Warning: Permanently added '[localhost]:23788' (ECDSA) to the list of known hosts.
2025/08/29 13:28:27 fuzzer started
2025/08/29 13:28:27 dialing manager at localhost:43077
syzkaller login: [   50.571782] cgroup: Unknown subsys name 'net'
[   50.645572] cgroup: Unknown subsys name 'cpuset'
[   50.664748] cgroup: Unknown subsys name 'rlimit'
2025/08/29 13:28:38 syscalls: 2214
2025/08/29 13:28:38 code coverage: enabled
2025/08/29 13:28:38 comparison tracing: enabled
2025/08/29 13:28:38 extra coverage: enabled
2025/08/29 13:28:38 setuid sandbox: enabled
2025/08/29 13:28:38 namespace sandbox: enabled
2025/08/29 13:28:38 Android sandbox: enabled
2025/08/29 13:28:38 fault injection: enabled
2025/08/29 13:28:38 leak checking: enabled
2025/08/29 13:28:38 net packet injection: enabled
2025/08/29 13:28:38 net device setup: enabled
2025/08/29 13:28:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 13:28:38 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 13:28:38 USB emulation: enabled
2025/08/29 13:28:38 hci packet injection: enabled
2025/08/29 13:28:38 wifi device emulation: enabled
2025/08/29 13:28:38 802.15.4 emulation: enabled
2025/08/29 13:28:38 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 13:28:38 fetching corpus: 50, signal 28011/31461 (executing program)
2025/08/29 13:28:38 fetching corpus: 100, signal 35285/40213 (executing program)
2025/08/29 13:28:38 fetching corpus: 150, signal 43732/49961 (executing program)
2025/08/29 13:28:38 fetching corpus: 200, signal 48240/55820 (executing program)
2025/08/29 13:28:39 fetching corpus: 250, signal 51918/60786 (executing program)
2025/08/29 13:28:39 fetching corpus: 300, signal 56093/66184 (executing program)
2025/08/29 13:28:39 fetching corpus: 350, signal 60083/71283 (executing program)
2025/08/29 13:28:39 fetching corpus: 400, signal 64625/76835 (executing program)
2025/08/29 13:28:39 fetching corpus: 450, signal 69202/82278 (executing program)
2025/08/29 13:28:39 fetching corpus: 500, signal 73270/87211 (executing program)
2025/08/29 13:28:39 fetching corpus: 550, signal 76215/91096 (executing program)
2025/08/29 13:28:39 fetching corpus: 600, signal 80093/95741 (executing program)
2025/08/29 13:28:39 fetching corpus: 650, signal 82380/98892 (executing program)
2025/08/29 13:28:39 fetching corpus: 700, signal 85627/102801 (executing program)
2025/08/29 13:28:40 fetching corpus: 750, signal 87327/105397 (executing program)
2025/08/29 13:28:40 fetching corpus: 800, signal 88982/107874 (executing program)
2025/08/29 13:28:40 fetching corpus: 850, signal 92090/111574 (executing program)
2025/08/29 13:28:40 fetching corpus: 900, signal 93802/114057 (executing program)
2025/08/29 13:28:40 fetching corpus: 950, signal 94808/115967 (executing program)
2025/08/29 13:28:40 fetching corpus: 1000, signal 96642/118470 (executing program)
2025/08/29 13:28:40 fetching corpus: 1050, signal 97993/120604 (executing program)
2025/08/29 13:28:40 fetching corpus: 1100, signal 99488/122776 (executing program)
2025/08/29 13:28:40 fetching corpus: 1150, signal 100344/124460 (executing program)
2025/08/29 13:28:40 fetching corpus: 1200, signal 101631/126349 (executing program)
2025/08/29 13:28:40 fetching corpus: 1250, signal 103184/128470 (executing program)
2025/08/29 13:28:41 fetching corpus: 1300, signal 105065/130855 (executing program)
2025/08/29 13:28:41 fetching corpus: 1350, signal 106407/132835 (executing program)
2025/08/29 13:28:41 fetching corpus: 1400, signal 107719/134692 (executing program)
2025/08/29 13:28:41 fetching corpus: 1450, signal 108676/136272 (executing program)
2025/08/29 13:28:41 fetching corpus: 1500, signal 109563/137812 (executing program)
2025/08/29 13:28:41 fetching corpus: 1550, signal 111028/139745 (executing program)
2025/08/29 13:28:41 fetching corpus: 1600, signal 112429/141593 (executing program)
2025/08/29 13:28:41 fetching corpus: 1650, signal 113814/143431 (executing program)
2025/08/29 13:28:41 fetching corpus: 1700, signal 115349/145344 (executing program)
2025/08/29 13:28:41 fetching corpus: 1750, signal 116325/146863 (executing program)
2025/08/29 13:28:41 fetching corpus: 1800, signal 118114/148848 (executing program)
2025/08/29 13:28:42 fetching corpus: 1850, signal 119233/150422 (executing program)
2025/08/29 13:28:42 fetching corpus: 1900, signal 120362/151941 (executing program)
2025/08/29 13:28:42 fetching corpus: 1950, signal 121331/153351 (executing program)
2025/08/29 13:28:42 fetching corpus: 2000, signal 121843/154457 (executing program)
2025/08/29 13:28:42 fetching corpus: 2050, signal 122933/155831 (executing program)
2025/08/29 13:28:42 fetching corpus: 2100, signal 123929/157218 (executing program)
2025/08/29 13:28:42 fetching corpus: 2150, signal 124861/158483 (executing program)
2025/08/29 13:28:42 fetching corpus: 2200, signal 125929/159828 (executing program)
2025/08/29 13:28:42 fetching corpus: 2250, signal 126847/161090 (executing program)
2025/08/29 13:28:42 fetching corpus: 2300, signal 128354/162632 (executing program)
2025/08/29 13:28:42 fetching corpus: 2350, signal 129285/163905 (executing program)
2025/08/29 13:28:43 fetching corpus: 2400, signal 130139/165143 (executing program)
2025/08/29 13:28:43 fetching corpus: 2450, signal 130978/166331 (executing program)
2025/08/29 13:28:43 fetching corpus: 2500, signal 131678/167417 (executing program)
2025/08/29 13:28:43 fetching corpus: 2550, signal 132771/168646 (executing program)
2025/08/29 13:28:43 fetching corpus: 2600, signal 133599/169753 (executing program)
2025/08/29 13:28:43 fetching corpus: 2650, signal 134423/170859 (executing program)
2025/08/29 13:28:43 fetching corpus: 2700, signal 135200/171920 (executing program)
2025/08/29 13:28:43 fetching corpus: 2750, signal 136175/173000 (executing program)
2025/08/29 13:28:43 fetching corpus: 2800, signal 136861/173973 (executing program)
2025/08/29 13:28:43 fetching corpus: 2850, signal 137446/174860 (executing program)
2025/08/29 13:28:43 fetching corpus: 2900, signal 137977/175701 (executing program)
2025/08/29 13:28:44 fetching corpus: 2950, signal 139101/176969 (executing program)
2025/08/29 13:28:44 fetching corpus: 3000, signal 139856/177904 (executing program)
2025/08/29 13:28:44 fetching corpus: 3050, signal 141201/179020 (executing program)
2025/08/29 13:28:44 fetching corpus: 3100, signal 143305/180371 (executing program)
2025/08/29 13:28:44 fetching corpus: 3150, signal 143724/181114 (executing program)
2025/08/29 13:28:44 fetching corpus: 3200, signal 144423/181939 (executing program)
2025/08/29 13:28:44 fetching corpus: 3250, signal 145167/182770 (executing program)
2025/08/29 13:28:44 fetching corpus: 3300, signal 145839/183607 (executing program)
2025/08/29 13:28:44 fetching corpus: 3350, signal 146418/184382 (executing program)
2025/08/29 13:28:44 fetching corpus: 3400, signal 147299/185336 (executing program)
2025/08/29 13:28:44 fetching corpus: 3450, signal 147699/186005 (executing program)
2025/08/29 13:28:45 fetching corpus: 3500, signal 148123/186704 (executing program)
2025/08/29 13:28:45 fetching corpus: 3550, signal 148818/187438 (executing program)
2025/08/29 13:28:45 fetching corpus: 3600, signal 149406/188163 (executing program)
2025/08/29 13:28:45 fetching corpus: 3650, signal 149900/188839 (executing program)
2025/08/29 13:28:45 fetching corpus: 3700, signal 150338/189472 (executing program)
2025/08/29 13:28:45 fetching corpus: 3750, signal 151214/190293 (executing program)
2025/08/29 13:28:45 fetching corpus: 3800, signal 151793/190995 (executing program)
2025/08/29 13:28:45 fetching corpus: 3850, signal 152641/191740 (executing program)
2025/08/29 13:28:45 fetching corpus: 3900, signal 153295/192377 (executing program)
2025/08/29 13:28:45 fetching corpus: 3950, signal 153951/192992 (executing program)
2025/08/29 13:28:45 fetching corpus: 4000, signal 154489/193578 (executing program)
2025/08/29 13:28:45 fetching corpus: 4050, signal 155028/194161 (executing program)
2025/08/29 13:28:45 fetching corpus: 4100, signal 155963/194860 (executing program)
2025/08/29 13:28:46 fetching corpus: 4150, signal 156784/195484 (executing program)
2025/08/29 13:28:46 fetching corpus: 4200, signal 157237/196052 (executing program)
2025/08/29 13:28:46 fetching corpus: 4250, signal 157576/196584 (executing program)
2025/08/29 13:28:46 fetching corpus: 4300, signal 158053/197139 (executing program)
2025/08/29 13:28:46 fetching corpus: 4350, signal 158589/197685 (executing program)
2025/08/29 13:28:46 fetching corpus: 4400, signal 158998/198192 (executing program)
2025/08/29 13:28:46 fetching corpus: 4450, signal 159516/198696 (executing program)
2025/08/29 13:28:46 fetching corpus: 4500, signal 159993/199218 (executing program)
2025/08/29 13:28:46 fetching corpus: 4550, signal 160560/199711 (executing program)
2025/08/29 13:28:46 fetching corpus: 4600, signal 160860/200153 (executing program)
2025/08/29 13:28:46 fetching corpus: 4650, signal 161286/200603 (executing program)
2025/08/29 13:28:46 fetching corpus: 4700, signal 161990/201063 (executing program)
2025/08/29 13:28:47 fetching corpus: 4750, signal 162470/201489 (executing program)
2025/08/29 13:28:47 fetching corpus: 4800, signal 163018/201940 (executing program)
2025/08/29 13:28:47 fetching corpus: 4850, signal 163532/202372 (executing program)
2025/08/29 13:28:47 fetching corpus: 4900, signal 163952/202657 (executing program)
2025/08/29 13:28:47 fetching corpus: 4950, signal 164339/202661 (executing program)
2025/08/29 13:28:47 fetching corpus: 5000, signal 164781/202671 (executing program)
2025/08/29 13:28:47 fetching corpus: 5050, signal 165199/202677 (executing program)
2025/08/29 13:28:47 fetching corpus: 5100, signal 165690/202724 (executing program)
2025/08/29 13:28:47 fetching corpus: 5150, signal 166082/202741 (executing program)
2025/08/29 13:28:47 fetching corpus: 5200, signal 166644/202741 (executing program)
2025/08/29 13:28:47 fetching corpus: 5250, signal 167086/202742 (executing program)
2025/08/29 13:28:47 fetching corpus: 5300, signal 167645/202809 (executing program)
2025/08/29 13:28:48 fetching corpus: 5350, signal 167929/202809 (executing program)
2025/08/29 13:28:48 fetching corpus: 5400, signal 168366/202811 (executing program)
2025/08/29 13:28:48 fetching corpus: 5450, signal 168844/202820 (executing program)
2025/08/29 13:28:48 fetching corpus: 5500, signal 169199/202822 (executing program)
2025/08/29 13:28:48 fetching corpus: 5550, signal 169580/202825 (executing program)
2025/08/29 13:28:48 fetching corpus: 5600, signal 169966/202837 (executing program)
2025/08/29 13:28:48 fetching corpus: 5650, signal 170296/202844 (executing program)
2025/08/29 13:28:48 fetching corpus: 5700, signal 170649/202864 (executing program)
2025/08/29 13:28:48 fetching corpus: 5750, signal 171106/202868 (executing program)
2025/08/29 13:28:48 fetching corpus: 5800, signal 171449/202871 (executing program)
2025/08/29 13:28:48 fetching corpus: 5850, signal 171764/202890 (executing program)
2025/08/29 13:28:49 fetching corpus: 5900, signal 172069/202895 (executing program)
2025/08/29 13:28:49 fetching corpus: 5950, signal 172381/202902 (executing program)
2025/08/29 13:28:49 fetching corpus: 6000, signal 172699/202915 (executing program)
2025/08/29 13:28:49 fetching corpus: 6050, signal 172968/202934 (executing program)
2025/08/29 13:28:49 fetching corpus: 6100, signal 173359/202962 (executing program)
2025/08/29 13:28:49 fetching corpus: 6150, signal 173710/202982 (executing program)
2025/08/29 13:28:49 fetching corpus: 6200, signal 174017/202992 (executing program)
2025/08/29 13:28:49 fetching corpus: 6250, signal 174376/203013 (executing program)
2025/08/29 13:28:49 fetching corpus: 6300, signal 174895/203016 (executing program)
2025/08/29 13:28:49 fetching corpus: 6350, signal 175174/203023 (executing program)
2025/08/29 13:28:49 fetching corpus: 6400, signal 175600/203041 (executing program)
2025/08/29 13:28:49 fetching corpus: 6450, signal 175858/203059 (executing program)
2025/08/29 13:28:50 fetching corpus: 6500, signal 176248/203084 (executing program)
2025/08/29 13:28:50 fetching corpus: 6550, signal 176482/203086 (executing program)
2025/08/29 13:28:50 fetching corpus: 6600, signal 176899/203086 (executing program)
2025/08/29 13:28:50 fetching corpus: 6650, signal 177236/203092 (executing program)
2025/08/29 13:28:50 fetching corpus: 6700, signal 177581/203094 (executing program)
2025/08/29 13:28:50 fetching corpus: 6750, signal 177894/203107 (executing program)
2025/08/29 13:28:50 fetching corpus: 6800, signal 178156/203107 (executing program)
2025/08/29 13:28:50 fetching corpus: 6850, signal 178449/203114 (executing program)
2025/08/29 13:28:50 fetching corpus: 6900, signal 178805/203117 (executing program)
2025/08/29 13:28:50 fetching corpus: 6950, signal 179151/203126 (executing program)
2025/08/29 13:28:50 fetching corpus: 7000, signal 179430/203140 (executing program)
2025/08/29 13:28:50 fetching corpus: 7050, signal 179674/203150 (executing program)
2025/08/29 13:28:51 fetching corpus: 7100, signal 180020/203190 (executing program)
2025/08/29 13:28:51 fetching corpus: 7150, signal 180377/203196 (executing program)
2025/08/29 13:28:51 fetching corpus: 7200, signal 180706/203199 (executing program)
2025/08/29 13:28:51 fetching corpus: 7250, signal 181116/203214 (executing program)
2025/08/29 13:28:51 fetching corpus: 7300, signal 181421/203217 (executing program)
2025/08/29 13:28:51 fetching corpus: 7350, signal 181846/203217 (executing program)
2025/08/29 13:28:51 fetching corpus: 7400, signal 182153/203228 (executing program)
2025/08/29 13:28:51 fetching corpus: 7450, signal 182411/203230 (executing program)
2025/08/29 13:28:51 fetching corpus: 7500, signal 182675/203252 (executing program)
2025/08/29 13:28:51 fetching corpus: 7550, signal 182985/203263 (executing program)
2025/08/29 13:28:51 fetching corpus: 7600, signal 183281/203263 (executing program)
2025/08/29 13:28:51 fetching corpus: 7650, signal 183483/203268 (executing program)
2025/08/29 13:28:52 fetching corpus: 7700, signal 183899/203284 (executing program)
2025/08/29 13:28:52 fetching corpus: 7750, signal 184266/203287 (executing program)
2025/08/29 13:28:52 fetching corpus: 7800, signal 184563/203293 (executing program)
2025/08/29 13:28:52 fetching corpus: 7850, signal 184873/203299 (executing program)
2025/08/29 13:28:52 fetching corpus: 7900, signal 185061/203303 (executing program)
2025/08/29 13:28:52 fetching corpus: 7950, signal 185380/203308 (executing program)
2025/08/29 13:28:52 fetching corpus: 8000, signal 185726/203313 (executing program)
2025/08/29 13:28:52 fetching corpus: 8050, signal 186013/203320 (executing program)
2025/08/29 13:28:52 fetching corpus: 8100, signal 186231/203339 (executing program)
2025/08/29 13:28:52 fetching corpus: 8150, signal 186502/203342 (executing program)
2025/08/29 13:28:52 fetching corpus: 8200, signal 186851/203350 (executing program)
2025/08/29 13:28:52 fetching corpus: 8250, signal 187085/203356 (executing program)
2025/08/29 13:28:52 fetching corpus: 8300, signal 187416/203363 (executing program)
2025/08/29 13:28:53 fetching corpus: 8350, signal 187670/203373 (executing program)
2025/08/29 13:28:53 fetching corpus: 8400, signal 187912/203375 (executing program)
2025/08/29 13:28:53 fetching corpus: 8450, signal 188124/203384 (executing program)
2025/08/29 13:28:53 fetching corpus: 8500, signal 188475/203400 (executing program)
2025/08/29 13:28:53 fetching corpus: 8550, signal 188775/203410 (executing program)
2025/08/29 13:28:53 fetching corpus: 8600, signal 189036/203416 (executing program)
2025/08/29 13:28:53 fetching corpus: 8650, signal 189365/203418 (executing program)
2025/08/29 13:28:53 fetching corpus: 8700, signal 189558/203425 (executing program)
2025/08/29 13:28:53 fetching corpus: 8750, signal 189801/203480 (executing program)
2025/08/29 13:28:53 fetching corpus: 8800, signal 190058/203508 (executing program)
2025/08/29 13:28:53 fetching corpus: 8850, signal 190280/203511 (executing program)
2025/08/29 13:28:53 fetching corpus: 8900, signal 190457/203512 (executing program)
2025/08/29 13:28:53 fetching corpus: 8950, signal 190682/203523 (executing program)
2025/08/29 13:28:54 fetching corpus: 9000, signal 191014/203525 (executing program)
2025/08/29 13:28:54 fetching corpus: 9050, signal 191256/203569 (executing program)
2025/08/29 13:28:54 fetching corpus: 9100, signal 191489/203578 (executing program)
2025/08/29 13:28:54 fetching corpus: 9150, signal 191761/203594 (executing program)
2025/08/29 13:28:54 fetching corpus: 9200, signal 191920/203606 (executing program)
2025/08/29 13:28:54 fetching corpus: 9250, signal 192268/203651 (executing program)
2025/08/29 13:28:54 fetching corpus: 9300, signal 192485/203654 (executing program)
2025/08/29 13:28:54 fetching corpus: 9350, signal 192839/203662 (executing program)
2025/08/29 13:28:54 fetching corpus: 9400, signal 193039/203667 (executing program)
2025/08/29 13:28:54 fetching corpus: 9450, signal 193294/203683 (executing program)
2025/08/29 13:28:54 fetching corpus: 9500, signal 193609/203686 (executing program)
2025/08/29 13:28:54 fetching corpus: 9550, signal 193894/203714 (executing program)
2025/08/29 13:28:55 fetching corpus: 9600, signal 194108/203727 (executing program)
2025/08/29 13:28:55 fetching corpus: 9650, signal 194292/203734 (executing program)
2025/08/29 13:28:55 fetching corpus: 9700, signal 194553/203750 (executing program)
2025/08/29 13:28:55 fetching corpus: 9750, signal 194816/203761 (executing program)
2025/08/29 13:28:55 fetching corpus: 9800, signal 195007/203781 (executing program)
2025/08/29 13:28:55 fetching corpus: 9850, signal 195800/203790 (executing program)
2025/08/29 13:28:55 fetching corpus: 9900, signal 195993/203790 (executing program)
2025/08/29 13:28:55 fetching corpus: 9950, signal 196207/203790 (executing program)
2025/08/29 13:28:55 fetching corpus: 10000, signal 196437/203795 (executing program)
2025/08/29 13:28:55 fetching corpus: 10050, signal 196680/203809 (executing program)
2025/08/29 13:28:55 fetching corpus: 10100, signal 196867/203820 (executing program)
2025/08/29 13:28:55 fetching corpus: 10150, signal 197035/203825 (executing program)
2025/08/29 13:28:55 fetching corpus: 10200, signal 197236/203850 (executing program)
2025/08/29 13:28:55 fetching corpus: 10250, signal 197411/203853 (executing program)
2025/08/29 13:28:56 fetching corpus: 10300, signal 197608/203853 (executing program)
2025/08/29 13:28:56 fetching corpus: 10350, signal 197944/203865 (executing program)
2025/08/29 13:28:56 fetching corpus: 10400, signal 198119/203872 (executing program)
2025/08/29 13:28:56 fetching corpus: 10450, signal 198373/203896 (executing program)
2025/08/29 13:28:56 fetching corpus: 10500, signal 198654/203898 (executing program)
2025/08/29 13:28:56 fetching corpus: 10550, signal 198797/203904 (executing program)
2025/08/29 13:28:56 fetching corpus: 10600, signal 199055/203916 (executing program)
2025/08/29 13:28:56 fetching corpus: 10650, signal 199251/203921 (executing program)
2025/08/29 13:28:56 fetching corpus: 10700, signal 199402/203928 (executing program)
2025/08/29 13:28:56 fetching corpus: 10750, signal 199601/203928 (executing program)
2025/08/29 13:28:56 fetching corpus: 10784, signal 199823/203931 (executing program)
2025/08/29 13:28:56 fetching corpus: 10784, signal 199823/203931 (executing program)
2025/08/29 13:28:59 starting 8 fuzzer processes
13:28:59 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

13:28:59 executing program 1:
r0 = syz_io_uring_setup(0x77b6, &(0x7f0000000000), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000001240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000140), 0x2000}], 0x2)

13:28:59 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@getpolicy={0x50, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, 0x6e6bb1}}, 0x50}}, 0x0)

13:28:59 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x18, 0x21, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x18}], 0x1}, 0x0)

13:28:59 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SG_NEXT_CMD_LEN(r2, 0x227a, &(0x7f00000000c0))

13:28:59 executing program 7:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001180)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001180)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
copy_file_range(r0, 0x0, r1, 0x0, 0x0, 0x8008)

[   82.248802] audit: type=1400 audit(1756474139.498:7): avc:  denied  { execmem } for  pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
13:28:59 executing program 3:
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000002b00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0)

13:28:59 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x8, 0x0, 0x0, 0x0)

[   83.397362] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.399883] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.401881] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.405529] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.408258] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.585990] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.589961] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.593969] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.602443] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.605573] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.653355] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.659431] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.668363] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.671100] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.674847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.676053] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.678357] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.684521] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   83.690280] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.697154] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   83.709337] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   83.711331] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   83.712913] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   83.717107] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   83.727119] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   83.728961] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.731416] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.733229] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.742174] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.743405] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.745243] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.747409] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.749475] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.753914] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   83.757329] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.761727] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.766874] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   83.767987] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   83.770787] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.773397] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   85.487089] Bluetooth: hci0: command tx timeout
[   85.680641] Bluetooth: hci1: command tx timeout
[   85.806965] Bluetooth: hci3: command tx timeout
[   85.807124] Bluetooth: hci6: command tx timeout
[   85.807634] Bluetooth: hci2: command tx timeout
[   85.870733] Bluetooth: hci7: command tx timeout
[   85.871391] Bluetooth: hci5: command tx timeout
[   85.872050] Bluetooth: hci4: command tx timeout
[   87.534703] Bluetooth: hci0: command tx timeout
[   87.726820] Bluetooth: hci1: command tx timeout
[   87.855071] Bluetooth: hci2: command tx timeout
[   87.856131] Bluetooth: hci6: command tx timeout
[   87.856864] Bluetooth: hci3: command tx timeout
[   87.918885] Bluetooth: hci4: command tx timeout
[   87.920025] Bluetooth: hci5: command tx timeout
[   87.920834] Bluetooth: hci7: command tx timeout
[   89.584079] Bluetooth: hci0: command tx timeout
[   89.774916] Bluetooth: hci1: command tx timeout
[   89.902696] Bluetooth: hci2: command tx timeout
[   89.903143] Bluetooth: hci6: command tx timeout
[   89.903714] Bluetooth: hci3: command tx timeout
[   89.966675] Bluetooth: hci5: command tx timeout
[   89.966796] Bluetooth: hci7: command tx timeout
[   89.967122] Bluetooth: hci4: command tx timeout
[   91.630785] Bluetooth: hci0: command tx timeout
[   91.823629] Bluetooth: hci1: command tx timeout
[   91.950743] Bluetooth: hci2: command tx timeout
[   91.951220] Bluetooth: hci6: command tx timeout
[   91.951805] Bluetooth: hci3: command tx timeout
[   92.014654] Bluetooth: hci4: command tx timeout
[   92.015679] Bluetooth: hci7: command tx timeout
[   92.016081] Bluetooth: hci5: command tx timeout
[  123.723859] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.724537] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.919578] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.920228] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.133907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.135318] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:41 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

[  124.290358] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.291465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.367778] audit: type=1400 audit(1756474181.617:8): avc:  denied  { open } for  pid=3778 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  124.369635] audit: type=1400 audit(1756474181.618:9): avc:  denied  { kernel } for  pid=3778 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  124.430647] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.431278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:41 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

13:29:41 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

13:29:41 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

[  124.634661] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.635316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

[  124.768665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.769288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

[  124.937903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.938540] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1}})
r1 = dup(r0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)

13:29:42 executing program 1:
r0 = syz_io_uring_setup(0x77b6, &(0x7f0000000000), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000001240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000140), 0x2000}], 0x2)

[  125.097473] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.099364] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.245417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.246077] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.354910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  125.355555] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
[  125.356473] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  125.357178] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  125.357826] Buffer I/O error on dev sr0, logical block 2, lost async page write
[  125.358453] Buffer I/O error on dev sr0, logical block 3, lost async page write
[  125.359107] Buffer I/O error on dev sr0, logical block 4, lost async page write
[  125.430231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  125.430853] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
[  125.431512] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  125.432297] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  125.433119] Buffer I/O error on dev sr0, logical block 2, lost async page write
[  125.433915] Buffer I/O error on dev sr0, logical block 3, lost async page write
[  125.434578] Buffer I/O error on dev sr0, logical block 4, lost async page write
[  125.668899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.669538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.822785] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.823494] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.858153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.858874] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.968173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.969076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.080655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.081290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.108863] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.109454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:29:43 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x80000009e9)
clone3(&(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

13:29:43 executing program 7:
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
fork()

13:29:43 executing program 1:
r0 = syz_io_uring_setup(0x77b6, &(0x7f0000000000), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000001240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000140), 0x2000}], 0x2)

13:29:43 executing program 2:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0), 0x6a841, 0x0)
write$snapshot(r0, &(0x7f0000000000)='[', 0x1)

13:29:43 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
setresuid(0x0, 0xee01, 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b44, &(0x7f0000000080)={0x0, 0x0})

13:29:43 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0)

13:29:43 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x8, 0x0, 0x0, 0x0)

13:29:43 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

[  126.278096] random: crng reseeded on system resumption
[  126.289846] random: crng reseeded on system resumption
[  126.316310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.316993] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
13:29:43 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

13:29:43 executing program 5:
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2000003, &(0x7f00000000c0))
unlinkat(r0, &(0x7f0000000100)='./file0\x00', 0x0)

13:29:43 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x8, 0x0, 0x0, 0x0)

13:29:43 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
setresuid(0x0, 0xee01, 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b44, &(0x7f0000000080)={0x0, 0x0})

13:29:43 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:43 executing program 1:
r0 = syz_io_uring_setup(0x77b6, &(0x7f0000000000), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000001240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000140), 0x2000}], 0x2)

13:29:43 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

[  126.416395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.416939] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
[  126.484225] kmemleak: Found object by alias at 0x607f1a639b54
[  126.484247] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  126.484265] Tainted: [W]=WARN
[  126.484269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  126.484276] Call Trace:
[  126.484280]  <TASK>
[  126.484285]  dump_stack_lvl+0xca/0x120
[  126.484309]  __lookup_object+0x94/0xb0
[  126.484326]  delete_object_full+0x27/0x70
[  126.484341]  free_percpu+0x30/0x1160
[  126.484357]  ? arch_uprobe_clear_state+0x16/0x140
[  126.484377]  futex_hash_free+0x38/0xc0
[  126.484391]  mmput+0x2d3/0x390
[  126.484409]  do_exit+0x79d/0x2970
[  126.484425]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  126.484446]  ? __pfx_do_exit+0x10/0x10
[  126.484459]  ? find_held_lock+0x2b/0x80
[  126.484477]  ? get_signal+0x835/0x2340
[  126.484496]  do_group_exit+0xd3/0x2a0
[  126.484511]  get_signal+0x2315/0x2340
[  126.484527]  ? put_task_stack+0xd2/0x240
[  126.484542]  ? __pfx_get_signal+0x10/0x10
[  126.484557]  ? __schedule+0xe91/0x3590
[  126.484577]  arch_do_signal_or_restart+0x80/0x790
[  126.484604]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  126.484620]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  126.484639]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  126.484657]  ? __x64_sys_openat+0x142/0x200
[  126.484673]  ? __pfx___x64_sys_futex+0x10/0x10
[  126.484692]  exit_to_user_mode_loop+0x8b/0x110
[  126.484704]  do_syscall_64+0x2f7/0x360
[  126.484716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.484728] RIP: 0033:0x7f40f5389b19
[  126.484736] Code: Unable to access opcode bytes at 0x7f40f5389aef.
[  126.484741] RSP: 002b:00007f40f28ff218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.484753] RAX: 0000000000000001 RBX: 00007f40f549cf68 RCX: 00007f40f5389b19
[  126.484760] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f40f549cf6c
[  126.484767] RBP: 00007f40f549cf60 R08: 0000000000000000 R09: 0000000000000000
[  126.484774] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f40f549cf6c
[  126.484781] R13: 00007ffc3d67bc1f R14: 00007f40f28ff300 R15: 0000000000022000
[  126.484796]  </TASK>
[  126.484800] kmemleak: Object (percpu) 0x607f1a639b50 (size 8):
[  126.484806] kmemleak:   comm "syz-executor.2", pid 3939, jiffies 4294793248
[  126.484813] kmemleak:   min_count = 1
[  126.484817] kmemleak:   count = 0
[  126.484820] kmemleak:   flags = 0x21
[  126.484824] kmemleak:   checksum = 0
[  126.484828] kmemleak:   backtrace:
[  126.484831]  pcpu_alloc_noprof+0x87a/0x1170
[  126.484846]  percpu_ref_init+0x37/0x400
[  126.484863]  wb_get_create+0x25b/0x1120
[  126.484872]  balance_dirty_pages_ratelimited_flags+0x539/0x1190
[  126.484886]  iomap_file_buffered_write+0x350/0xa50
[  126.484902]  blkdev_write_iter+0x7a0/0xd00
[  126.484915]  do_iter_readv_writev+0x5af/0x910
[  126.484931]  vfs_writev+0x2d4/0xcd0
[  126.484939]  do_pwritev+0x1ab/0x280
[  126.484948]  __x64_sys_pwritev2+0xef/0x160
[  126.484959]  do_syscall_64+0xbf/0x360
[  126.484967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.523859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.524333] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
13:29:43 executing program 3:
timer_create(0x1, &(0x7f00000001c0)={0x0, 0xb, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)

13:29:43 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x8, 0x0, 0x0, 0x0)

13:29:43 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
setresuid(0x0, 0xee01, 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b44, &(0x7f0000000080)={0x0, 0x0})

13:29:43 executing program 5:
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2000003, &(0x7f00000000c0))
unlinkat(r0, &(0x7f0000000100)='./file0\x00', 0x0)

13:29:43 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

13:29:43 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

13:29:43 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:43 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:43 executing program 3:
timer_create(0x1, &(0x7f00000001c0)={0x0, 0xb, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)

13:29:43 executing program 5:
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2000003, &(0x7f00000000c0))
unlinkat(r0, &(0x7f0000000100)='./file0\x00', 0x0)

13:29:43 executing program 3:
timer_create(0x1, &(0x7f00000001c0)={0x0, 0xb, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)

[  126.691832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.692332] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
13:29:43 executing program 5:
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2000003, &(0x7f00000000c0))
unlinkat(r0, &(0x7f0000000100)='./file0\x00', 0x0)

[  126.732226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.733438] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
13:29:44 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000040)="c4", 0xa00}], 0x2e, 0x0, 0x0, 0x0)

13:29:44 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:44 executing program 3:
timer_create(0x1, &(0x7f00000001c0)={0x0, 0xb, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)

13:29:44 executing program 0:
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "825915", 0x0, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @local}, [@dstopts]}}}}}}}, 0x0)

13:29:44 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
setresuid(0x0, 0xee01, 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b44, &(0x7f0000000080)={0x0, 0x0})

13:29:44 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  126.892484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  126.893034] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 5 prio class 2
13:29:44 executing program 0:
creat(&(0x7f0000000140)='./file1\x00', 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x14)

13:29:44 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:44 executing program 4:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140), 0x8)
getsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, &(0x7f00000082c0))

13:29:44 executing program 5:
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)

[  126.978800] audit: type=1400 audit(1756474184.223:10): avc:  denied  { write } for  pid=3992 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  126.987864] kmemleak: Found object by alias at 0x607f1a63967c
[  126.987890] CPU: 1 UID: 0 PID: 3981 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  126.987926] Tainted: [W]=WARN
[  126.987933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  126.987946] Call Trace:
[  126.987954]  <TASK>
[  126.987962]  dump_stack_lvl+0xca/0x120
[  126.988005]  __lookup_object+0x94/0xb0
[  126.988036]  delete_object_full+0x27/0x70
[  126.988068]  free_percpu+0x30/0x1160
[  126.988099]  ? arch_uprobe_clear_state+0x16/0x140
[  126.988138]  futex_hash_free+0x38/0xc0
[  126.988164]  mmput+0x2d3/0x390
[  126.988201]  do_exit+0x79d/0x2970
[  126.988228]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  126.988269]  ? zap_other_threads+0x2b9/0x3a0
[  126.988302]  ? __pfx_do_exit+0x10/0x10
[  126.988328]  ? do_group_exit+0x1c3/0x2a0
[  126.988358]  ? _raw_spin_unlock_irq+0x23/0x40
[  126.988392]  do_group_exit+0xd3/0x2a0
[  126.988422]  __x64_sys_exit_group+0x3e/0x50
[  126.988450]  x64_sys_call+0x18c5/0x18d0
[  126.988480]  do_syscall_64+0xbf/0x360
[  126.988504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.988526] RIP: 0033:0x7fbbb4b4db19
[  126.988544] Code: Unable to access opcode bytes at 0x7fbbb4b4daef.
[  126.988554] RSP: 002b:00007ffdaf328068 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  126.988576] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fbbb4b4db19
[  126.988606] RDX: 00007fbbb4b0072b RSI: ffffffffffffffbc RDI: 0000000000000000
[  126.988621] RBP: 0000000000000000 R08: 0000001b2d123704 R09: 0000000000000000
[  126.988635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.988648] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffdaf328150
[  126.988680]  </TASK>
[  126.988688] kmemleak: Object (percpu) 0x607f1a639678 (size 8):
[  126.988701] kmemleak:   comm "syz-executor.5", pid 3994, jiffies 4294793804
[  126.988715] kmemleak:   min_count = 1
[  126.988723] kmemleak:   count = 0
[  126.988730] kmemleak:   flags = 0x21
[  126.988738] kmemleak:   checksum = 0
[  126.988745] kmemleak:   backtrace:
[  126.988752]  pcpu_alloc_noprof+0x87a/0x1170
[  126.988782]  perf_trace_event_init+0x366/0xa10
[  126.988808]  perf_trace_init+0x1a4/0x2f0
[  126.988831]  perf_tp_event_init+0xa6/0x120
[  126.988861]  perf_try_init_event+0x140/0x9f0
[  126.988887]  perf_event_alloc.part.0+0x118e/0x45f0
[  126.988920]  __do_sys_perf_event_open+0x719/0x2c20
[  126.988945]  do_syscall_64+0xbf/0x360
[  126.988962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
13:29:44 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

13:29:44 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000640)={@multicast2, @dev}, 0x8)
setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000000)={@multicast2, @remote, @multicast2}, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @remote, @multicast2}, 0xc)

13:29:44 executing program 5:
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, 0x0)

13:29:44 executing program 0:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/4096, 0x1000)
getdents64(r0, 0x0, 0x0)

13:29:44 executing program 1:
request_key(&(0x7f0000000400)='big_key\x00', 0x0, 0x0, 0x0)

13:29:44 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

13:29:44 executing program 0:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/4096, 0x1000)
getdents64(r0, 0x0, 0x0)

13:29:44 executing program 5:
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, 0x0)

13:29:44 executing program 1:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

13:29:44 executing program 2:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x2b, 0x0, @private2, @local, {[], {{0x0, 0x2, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

13:29:44 executing program 4:
clock_settime(0xffc99a3b, &(0x7f0000000080)={0x77359400})

13:29:44 executing program 5:
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, 0x0)

13:29:44 executing program 3:
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000014c0), 0xe)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180), &(0x7f00000001c0)=0x2)

13:29:44 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='comm\x00')

[  127.362849] process 'syz-executor.1' launched './file1' with NULL argv: empty string added
13:29:44 executing program 0:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/4096, 0x1000)
getdents64(r0, 0x0, 0x0)

13:29:44 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff812093c0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:29:44 executing program 2:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x2b, 0x0, @private2, @local, {[], {{0x0, 0x2, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

13:29:44 executing program 1:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

13:29:44 executing program 0:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/4096, 0x1000)
getdents64(r0, 0x0, 0x0)

13:29:44 executing program 6:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/50, 0x32)

13:29:44 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff812093c0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:29:44 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0xa00000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
close(r0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x4000)

13:29:44 executing program 3:
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000014c0), 0xe)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180), &(0x7f00000001c0)=0x2)

13:29:45 executing program 5:
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, 0x0)

13:29:45 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

13:29:45 executing program 1:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

13:29:45 executing program 6:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/50, 0x32)

13:29:45 executing program 2:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x2b, 0x0, @private2, @local, {[], {{0x0, 0x2, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

13:29:45 executing program 7:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendto(r0, 0x0, 0x0, 0x4040011, 0x0, 0x0)

13:29:45 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff812093c0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:29:45 executing program 3:
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000014c0), 0xe)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180), &(0x7f00000001c0)=0x2)

13:29:45 executing program 2:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x2b, 0x0, @private2, @local, {[], {{0x0, 0x2, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

13:29:45 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)

13:29:45 executing program 3:
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000014c0), 0xe)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180), &(0x7f00000001c0)=0x2)

13:29:45 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff812093c0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:29:45 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

13:29:45 executing program 1:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

13:29:45 executing program 6:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/50, 0x32)

13:29:45 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:45 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)

13:29:45 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)

13:29:45 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:45 executing program 6:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/50, 0x32)

13:29:45 executing program 2:
setresuid(0xee01, 0xee01, 0x0)
setuid(0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)

13:29:45 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

13:29:45 executing program 3:
syz_emit_ethernet(0x8e, &(0x7f00000003c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x58, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "61165b", 0x0, 0x2b, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@srh={0x0, 0x4, 0x4, 0x2, 0x0, 0x0, 0x0, [@private0, @loopback]}]}}}}}}}, 0x0)

13:29:45 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)

13:29:45 executing program 2:
madvise(&(0x7f0000904000/0x3000)=nil, 0x3000, 0x10)
mlock(&(0x7f0000aff000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mlock(&(0x7f0000f13000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000bae000/0x4000)=nil, 0x4000)
mlock(&(0x7f00008b5000/0x3000)=nil, 0x3000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000beb000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)

13:29:45 executing program 3:
syz_emit_ethernet(0x8e, &(0x7f00000003c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x58, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "61165b", 0x0, 0x2b, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@srh={0x0, 0x4, 0x4, 0x2, 0x0, 0x0, 0x0, [@private0, @loopback]}]}}}}}}}, 0x0)

13:29:45 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

13:29:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
close(r0)

13:29:45 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:45 executing program 4:
ioperm(0x0, 0x4, 0xffffffffffffff01)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)

13:29:45 executing program 6:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000540)="ae98d7aa", 0x4}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000017c0)=[@dstopts={{0x18}}, @flowinfo={{0x14, 0x29, 0xb, 0x1}}], 0x30}}], 0x2, 0x0)

[  128.404407] audit: type=1326 audit(1756474185.654:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4116 comm="syz-executor.4" exe="/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f308b0d6b19 code=0x0
13:29:45 executing program 3:
syz_emit_ethernet(0x8e, &(0x7f00000003c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x58, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "61165b", 0x0, 0x2b, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@srh={0x0, 0x4, 0x4, 0x2, 0x0, 0x0, 0x0, [@private0, @loopback]}]}}}}}}}, 0x0)

13:29:45 executing program 2:
madvise(&(0x7f0000904000/0x3000)=nil, 0x3000, 0x10)
mlock(&(0x7f0000aff000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mlock(&(0x7f0000f13000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000bae000/0x4000)=nil, 0x4000)
mlock(&(0x7f00008b5000/0x3000)=nil, 0x3000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000beb000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)

13:29:45 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:45 executing program 1:
r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000002c0)='(.}(,#}\x00', &(0x7f0000000040)='\xc8\xac#\x90\xfa\x06HQ#\xe6ed\"t\xba\xc1\xe4F\xb2\xfd\x84B:.\xa8S\xc2\x1c\xf7;G\x8fih\xafd\xbc\xbf\xf9<\xf8\xd9\xf9\x9a\x89u\xb5\x80p\xb8\xf0\xbe\xfd1\xc3%\x99S\xa73\xbc\xa1q\xae;\x0f\x02\x10\x8fqy\xfcR\xace\xe1\xadv\xb4\r\xff9\x82\xe5\xbb\xf0&\x84\x12hP\xa4\xc6\xfc\x1b\x18\xdb\xd3\xe6\xa6\xd2\xf9\x80O\x8a\xc2\b\xb4ka\xf5\xcbAW9|\xeb\x9b\xf3\x95\xc6\x01\x95sK\x95\xee\x7f4\x94#I\xbbf\xd0f$\xa4\xcd\xd69XIm\x8cR,L\x89\xb1\x7f\x8c\bo\xbd\xb4k9\xbd\xbf\xf1Y\xc9\xa7&t\x92\x97\x10\x8a0<=\xees\x01$\xa98v\xbc\'\xf4V*~\xf8\x99\x13\x826\x86\x1d9\x1b\xc1\xac\xc3\xe0\xd9\xd0\x98i\xa7\xc3\xd9-d1\x1d\x8d\xebJ\xe8b\xf5\x1b\xbb\x9f\xc26\xa5\x8by\x11\x9d\x12\xcd\xb5\n\xac\xedD:\xab`\x95\x05\xe4\x91T\xf4j\xa8\xa5hs\xf6\x04\xaa|\xb4\nE\x96i\xdf\x1f\xe9\xa6\xeaui\xf5\xc7$U\xa8-q\xfd\xce\xc1\xa9\xcb\xf9\xd4\xe0\xd3~;4i#\xb5q/5e4\xcf\xd1\xb4}k\xd3\x067l\xc8\x1d`\xb4\xf4\xeb\xc3e\x12A\xe4\xbeU[\xa8h\x9c\x12\xdf\x12P\x18\x1b\xfafpi\xb8\\M|/\xa7\xc5\t\x14\xcc\xc5\xb7\xa5H\xf1!\x89\xb3s\xd7\xa6\x97\xf2\x8d%\xca\"\xa3zV\ao9\xb4\xa7Ki\xe2i\xcd\xd0\xc0\xda_xE\x95%\xf3X\xc7\xb3\x11\xb5YW\xe8\xef\n\xabX\xaa*\xdd\xb5\x9e#\x14<q9\xd1\xa02\xb3', 0x0)

13:29:45 executing program 6:
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
read$snapshot(r0, 0x0, 0x0)

13:29:45 executing program 3:
syz_emit_ethernet(0x8e, &(0x7f00000003c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x58, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "61165b", 0x0, 0x2b, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@srh={0x0, 0x4, 0x4, 0x2, 0x0, 0x0, 0x0, [@private0, @loopback]}]}}}}}}}, 0x0)

13:29:45 executing program 2:
madvise(&(0x7f0000904000/0x3000)=nil, 0x3000, 0x10)
mlock(&(0x7f0000aff000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mlock(&(0x7f0000f13000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000bae000/0x4000)=nil, 0x4000)
mlock(&(0x7f00008b5000/0x3000)=nil, 0x3000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000beb000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)

13:29:45 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setuid(r2)
ioctl$TIOCOUTQ(r0, 0x4b32, 0x0)

13:29:45 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:45 executing program 1:
r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000002c0)='(.}(,#}\x00', &(0x7f0000000040)='\xc8\xac#\x90\xfa\x06HQ#\xe6ed\"t\xba\xc1\xe4F\xb2\xfd\x84B:.\xa8S\xc2\x1c\xf7;G\x8fih\xafd\xbc\xbf\xf9<\xf8\xd9\xf9\x9a\x89u\xb5\x80p\xb8\xf0\xbe\xfd1\xc3%\x99S\xa73\xbc\xa1q\xae;\x0f\x02\x10\x8fqy\xfcR\xace\xe1\xadv\xb4\r\xff9\x82\xe5\xbb\xf0&\x84\x12hP\xa4\xc6\xfc\x1b\x18\xdb\xd3\xe6\xa6\xd2\xf9\x80O\x8a\xc2\b\xb4ka\xf5\xcbAW9|\xeb\x9b\xf3\x95\xc6\x01\x95sK\x95\xee\x7f4\x94#I\xbbf\xd0f$\xa4\xcd\xd69XIm\x8cR,L\x89\xb1\x7f\x8c\bo\xbd\xb4k9\xbd\xbf\xf1Y\xc9\xa7&t\x92\x97\x10\x8a0<=\xees\x01$\xa98v\xbc\'\xf4V*~\xf8\x99\x13\x826\x86\x1d9\x1b\xc1\xac\xc3\xe0\xd9\xd0\x98i\xa7\xc3\xd9-d1\x1d\x8d\xebJ\xe8b\xf5\x1b\xbb\x9f\xc26\xa5\x8by\x11\x9d\x12\xcd\xb5\n\xac\xedD:\xab`\x95\x05\xe4\x91T\xf4j\xa8\xa5hs\xf6\x04\xaa|\xb4\nE\x96i\xdf\x1f\xe9\xa6\xeaui\xf5\xc7$U\xa8-q\xfd\xce\xc1\xa9\xcb\xf9\xd4\xe0\xd3~;4i#\xb5q/5e4\xcf\xd1\xb4}k\xd3\x067l\xc8\x1d`\xb4\xf4\xeb\xc3e\x12A\xe4\xbeU[\xa8h\x9c\x12\xdf\x12P\x18\x1b\xfafpi\xb8\\M|/\xa7\xc5\t\x14\xcc\xc5\xb7\xa5H\xf1!\x89\xb3s\xd7\xa6\x97\xf2\x8d%\xca\"\xa3zV\ao9\xb4\xa7Ki\xe2i\xcd\xd0\xc0\xda_xE\x95%\xf3X\xc7\xb3\x11\xb5YW\xe8\xef\n\xabX\xaa*\xdd\xb5\x9e#\x14<q9\xd1\xa02\xb3', 0x0)

13:29:45 executing program 6:
time(0xffffffffffffffff)

13:29:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setuid(r2)
ioctl$TIOCOUTQ(r0, 0x4b32, 0x0)

13:29:46 executing program 2:
madvise(&(0x7f0000904000/0x3000)=nil, 0x3000, 0x10)
mlock(&(0x7f0000aff000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mlock(&(0x7f0000f13000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000bae000/0x4000)=nil, 0x4000)
mlock(&(0x7f00008b5000/0x3000)=nil, 0x3000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000beb000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)

13:29:46 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:46 executing program 6:
time(0xffffffffffffffff)

13:29:46 executing program 1:
r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000002c0)='(.}(,#}\x00', &(0x7f0000000040)='\xc8\xac#\x90\xfa\x06HQ#\xe6ed\"t\xba\xc1\xe4F\xb2\xfd\x84B:.\xa8S\xc2\x1c\xf7;G\x8fih\xafd\xbc\xbf\xf9<\xf8\xd9\xf9\x9a\x89u\xb5\x80p\xb8\xf0\xbe\xfd1\xc3%\x99S\xa73\xbc\xa1q\xae;\x0f\x02\x10\x8fqy\xfcR\xace\xe1\xadv\xb4\r\xff9\x82\xe5\xbb\xf0&\x84\x12hP\xa4\xc6\xfc\x1b\x18\xdb\xd3\xe6\xa6\xd2\xf9\x80O\x8a\xc2\b\xb4ka\xf5\xcbAW9|\xeb\x9b\xf3\x95\xc6\x01\x95sK\x95\xee\x7f4\x94#I\xbbf\xd0f$\xa4\xcd\xd69XIm\x8cR,L\x89\xb1\x7f\x8c\bo\xbd\xb4k9\xbd\xbf\xf1Y\xc9\xa7&t\x92\x97\x10\x8a0<=\xees\x01$\xa98v\xbc\'\xf4V*~\xf8\x99\x13\x826\x86\x1d9\x1b\xc1\xac\xc3\xe0\xd9\xd0\x98i\xa7\xc3\xd9-d1\x1d\x8d\xebJ\xe8b\xf5\x1b\xbb\x9f\xc26\xa5\x8by\x11\x9d\x12\xcd\xb5\n\xac\xedD:\xab`\x95\x05\xe4\x91T\xf4j\xa8\xa5hs\xf6\x04\xaa|\xb4\nE\x96i\xdf\x1f\xe9\xa6\xeaui\xf5\xc7$U\xa8-q\xfd\xce\xc1\xa9\xcb\xf9\xd4\xe0\xd3~;4i#\xb5q/5e4\xcf\xd1\xb4}k\xd3\x067l\xc8\x1d`\xb4\xf4\xeb\xc3e\x12A\xe4\xbeU[\xa8h\x9c\x12\xdf\x12P\x18\x1b\xfafpi\xb8\\M|/\xa7\xc5\t\x14\xcc\xc5\xb7\xa5H\xf1!\x89\xb3s\xd7\xa6\x97\xf2\x8d%\xca\"\xa3zV\ao9\xb4\xa7Ki\xe2i\xcd\xd0\xc0\xda_xE\x95%\xf3X\xc7\xb3\x11\xb5YW\xe8\xef\n\xabX\xaa*\xdd\xb5\x9e#\x14<q9\xd1\xa02\xb3', 0x0)

13:29:46 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')

13:29:46 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:46 executing program 1:
r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000002c0)='(.}(,#}\x00', &(0x7f0000000040)='\xc8\xac#\x90\xfa\x06HQ#\xe6ed\"t\xba\xc1\xe4F\xb2\xfd\x84B:.\xa8S\xc2\x1c\xf7;G\x8fih\xafd\xbc\xbf\xf9<\xf8\xd9\xf9\x9a\x89u\xb5\x80p\xb8\xf0\xbe\xfd1\xc3%\x99S\xa73\xbc\xa1q\xae;\x0f\x02\x10\x8fqy\xfcR\xace\xe1\xadv\xb4\r\xff9\x82\xe5\xbb\xf0&\x84\x12hP\xa4\xc6\xfc\x1b\x18\xdb\xd3\xe6\xa6\xd2\xf9\x80O\x8a\xc2\b\xb4ka\xf5\xcbAW9|\xeb\x9b\xf3\x95\xc6\x01\x95sK\x95\xee\x7f4\x94#I\xbbf\xd0f$\xa4\xcd\xd69XIm\x8cR,L\x89\xb1\x7f\x8c\bo\xbd\xb4k9\xbd\xbf\xf1Y\xc9\xa7&t\x92\x97\x10\x8a0<=\xees\x01$\xa98v\xbc\'\xf4V*~\xf8\x99\x13\x826\x86\x1d9\x1b\xc1\xac\xc3\xe0\xd9\xd0\x98i\xa7\xc3\xd9-d1\x1d\x8d\xebJ\xe8b\xf5\x1b\xbb\x9f\xc26\xa5\x8by\x11\x9d\x12\xcd\xb5\n\xac\xedD:\xab`\x95\x05\xe4\x91T\xf4j\xa8\xa5hs\xf6\x04\xaa|\xb4\nE\x96i\xdf\x1f\xe9\xa6\xeaui\xf5\xc7$U\xa8-q\xfd\xce\xc1\xa9\xcb\xf9\xd4\xe0\xd3~;4i#\xb5q/5e4\xcf\xd1\xb4}k\xd3\x067l\xc8\x1d`\xb4\xf4\xeb\xc3e\x12A\xe4\xbeU[\xa8h\x9c\x12\xdf\x12P\x18\x1b\xfafpi\xb8\\M|/\xa7\xc5\t\x14\xcc\xc5\xb7\xa5H\xf1!\x89\xb3s\xd7\xa6\x97\xf2\x8d%\xca\"\xa3zV\ao9\xb4\xa7Ki\xe2i\xcd\xd0\xc0\xda_xE\x95%\xf3X\xc7\xb3\x11\xb5YW\xe8\xef\n\xabX\xaa*\xdd\xb5\x9e#\x14<q9\xd1\xa02\xb3', 0x0)

13:29:46 executing program 3:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x101001, 0x0)
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'trylock', ' ', 'none'}, 0xd)

13:29:46 executing program 6:
time(0xffffffffffffffff)

13:29:46 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r0, 0x0, 0x0)

13:29:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setuid(r2)
ioctl$TIOCOUTQ(r0, 0x4b32, 0x0)

13:29:46 executing program 6:
time(0xffffffffffffffff)

13:29:46 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:46 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x1, 0x2, 0x201}, 0x14}}, 0x0)

13:29:46 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12004, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="5073322e6ee97ce954313100"])
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14b1e949}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getgroups(0x1, &(0x7f0000000080)=[<r0=>0xffffffffffffffff])
getgroups(0x2, &(0x7f0000000240)=[r0, r0])
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = dup(r1)
sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x2}, 0xb, &(0x7f0000000240)={0x0}}, 0x0)
getsockname$unix(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000300)=0x6e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="050000000000fddbdf257e00000008000300cfbd1c7e5a7e1c9720c5ca4e9d2f337f054ec00f206b8710937f4e1ef485da290d079b24efba8ef8261feb17d8509d5a0528ad7397aec23acc32412987340232f7299e9513e872cfffad5955d7685a460418d52fab5f982d1eee99d71720a6ab17a7804f40215057fa384ff5003f", @ANYRES32=0x0, @ANYBLOB="01"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r3, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x20, r5, 0x200, 0x270bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xdd27, 0x100054}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x24004801}, 0x850)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000001340), 0x3, 0x0)

13:29:46 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:46 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

[  129.590979] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  129.597690] random: crng reseeded on system resumption
[  129.644114] kmemleak: Found object by alias at 0x607f1a639b54
[  129.644136] CPU: 0 UID: 0 PID: 4186 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  129.644155] Tainted: [W]=WARN
[  129.644159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  129.644167] Call Trace:
[  129.644171]  <TASK>
[  129.644176]  dump_stack_lvl+0xca/0x120
[  129.644206]  __lookup_object+0x94/0xb0
[  129.644224]  delete_object_full+0x27/0x70
[  129.644240]  free_percpu+0x30/0x1160
[  129.644258]  ? arch_uprobe_clear_state+0x16/0x140
[  129.644278]  futex_hash_free+0x38/0xc0
[  129.644293]  mmput+0x2d3/0x390
[  129.644312]  do_exit+0x79d/0x2970
[  129.644325]  ? perf_trace_preemptirq_template+0x259/0x430
[  129.644348]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  129.644367]  ? __pfx_do_exit+0x10/0x10
[  129.644380]  ? find_held_lock+0x2b/0x80
[  129.644399]  ? get_signal+0x835/0x2340
[  129.644425]  do_group_exit+0xd3/0x2a0
[  129.644440]  get_signal+0x2315/0x2340
[  129.644462]  ? __pfx_get_signal+0x10/0x10
[  129.644478]  ? do_futex+0x135/0x370
[  129.644491]  ? perf_trace_run_bpf_submit+0xef/0x180
[  129.644511]  arch_do_signal_or_restart+0x80/0x790
[  129.644529]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  129.644545]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  129.644566]  ? __pfx___x64_sys_futex+0x10/0x10
[  129.644585]  exit_to_user_mode_loop+0x8b/0x110
[  129.644598]  do_syscall_64+0x2f7/0x360
[  129.644610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.644634] RIP: 0033:0x7f40f5389b19
[  129.644643] Code: Unable to access opcode bytes at 0x7f40f5389aef.
[  129.644648] RSP: 002b:00007f40f28ff218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  129.644660] RAX: fffffffffffffe00 RBX: 00007f40f549cf68 RCX: 00007f40f5389b19
[  129.644667] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f40f549cf68
[  129.644674] RBP: 00007f40f549cf60 R08: 0000000000000000 R09: 0000000000000000
[  129.644682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f40f549cf6c
[  129.644689] R13: 00007ffc3d67bc1f R14: 00007f40f28ff300 R15: 0000000000022000
[  129.644705]  </TASK>
[  129.644709] kmemleak: Object (percpu) 0x607f1a639b50 (size 8):
[  129.644715] kmemleak:   comm "syz-executor.1", pid 4182, jiffies 4294796405
[  129.644723] kmemleak:   min_count = 1
[  129.644727] kmemleak:   count = 0
[  129.644731] kmemleak:   flags = 0x21
[  129.644734] kmemleak:   checksum = 0
[  129.644738] kmemleak:   backtrace:
[  129.644742]  pcpu_alloc_noprof+0x87a/0x1170
[  129.644757]  percpu_ref_init+0x37/0x400
[  129.644775]  cgroup_mkdir+0x28a/0x1110
[  129.644788]  kernfs_iop_mkdir+0x111/0x190
[  129.644804]  vfs_mkdir+0x59a/0x8d0
[  129.644820]  do_mkdirat+0x19f/0x3d0
[  129.644830]  __x64_sys_mkdirat+0x84/0xb0
[  129.644841]  do_syscall_64+0xbf/0x360
[  129.644849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.746639] random: crng reseeded on system resumption
[  129.760192] syz-executor.1 (4182) used greatest stack depth: 23360 bytes left
13:29:47 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
poll(&(0x7f0000000240)=[{r0}], 0x1, 0x63)

13:29:47 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setuid(r2)
ioctl$TIOCOUTQ(r0, 0x4b32, 0x0)

13:29:47 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:47 executing program 6:
getresuid(0x0, 0x0, 0x0)
setreuid(0x0, 0xffffffffffffffff)

13:29:47 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)

13:29:47 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001800), 0x0)
getpid()
r1 = fork()
ptrace(0x10, r1)
ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0))

13:29:47 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r0, 0x0, 0x0)

13:29:47 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12004, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="5073322e6ee97ce954313100"])
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14b1e949}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getgroups(0x1, &(0x7f0000000080)=[<r0=>0xffffffffffffffff])
getgroups(0x2, &(0x7f0000000240)=[r0, r0])
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = dup(r1)
sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x2}, 0xb, &(0x7f0000000240)={0x0}}, 0x0)
getsockname$unix(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000300)=0x6e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="050000000000fddbdf257e00000008000300cfbd1c7e5a7e1c9720c5ca4e9d2f337f054ec00f206b8710937f4e1ef485da290d079b24efba8ef8261feb17d8509d5a0528ad7397aec23acc32412987340232f7299e9513e872cfffad5955d7685a460418d52fab5f982d1eee99d71720a6ab17a7804f40215057fa384ff5003f", @ANYRES32=0x0, @ANYBLOB="01"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r3, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x20, r5, 0x200, 0x270bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xdd27, 0x100054}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x24004801}, 0x850)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000001340), 0x3, 0x0)

13:29:47 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12004, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="5073322e6ee97ce954313100"])
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14b1e949}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getgroups(0x1, &(0x7f0000000080)=[<r0=>0xffffffffffffffff])
getgroups(0x2, &(0x7f0000000240)=[r0, r0])
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = dup(r1)
sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x2}, 0xb, &(0x7f0000000240)={0x0}}, 0x0)
getsockname$unix(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000300)=0x6e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="050000000000fddbdf257e00000008000300cfbd1c7e5a7e1c9720c5ca4e9d2f337f054ec00f206b8710937f4e1ef485da290d079b24efba8ef8261feb17d8509d5a0528ad7397aec23acc32412987340232f7299e9513e872cfffad5955d7685a460418d52fab5f982d1eee99d71720a6ab17a7804f40215057fa384ff5003f", @ANYRES32=0x0, @ANYBLOB="01"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r3, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x20, r5, 0x200, 0x270bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xdd27, 0x100054}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x24004801}, 0x850)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000001340), 0x3, 0x0)

[  129.878994] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[  129.880692] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  129.881800] CPU: 1 UID: 0 PID: 4210 Comm: syz-executor.1 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  129.884252] Tainted: [W]=WARN
[  129.884972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  129.886707] RIP: 0010:perf_tp_event+0x175/0xe70
[  129.887703] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  129.891214] RSP: 0018:ffff888016c57600 EFLAGS: 00010212
[  129.892332] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900029f6000
[  129.893794] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  129.895200] RBP: ffff888016c57870 R08: ffff88806cf31340 R09: ffffe8ffffd0e4a8
[  129.896606] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  129.898100] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[  129.900010] FS:  00007ff9a4b0b700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  129.901600] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  129.902769] CR2: 000055556eda2c18 CR3: 0000000047080000 CR4: 0000000000350ef0
[  129.904203] Call Trace:
[  129.904859]  <TASK>
[  129.905412]  ? __pfx_perf_tp_event+0x10/0x10
[  129.906397]  ? perf_trace_run_bpf_submit+0xef/0x180
[  129.907439]  perf_trace_run_bpf_submit+0xef/0x180
[  129.908466]  perf_trace_lock+0x337/0x5d0
[  129.909637]  ? __pfx_perf_trace_lock+0x10/0x10
[  129.910326]  ? lock_acquire+0x15e/0x2f0
[  129.910914]  ? futex_ref_get+0x48/0x300
[  129.911490]  ? futex_ref_get+0x114/0x300
[  129.912071]  ? futex_hash+0x15c/0x390
[  129.912639]  lock_release+0x1ab/0x290
[  129.913217]  ? futex_hash+0x15c/0x390
[  129.913770]  futex_ref_get+0x119/0x300
[  129.914333]  ? futex_hash+0x15c/0x390
[  129.914884]  futex_hash+0x70/0x390
[  129.915418]  futex_wait_setup+0xae/0x550
[  129.916025]  __futex_wait+0x151/0x300
[  129.916589]  ? __pfx___futex_wait+0x10/0x10
[  129.917256]  ? __pfx_futex_wake_mark+0x10/0x10
[  129.917962]  futex_wait+0xde/0x380
[  129.918494]  ? __pfx_futex_wait+0x10/0x10
[  129.919104]  ? perf_trace_lock+0xb5/0x5d0
[  129.919723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  129.920471]  do_futex+0x2ee/0x370
[  129.921017]  ? __pfx_do_futex+0x10/0x10
[  129.921595]  ? do_raw_spin_lock+0x123/0x260
[  129.922237]  __x64_sys_futex+0x1c9/0x4d0
[  129.922830]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  129.923686]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  129.924438]  ? __pfx___x64_sys_futex+0x10/0x10
[  129.925154]  ? kcov_ioctl+0x386/0x6c0
[  129.925730]  do_syscall_64+0xbf/0x360
[  129.926286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.927046] RIP: 0033:0x7ff9a7595b19
[  129.927590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  129.930222] RSP: 002b:00007ff9a4b0b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  129.931311] RAX: ffffffffffffffda RBX: 00007ff9a76a8f68 RCX: 00007ff9a7595b19
[  129.932322] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff9a76a8f68
[  129.933367] RBP: 00007ff9a76a8f60 R08: 00007ff9a4b0b700 R09: 0000000000000000
[  129.934388] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff9a76a8f6c
[  129.935396] R13: 00007ffc0b0ba18f R14: 00007ff9a4b0b300 R15: 0000000000022000
[  129.936427]  </TASK>
[  129.936793] Modules linked in:
[  129.937333] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[  129.938903] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  129.940001] CPU: 1 UID: 0 PID: 4210 Comm: syz-executor.1 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  129.941712] Tainted: [D]=DIE, [W]=WARN
[  129.942271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  129.943455] RIP: 0010:perf_tp_event+0x175/0xe70
[  129.944165] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  129.946779] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012
[  129.947562] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  129.948592] RDX: ffff888046c18000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  129.949650] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd0e4a8
[  129.950665] R10: 0000000000000000 R11: ffff888015ee1098 R12: dffffc0000000000
[  129.951682] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000
[  129.952737] FS:  00007ff9a4b0b700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  129.953897] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  129.954724] CR2: 000055556eda2c18 CR3: 0000000047080000 CR4: 0000000000350ef0
[  129.955765] Call Trace:
[  129.956151]  <IRQ>
[  129.956485]  ? __pfx_perf_tp_event+0x10/0x10
[  129.957166]  ? sched_clock_cpu+0x6c/0x4e0
[  129.957788]  ? lock_is_held_type+0x9e/0x120
[  129.958421]  ? lock_is_held_type+0x9e/0x120
[  129.959063]  ? perf_trace_lock+0xb5/0x5d0
[  129.959665]  ? perf_trace_lock+0xb5/0x5d0
[  129.960280]  ? __resched_curr+0x2a2/0x330
[  129.960918]  ? __pfx_perf_trace_lock+0x10/0x10
[  129.961593]  ? kvm_sched_clock_read+0x16/0x30
[  129.962250]  ? sched_clock+0x37/0x60
[  129.962802]  ? sched_clock_cpu+0x6c/0x4e0
[  129.963410]  ? perf_trace_run_bpf_submit+0xef/0x180
[  129.964134]  perf_trace_run_bpf_submit+0xef/0x180
[  129.964881]  perf_trace_lock+0x337/0x5d0
[  129.965476]  ? place_entity+0x300/0x410
[  129.966064]  ? kvm_sched_clock_read+0x16/0x30
[  129.966726]  ? __pfx_perf_trace_lock+0x10/0x10
[  129.967388]  ? check_preempt_wakeup_fair+0x6e/0x950
[  129.968112]  ? sched_ttwu_pending+0x2e0/0x4a0
[  129.968807]  lock_release+0x1ab/0x290
[  129.969366]  ? ttwu_do_activate+0x1a4/0x8a0
[  129.970000]  _raw_spin_unlock+0x16/0x40
[  129.970588]  sched_ttwu_pending+0x2e0/0x4a0
[  129.971234]  ? __pfx_sched_ttwu_pending+0x10/0x10
[  129.971947]  ? hrtimer_interrupt+0x652/0x830
[  129.972594]  __flush_smp_call_function_queue+0x434/0x740
[  129.973420]  __sysvec_call_function_single+0x6d/0x370
[  129.974203]  sysvec_call_function_single+0xa1/0xc0
[  129.974914]  </IRQ>
[  129.975252]  <TASK>
[  129.975589]  asm_sysvec_call_function_single+0x1a/0x20
[  129.976338] RIP: 0010:oops_exit+0x0/0x50
[  129.976969] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  129.979548] RSP: 0018:ffff888016c57490 EFLAGS: 00000202
[  129.980317] RAX: 000000000002659b RBX: 0000000000000216 RCX: ffffc900029f6000
[  129.981361] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[  129.982373] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  129.983402] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888016c57558
[  129.984423] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[  129.985467]  ? oops_end+0x4a/0xe0
[  129.986001]  oops_end+0x65/0xe0
[  129.986502]  exc_general_protection+0x1a2/0x330
[  129.987180]  asm_exc_general_protection+0x26/0x30
[  129.987884] RIP: 0010:perf_tp_event+0x175/0xe70
[  129.988566] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  129.991155] RSP: 0018:ffff888016c57600 EFLAGS: 00010212
[  129.991940] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900029f6000
[  129.992988] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  129.994016] RBP: ffff888016c57870 R08: ffff88806cf31340 R09: ffffe8ffffd0e4a8
[  129.995040] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  129.996065] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[  129.997122]  ? perf_tp_event+0x167/0xe70
[  129.997728]  ? __pfx_perf_tp_event+0x10/0x10
[  129.998416]  ? perf_trace_run_bpf_submit+0xef/0x180
[  129.999165]  perf_trace_run_bpf_submit+0xef/0x180
[  129.999873]  perf_trace_lock+0x337/0x5d0
[  130.000470]  ? __pfx_perf_trace_lock+0x10/0x10
[  130.001172]  ? lock_acquire+0x15e/0x2f0
[  130.001754]  ? futex_ref_get+0x48/0x300
[  130.002333]  ? futex_ref_get+0x114/0x300
[  130.002921]  ? futex_hash+0x15c/0x390
[  130.003486]  lock_release+0x1ab/0x290
[  130.004040]  ? futex_hash+0x15c/0x390
[  130.004611]  futex_ref_get+0x119/0x300
[  130.005217]  ? futex_hash+0x15c/0x390
[  130.005777]  futex_hash+0x70/0x390
[  130.006309]  futex_wait_setup+0xae/0x550
[  130.006923]  __futex_wait+0x151/0x300
[  130.007487]  ? __pfx___futex_wait+0x10/0x10
[  130.008140]  ? __pfx_futex_wake_mark+0x10/0x10
[  130.008856]  futex_wait+0xde/0x380
[  130.009389]  ? __pfx_futex_wait+0x10/0x10
[  130.009985]  ? perf_trace_lock+0xb5/0x5d0
[  130.010605]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  130.011363]  do_futex+0x2ee/0x370
[  130.011879]  ? __pfx_do_futex+0x10/0x10
[  130.012460]  ? do_raw_spin_lock+0x123/0x260
[  130.013130]  __x64_sys_futex+0x1c9/0x4d0
[  130.013716]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  130.014556]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  130.015293]  ? __pfx___x64_sys_futex+0x10/0x10
[  130.015960]  ? kcov_ioctl+0x386/0x6c0
[  130.016514]  do_syscall_64+0xbf/0x360
[  130.017091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.017827] RIP: 0033:0x7ff9a7595b19
[  130.018365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  130.020947] RSP: 002b:00007ff9a4b0b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  130.022015] RAX: ffffffffffffffda RBX: 00007ff9a76a8f68 RCX: 00007ff9a7595b19
[  130.023021] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff9a76a8f68
[  130.024032] RBP: 00007ff9a76a8f60 R08: 00007ff9a4b0b700 R09: 0000000000000000
[  130.025061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff9a76a8f6c
[  130.026042] R13: 00007ffc0b0ba18f R14: 00007ff9a4b0b300 R15: 0000000000022000
[  130.027057]  </TASK>
[  130.027398] Modules linked in:
[  130.027863] ---[ end trace 0000000000000000 ]---
[  130.028524] RIP: 0010:perf_tp_event+0x175/0xe70
[  130.029218] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  130.031753] RSP: 0018:ffff888016c57600 EFLAGS: 00010212
[  130.032500] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900029f6000
[  130.033526] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  130.034528] RBP: ffff888016c57870 R08: ffff88806cf31340 R09: ffffe8ffffd0e4a8
[  130.035520] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  130.036515] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[  130.037527] FS:  00007ff9a4b0b700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  130.038660] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  130.039474] CR2: 000055556eda2c18 CR3: 0000000047080000 CR4: 0000000000350ef0
[  130.040470] Kernel panic - not syncing: Fatal exception in interrupt
[  130.041505] Kernel Offset: disabled
[  130.042030] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
13:29:47  Registers:
info registers vcpu 0
RAX=000000000000f705 RBX=ffff88806cf3c300 RCX=ffffc90005e10000 RDX=0000000000040000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888048c4f5a8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fbbb20c3700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2400000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbbb4c61018 CR3=000000001f0b8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fbbb4c347c000007fbbb4c347c8
XMM02=00007fbbb4c347e000007fbbb4c347c0 XMM03=00007fbbb4c347c800007fbbb4c347c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888016c56ed8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=72745f6672657020
R12=0000000000000000 R13=ffffffff88724190 R14=ffffffff88724140 R15=ffffffff88724400
RIP=ffffffff828e331d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff9a4b0b700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe2300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055556eda2c18 CR3=0000000047080000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007ff9a767c7c000007ff9a767c7c8
XMM02=00007ff9a767c7e000007ff9a767c7c0 XMM03=00007ff9a767c7c800007ff9a767c7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000