
[  514.456136][T19791] lo speed is unknown, defaulting to 1000
[  514.501249][T19790] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3525'.
[  514.565766][ T5362]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  514.568312][ T5362] loop9: partition table partially beyond EOD, truncated
[  514.571489][ T5362] loop9: p1 size 81768186 extends beyond EOD, truncated
[  514.597966][T19799] netlink: 104 bytes leftover after parsing attributes in process `syz.9.3527'.
[  515.354396][T19818] FAULT_INJECTION: forcing a failure.
[  515.354396][T19818] name failslab, interval 1, probability 0, space 0, times 0
[  515.358118][T19818] CPU: 3 UID: 0 PID: 19818 Comm: syz.6.3533 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  515.358133][T19818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  515.358139][T19818] Call Trace:
[  515.358143][T19818]  <TASK>
[  515.358147][T19818]  dump_stack_lvl+0x16c/0x1f0
[  515.358164][T19818]  should_fail_ex+0x512/0x640
[  515.358180][T19818]  should_failslab+0xc2/0x120
[  515.358196][T19818]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  515.358211][T19818]  ? skb_clone+0x190/0x3f0
[  515.358227][T19818]  skb_clone+0x190/0x3f0
[  515.358241][T19818]  netlink_deliver_tap+0xabd/0xd30
[  515.358256][T19818]  netlink_unicast+0x5df/0x7f0
[  515.358270][T19818]  ? __pfx_netlink_unicast+0x10/0x10
[  515.358283][T19818]  ? __phys_addr_symbol+0x30/0x80
[  515.358297][T19818]  ? __check_object_size+0x4c7/0x710
[  515.358314][T19818]  netlink_sendmsg+0x8da/0xd70
[  515.358328][T19818]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.358342][T19818]  ? __import_iovec+0x1c8/0x660
[  515.358356][T19818]  ____sys_sendmsg+0xa8d/0xc60
[  515.358367][T19818]  ? __pfx_____sys_sendmsg+0x10/0x10
[  515.358376][T19818]  ? get_compat_msghdr+0x11a/0x170
[  515.358392][T19818]  ___sys_sendmsg+0x134/0x1d0
[  515.358406][T19818]  ? __pfx____sys_sendmsg+0x10/0x10
[  515.358430][T19818]  __sys_sendmsg+0x16d/0x220
[  515.358444][T19818]  ? __pfx___sys_sendmsg+0x10/0x10
[  515.358460][T19818]  ? rcu_is_watching+0x12/0xc0
[  515.358472][T19818]  ? rcu_is_watching+0x12/0xc0
[  515.358482][T19818]  __do_fast_syscall_32+0x73/0x120
[  515.358497][T19818]  do_fast_syscall_32+0x32/0x80
[  515.358510][T19818]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  515.358522][T19818] RIP: 0023:0xf7fe6579
[  515.358531][T19818] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  515.358540][T19818] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  515.358550][T19818] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  515.358557][T19818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  515.358562][T19818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  515.358568][T19818] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  515.358573][T19818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  515.358584][T19818]  </TASK>
[  515.498245][ T5362]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  515.500370][ T5362] loop9: partition table partially beyond EOD, truncated
[  515.502936][ T5362] loop9: p1 size 81768186 extends beyond EOD, truncated
[  516.394673][ T5362]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  516.396649][ T5362] loop9: partition table partially beyond EOD, truncated
[  516.398698][ T5362] loop9: p1 size 81768186 extends beyond EOD, truncated
[  516.426062][T19839] ebtables: wrong size: *len 264, entries_size 144, replsz 144
[  516.678157][T19850] lo speed is unknown, defaulting to 1000
[  516.681714][T19850] lo speed is unknown, defaulting to 1000
[  516.715783][T19856] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[  517.449404][   T44] ==================================================================
[  517.451581][   T44] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x12e/0x700
[  517.453739][   T44] Read of size 8 at addr ffff888023b62570 by task kcompactd0/44
[  517.456660][   T44] 
[  517.457851][   T44] CPU: 1 UID: 0 PID: 44 Comm: kcompactd0 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  517.457866][   T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.457872][   T44] Call Trace:
[  517.457876][   T44]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  517.457881][   T44]  dump_stack_lvl+0x116/0x1f0
[  517.457896][   T44]  print_report+0xc3/0x670
[  517.457913][   T44]  ? __virt_addr_valid+0x5e/0x590
[  517.457931][   T44]  ? __phys_addr+0xc6/0x150
[  517.457944][   T44]  ? move_to_new_folio+0x12e/0x700
[  517.457954][   T44]  kasan_report+0xe0/0x110
[  517.457969][   T44]  ? move_to_new_folio+0x12e/0x700
[  517.457979][   T44]  kasan_check_range+0xef/0x1a0
[  517.457990][   T44]  move_to_new_folio+0x12e/0x700
[  517.458000][   T44]  migrate_pages_batch+0x201d/0x31a0
[  517.458011][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.458026][   T44]  ? __pfx_migrate_pages_batch+0x10/0x10
[  517.458037][   T44]  ? find_held_lock+0x2b/0x80
[  517.458049][   T44]  migrate_pages_sync+0x12d/0x8a0
[  517.458059][   T44]  ? __pfx_compaction_alloc+0x10/0x10
[  517.458072][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.458086][   T44]  ? __pfx_migrate_pages_sync+0x10/0x10
[  517.458096][   T44]  ? do_raw_spin_lock+0x12c/0x2b0
[  517.458112][   T44]  ? find_held_lock+0x2b/0x80
[  517.458123][   T44]  migrate_pages+0x1b28/0x2350
[  517.458133][   T44]  ? __pfx_compaction_alloc+0x10/0x10
[  517.458146][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.458160][   T44]  ? __pfx_migrate_pages+0x10/0x10
[  517.458172][   T44]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  517.458188][   T44]  compact_zone+0x1f6d/0x4220
[  517.458203][   T44]  ? lock_acquire+0x179/0x350
[  517.458218][   T44]  ? __pfx_bpf_trace_run2+0x10/0x10
[  517.458232][   T44]  ? __pfx_compact_zone+0x10/0x10
[  517.458246][   T44]  ? __bpf_trace_contention_end+0xc9/0x110
[  517.458261][   T44]  compact_node+0x1a4/0x2d0
[  517.458275][   T44]  ? __pfx_compact_node+0x10/0x10
[  517.458288][   T44]  ? __pfx___might_resched+0x10/0x10
[  517.458304][   T44]  ? __pfx_extfrag_for_order+0x10/0x10
[  517.458315][   T44]  ? rcu_is_watching+0x12/0xc0
[  517.458326][   T44]  kcompactd+0x762/0xea0
[  517.458341][   T44]  ? __pfx_kcompactd+0x10/0x10
[  517.458354][   T44]  ? find_held_lock+0x2b/0x80
[  517.458364][   T44]  ? __pfx_autoremove_wake_function+0x10/0x10
[  517.458377][   T44]  ? lockdep_hardirqs_on+0x7c/0x110
[  517.458389][   T44]  ? __kthread_parkme+0x148/0x220
[  517.458403][   T44]  ? __pfx_kcompactd+0x10/0x10
[  517.458416][   T44]  kthread+0x3a4/0x760
[  517.458431][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458446][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458460][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458475][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458489][   T44]  ? rcu_is_watching+0x12/0xc0
[  517.458499][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458514][   T44]  ret_from_fork+0x45/0x80
[  517.458523][   T44]  ? __pfx_kthread+0x10/0x10
[  517.458537][   T44]  ret_from_fork_asm+0x1a/0x30
[  517.458554][   T44]  </TASK>
[  517.458557][   T44] 
[  517.538173][   T44] Allocated by task 11060:
[  517.539394][   T44]  kasan_save_stack+0x33/0x60
[  517.540702][   T44]  kasan_save_track+0x14/0x30
[  517.541999][   T44]  __kasan_slab_alloc+0x89/0x90
[  517.543344][   T44]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  517.544947][   T44]  shmem_alloc_inode+0x25/0x50
[  517.546288][   T44]  alloc_inode+0x61/0x240
[  517.547553][   T44]  new_inode+0x22/0x1c0
[  517.548715][   T44]  shmem_get_inode+0x19a/0xfb0
[  517.550045][   T44]  shmem_mknod+0x1a8/0x450
[  517.551283][   T44]  lookup_open.isra.0+0x11d0/0x1580
[  517.552722][   T44]  path_openat+0x905/0x2d40
[  517.553980][   T44]  do_filp_open+0x20b/0x470
[  517.555244][   T44]  do_sys_openat2+0x11b/0x1d0
[  517.556563][   T44]  __x64_sys_openat+0x174/0x210
[  517.557945][   T44]  do_syscall_64+0xcd/0x260
[  517.559206][   T44]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.560834][   T44] 
[  517.561659][   T44] Freed by task 19867:
[  517.563225][   T44]  kasan_save_stack+0x33/0x60
[  517.565002][   T44]  kasan_save_track+0x14/0x30
[  517.566767][   T44]  kasan_save_free_info+0x3b/0x60
[  517.568290][   T44]  __kasan_slab_free+0x51/0x70
[  517.569600][   T44]  kmem_cache_free+0x2d4/0x4d0
[  517.570911][   T44]  i_callback+0x43/0x70
[  517.572066][   T44]  rcu_core+0x799/0x14e0
[  517.573233][   T44]  handle_softirqs+0x216/0x8e0
[  517.574514][   T44]  __irq_exit_rcu+0x109/0x170
[  517.575782][   T44]  irq_exit_rcu+0x9/0x30
[  517.577061][   T44]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  517.578544][   T44]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  517.580180][   T44] 
[  517.580869][   T44] Last potentially related work creation:
[  517.582637][   T44]  kasan_save_stack+0x33/0x60
[  517.583969][   T44]  kasan_record_aux_stack+0xb8/0xd0
[  517.585432][   T44]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  517.587098][   T44]  destroy_inode+0x12c/0x1b0
[  517.588385][   T44]  evict+0x5b4/0x920
[  517.589419][   T44]  iput+0x521/0x880
[  517.590470][   T44]  dentry_unlink_inode+0x29c/0x480
[  517.591857][   T44]  __dentry_kill+0x1d0/0x600
[  517.593099][   T44]  dput.part.0+0x4b1/0x9b0
[  517.594290][   T44]  dput+0x1f/0x30
[  517.595347][   T44]  do_renameat2+0x83b/0xc90
[  517.596645][   T44]  __x64_sys_rename+0x7d/0xa0
[  517.597970][   T44]  do_syscall_64+0xcd/0x260
[  517.599213][   T44]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.600837][   T44] 
[  517.601515][   T44] The buggy address belongs to the object at ffff888023b620a8
[  517.601515][   T44]  which belongs to the cache shmem_inode_cache of size 1544
[  517.605374][   T44] The buggy address is located 1224 bytes inside of
[  517.605374][   T44]  freed 1544-byte region [ffff888023b620a8, ffff888023b626b0)
[  517.609131][   T44] 
[  517.609805][   T44] The buggy address belongs to the physical page:
[  517.611559][   T44] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23b60
[  517.613949][   T44] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  517.616247][   T44] memcg:ffff888025d16b01
[  517.617468][   T44] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  517.619515][   T44] page_type: f5(slab)
[  517.620670][   T44] raw: 00fff00000000040 ffff888040491cc0 ffffea0001aad000 dead000000000002
[  517.623023][   T44] raw: 0000000000000000 0000000000130013 00000000f5000000 ffff888025d16b01
[  517.625440][   T44] head: 00fff00000000040 ffff888040491cc0 ffffea0001aad000 dead000000000002
[  517.627935][   T44] head: 0000000000000000 0000000000130013 00000000f5000000 ffff888025d16b01
[  517.630283][   T44] head: 00fff00000000003 ffffea00008ed801 ffffffffffffffff 0000000000000000
[  517.632629][   T44] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  517.634964][   T44] page dumped because: kasan: bad access detected
[  517.636801][   T44] page_owner tracks the page as allocated
[  517.638390][   T44] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 36, tgid 36 (kdevtmpfs), ts 6786308075, free_ts 0
[  517.643905][   T44]  post_alloc_hook+0x181/0x1b0
[  517.645358][   T44]  get_page_from_freelist+0x10c4/0x34c0
[  517.647310][   T44]  __alloc_frozen_pages_noprof+0x223/0x24d0
[  517.648950][   T44]  alloc_pages_mpol+0x1fb/0x540
[  517.650300][   T44]  new_slab+0x23c/0x330
[  517.651457][   T44]  ___slab_alloc+0xd9c/0x1940
[  517.652779][   T44]  __slab_alloc.constprop.0+0x56/0xb0
[  517.654262][   T44]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  517.655900][   T44]  shmem_alloc_inode+0x25/0x50
[  517.657242][   T44]  alloc_inode+0x61/0x240
[  517.658446][   T44]  new_inode+0x22/0x1c0
[  517.659596][   T44]  shmem_get_inode+0x19a/0xfb0
[  517.660935][   T44]  shmem_mknod+0x1a8/0x450
[  517.662173][   T44]  vfs_mknod+0x5d7/0x8e0
[  517.663341][   T44]  devtmpfs_work_loop+0x1c8/0x8e0
[  517.664671][   T44]  devtmpfsd+0x4c/0x50
[  517.666042][   T44] page_owner free stack trace missing
[  517.667767][   T44] 
[  517.668427][   T44] Memory state around the buggy address:
[  517.669898][   T44]  ffff888023b62400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  517.672121][   T44]  ffff888023b62480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  517.675027][   T44] >ffff888023b62500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  517.678105][   T44]                                                              ^
[  517.680944][   T44]  ffff888023b62580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  517.683105][   T44]  ffff888023b62600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  517.685371][   T44] ==================================================================
[  517.706252][   T44] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  517.708926][   T44] CPU: 1 UID: 0 PID: 44 Comm: kcompactd0 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  517.712906][   T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.716721][   T44] Call Trace:
[  517.717930][   T44]  <TASK>
[  517.719000][   T44]  dump_stack_lvl+0x3d/0x1f0
[  517.720682][   T44]  panic+0x71c/0x800
[  517.722092][   T44]  ? __pfx_panic+0x10/0x10
[  517.723683][   T44]  ? rcu_is_watching+0x12/0xc0
[  517.725403][   T44]  ? irqentry_exit+0x3b/0x90
[  517.727075][   T44]  ? lockdep_hardirqs_on+0x7c/0x110
[  517.728927][   T44]  ? preempt_schedule_thunk+0x16/0x30
[  517.730813][   T44]  ? move_to_new_folio+0x12e/0x700
[  517.732627][   T44]  ? preempt_schedule_common+0x44/0xc0
[  517.734583][   T44]  ? check_panic_on_warn+0x1f/0xb0
[  517.736416][   T44]  ? move_to_new_folio+0x12e/0x700
[  517.738236][   T44]  check_panic_on_warn+0xab/0xb0
[  517.740027][   T44]  end_report+0x107/0x170
[  517.741292][   T44]  kasan_report+0xee/0x110
[  517.742554][   T44]  ? move_to_new_folio+0x12e/0x700
[  517.744007][   T44]  kasan_check_range+0xef/0x1a0
[  517.745355][   T44]  move_to_new_folio+0x12e/0x700
[  517.746724][   T44]  migrate_pages_batch+0x201d/0x31a0
[  517.748287][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.749744][   T44]  ? __pfx_migrate_pages_batch+0x10/0x10
[  517.751532][   T44]  ? find_held_lock+0x2b/0x80
[  517.753020][   T44]  migrate_pages_sync+0x12d/0x8a0
[  517.754590][   T44]  ? __pfx_compaction_alloc+0x10/0x10
[  517.756171][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.757775][   T44]  ? __pfx_migrate_pages_sync+0x10/0x10
[  517.759320][   T44]  ? do_raw_spin_lock+0x12c/0x2b0
[  517.760719][   T44]  ? find_held_lock+0x2b/0x80
[  517.762050][   T44]  migrate_pages+0x1b28/0x2350
[  517.763494][   T44]  ? __pfx_compaction_alloc+0x10/0x10
[  517.765101][   T44]  ? __pfx_compaction_free+0x10/0x10
[  517.766605][   T44]  ? __pfx_migrate_pages+0x10/0x10
[  517.768133][   T44]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  517.769899][   T44]  compact_zone+0x1f6d/0x4220
[  517.771237][   T44]  ? lock_acquire+0x179/0x350
[  517.772557][   T44]  ? __pfx_bpf_trace_run2+0x10/0x10
[  517.774036][   T44]  ? __pfx_compact_zone+0x10/0x10
[  517.775473][   T44]  ? __bpf_trace_contention_end+0xc9/0x110
[  517.777104][   T44]  compact_node+0x1a4/0x2d0
[  517.778489][   T44]  ? __pfx_compact_node+0x10/0x10
[  517.779891][   T44]  ? __pfx___might_resched+0x10/0x10
[  517.781338][   T44]  ? __pfx_extfrag_for_order+0x10/0x10
[  517.782846][   T44]  ? rcu_is_watching+0x12/0xc0
[  517.784196][   T44]  kcompactd+0x762/0xea0
[  517.785393][   T44]  ? __pfx_kcompactd+0x10/0x10
[  517.786750][   T44]  ? find_held_lock+0x2b/0x80
[  517.788075][   T44]  ? __pfx_autoremove_wake_function+0x10/0x10
[  517.789758][   T44]  ? lockdep_hardirqs_on+0x7c/0x110
[  517.791202][   T44]  ? __kthread_parkme+0x148/0x220
[  517.792618][   T44]  ? __pfx_kcompactd+0x10/0x10
[  517.793961][   T44]  kthread+0x3a4/0x760
[  517.795101][   T44]  ? __pfx_kthread+0x10/0x10
[  517.796420][   T44]  ? __pfx_kthread+0x10/0x10
[  517.797728][   T44]  ? __pfx_kthread+0x10/0x10
[  517.799012][   T44]  ? __pfx_kthread+0x10/0x10
[  517.800315][   T44]  ? rcu_is_watching+0x12/0xc0
[  517.801659][   T44]  ? __pfx_kthread+0x10/0x10
[  517.802949][   T44]  ret_from_fork+0x45/0x80
[  517.804201][   T44]  ? __pfx_kthread+0x10/0x10
[  517.805526][   T44]  ret_from_fork_asm+0x1a/0x30
[  517.806881][   T44]  </TASK>
[  517.808307][   T44] Kernel Offset: disabled
[  517.809514][   T44] Rebooting in 86400 seconds..

VM DIAGNOSIS:
07:21:37  Registers:
info registers vcpu 0

CPU#0
RAX=00000000016fe697 RBX=0000000000000000 RCX=ffffffff8b5b82f9 RDX=0000000000000000
RSI=ffffffff8d9a7ab0 RDI=ffffffff8bd357a0 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e18
R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90629210 R15=0000000000000000
RIP=ffffffff8b5b96ef RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097c5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c24d567 CR3=000000006efe2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff854136f0 RDI=ffffffff9ab72ba0 RBP=ffffffff9ab72b60 RSP=ffffc900006b6e90
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff356e5c6 R15=dffffc0000000000
RIP=ffffffff85413717 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097d5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f4e3ffc CR3=000000007732e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff90eff0c8 RBX=ffffffff906f95c8 RCX=dffffc0000000000 RDX=0000000000000003
RSI=0000000000000000 RDI=ffffffff906f95ac RBP=ffffffff906f95ac RSP=ffffc900031af6c8
R8 =ffffffff90eff122 R9 =0000000000000000 R10=ffffc900031af778 R11=0000000000002bb3
R12=ffffffff906f95e4 R13=ffffffff812bb349 R14=ffffffff906f95ac R15=ffffffff906f95ac
RIP=ffffffff81697eee RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097e5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000559965425000 CR3=000000004ad64000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32 d58e0f32d58e0f32
ZMM22=306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7 306da3b7306da3b7
ZMM23=4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93 4c1d0a934c1d0a93
ZMM24=02c2431502c24315 02c2431502c24315 02c2431502c24315 02c2431502c24315 02c2431502c24315 02c2431502c24315 02c2431502c24315 02c2431502c24315
ZMM25=14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9 14ed89a914ed89a9
ZMM26=b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2 b6bd6fb2b6bd6fb2
ZMM27=12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c 12420b8c12420b8c
ZMM28=00000100000000ff 000000fe000000fd 000000fc000000fb 000000fa000000f9 000000f8000000f7 000000f6000000f5 000000f4000000f3 000000f2000000f1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=8d2100008d210000 8d2100008d210000 8d2100008d210000 8d2100008d210000 8d2100008d210000 8d2100008d210000 8d2100008d210000 8d2100008d210000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=ffff888012ca8c00 RCX=ffff888012ca8c52 RDX=1ffff110056e73f0
RSI=ffff888012ca8c00 RDI=ffff888012ca8c70 RBP=ffff88802b739f80 RSP=ffffc90002c8f538
R8 =0000000000000000 R9 =ffffed1009f668f8 R10=ffff88804fb347c7 R11=0000000000000001
R12=00000000000d5a57 R13=ffff888012ca8c00 R14=ffff888012ca8c50 R15=00000000000cfed0
RIP=ffffffff818df7d2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097f5a000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c24d567 CR3=000000007732e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000008000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000