last executing test programs:

3.280118978s ago: executing program 1 (id=2734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.790268138s ago: executing program 0 (id=2741):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000940)=ANY=[])

2.70019133s ago: executing program 0 (id=2743):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

2.699700806s ago: executing program 0 (id=2745):
r0 = syz_usb_connect$hid(0x2, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000400b060a700000020000010902240001000000000904000001030000000921000000012205000905810300000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x8, 0x1, 0x2, {0xa, 0x4e20, 0x9, @initdev={0xfe, 0x88, '\x00', 0xfc, 0x0}, 0x7}}}, 0x32)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x4, 0x20000000, 0x4)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0xe, 0x10, 0x55, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8001}, {0xd, 0x24, 0xf, 0x1, 0x0, 0xfffb, 0xfff9}, {0x6, 0x24, 0x1a, 0x0, 0x8}}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x8, 0x21}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x8, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x3f, 0x3, 0x9}}}}}}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x37b775cea5990a17}}]})
syz_open_dev$hidraw(&(0x7f0000001580), 0xffffffffffffff74, 0x8c441)

2.529423304s ago: executing program 3 (id=2748):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x2}]}}}]}, 0x3c}}, 0x0)

2.345138837s ago: executing program 1 (id=2749):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$GTP_CMD_ECHOREQ(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x27}, @GTPA_MS_ADDR6={0x14, 0xc, @private1={0xfc, 0x1, '\x00', 0x1}}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010100}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8011)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', @random="0600002000"})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000400)={0x0, 0x1, &(0x7f00000003c0)=""/13, &(0x7f00000004c0)=""/106, &(0x7f0000000540)=""/194, 0x5000})

1.870200635s ago: executing program 2 (id=2750):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xb4, &(0x7f0000000b00)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60003a04007e3a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

1.870007436s ago: executing program 2 (id=2751):
socket$inet(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

1.820045177s ago: executing program 2 (id=2752):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000001c0)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f00000001c0)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

1.819677086s ago: executing program 2 (id=2753):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)

1.759990735s ago: executing program 2 (id=2754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getitimer(0x2, &(0x7f0000000200))

1.759697432s ago: executing program 2 (id=2755):
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
io_setup(0x202, &(0x7f00000005c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000140)={0x0, 0x20000000, 0x4, 0x1, 0x0, r2, 0x0}])

1.629920515s ago: executing program 3 (id=2756):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b70200001f000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb45006391000020000000000000ea094ae3c7c0fb0ccee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601919db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9405f5d7321a4fefc4d1c9139ca4b655651e30e4f1143789d024313d4603eb99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f85b039d5430b3c6643e9146d2478ce31344b554aca78a00"/787], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x1f2f, 0xe40, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

1.629571632s ago: executing program 3 (id=2757):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
prctl$PR_GET_TSC(0x19, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000240)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14)

1.469427117s ago: executing program 1 (id=2758):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setuid(0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000100)={0x11, 0x4, r3}, 0x14)
syz_emit_ethernet(0x11, &(0x7f0000001f00)=ANY=[@ANYBLOB="7f"], 0x0)

1.4692724s ago: executing program 1 (id=2759):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000808500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.423819976s ago: executing program 1 (id=2760):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00'})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/rt_cache\x00')
lseek(r6, 0x80, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, &(0x7f0000001c00), &(0x7f0000001c40)=r7}, 0x20)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x6, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x84}}, 0x0)
setitimer(0x0, 0x0, 0x0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1061}}, 0x1006)

848.507004ms ago: executing program 0 (id=2761):
unshare(0x20000600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x200002, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2040400)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

848.285807ms ago: executing program 0 (id=2762):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xd}, {0xfff1, 0xffff}, {0x5}}}, 0x24}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@delchain={0x24, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

740.177653ms ago: executing program 0 (id=2763):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff", @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_procfs(0x0, 0x0)
read$FUSE(r5, &(0x7f0000019080)={0x2020}, 0x2020)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/key-users\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
close(r7)

530.192479ms ago: executing program 1 (id=2764):
fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x7db2, 0x4)
syz_open_dev$usbfs(0x0, 0x205, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r1=>0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
userfaultfd(0x80001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
io_submit(r1, 0x0, &(0x7f0000000280))
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4)

50.028425ms ago: executing program 3 (id=2765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x141301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])

49.884199ms ago: executing program 3 (id=2766):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

0s ago: executing program 3 (id=2767):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9d22f000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
setregid(0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=2768):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Product=0002, bcdDevice=ba.c0
[  423.692903][    T9] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  423.695435][    T9] usb 5-1: Manufacturer: syz
[  423.698101][    T9] usb 5-1: config 0 descriptor??
[  423.713461][ T5307] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  423.720356][T14359] evm: overlay not supported
[  423.736277][T14359] overlay: ./bus is not a directory
[  423.757247][    T9] rc_core: IR keymap rc-hauppauge not found
[  423.759085][    T9] Registered IR keymap rc-empty
[  423.761082][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  423.764499][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input82
[  423.934215][ T5987] usb 5-1: USB disconnect, device number 33
[  424.472843][T14381] FAULT_INJECTION: forcing a failure.
[  424.472843][T14381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.476740][T14381] CPU: 3 UID: 0 PID: 14381 Comm: syz.0.2236 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  424.476753][T14381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  424.476759][T14381] Call Trace:
[  424.476762][T14381]  <TASK>
[  424.476766][T14381]  dump_stack_lvl+0x16c/0x1f0
[  424.476783][T14381]  should_fail_ex+0x50a/0x650
[  424.476797][T14381]  _copy_from_user+0x2e/0xd0
[  424.476810][T14381]  move_addr_to_kernel+0x68/0x160
[  424.476824][T14381]  __sys_sendto+0x1ba/0x4f0
[  424.476839][T14381]  ? __pfx___sys_sendto+0x10/0x10
[  424.476861][T14381]  ? ksys_write+0x1ba/0x250
[  424.476871][T14381]  ? __pfx_ksys_write+0x10/0x10
[  424.476882][T14381]  __ia32_sys_sendto+0xdd/0x1b0
[  424.476895][T14381]  ? lockdep_hardirqs_on+0x7c/0x110
[  424.476909][T14381]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  424.476923][T14381]  __do_fast_syscall_32+0x73/0x120
[  424.476938][T14381]  do_fast_syscall_32+0x32/0x80
[  424.476951][T14381]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.476967][T14381] RIP: 0023:0xf7f66579
[  424.476974][T14381] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  424.476984][T14381] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  424.476993][T14381] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  424.477003][T14381] RDX: 0000000000000000 RSI: 0000000024000090 RDI: 0000000020000000
[  424.477008][T14381] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  424.477014][T14381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  424.477019][T14381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.477029][T14381]  </TASK>
[  424.543127][  T894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.557140][T14383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2237'.
[  424.600964][T14387] mmap: syz.2.2239 (14387) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  424.644255][T14389] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.646734][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.753583][T14391] syz.0.2237: attempt to access beyond end of device
[  424.753583][T14391] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  425.183059][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.316146][T14400] FAULT_INJECTION: forcing a failure.
[  425.316146][T14400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.320631][T14400] CPU: 2 UID: 0 PID: 14400 Comm: syz.1.2243 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  425.320647][T14400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.320656][T14400] Call Trace:
[  425.320660][T14400]  <TASK>
[  425.320665][T14400]  dump_stack_lvl+0x16c/0x1f0
[  425.320691][T14400]  should_fail_ex+0x50a/0x650
[  425.320712][T14400]  _copy_from_user+0x2e/0xd0
[  425.320726][T14400]  move_addr_to_kernel+0x68/0x160
[  425.320740][T14400]  __sys_connect+0xb0/0x170
[  425.320753][T14400]  ? __pfx___sys_connect+0x10/0x10
[  425.320770][T14400]  ? __pfx_ksys_write+0x10/0x10
[  425.320782][T14400]  __ia32_sys_connect+0x71/0xb0
[  425.320795][T14400]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  425.320810][T14400]  __do_fast_syscall_32+0x73/0x120
[  425.320825][T14400]  do_fast_syscall_32+0x32/0x80
[  425.320839][T14400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.320854][T14400] RIP: 0023:0xf7f21579
[  425.320862][T14400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  425.320871][T14400] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  425.320881][T14400] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  425.320886][T14400] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  425.320892][T14400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  425.320897][T14400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  425.320902][T14400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.320912][T14400]  </TASK>
[  425.472632][ T5948] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  425.501820][T14412] FAULT_INJECTION: forcing a failure.
[  425.501820][T14412] name failslab, interval 1, probability 0, space 0, times 0
[  425.505662][T14412] CPU: 3 UID: 0 PID: 14412 Comm: syz.0.2246 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  425.505676][T14412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.505683][T14412] Call Trace:
[  425.505686][T14412]  <TASK>
[  425.505690][T14412]  dump_stack_lvl+0x16c/0x1f0
[  425.505708][T14412]  should_fail_ex+0x50a/0x650
[  425.505719][T14412]  ? fs_reclaim_acquire+0xae/0x150
[  425.505736][T14412]  should_failslab+0xc2/0x120
[  425.505749][T14412]  __kmalloc_noprof+0xce/0x4f0
[  425.505760][T14412]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  425.505773][T14412]  ? tls_get_rec+0xf5/0x5c0
[  425.505785][T14412]  tls_get_rec+0xf5/0x5c0
[  425.505794][T14412]  ? __local_bh_enable_ip+0xa4/0x120
[  425.505808][T14412]  tls_sw_sendmsg+0xf3d/0x23c0
[  425.505826][T14412]  ? __pfx___lock_acquire+0x10/0x10
[  425.505838][T14412]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  425.505847][T14412]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  425.505862][T14412]  ? aa_sk_perm+0x2f5/0xb20
[  425.505878][T14412]  ? __pfx_aa_sk_perm+0x10/0x10
[  425.505891][T14412]  ? aa_file_perm+0x4c6/0xfe0
[  425.505902][T14412]  ? __pfx_lock_release+0x10/0x10
[  425.505912][T14412]  ? trace_lock_acquire+0x14e/0x1f0
[  425.505921][T14412]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  425.505931][T14412]  inet6_sendmsg+0x119/0x140
[  425.505945][T14412]  sock_write_iter+0x3e8/0x5b0
[  425.505959][T14412]  ? __pfx_sock_write_iter+0x10/0x10
[  425.505979][T14412]  do_iter_readv_writev+0x655/0x950
[  425.506000][T14412]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  425.506018][T14412]  ? rw_verify_area+0xcf/0x680
[  425.506033][T14412]  vfs_writev+0x363/0xdd0
[  425.506046][T14412]  ? find_held_lock+0x2d/0x110
[  425.506064][T14412]  ? __pfx_vfs_writev+0x10/0x10
[  425.506078][T14412]  ? find_held_lock+0x2d/0x110
[  425.506094][T14412]  ? __pfx_lock_release+0x10/0x10
[  425.506104][T14412]  ? trace_lock_acquire+0x14e/0x1f0
[  425.506117][T14412]  ? __fget_files+0x206/0x3a0
[  425.506131][T14412]  ? do_writev+0x297/0x340
[  425.506138][T14412]  do_writev+0x297/0x340
[  425.506146][T14412]  ? __pfx_do_writev+0x10/0x10
[  425.506164][T14412]  __do_fast_syscall_32+0x73/0x120
[  425.506179][T14412]  do_fast_syscall_32+0x32/0x80
[  425.506193][T14412]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.506209][T14412] RIP: 0023:0xf7f66579
[  425.506217][T14412] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  425.506226][T14412] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  425.506236][T14412] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  425.506244][T14412] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  425.506249][T14412] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  425.506254][T14412] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  425.506259][T14412] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.506271][T14412]  </TASK>
[  425.583058][ T5948] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  425.732485][ T5988] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  425.883753][ T5988] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  425.886236][ T5988] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.889712][ T5988] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  425.892314][ T5988] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  425.894669][ T5988] usb 6-1: Manufacturer: syz
[  425.897345][ T5988] usb 6-1: config 0 descriptor??
[  425.952466][ T5988] rc_core: IR keymap rc-hauppauge not found
[  425.954247][ T5988] Registered IR keymap rc-empty
[  425.956179][ T5988] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  425.959672][ T5988] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input83
[  426.141620][ T1453] usb 6-1: USB disconnect, device number 30
[  426.355825][T14424] xt_CT: You must specify a L4 protocol and not use inversions on it
[  426.401187][T14428] FAULT_INJECTION: forcing a failure.
[  426.401187][T14428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.406458][T14428] CPU: 3 UID: 0 PID: 14428 Comm: syz.3.2252 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  426.406480][T14428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.406490][T14428] Call Trace:
[  426.406496][T14428]  <TASK>
[  426.406502][T14428]  dump_stack_lvl+0x16c/0x1f0
[  426.406531][T14428]  should_fail_ex+0x50a/0x650
[  426.406555][T14428]  _copy_from_user+0x2e/0xd0
[  426.406578][T14428]  move_addr_to_kernel+0x68/0x160
[  426.406604][T14428]  __sys_bind+0x11c/0x260
[  426.406628][T14428]  ? __pfx___sys_bind+0x10/0x10
[  426.406649][T14428]  ? __fget_files+0x206/0x3a0
[  426.406676][T14428]  ? __pfx_ksys_write+0x10/0x10
[  426.406699][T14428]  __ia32_sys_bind+0x71/0xb0
[  426.406721][T14428]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  426.406748][T14428]  __do_fast_syscall_32+0x73/0x120
[  426.406775][T14428]  do_fast_syscall_32+0x32/0x80
[  426.406799][T14428]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  426.406826][T14428] RIP: 0023:0xf7f14579
[  426.406839][T14428] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  426.406855][T14428] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  426.406870][T14428] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  426.406881][T14428] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  426.406890][T14428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  426.406900][T14428] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  426.406910][T14428] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  426.406932][T14428]  </TASK>
[  426.837889][   T35] net_ratelimit: 1 callbacks suppressed
[  426.837901][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.236904][T14445] lo speed is unknown, defaulting to 1000
[  427.262676][ T5988] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.440342][T14445] lo speed is unknown, defaulting to 1000
[  427.801704][ T5948] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  427.847117][T14460] xt_CT: You must specify a L4 protocol and not use inversions on it
[  427.902631][  T894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.008923][ T5948] Bluetooth: hci0: unexpected event for opcode 0x0c1a
[  428.222987][ T6000] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.252700][ T5987] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  428.354705][T14474] netlink: 'syz.0.2266': attribute type 1 has an invalid length.
[  428.357302][T14474] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2266'.
[  428.389743][T14476] program syz.0.2267 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.413629][ T5987] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  428.416168][ T5987] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.419733][ T5987] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  428.422466][ T5987] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  428.424769][ T5987] usb 8-1: Manufacturer: syz
[  428.427012][ T5987] usb 8-1: config 0 descriptor??
[  428.453375][T14476] No source specified
[  428.482513][ T5987] rc_core: IR keymap rc-hauppauge not found
[  428.484395][ T5987] Registered IR keymap rc-empty
[  428.486626][ T5987] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  428.490163][ T5987] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input84
[  428.631871][T14487] netlink: 'syz.1.2271': attribute type 27 has an invalid length.
[  428.663990][ T6000] usb 8-1: USB disconnect, device number 36
[  428.680295][T14487] bridge0: port 3(syz_tun) entered disabled state
[  428.690315][T14487] bridge0: port 2(bridge_slave_1) entered disabled state
[  428.692523][T14487] bridge0: port 1(bridge_slave_0) entered disabled state
[  428.693063][T14488] syz.1.2271: attempt to access beyond end of device
[  428.693063][T14488] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  428.698662][T14488] syz.1.2271: attempt to access beyond end of device
[  428.698662][T14488] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[  428.794389][T14487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.809722][T14487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  428.892127][T14487] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.894867][T14487] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.898130][T14487] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.901467][T14487] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.915300][T14487] bond1: left promiscuous mode
[  428.918177][T14487] bond3: left promiscuous mode
[  428.922540][T14487] bond5: left promiscuous mode
[  428.926019][T14487] bond7: left promiscuous mode
[  428.928865][T14487] ipip0: left promiscuous mode
[  428.933038][ T5988] lo speed is unknown, defaulting to 1000
[  428.935793][ T5988] lo speed is unknown, defaulting to 1000
[  428.967929][T14505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2273'.
[  428.974520][T14505] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2273'.
[  428.977448][T14505] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2273'.
[  429.058343][T14511] netlink: 'syz.1.2276': attribute type 1 has an invalid length.
[  429.061222][T14511] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2276'.
[  429.147300][ T5948] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  429.432993][T14530] FAULT_INJECTION: forcing a failure.
[  429.432993][T14530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.436828][T14530] CPU: 1 UID: 0 PID: 14530 Comm: syz.0.2284 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  429.436841][T14530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  429.436846][T14530] Call Trace:
[  429.436849][T14530]  <TASK>
[  429.436853][T14530]  dump_stack_lvl+0x16c/0x1f0
[  429.436872][T14530]  should_fail_ex+0x50a/0x650
[  429.436885][T14530]  _copy_from_user+0x2e/0xd0
[  429.436891][T14531] netlink: 'syz.2.2283': attribute type 1 has an invalid length.
[  429.436905][T14530]  get_compat_msghdr+0xa8/0x170
[  429.436917][T14530]  ? __pfx_get_compat_msghdr+0x10/0x10
[  429.436933][T14530]  ___sys_sendmsg+0x1b0/0x1e0
[  429.436944][T14530]  ? __pfx____sys_sendmsg+0x10/0x10
[  429.436957][T14530]  ? __pfx_lock_release+0x10/0x10
[  429.436968][T14530]  ? trace_lock_acquire+0x14e/0x1f0
[  429.436981][T14530]  ? __fget_files+0x206/0x3a0
[  429.436994][T14530]  __sys_sendmsg+0x16e/0x220
[  429.437003][T14530]  ? __pfx___sys_sendmsg+0x10/0x10
[  429.437019][T14530]  __do_fast_syscall_32+0x73/0x120
[  429.437034][T14530]  do_fast_syscall_32+0x32/0x80
[  429.437048][T14530]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.437064][T14530] RIP: 0023:0xf7f66579
[  429.437071][T14530] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  429.437086][T14530] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  429.437095][T14530] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200004c0
[  429.437101][T14530] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  429.437106][T14530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  429.437111][T14530] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  429.437116][T14530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.437127][T14530]  </TASK>
[  429.462283][T14533] netlink: 'syz.0.2285': attribute type 1 has an invalid length.
[  429.463276][T14531] netlink: 'syz.2.2283': attribute type 3 has an invalid length.
[  429.465223][T14533] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2285'.
[  429.467270][T14531] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2283'.
[  429.585026][T14534] bond0: option mode: unable to set because the bond device has slaves
[  429.593998][ T5307] Bluetooth: hci1: unexpected event for opcode 0x0c1a
[  429.772348][T14544] FAULT_INJECTION: forcing a failure.
[  429.772348][T14544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.776738][T14544] CPU: 3 UID: 0 PID: 14544 Comm: syz.2.2295 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  429.776751][T14544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  429.776757][T14544] Call Trace:
[  429.776760][T14544]  <TASK>
[  429.776764][T14544]  dump_stack_lvl+0x16c/0x1f0
[  429.776782][T14544]  should_fail_ex+0x50a/0x650
[  429.776795][T14544]  _copy_to_user+0x32/0xd0
[  429.776809][T14544]  simple_read_from_buffer+0xd0/0x160
[  429.776825][T14544]  proc_fail_nth_read+0x198/0x270
[  429.776839][T14544]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  429.776853][T14544]  ? rw_verify_area+0xcf/0x680
[  429.776866][T14544]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  429.776879][T14544]  vfs_read+0x1df/0xbf0
[  429.776889][T14544]  ? __fget_files+0x1fc/0x3a0
[  429.776899][T14544]  ? __pfx___mutex_lock+0x10/0x10
[  429.776913][T14544]  ? __pfx_vfs_read+0x10/0x10
[  429.776925][T14544]  ? __fget_files+0x206/0x3a0
[  429.776938][T14544]  ksys_read+0x12b/0x250
[  429.776946][T14544]  ? __pfx_ksys_read+0x10/0x10
[  429.776959][T14544]  __do_fast_syscall_32+0x73/0x120
[  429.776974][T14544]  do_fast_syscall_32+0x32/0x80
[  429.776988][T14544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.777003][T14544] RIP: 0023:0xf743e579
[  429.777011][T14544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  429.777020][T14544] RSP: 002b:00000000f50c6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  429.777029][T14544] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50c6620
[  429.777035][T14544] RDX: 000000000000000f RSI: 00000000f742cff4 RDI: 0000000000000000
[  429.777040][T14544] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  429.777045][T14544] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  429.777050][T14544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.777061][T14544]  </TASK>
[  429.902889][ T1453] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  430.063791][ T1453] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  430.066528][ T1453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.071033][ T1453] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  430.073772][ T1453] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  430.076117][ T1453] usb 5-1: Manufacturer: syz
[  430.084853][ T1453] usb 5-1: config 0 descriptor??
[  430.142537][ T1453] rc_core: IR keymap rc-hauppauge not found
[  430.144352][ T1453] Registered IR keymap rc-empty
[  430.148834][ T1453] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  430.152875][ T1453] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input85
[  430.338721][    T9] usb 5-1: USB disconnect, device number 34
[  430.705896][T14572] netlink: 'syz.2.2294': attribute type 1 has an invalid length.
[  430.708222][T14572] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2294'.
[  430.807439][ T5307] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  430.998770][T14590] netlink: 'syz.2.2302': attribute type 1 has an invalid length.
[  431.001046][T14590] netlink: 'syz.2.2302': attribute type 3 has an invalid length.
[  431.003495][T14590] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2302'.
[  431.639972][T14610] netlink: 'syz.3.2306': attribute type 1 has an invalid length.
[  431.642433][T14610] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2306'.
[  431.673836][T14612] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2307'.
[  431.680702][T14612] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2307'.
[  431.718237][T14614] FAULT_INJECTION: forcing a failure.
[  431.718237][T14614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.723236][T14614] CPU: 2 UID: 0 PID: 14614 Comm: syz.3.2308 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  431.723248][T14614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.723255][T14614] Call Trace:
[  431.723258][T14614]  <TASK>
[  431.723262][T14614]  dump_stack_lvl+0x16c/0x1f0
[  431.723280][T14614]  should_fail_ex+0x50a/0x650
[  431.723293][T14614]  _copy_from_user+0x2e/0xd0
[  431.723306][T14614]  get_compat_msghdr+0xa8/0x170
[  431.723318][T14614]  ? __pfx_get_compat_msghdr+0x10/0x10
[  431.723334][T14614]  ___sys_sendmsg+0x1b0/0x1e0
[  431.723344][T14614]  ? __pfx____sys_sendmsg+0x10/0x10
[  431.723358][T14614]  ? __pfx_lock_release+0x10/0x10
[  431.723370][T14614]  ? trace_lock_acquire+0x14e/0x1f0
[  431.723382][T14614]  ? __fget_files+0x206/0x3a0
[  431.723396][T14614]  __sys_sendmsg+0x16e/0x220
[  431.723405][T14614]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.723422][T14614]  __do_fast_syscall_32+0x73/0x120
[  431.723437][T14614]  do_fast_syscall_32+0x32/0x80
[  431.723451][T14614]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.723466][T14614] RIP: 0023:0xf7f14579
[  431.723474][T14614] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.723483][T14614] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  431.723492][T14614] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  431.723498][T14614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  431.723503][T14614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.723508][T14614] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.723513][T14614] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.723523][T14614]  </TASK>
[  431.785226][T14619] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2310'.
[  431.844185][T14621] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2311'.
[  432.055658][T14631] FAULT_INJECTION: forcing a failure.
[  432.055658][T14631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.059487][T14631] CPU: 0 UID: 0 PID: 14631 Comm: syz.2.2315 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  432.059499][T14631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.059505][T14631] Call Trace:
[  432.059508][T14631]  <TASK>
[  432.059512][T14631]  dump_stack_lvl+0x16c/0x1f0
[  432.059530][T14631]  should_fail_ex+0x50a/0x650
[  432.059543][T14631]  _copy_from_user+0x2e/0xd0
[  432.059557][T14631]  get_compat_msghdr+0xa8/0x170
[  432.059569][T14631]  ? __pfx_get_compat_msghdr+0x10/0x10
[  432.059584][T14631]  ___sys_sendmsg+0x1b0/0x1e0
[  432.059595][T14631]  ? __pfx____sys_sendmsg+0x10/0x10
[  432.059609][T14631]  ? __pfx_lock_release+0x10/0x10
[  432.059620][T14631]  ? trace_lock_acquire+0x14e/0x1f0
[  432.059633][T14631]  ? __fget_files+0x206/0x3a0
[  432.059647][T14631]  __sys_sendmsg+0x16e/0x220
[  432.059656][T14631]  ? __pfx___sys_sendmsg+0x10/0x10
[  432.059673][T14631]  __do_fast_syscall_32+0x73/0x120
[  432.059688][T14631]  do_fast_syscall_32+0x32/0x80
[  432.059702][T14631]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.059716][T14631] RIP: 0023:0xf743e579
[  432.059724][T14631] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.059733][T14631] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  432.059742][T14631] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  432.059748][T14631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  432.059753][T14631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  432.059758][T14631] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  432.059763][T14631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.059773][T14631]  </TASK>
[  432.098714][ T5948] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  432.178982][T14636] input: syz0 as /devices/virtual/input/input86
[  432.261473][T14643] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2319'.
[  432.942594][ T5307] Bluetooth: hci2: command 0x0406 tx timeout
[  432.965852][T14664] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.986097][T14664] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.988792][T14664] bridge0: port 1(bridge_slave_0) entered forwarding state
[  432.993305][T14664] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  433.325128][T14677] FAULT_INJECTION: forcing a failure.
[  433.325128][T14677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.329509][T14677] CPU: 2 UID: 0 PID: 14677 Comm: syz.1.2326 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  433.329530][T14677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.329539][T14677] Call Trace:
[  433.329545][T14677]  <TASK>
[  433.329561][T14677]  dump_stack_lvl+0x16c/0x1f0
[  433.329581][T14677]  should_fail_ex+0x50a/0x650
[  433.329595][T14677]  _copy_from_user+0x2e/0xd0
[  433.329609][T14677]  get_compat_msghdr+0xa8/0x170
[  433.329622][T14677]  ? __pfx_get_compat_msghdr+0x10/0x10
[  433.329638][T14677]  ___sys_sendmsg+0x1b0/0x1e0
[  433.329649][T14677]  ? __pfx____sys_sendmsg+0x10/0x10
[  433.329663][T14677]  ? __pfx_lock_release+0x10/0x10
[  433.329675][T14677]  ? trace_lock_acquire+0x14e/0x1f0
[  433.329687][T14677]  ? __fget_files+0x206/0x3a0
[  433.329702][T14677]  __sys_sendmsg+0x16e/0x220
[  433.329711][T14677]  ? __pfx___sys_sendmsg+0x10/0x10
[  433.329724][T14677]  ? syscall_user_dispatch+0x77/0x140
[  433.329741][T14677]  __do_fast_syscall_32+0x73/0x120
[  433.329756][T14677]  do_fast_syscall_32+0x32/0x80
[  433.329770][T14677]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.329786][T14677] RIP: 0023:0xf7f21579
[  433.329794][T14677] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.329803][T14677] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  433.329812][T14677] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600
[  433.329818][T14677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  433.329823][T14677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.329829][T14677] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.329834][T14677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.329845][T14677]  </TASK>
[  433.670540][T14686] serio: Serial port ptm0
[  433.988481][ T5307] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  434.205729][T14697] FAULT_INJECTION: forcing a failure.
[  434.205729][T14697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.209539][T14697] CPU: 0 UID: 0 PID: 14697 Comm: syz.2.2332 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  434.209552][T14697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.209558][T14697] Call Trace:
[  434.209562][T14697]  <TASK>
[  434.209576][T14697]  dump_stack_lvl+0x16c/0x1f0
[  434.209595][T14697]  should_fail_ex+0x50a/0x650
[  434.209609][T14697]  _copy_from_user+0x2e/0xd0
[  434.209622][T14697]  get_old_timespec32+0x153/0x1f0
[  434.209633][T14697]  ? __pfx_get_old_timespec32+0x10/0x10
[  434.209646][T14697]  do_compat_pselect+0x1c4/0x240
[  434.209658][T14697]  ? __pfx_do_compat_pselect+0x10/0x10
[  434.209672][T14697]  __ia32_compat_sys_pselect6_time32+0x17c/0x240
[  434.209684][T14697]  ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10
[  434.209699][T14697]  __do_fast_syscall_32+0x73/0x120
[  434.209714][T14697]  do_fast_syscall_32+0x32/0x80
[  434.209729][T14697]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.209744][T14697] RIP: 0023:0xf743e579
[  434.209752][T14697] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.209762][T14697] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000134
[  434.209771][T14697] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000200001c0
[  434.209777][T14697] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000020000300
[  434.209782][T14697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.209787][T14697] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  434.209793][T14697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.209803][T14697]  </TASK>
[  434.631438][T14727] x86/PAT: syz.1.2335:14727 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[  434.665598][T14731] FAULT_INJECTION: forcing a failure.
[  434.665598][T14731] name failslab, interval 1, probability 0, space 0, times 0
[  434.669226][T14731] CPU: 3 UID: 0 PID: 14731 Comm: syz.1.2336 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  434.669241][T14731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.669247][T14731] Call Trace:
[  434.669251][T14731]  <TASK>
[  434.669255][T14731]  dump_stack_lvl+0x16c/0x1f0
[  434.669274][T14731]  should_fail_ex+0x50a/0x650
[  434.669285][T14731]  ? fs_reclaim_acquire+0xae/0x150
[  434.669302][T14731]  should_failslab+0xc2/0x120
[  434.669314][T14731]  __kmalloc_noprof+0xce/0x4f0
[  434.669325][T14731]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  434.669337][T14731]  ? tomoyo_realpath_from_path+0xbf/0x710
[  434.669351][T14731]  tomoyo_realpath_from_path+0xbf/0x710
[  434.669363][T14731]  ? tomoyo_path_number_perm+0x235/0x5b0
[  434.669374][T14731]  tomoyo_path_number_perm+0x248/0x5b0
[  434.669383][T14731]  ? tomoyo_path_number_perm+0x235/0x5b0
[  434.669393][T14731]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  434.669414][T14731]  ? __pfx_lock_release+0x10/0x10
[  434.669424][T14731]  ? trace_lock_acquire+0x14e/0x1f0
[  434.669435][T14731]  ? lock_acquire+0x2f/0xb0
[  434.669445][T14731]  ? __fget_files+0x40/0x3a0
[  434.669456][T14731]  ? __fget_files+0x206/0x3a0
[  434.669468][T14731]  security_file_ioctl_compat+0x9b/0x240
[  434.669479][T14731]  __do_compat_sys_ioctl+0x4e/0x2c0
[  434.669496][T14731]  __do_fast_syscall_32+0x73/0x120
[  434.669511][T14731]  do_fast_syscall_32+0x32/0x80
[  434.669525][T14731]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.669541][T14731] RIP: 0023:0xf7f21579
[  434.669549][T14731] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.669558][T14731] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  434.669567][T14731] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045730
[  434.669573][T14731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  434.669578][T14731] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.669583][T14731] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  434.669589][T14731] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.669601][T14731]  </TASK>
[  434.669605][T14731] ERROR: Out of memory at tomoyo_realpath_from_path.
[  434.758528][T14733] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2337'.
[  434.784305][T14735] validate_nla: 3 callbacks suppressed
[  434.784315][T14735] netlink: 'syz.3.2338': attribute type 1 has an invalid length.
[  434.788192][T14735] netlink: 'syz.3.2338': attribute type 3 has an invalid length.
[  434.790430][T14735] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2338'.
[  434.904958][T14744] FAULT_INJECTION: forcing a failure.
[  434.904958][T14744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.908704][T14744] CPU: 2 UID: 0 PID: 14744 Comm: syz.1.2341 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  434.908718][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.908724][T14744] Call Trace:
[  434.908728][T14744]  <TASK>
[  434.908732][T14744]  dump_stack_lvl+0x16c/0x1f0
[  434.908750][T14744]  should_fail_ex+0x50a/0x650
[  434.908764][T14744]  _copy_to_user+0x32/0xd0
[  434.908779][T14744]  simple_read_from_buffer+0xd0/0x160
[  434.908795][T14744]  proc_fail_nth_read+0x198/0x270
[  434.908810][T14744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  434.908825][T14744]  ? rw_verify_area+0xcf/0x680
[  434.908839][T14744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  434.908852][T14744]  vfs_read+0x1df/0xbf0
[  434.908862][T14744]  ? __fget_files+0x1fc/0x3a0
[  434.908877][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  434.908892][T14744]  ? __pfx_vfs_read+0x10/0x10
[  434.908905][T14744]  ? __fget_files+0x206/0x3a0
[  434.908918][T14744]  ksys_read+0x12b/0x250
[  434.908927][T14744]  ? __pfx_ksys_read+0x10/0x10
[  434.908940][T14744]  __do_fast_syscall_32+0x73/0x120
[  434.908956][T14744]  do_fast_syscall_32+0x32/0x80
[  434.908970][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.908986][T14744] RIP: 0023:0xf7f21579
[  434.908993][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.909003][T14744] RSP: 002b:00000000f5046590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  434.909012][T14744] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5046620
[  434.909019][T14744] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000
[  434.909024][T14744] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  434.909029][T14744] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  434.909035][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.909046][T14744]  </TASK>
[  434.980030][ T5307] Bluetooth: hci1: Malformed Event: 0x2f
[  435.352489][    T9] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  435.512652][    T9] usb 5-1: Using ep0 maxpacket: 8
[  435.512750][ T5307] Bluetooth: hci1: command 0x0406 tx timeout
[  435.515617][    T9] usb 5-1: config 135 has an invalid interface number: 230 but max is 0
[  435.518450][    T9] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  435.521372][    T9] usb 5-1: config 135 has no interface number 0
[  435.524222][    T9] usb 5-1: config 135 interface 230 has no altsetting 0
[  435.528007][    T9] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  435.530644][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.533258][    T9] usb 5-1: Product: syz
[  435.534529][    T9] usb 5-1: Manufacturer: syz
[  435.535959][    T9] usb 5-1: SerialNumber: syz
[  435.544716][ T5307] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  435.652550][ T1486] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  435.723593][T14765] netlink: 'syz.3.2348': attribute type 1 has an invalid length.
[  435.725846][T14765] netlink: 'syz.3.2348': attribute type 3 has an invalid length.
[  435.728062][T14765] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2348'.
[  435.802517][ T1486] usb 7-1: Using ep0 maxpacket: 8
[  435.805906][ T1486] usb 7-1: config 135 has an invalid interface number: 230 but max is 0
[  435.808520][ T1486] usb 7-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  435.812125][ T1486] usb 7-1: config 135 has no interface number 0
[  435.814049][ T1486] usb 7-1: config 135 interface 230 has no altsetting 0
[  435.817461][ T1486] usb 7-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  435.820052][ T1486] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.822375][ T1486] usb 7-1: Product: syz
[  435.823764][ T1486] usb 7-1: Manufacturer: syz
[  435.825178][ T1486] usb 7-1: SerialNumber: syz
[  435.828089][ T5989] usb 5-1: USB disconnect, device number 35
[  435.904675][T14772] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2350'.
[  436.044211][T14758] FAULT_INJECTION: forcing a failure.
[  436.044211][T14758] name failslab, interval 1, probability 0, space 0, times 0
[  436.048105][T14758] CPU: 1 UID: 0 PID: 14758 Comm: syz.2.2345 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  436.048119][T14758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.048126][T14758] Call Trace:
[  436.048133][T14758]  <TASK>
[  436.048137][T14758]  dump_stack_lvl+0x16c/0x1f0
[  436.048155][T14758]  should_fail_ex+0x50a/0x650
[  436.048167][T14758]  ? fs_reclaim_acquire+0xae/0x150
[  436.048184][T14758]  should_failslab+0xc2/0x120
[  436.048196][T14758]  __kmalloc_noprof+0xce/0x4f0
[  436.048207][T14758]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  436.048220][T14758]  ? tomoyo_realpath_from_path+0xbf/0x710
[  436.048234][T14758]  tomoyo_realpath_from_path+0xbf/0x710
[  436.048247][T14758]  ? tomoyo_path_number_perm+0x235/0x5b0
[  436.048258][T14758]  tomoyo_path_number_perm+0x248/0x5b0
[  436.048266][T14758]  ? tomoyo_path_number_perm+0x235/0x5b0
[  436.048276][T14758]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  436.048297][T14758]  ? __pfx_lock_release+0x10/0x10
[  436.048308][T14758]  ? trace_lock_acquire+0x14e/0x1f0
[  436.048319][T14758]  ? lock_acquire+0x2f/0xb0
[  436.048329][T14758]  ? __fget_files+0x40/0x3a0
[  436.048341][T14758]  ? __fget_files+0x206/0x3a0
[  436.048352][T14758]  security_file_ioctl_compat+0x9b/0x240
[  436.048364][T14758]  __do_compat_sys_ioctl+0x4e/0x2c0
[  436.048379][T14758]  __do_fast_syscall_32+0x73/0x120
[  436.048395][T14758]  do_fast_syscall_32+0x32/0x80
[  436.048409][T14758]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  436.048425][T14758] RIP: 0023:0xf743e579
[  436.048433][T14758] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  436.048442][T14758] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  436.048452][T14758] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  436.048457][T14758] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  436.048463][T14758] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  436.048468][T14758] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  436.048473][T14758] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  436.048485][T14758]  </TASK>
[  436.048489][T14758] ERROR: Out of memory at tomoyo_realpath_from_path.
[  436.213697][ T1486] usb 7-1: USB disconnect, device number 27
[  436.242517][ T5987] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  436.370432][T14779] netlink: 'syz.0.2353': attribute type 1 has an invalid length.
[  436.373026][T14779] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2353'.
[  436.402467][ T5987] usb 8-1: Using ep0 maxpacket: 8
[  436.406992][ T5987] usb 8-1: config 135 has an invalid interface number: 230 but max is 0
[  436.409382][ T5987] usb 8-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  436.412302][ T5987] usb 8-1: config 135 has no interface number 0
[  436.414216][ T5987] usb 8-1: config 135 interface 230 has no altsetting 0
[  436.417692][ T5987] usb 8-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  436.420266][ T5987] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.422658][ T5987] usb 8-1: Product: syz
[  436.423883][ T5987] usb 8-1: Manufacturer: syz
[  436.425160][ T5987] usb 8-1: SerialNumber: syz
[  436.697299][ T5989] usb 8-1: USB disconnect, device number 37
[  436.746049][T14790] xt_CT: You must specify a L4 protocol and not use inversions on it
[  437.461675][ T5948] Bluetooth: hci0: unexpected event for opcode 0x0c1a
[  437.782566][ T1486] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  437.830057][ T5948] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  437.933663][ T1486] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  437.936164][ T1486] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  437.939776][ T1486] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  437.942541][ T1486] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  437.944931][ T1486] usb 8-1: Manufacturer: syz
[  437.947812][ T1486] usb 8-1: config 0 descriptor??
[  437.963040][T14817] netlink: 'syz.0.2362': attribute type 1 has an invalid length.
[  437.965409][T14817] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2362'.
[  437.992730][T14819] xt_CT: You must specify a L4 protocol and not use inversions on it
[  438.002635][ T1486] rc_core: IR keymap rc-hauppauge not found
[  438.004426][ T1486] Registered IR keymap rc-empty
[  438.006382][ T1486] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  438.009921][ T1486] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input88
[  438.123786][ T5307] Bluetooth: hci1: unexpected event for opcode 0x0c1a
[  438.178324][ T1453] usb 8-1: USB disconnect, device number 38
[  438.395694][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  438.543789][    T9] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  438.546294][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.549933][    T9] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  438.553050][    T9] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  438.555423][    T9] usb 5-1: Manufacturer: syz
[  438.557652][    T9] usb 5-1: config 0 descriptor??
[  438.612485][    T9] rc_core: IR keymap rc-hauppauge not found
[  438.614471][    T9] Registered IR keymap rc-empty
[  438.621292][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  438.626762][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input89
[  438.641988][T14831] xt_CT: You must specify a L4 protocol and not use inversions on it
[  438.703607][ T5307] Bluetooth: hci3: command 0x0419 tx timeout
[  438.782960][T14837] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  438.799358][T14837] kvm: requested 80457 ns i8254 timer period limited to 200000 ns
[  438.805888][T14837] input: syz1 as /devices/virtual/input/input90
[  438.849787][ T1486] usb 5-1: USB disconnect, device number 36
[  438.935957][T14846] netlink: 'syz.3.2371': attribute type 1 has an invalid length.
[  438.938428][T14846] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2371'.
[  439.423509][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  439.425399][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  439.480991][ T5307] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  439.736041][T14860] xt_CT: You must specify a L4 protocol and not use inversions on it
[  440.096061][ T5948] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  440.099694][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  440.102333][ T5948] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  440.109818][ T5948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  440.113215][ T5948] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  440.115424][ T5948] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  440.138677][T14869] lo speed is unknown, defaulting to 1000
[  440.179199][T14869] lo speed is unknown, defaulting to 1000
[  440.227114][T14869] chnl_net:caif_netlink_parms(): no params data found
[  440.266023][ T5948] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  440.275803][T14869] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.277942][T14869] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.280017][T14869] bridge_slave_0: entered allmulticast mode
[  440.284305][T14869] bridge_slave_0: entered promiscuous mode
[  440.286911][T14869] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.288361][T14881] netlink: 'syz.0.2380': attribute type 1 has an invalid length.
[  440.288981][T14869] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.291168][T14881] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2380'.
[  440.293700][T14869] bridge_slave_1: entered allmulticast mode
[  440.298202][T14869] bridge_slave_1: entered promiscuous mode
[  440.322353][T14869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  440.342649][ T1201] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.350134][T14869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  440.369298][T14869] team0: Port device team_slave_0 added
[  440.372650][T14869] team0: Port device team_slave_1 added
[  440.390488][T14869] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.393192][T14869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.400432][T14869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  440.416283][ T1201] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.421255][T14869] batman_adv: batadv0: Adding interface: batadv_slave_1
[  440.423356][T14869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.430590][T14869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  440.453635][T14869] hsr_slave_0: entered promiscuous mode
[  440.455610][T14869] hsr_slave_1: entered promiscuous mode
[  440.457450][T14869] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  440.459608][T14869] Cannot create hsr debugfs directory
[  440.492290][ T1201] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.514352][ T1486] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  440.551648][ T1201] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.652631][ T1201] bridge_slave_1: left allmulticast mode
[  440.654588][ T1201] bridge_slave_1: left promiscuous mode
[  440.657498][ T1201] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.663318][ T1201] bridge_slave_0: left allmulticast mode
[  440.665360][ T1201] bridge_slave_0: left promiscuous mode
[  440.667047][ T1201] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.682923][ T1486] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  440.685399][ T1486] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  440.689784][ T1486] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  440.690527][T14887] 9pnet_fd: Insufficient options for proto=fd
[  440.693217][ T1486] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  440.696977][ T1486] usb 6-1: Manufacturer: syz
[  440.699441][ T1486] usb 6-1: config 0 descriptor??
[  440.743113][ T1486] rc_core: IR keymap rc-hauppauge not found
[  440.745185][ T1486] Registered IR keymap rc-empty
[  440.748044][ T1486] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  440.751880][ T1486] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input91
[  440.936388][ T1486] usb 6-1: USB disconnect, device number 31
[  441.284747][ T1201] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  441.288743][ T1201] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  441.292100][ T1201] bond0 (unregistering): Released all slaves
[  441.365846][ T1201] team0: Port device bond1 removed
[  441.368392][ T1201] bond1 (unregistering): Released all slaves
[  441.443599][ T1201] bond2 (unregistering): (slave bond3): Releasing backup interface
[  441.446608][ T1201] bond3 (unregistering): left promiscuous mode
[  441.448488][ T1201] bond2 (unregistering): Released all slaves
[  441.526554][ T1201] bond3 (unregistering): Released all slaves
[  441.613213][T14909] Bluetooth: MGMT ver 1.23
[  441.630509][ T1201] bond4 (unregistering): (slave bond5): Releasing backup interface
[  441.633260][ T1201] bond5 (unregistering): left promiscuous mode
[  441.635209][ T1201] bond4 (unregistering): Released all slaves
[  441.713948][ T1201] bond5 (unregistering): Released all slaves
[  441.785105][ T1201] bond6 (unregistering): (slave bond7): Releasing backup interface
[  441.787777][ T1201] bond7 (unregistering): left promiscuous mode
[  441.789783][ T1201] bond6 (unregistering): Released all slaves
[  441.856897][ T1201] bond7 (unregistering): Released all slaves
[  441.923745][ T1201] bond8 (unregistering): Released all slaves
[  441.991290][ T1201] bond9 (unregistering): Released all slaves
[  442.056839][ T1201] bond10 (unregistering): Released all slaves
[  442.120011][ T1201] bond11 (unregistering): Released all slaves
[  442.154549][ T5948] Bluetooth: hci0: command tx timeout
[  442.190129][ T1201] bond12 (unregistering): Released all slaves
[  442.194549][ T1201] bond13 (unregistering): Released all slaves
[  442.294285][T14918] xt_CT: You must specify a L4 protocol and not use inversions on it
[  442.302581][ T5948] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  442.327991][T14921] 9pnet_virtio: no channels available for device #! ./file0
[  442.327991][T14921] 
[  442.356708][T14924] [U] 
[  442.357988][T14924] [U] 
[  442.358833][T14924] [U] 
[  442.359673][T14924] [U] 
[  442.360587][T14924] [U] 
[  442.361461][T14924] [U] 
[  442.362302][T14924] [U] 
[  442.363149][T14924] [U] 
[  442.364517][T14924] [U] 
[  442.365416][T14924] [U] 
[  442.366250][T14924] [U] 
[  442.367086][T14924] [U] 
[  442.369096][T14924] [U] 
[  442.369973][T14924] [U] 
[  442.370814][T14924] [U] 
[  442.371655][T14924] [U] 
[  442.372858][T14924] [U] 
[  442.373749][T14924] [U] 
[  442.374586][T14924] [U] 
[  442.375421][T14924] [U] 
[  442.378478][T14924] [U] 
[  442.379373][T14924] [U] 
[  442.380205][T14924] [U] 
[  442.381035][T14924] [U] 
[  442.386422][T14924] [U] 
[  442.387288][T14924] [U] 
[  442.388125][T14924] [U] 
[  442.388948][T14924] [U] 
[  442.393908][T14924] [U] 
[  442.395006][T14924] [U] 
[  442.396187][T14924] [U] 
[  442.397296][T14924] [U] 
[  442.399116][T14924] [U] 
[  442.399972][T14924] [U] 
[  442.400789][T14924] [U] 
[  442.401622][T14924] [U] 
[  442.402573][T14924] [U] 
[  442.403405][T14924] [U] 
[  442.404280][T14924] [U] 
[  442.405275][T14924] [U] 
[  442.406182][T14924] [U] 
[  442.407007][T14924] [U] 
[  442.407864][T14924] [U] 
[  442.408678][T14924] [U] 
[  442.410090][T14924] [U] 
[  442.410938][T14924] [U] 
[  442.411762][T14924] [U] 
[  442.412607][T14924] [U] 
[  442.426059][T14924] [U] 
[  442.426940][T14924] [U] 
[  442.427764][T14924] [U] 
[  442.428594][T14924] [U] 
[  442.429518][T14924] [U] 
[  442.430345][T14924] [U] 
[  442.431175][T14924] [U] 
[  442.431997][T14924] [U] 
[  442.432999][T14924] [U] 
[  442.433855][T14924] [U] 
[  442.434680][T14924] [U] 
[  442.435502][T14924] [U] 
[  442.436395][T14924] [U] 
[  442.437229][T14924] [U] 
[  442.438048][T14924] [U] 
[  442.438868][T14924] [U] 
[  442.439757][T14924] [U] 
[  442.440580][T14924] [U] 
[  442.441412][T14924] [U] 
[  442.442244][T14924] [U] 
[  442.447559][T14924] [U] 
[  442.448424][T14924] [U] 
[  442.449262][T14924] [U] 
[  442.450087][T14924] [U] 
[  442.460616][T14924] [U] 
[  442.461495][T14924] [U] 
[  442.462326][T14924] [U] 
[  442.463161][T14924] [U] 
[  442.468943][T14924] [U] 
[  442.469823][T14924] [U] 
[  442.470650][T14924] [U] 
[  442.471471][T14924] [U] 
[  442.474206][T14924] [U] 
[  442.475057][T14924] [U] 
[  442.475896][T14924] [U] 
[  442.476723][T14924] [U] 
[  442.477750][T14924] [U] 
[  442.478682][T14924] [U] 
[  442.479511][T14924] [U] 
[  442.480392][T14924] [U] 
[  442.481701][T14924] [U] 
[  442.482498][T14924] [U] 
[  442.483298][T14924] [U] 
[  442.484121][T14924] [U] 
[  442.486986][T14924] [U] 
[  442.487846][T14924] [U] 
[  442.488669][T14924] [U] 
[  442.489491][T14924] [U] 
[  442.490479][T14924] [U] 
[  442.491309][T14924] [U] 
[  442.492130][T14924] [U] 
[  442.492945][T14924] [U] 
[  442.494051][T14924] [U] 
[  442.495037][T14924] [U] 
[  442.495883][T14924] [U] 
[  442.496692][T14924] [U] 
[  442.497652][T14924] [U] 
[  442.498478][T14924] [U] 
[  442.499300][T14924] [U] 
[  442.500113][T14924] [U] 
[  442.501070][T14924] [U] 
[  442.501905][T14924] [U] 
[  442.502729][T14924] [U] 
[  442.503549][T14924] [U] 
[  442.504717][T14924] [U] 
[  442.505562][T14924] [U] 
[  442.506389][T14924] [U] 
[  442.507203][T14924] [U] 
[  442.508188][T14924] [U] 
[  442.509026][T14924] [U] 
[  442.509859][T14924] [U] 
[  442.510675][T14924] [U] 
[  442.511703][T14924] [U] 
[  442.512599][T14924] [U] 
[  442.513459][T14924] [U] 
[  442.514307][T14924] [U] 
[  442.515360][T14924] [U] 
[  442.516226][T14924] [U] 
[  442.517075][T14924] [U] 
[  442.612335][ T1201] hsr_slave_0: left promiscuous mode
[  442.614449][ T1201] hsr_slave_1: left promiscuous mode
[  442.616304][ T1201] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.618485][ T1201] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.621299][ T1201] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.623596][ T1201] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.643913][ T1201] veth1_macvtap: left promiscuous mode
[  442.646398][ T1201] veth0_macvtap: left promiscuous mode
[  442.648060][ T1201] veth1_vlan: left promiscuous mode
[  442.649697][ T1201] veth0_vlan: left promiscuous mode
[  443.022525][ T5307] Bluetooth: hci2: command 0x0406 tx timeout
[  443.190504][T14923] [U] 
[  443.339512][ T5307] Bluetooth: hci2: unexpected event for opcode 0x0c1a
[  443.342604][ T1201] team0 (unregistering): Port device team_slave_1 removed
[  443.413368][ T1201] team0 (unregistering): Port device team_slave_0 removed
[  443.602541][T14497] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  443.784576][T14497] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  443.787129][T14497] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  443.798273][T14497] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  443.800906][T14497] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  443.803503][T14497] usb 7-1: Manufacturer: syz
[  443.805749][T14497] usb 7-1: config 0 descriptor??
[  443.852485][T14497] rc_core: IR keymap rc-hauppauge not found
[  443.854348][T14497] Registered IR keymap rc-empty
[  443.856085][T14497] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  443.859350][T14497] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input92
[  444.047306][ T5988] usb 7-1: USB disconnect, device number 28
[  444.085036][T14869] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  444.089016][T14869] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  444.092524][T14869] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  444.096268][T14869] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  444.141670][T14869] 8021q: adding VLAN 0 to HW filter on device bond0
[  444.153955][T14869] 8021q: adding VLAN 0 to HW filter on device team0
[  444.160824][T13278] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.162997][T13278] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.167770][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.169870][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.232508][ T5307] Bluetooth: hci0: command tx timeout
[  444.267390][T14869] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.283539][T14869] veth0_vlan: entered promiscuous mode
[  444.291427][T14869] veth1_vlan: entered promiscuous mode
[  444.331180][T14869] veth0_macvtap: entered promiscuous mode
[  444.335102][T14869] veth1_macvtap: entered promiscuous mode
[  444.340919][T14869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.344118][T14869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.347316][T14869] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.354448][T14869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.357458][T14869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.360219][T14869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.364043][T14869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.367378][T14869] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.372237][T14869] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.375226][T14869] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.377721][T14869] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.380241][T14869] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.416057][T13278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.418435][T13278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.432517][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.434834][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.599005][T14965] xt_CT: You must specify a L4 protocol and not use inversions on it
[  444.662768][ T5307] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  444.804570][T14976] bridge0: entered promiscuous mode
[  444.820735][ T5307] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  444.835080][ T5307] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  444.839272][ T5307] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  444.846384][ T5307] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  444.855156][ T5307] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  444.858413][ T5307] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  444.913597][T14977] lo speed is unknown, defaulting to 1000
[  444.970061][T14977] lo speed is unknown, defaulting to 1000
[  445.024340][T14977] chnl_net:caif_netlink_parms(): no params data found
[  445.103586][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.122639][T14977] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.125476][T14977] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.127676][T14977] bridge_slave_0: entered allmulticast mode
[  445.130030][T14977] bridge_slave_0: entered promiscuous mode
[  445.132752][T14977] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.134975][T14977] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.136999][T14977] bridge_slave_1: entered allmulticast mode
[  445.139166][T14977] bridge_slave_1: entered promiscuous mode
[  445.159591][T14977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.163672][T14977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  445.176279][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.210812][T14977] team0: Port device team_slave_0 added
[  445.217404][T14977] team0: Port device team_slave_1 added
[  445.243668][T14977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  445.245766][T14977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.253268][T14977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  445.271566][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.281161][T14977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  445.283442][T14977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.290852][T14977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  445.318021][T14977] hsr_slave_0: entered promiscuous mode
[  445.321452][T14977] hsr_slave_1: entered promiscuous mode
[  445.324045][T14977] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  445.326966][T14977] Cannot create hsr debugfs directory
[  445.342473][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.420805][   T12] bridge_slave_0: left allmulticast mode
[  445.422679][   T12] bridge_slave_0: left promiscuous mode
[  445.424435][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.608496][   T12] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  445.754994][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  445.763539][T14992] netlink: 'syz.3.2407': attribute type 1 has an invalid length.
[  445.766637][T14992] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2407'.
[  445.775339][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  445.779399][   T12] bond0 (unregistering): Released all slaves
[  445.879460][   T12] bond1 (unregistering): (slave bond2): Releasing backup interface
[  445.882236][   T12] bond2 (unregistering): left promiscuous mode
[  445.885318][   T12] bond1 (unregistering): Released all slaves
[  445.989446][   T12] bond2 (unregistering): Released all slaves
[  446.064439][   T12] bond3 (unregistering): Released all slaves
[  446.158640][   T12] bond4 (unregistering): Released all slaves
[  446.164116][   T12] bond5 (unregistering): Released all slaves
[  446.202517][ T6068] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  446.202550][T14990] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2406'.
[  446.361040][   T39] audit: type=1326 audit(1738347171.809:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.367581][   T39] audit: type=1326 audit(1738347171.809:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.373968][   T39] audit: type=1326 audit(1738347171.819:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.382356][   T39] audit: type=1326 audit(1738347171.829:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.383914][ T6068] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  446.397491][   T39] audit: type=1326 audit(1738347171.829:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.420808][ T6068] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.421359][   T39] audit: type=1326 audit(1738347171.829:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15004 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.421394][   T39] audit: type=1326 audit(1738347171.829:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.421423][   T39] audit: type=1326 audit(1738347171.829:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.421650][   T39] audit: type=1326 audit(1738347171.829:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.421682][   T39] audit: type=1326 audit(1738347171.829:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15002 comm="syz.1.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  446.422013][ T6068] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  446.422033][ T6068] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  446.422048][ T6068] usb 8-1: Manufacturer: syz
[  446.429836][ T6068] usb 8-1: config 0 descriptor??
[  446.501309][   T12] hsr_slave_0: left promiscuous mode
[  446.504867][   T12] hsr_slave_1: left promiscuous mode
[  446.505645][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  446.511760][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  446.511774][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  446.522526][ T6068] rc_core: IR keymap rc-hauppauge not found
[  446.522537][ T6068] Registered IR keymap rc-empty
[  446.522817][ T6068] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  446.523212][ T6068] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input93
[  446.533946][   T12] veth1_macvtap: left promiscuous mode
[  446.533989][   T12] veth0_macvtap: left promiscuous mode
[  446.534041][   T12] veth1_vlan: left promiscuous mode
[  446.534086][   T12] veth0_vlan: left promiscuous mode
[  446.719476][    T9] usb 8-1: USB disconnect, device number 39
[  446.942761][ T5948] Bluetooth: hci4: command tx timeout
[  446.945224][ T5307] Bluetooth: hci3: command 0x0419 tx timeout
[  447.239858][   T12] team0 (unregistering): Port device team_slave_1 removed
[  447.329557][   T12] team0 (unregistering): Port device team_slave_0 removed
[  447.805633][T14497] lo speed is unknown, defaulting to 1000
[  447.843834][T14977] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  447.847290][T14977] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  447.852036][T14977] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  447.856632][T14977] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  447.898111][T14977] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.909923][T14977] 8021q: adding VLAN 0 to HW filter on device team0
[  447.914868][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.917003][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.921630][T13278] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.923807][T13278] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.992529][ T5307] Bluetooth: hci0: command tx timeout
[  448.056178][T14977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  448.077618][T14977] veth0_vlan: entered promiscuous mode
[  448.081760][T14977] veth1_vlan: entered promiscuous mode
[  448.095793][T14977] veth0_macvtap: entered promiscuous mode
[  448.099148][T14977] veth1_macvtap: entered promiscuous mode
[  448.106953][T14977] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  448.110599][T14977] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.117322][T14977] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  448.121232][T14977] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.126648][T14977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  448.131647][T14977] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.136394][T14977] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.140331][T14977] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.145191][T14977] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.150181][T14977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  448.156097][T14977] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  448.159466][T14977] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  448.163399][T14977] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  448.167178][T14977] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.227523][ T1201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.233998][ T1201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.244966][ T1201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.250284][ T1201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.316459][T15039] 9pnet_virtio: no channels available for device #! ./file0
[  448.316459][T15039] 
[  448.388784][T15050] netlink: 'syz.3.2421': attribute type 1 has an invalid length.
[  448.391107][T15050] netlink: 'syz.3.2421': attribute type 3 has an invalid length.
[  448.400193][T15050] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2421'.
[  448.681498][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  448.686187][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  448.688909][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  448.691714][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  448.699876][ T5948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  448.703288][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  448.721009][T15060] lo speed is unknown, defaulting to 1000
[  448.802170][T15060] chnl_net:caif_netlink_parms(): no params data found
[  448.853124][  T894] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  448.892239][T15060] bridge0: port 1(bridge_slave_0) entered blocking state
[  448.895431][T15060] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.897919][T15060] bridge_slave_0: entered allmulticast mode
[  448.901703][T15060] bridge_slave_0: entered promiscuous mode
[  448.941176][T13278] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.964466][T15060] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.966925][T15060] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.969144][T15060] bridge_slave_1: entered allmulticast mode
[  448.971412][T15060] bridge_slave_1: entered promiscuous mode
[  448.994799][T15060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  449.024505][T13278] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.044994][T15060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  449.045745][  T894] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  449.050720][  T894] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  449.058350][  T894] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  449.061683][  T894] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  449.065647][  T894] usb 5-1: Manufacturer: syz
[  449.068970][  T894] usb 5-1: config 0 descriptor??
[  449.106190][T15060] team0: Port device team_slave_0 added
[  449.110557][T15060] team0: Port device team_slave_1 added
[  449.116400][  T894] rc_core: IR keymap rc-hauppauge not found
[  449.118646][  T894] Registered IR keymap rc-empty
[  449.123204][  T894] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  449.127424][  T894] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input94
[  449.150993][T13278] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.210991][T15060] batman_adv: batadv0: Adding interface: batadv_slave_0
[  449.214915][T15060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  449.221987][T15060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  449.226835][T15060] batman_adv: batadv0: Adding interface: batadv_slave_1
[  449.229538][T15060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  449.243375][T15060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  449.397984][ T6068] usb 5-1: USB disconnect, device number 37
[  449.429274][T13278] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.467088][T15060] hsr_slave_0: entered promiscuous mode
[  449.471031][T15060] hsr_slave_1: entered promiscuous mode
[  449.475014][T15060] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  449.477415][T15060] Cannot create hsr debugfs directory
[  449.560143][T13278] bridge_slave_1: left allmulticast mode
[  449.561847][T13278] bridge_slave_1: left promiscuous mode
[  449.563648][T13278] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.566849][T13278] bridge_slave_0: left allmulticast mode
[  449.568516][T13278] bridge_slave_0: left promiscuous mode
[  449.570218][T13278] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.598605][T13278] bridge0: left promiscuous mode
[  449.707899][T15086] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  449.709855][T15086] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  449.712100][T15086] vhci_hcd vhci_hcd.0: Device attached
[  449.718361][T15087] usbip_core: unknown command
[  449.719875][T15087] vhci_hcd: unknown pdu 50385840
[  449.721399][T15087] usbip_core: unknown command
[  449.723647][ T1172] vhci_hcd: stop threads
[  449.724956][ T1172] vhci_hcd: release socket
[  449.726298][ T1172] vhci_hcd: disconnect device
[  449.747117][T13278] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  449.835991][T15091] hfsplus: unable to find HFS+ superblock
[  449.947905][T15096] FAULT_INJECTION: forcing a failure.
[  449.947905][T15096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.953200][T15096] CPU: 0 UID: 0 PID: 15096 Comm: syz.0.2431 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  449.953215][T15096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.953221][T15096] Call Trace:
[  449.953224][T15096]  <TASK>
[  449.953228][T15096]  dump_stack_lvl+0x16c/0x1f0
[  449.953248][T15096]  should_fail_ex+0x50a/0x650
[  449.953261][T15096]  _copy_from_user+0x2e/0xd0
[  449.953275][T15096]  get_compat_msghdr+0xa8/0x170
[  449.953288][T15096]  ? __pfx_get_compat_msghdr+0x10/0x10
[  449.953304][T15096]  ___sys_sendmsg+0x1b0/0x1e0
[  449.953315][T15096]  ? __pfx____sys_sendmsg+0x10/0x10
[  449.953330][T15096]  ? __pfx_lock_release+0x10/0x10
[  449.953341][T15096]  ? trace_lock_acquire+0x14e/0x1f0
[  449.953354][T15096]  ? __fget_files+0x206/0x3a0
[  449.953368][T15096]  __sys_sendmsg+0x16e/0x220
[  449.953377][T15096]  ? __pfx___sys_sendmsg+0x10/0x10
[  449.953394][T15096]  __do_fast_syscall_32+0x73/0x120
[  449.953410][T15096]  do_fast_syscall_32+0x32/0x80
[  449.953424][T15096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.953439][T15096] RIP: 0023:0xf73ce579
[  449.953447][T15096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.953456][T15096] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  449.953466][T15096] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000040
[  449.953472][T15096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  449.953478][T15096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.953483][T15096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.953488][T15096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.953500][T15096]  </TASK>
[  450.014420][    C0] vkms_vblank_simulate: vblank timer overrun
[  450.129757][T13278] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  450.134162][T13278] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  450.137575][T13278] bond0 (unregistering): Released all slaves
[  450.208272][T13278] bond1 (unregistering): Released all slaves
[  450.212799][T13278] bond2 (unregistering): Released all slaves
[  450.284040][T13278] bond3 (unregistering): Released all slaves
[  450.356604][T13278] bond4 (unregistering): Released all slaves
[  450.361185][T13278] bond5 (unregistering): Released all slaves
[  450.542508][ T5307] Bluetooth: hci4: command tx timeout
[  450.781419][T13278] hsr_slave_0: left promiscuous mode
[  450.783276][ T5307] Bluetooth: hci1: command tx timeout
[  450.788546][T13278] hsr_slave_1: left promiscuous mode
[  450.790712][T13278] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.793001][T13278] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.795486][T13278] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.797804][T13278] batman_adv: batadv0: Removing interface: batadv_slave_1
[  450.839482][T13278] veth1_macvtap: left promiscuous mode
[  450.841804][T13278] veth0_macvtap: left promiscuous mode
[  450.849329][T13278] veth1_vlan: left promiscuous mode
[  450.850911][T13278] veth0_vlan: left promiscuous mode
[  450.892597][T15110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2434'.
[  450.944071][T15112] netlink: 576 bytes leftover after parsing attributes in process `syz.3.2434'.
[  451.688707][T13278] team0 (unregistering): Port device team_slave_1 removed
[  451.819400][T13278] team0 (unregistering): Port device team_slave_0 removed
[  452.501018][T15115] tipc: Started in network mode
[  452.502629][T15115] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  452.504907][T15115] tipc: Enabled bearer <eth:team0>, priority 0
[  452.540493][T15123] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2437'.
[  452.585313][T15060] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  452.587013][T15127] netlink: 'syz.3.2439': attribute type 1 has an invalid length.
[  452.590489][T15127] netlink: 'syz.3.2439': attribute type 3 has an invalid length.
[  452.593351][T15127] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2439'.
[  452.596901][T15130] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2440'.
[  452.597857][T15060] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  452.606363][T15060] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  452.616631][T15060] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  452.622489][ T5307] Bluetooth: hci4: command tx timeout
[  452.673713][T15060] 8021q: adding VLAN 0 to HW filter on device bond0
[  452.693677][T15060] 8021q: adding VLAN 0 to HW filter on device team0
[  452.697754][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.700184][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[  452.707634][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.709729][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[  452.719169][T15060] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  452.722197][T15060] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  452.804048][T15060] 8021q: adding VLAN 0 to HW filter on device batadv0
[  452.819311][T15060] veth0_vlan: entered promiscuous mode
[  452.824194][T15060] veth1_vlan: entered promiscuous mode
[  452.835640][T15060] veth0_macvtap: entered promiscuous mode
[  452.838748][T15060] veth1_macvtap: entered promiscuous mode
[  452.846957][T15060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  452.851394][T15060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  452.854663][T15060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  452.857690][T15060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  452.861128][T15060] batman_adv: batadv0: Interface activated: batadv_slave_0
[  452.862506][ T5307] Bluetooth: hci1: command tx timeout
[  452.865342][T15060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  452.868775][T15060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  452.871558][T15060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  452.875241][T15060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  452.879866][T15060] batman_adv: batadv0: Interface activated: batadv_slave_1
[  452.886698][T15060] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.890165][T15060] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.894402][T15060] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.896923][T15060] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.922375][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.925476][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.934885][T13278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.937187][T13278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.257737][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  453.263009][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  453.263787][T15155] ipip0: entered promiscuous mode
[  453.266234][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  453.270110][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  453.272677][ T5948] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  453.275965][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  453.291768][T15156] lo speed is unknown, defaulting to 1000
[  453.452157][T10139] syz_tun (unregistering): left allmulticast mode
[  453.454786][T10139] syz_tun (unregistering): left promiscuous mode
[  453.456720][T10139] bridge0: port 3(syz_tun) entered disabled state
[  453.469829][T15156] chnl_net:caif_netlink_parms(): no params data found
[  453.533142][T15156] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.535290][T15156] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.537394][T15156] bridge_slave_0: entered allmulticast mode
[  453.539589][T15156] bridge_slave_0: entered promiscuous mode
[  453.558183][T15156] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.560638][T15156] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.562891][T15156] bridge_slave_1: entered allmulticast mode
[  453.565588][T15156] bridge_slave_1: entered promiscuous mode
[  453.598280][T15156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.604834][T15156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.625322][   T35] tipc: Node number set to 11578026
[  453.651151][T15156] team0: Port device team_slave_0 added
[  453.654633][T15156] team0: Port device team_slave_1 added
[  453.673061][T15156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  453.675349][T15156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  453.683204][T15156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  453.688115][T15156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  453.690194][T15156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  453.697729][T15156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  453.702772][ T6000] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  453.736632][T15156] hsr_slave_0: entered promiscuous mode
[  453.739030][T15156] hsr_slave_1: entered promiscuous mode
[  453.865865][ T6000] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  453.868255][ T6000] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.873101][ T6000] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  453.876567][ T6000] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  453.882803][ T6000] usb 5-1: Manufacturer: syz
[  453.885297][ T6000] usb 5-1: config 0 descriptor??
[  453.900416][   T11] bridge_slave_1: left allmulticast mode
[  453.902122][   T11] bridge_slave_1: left promiscuous mode
[  453.906073][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.909375][   T11] bridge_slave_0: left allmulticast mode
[  453.911038][   T11] bridge_slave_0: left promiscuous mode
[  453.913453][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.922766][ T6000] rc_core: IR keymap rc-hauppauge not found
[  453.924548][ T6000] Registered IR keymap rc-empty
[  453.932792][ T6000] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  453.936579][ T6000] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input95
[  453.959161][T15176] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2448'.
[  454.124185][ T6000] usb 5-1: USB disconnect, device number 38
[  454.259599][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  454.263661][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  454.266546][   T11] bond0 (unregistering): Released all slaves
[  454.338446][   T11] bond1 (unregistering): Released all slaves
[  454.342745][   T11] bond2 (unregistering): Released all slaves
[  454.412711][   T11] bond3 (unregistering): Released all slaves
[  454.416838][   T11] bond4 (unregistering): Released all slaves
[  454.493661][   T11] bond5 (unregistering): Released all slaves
[  454.497926][   T11] bond6 (unregistering): Released all slaves
[  454.565256][   T11] bond7 (unregistering): Released all slaves
[  454.676036][   T11] tipc: Left network mode
[  454.785611][T15186] netlink: 'syz.3.2449': attribute type 1 has an invalid length.
[  454.787879][T15186] netlink: 'syz.3.2449': attribute type 3 has an invalid length.
[  454.791197][T15186] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2449'.
[  454.918444][T15156] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  454.932670][T15156] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  454.953296][ T5307] Bluetooth: hci1: command tx timeout
[  454.963358][T15156] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  454.985915][T15156] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  455.056972][   T11] hsr_slave_0: left promiscuous mode
[  455.059764][   T11] hsr_slave_1: left promiscuous mode
[  455.062369][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  455.067258][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  455.345951][ T5307] Bluetooth: hci2: command tx timeout
[  455.736376][T15209] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2457'.
[  455.739558][   T11] team0 (unregistering): Port device team_slave_1 removed
[  455.820138][   T11] team0 (unregistering): Port device team_slave_0 removed
[  456.526603][   T63] smc: removing ib device s
z1
[  456.580073][T15219] FAULT_INJECTION: forcing a failure.
[  456.580073][T15219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.581458][T15156] 8021q: adding VLAN 0 to HW filter on device bond0
[  456.590644][T15219] CPU: 2 UID: 0 PID: 15219 Comm: syz.3.2459 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  456.590659][T15219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.590666][T15219] Call Trace:
[  456.590669][T15219]  <TASK>
[  456.590673][T15219]  dump_stack_lvl+0x16c/0x1f0
[  456.590692][T15219]  should_fail_ex+0x50a/0x650
[  456.590706][T15219]  _copy_from_user+0x2e/0xd0
[  456.590720][T15219]  get_compat_msghdr+0xa8/0x170
[  456.590733][T15219]  ? __pfx_get_compat_msghdr+0x10/0x10
[  456.590750][T15219]  ___sys_recvmsg+0x193/0x1a0
[  456.590761][T15219]  ? __pfx____sys_recvmsg+0x10/0x10
[  456.590770][T15219]  ? __fget_files+0x1fc/0x3a0
[  456.590782][T15219]  ? trace_lock_acquire+0x14e/0x1f0
[  456.590797][T15219]  ? __fget_files+0x206/0x3a0
[  456.590810][T15219]  do_recvmmsg+0x55d/0x740
[  456.590821][T15219]  ? __pfx_do_recvmmsg+0x10/0x10
[  456.590832][T15219]  ? vfs_write+0x306/0x1150
[  456.590849][T15219]  ? __fget_files+0x206/0x3a0
[  456.590860][T15219]  __sys_recvmmsg+0x21e/0x280
[  456.590871][T15219]  ? __pfx___sys_recvmmsg+0x10/0x10
[  456.590882][T15219]  ? __pfx_ksys_write+0x10/0x10
[  456.590894][T15219]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  456.590907][T15219]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.590921][T15219]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  456.590937][T15219]  __do_fast_syscall_32+0x73/0x120
[  456.590952][T15219]  do_fast_syscall_32+0x32/0x80
[  456.590973][T15219]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.590990][T15219] RIP: 0023:0xf7f56579
[  456.590998][T15219] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.591007][T15219] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  456.591017][T15219] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  456.591024][T15219] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  456.591030][T15219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.591035][T15219] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.591041][T15219] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.591052][T15219]  </TASK>
[  456.596108][T15156] 8021q: adding VLAN 0 to HW filter on device team0
[  456.623552][T15221] netlink: 'syz.3.2460': attribute type 1 has an invalid length.
[  456.630430][T13278] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.630879][T15221] netlink: 'syz.3.2460': attribute type 3 has an invalid length.
[  456.632250][T13278] bridge0: port 1(bridge_slave_0) entered forwarding state
[  456.636221][T15221] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2460'.
[  456.640710][ T1201] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.672814][ T1201] bridge0: port 2(bridge_slave_1) entered forwarding state
[  456.790323][T15228] ipip0: entered promiscuous mode
[  456.827093][T15156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  456.870385][T15156] veth0_vlan: entered promiscuous mode
[  456.879831][T15156] veth1_vlan: entered promiscuous mode
[  456.903275][T15156] veth0_macvtap: entered promiscuous mode
[  456.905976][T15156] veth1_macvtap: entered promiscuous mode
[  456.910974][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  456.920581][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.925192][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  456.928145][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.930958][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  456.934573][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.938373][T15156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  456.950650][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  456.954584][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.957416][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  456.960421][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.966254][T15156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  456.969372][T15156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  456.975035][T15156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  456.990076][T15156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.992920][T15156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.995542][T15156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.998222][T15156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  457.031999][ T5307] Bluetooth: hci1: command tx timeout
[  457.038524][   T11] IPVS: stop unused estimator thread 0...
[  457.083103][T13278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  457.085531][T13278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  457.097210][T13278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  457.099596][T13278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  457.289491][T15239] batadv0: entered promiscuous mode
[  457.292314][T15239] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2463'.
[  457.295539][T15238] batadv0: left promiscuous mode
[  457.422779][ T5307] Bluetooth: hci2: command tx timeout
[  457.976020][T15251] FAULT_INJECTION: forcing a failure.
[  457.976020][T15251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  457.979659][T15251] CPU: 3 UID: 0 PID: 15251 Comm: syz.0.2466 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  457.979673][T15251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  457.979678][T15251] Call Trace:
[  457.979682][T15251]  <TASK>
[  457.979686][T15251]  dump_stack_lvl+0x16c/0x1f0
[  457.979704][T15251]  should_fail_ex+0x50a/0x650
[  457.979718][T15251]  _copy_from_user+0x2e/0xd0
[  457.979732][T15251]  get_compat_msghdr+0xa8/0x170
[  457.979745][T15251]  ? __pfx_get_compat_msghdr+0x10/0x10
[  457.979761][T15251]  ___sys_sendmsg+0x1b0/0x1e0
[  457.979772][T15251]  ? __pfx____sys_sendmsg+0x10/0x10
[  457.979786][T15251]  ? __pfx_lock_release+0x10/0x10
[  457.979797][T15251]  ? trace_lock_acquire+0x14e/0x1f0
[  457.979810][T15251]  ? __fget_files+0x206/0x3a0
[  457.979824][T15251]  __sys_sendmsg+0x16e/0x220
[  457.979833][T15251]  ? __pfx___sys_sendmsg+0x10/0x10
[  457.979850][T15251]  __do_fast_syscall_32+0x73/0x120
[  457.979871][T15251]  do_fast_syscall_32+0x32/0x80
[  457.979885][T15251]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  457.979901][T15251] RIP: 0023:0xf73ce579
[  457.979908][T15251] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  457.979917][T15251] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  457.979927][T15251] RAX: ffffffffffffffda RBX: 0000000000000016 RCX: 0000000020000540
[  457.979932][T15251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  457.979938][T15251] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  457.979943][T15251] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  457.979949][T15251] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  457.979959][T15251]  </TASK>
[  458.057857][T15253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2467'.
[  458.105720][T15255] netlink: 'syz.0.2468': attribute type 1 has an invalid length.
[  458.107964][T15255] netlink: 'syz.0.2468': attribute type 3 has an invalid length.
[  458.110207][T15255] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2468'.
[  458.217191][   T39] kauditd_printk_skb: 25 callbacks suppressed
[  458.217206][   T39] audit: type=1804 audit(1738347183.669:50): pid=15260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2470" name="/newroot/28/file0" dev="tmpfs" ino=169 res=1 errno=0
[  458.653387][ T5988] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  459.054960][T15281] batadv0: entered promiscuous mode
[  459.059302][T15281] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2475'.
[  459.062369][T15280] batadv0: left promiscuous mode
[  459.102620][ T5307] Bluetooth: hci1: command tx timeout
[  459.217457][T15287] netlink: 'syz.2.2477': attribute type 1 has an invalid length.
[  459.219768][T15287] netlink: 'syz.2.2477': attribute type 3 has an invalid length.
[  459.222021][T15287] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2477'.
[  459.236783][T15289] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2478'.
[  459.512528][ T5307] Bluetooth: hci2: command tx timeout
[  460.737791][T15336] lo speed is unknown, defaulting to 1000
[  460.739443][T15336] lo speed is unknown, defaulting to 1000
[  460.741299][T15336] lo speed is unknown, defaulting to 1000
[  460.746886][T15336] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  460.753930][T15336] lo speed is unknown, defaulting to 1000
[  460.755968][T15336] lo speed is unknown, defaulting to 1000
[  460.757968][T15336] lo speed is unknown, defaulting to 1000
[  460.759946][T15336] lo speed is unknown, defaulting to 1000
[  460.764641][    T9] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  460.777627][T15333] lo speed is unknown, defaulting to 1000
[  460.935080][    T9] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  460.938279][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  460.942143][    T9] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  460.945372][    T9] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  460.948159][    T9] usb 6-1: Manufacturer: syz
[  460.950749][    T9] usb 6-1: config 0 descriptor??
[  461.002539][    T9] rc_core: IR keymap rc-hauppauge not found
[  461.006268][    T9] Registered IR keymap rc-empty
[  461.009577][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  461.014067][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input96
[  461.186186][ T6068] usb 6-1: USB disconnect, device number 32
[  462.030238][ T5988] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  462.641255][T15377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2503'.
[  463.097813][T15386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2506'.
[  463.392477][ T1486] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  463.461904][   T39] audit: type=1326 audit(1738347188.909:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15399 comm="syz.0.2512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  463.470580][   T39] audit: type=1326 audit(1738347188.909:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15399 comm="syz.0.2512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  463.484335][   T39] audit: type=1326 audit(1738347188.919:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15399 comm="syz.0.2512" exe="/syz-executor" sig=0 arch=40000003 syscall=99 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  463.492859][   T39] audit: type=1326 audit(1738347188.919:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15399 comm="syz.0.2512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  463.498833][   T39] audit: type=1326 audit(1738347188.919:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15399 comm="syz.0.2512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  463.543980][ T1486] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.547215][ T1486] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  463.550122][ T1486] usb 6-1: config 0 interface 0 has no altsetting 0
[  463.553146][ T1486] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00
[  463.555966][ T1486] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.559202][ T1486] usb 6-1: config 0 descriptor??
[  463.968100][ T1486] corsair-cpro 0003:1B1C:1D00.0003: item fetching failed at offset 0/1
[  463.970952][ T1486] corsair-cpro 0003:1B1C:1D00.0003: probe with driver corsair-cpro failed with error -22
[  464.049135][   T39] audit: type=1326 audit(1738347189.499:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15413 comm="syz.3.2518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  464.056359][   T39] audit: type=1326 audit(1738347189.499:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15413 comm="syz.3.2518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  464.062337][   T39] audit: type=1326 audit(1738347189.499:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15413 comm="syz.3.2518" exe="/syz-executor" sig=0 arch=40000003 syscall=96 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  464.068952][   T39] audit: type=1326 audit(1738347189.499:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15413 comm="syz.3.2518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  464.075840][   T39] audit: type=1326 audit(1738347189.499:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15413 comm="syz.3.2518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  464.116292][ T6068] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  464.164235][ T1486] usb 6-1: USB disconnect, device number 33
[  464.272483][ T6068] usb 5-1: Using ep0 maxpacket: 16
[  464.276000][ T6068] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  464.278958][ T6068] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  464.283098][ T6068] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  464.285791][ T6068] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.288092][ T6068] usb 5-1: Product: syz
[  464.289363][ T6068] usb 5-1: Manufacturer: syz
[  464.290744][ T6068] usb 5-1: SerialNumber: syz
[  464.507205][ T6068] usb 5-1: 0:2 : does not exist
[  464.512826][ T6068] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  464.524332][ T6068] usb 5-1: USB disconnect, device number 39
[  464.621741][T15428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2523'.
[  464.710689][T15434] syz.1.2526: attempt to access beyond end of device
[  464.710689][T15434] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  464.716429][T15434] FAT-fs (loop3): unable to read boot sector
[  464.723665][T15412] udevd[15412]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  466.012886][ T1486] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  466.913999][ T1486] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  467.917413][T15509] binfmt_misc: register: failed to install interpreter file ./file2
[  468.712498][ T5307] Bluetooth: hci0: command tx timeout
[  468.898657][   T39] kauditd_printk_skb: 36 callbacks suppressed
[  468.898668][   T39] audit: type=1326 audit(1738347194.339:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.910254][   T39] audit: type=1326 audit(1738347194.339:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.916348][   T39] audit: type=1326 audit(1738347194.339:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.922049][   T39] audit: type=1326 audit(1738347194.339:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.928144][   T39] audit: type=1326 audit(1738347194.339:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.934538][   T39] audit: type=1326 audit(1738347194.339:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.940265][   T39] audit: type=1326 audit(1738347194.339:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.946131][   T39] audit: type=1326 audit(1738347194.339:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.951848][   T39] audit: type=1326 audit(1738347194.339:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  468.958559][   T39] audit: type=1326 audit(1738347194.339:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15530 comm="syz.2.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  469.222839][T14497] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  469.473086][T14497] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  469.685263][T15543] veth0_vlan: entered allmulticast mode
[  469.700071][T15543] veth0_vlan: left promiscuous mode
[  469.702156][T15543] veth0_vlan: entered promiscuous mode
[  469.848508][   T11] Bluetooth: hci3: Frame reassembly failed (-84)
[  471.142627][   T35] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  471.235933][T15579] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  471.238561][T15579] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  471.295225][   T35] usb 7-1: config 0 has an invalid interface number: 220 but max is 0
[  471.298166][   T35] usb 7-1: config 0 has no interface number 0
[  471.301015][   T35] usb 7-1: New USB device found, idVendor=08ca, idProduct=0010, bcdDevice=48.e3
[  471.304082][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.307370][   T35] usb 7-1: config 0 descriptor??
[  471.311359][   T35] aiptek 7-1:0.220: interface has no int in endpoints, but must have minimum 1
[  471.516577][ T5988] usb 7-1: USB disconnect, device number 29
[  471.648085][T15585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2577'.
[  471.822516][ T5307] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  471.959956][T15597] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.962135][T15597] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.971118][   T11] Bluetooth: hci3: Frame reassembly failed (-84)
[  472.035678][T15597] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.043927][T15597] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.111615][T15597] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.116395][T15597] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.118903][T15597] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.121394][T15597] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.154324][T15597] ipip0: left promiscuous mode
[  472.161479][T15606] lo speed is unknown, defaulting to 1000
[  472.201600][T15606] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  472.204524][T15606] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  472.222674][ T5948] Bluetooth: hci2: command tx timeout
[  473.769879][T15646] 9pnet_virtio: no channels available for device 
[  473.982707][ T5948] Bluetooth: hci3: command 0x1003 tx timeout
[  473.985350][ T5307] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  475.306098][T15675] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  475.371094][   T39] kauditd_printk_skb: 32 callbacks suppressed
[  475.371104][   T39] audit: type=1326 audit(1738347200.819:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.379504][   T39] audit: type=1326 audit(1738347200.829:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.388177][   T39] audit: type=1326 audit(1738347200.839:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.395001][   T39] audit: type=1326 audit(1738347200.839:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.400832][   T39] audit: type=1326 audit(1738347200.839:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.407284][   T39] audit: type=1326 audit(1738347200.839:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.413577][   T39] audit: type=1326 audit(1738347200.849:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.419741][   T39] audit: type=1326 audit(1738347200.849:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.426254][   T39] audit: type=1326 audit(1738347200.849:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=231 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.432315][   T39] audit: type=1326 audit(1738347200.849:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  475.762954][ T6068] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  475.922497][ T6068] usb 7-1: Using ep0 maxpacket: 16
[  475.933179][ T6068] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.936353][ T6068] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  475.939156][ T6068] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  475.941862][ T6068] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.947388][ T6068] usb 7-1: config 0 descriptor??
[  475.965121][T15698] netlink: 'syz.0.2616': attribute type 16 has an invalid length.
[  475.967579][T15698] netlink: 'syz.0.2616': attribute type 17 has an invalid length.
[  476.369986][ T6068] usbhid 7-1:0.0: can't add hid device: -71
[  476.371987][ T6068] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  476.379736][ T6068] usb 7-1: USB disconnect, device number 30
[  476.508402][T15715] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2623'.
[  476.511097][T15715] netlink: 23 bytes leftover after parsing attributes in process `syz.3.2623'.
[  476.562474][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.564900][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.567700][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.569856][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.572096][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.574727][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.576929][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.579063][ T1486] hid-generic 0000:0000:0003.0004: unknown main item tag 0x0
[  476.581158][ T1486] hid-generic 0000:0000:0003.0004: item fetching failed at offset 8/48
[  476.584897][ T1486] hid-generic 0000:0000:0003.0004: probe with driver hid-generic failed with error -22
[  477.019607][ T5989] kernel read not supported for file /zero (pid: 5989 comm: kworker/3:3)
[  477.332511][    T8] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  477.482510][    T8] usb 7-1: Using ep0 maxpacket: 16
[  477.487067][    T8] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  477.490539][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.493669][    T8] usb 7-1: Product: syz
[  477.495287][    T8] usb 7-1: Manufacturer: syz
[  477.497136][    T8] usb 7-1: SerialNumber: syz
[  477.502140][    T8] r8152-cfgselector 7-1: Unknown version 0x0000
[  477.504614][    T8] r8152-cfgselector 7-1: config 0 descriptor??
[  477.567601][T15746] lo speed is unknown, defaulting to 1000
[  477.725739][    T8] r8152-cfgselector 7-1: Unknown version 0x0000
[  477.728174][    T8] r8152-cfgselector 7-1: bad CDC descriptors
[  477.731951][    T8] r8152-cfgselector 7-1: USB disconnect, device number 31
[  478.492573][   T56] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  478.642551][   T56] usb 6-1: Using ep0 maxpacket: 16
[  478.646978][   T56] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  478.649579][   T56] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.651931][   T56] usb 6-1: Product: syz
[  478.653225][   T56] usb 6-1: Manufacturer: syz
[  478.654620][   T56] usb 6-1: SerialNumber: syz
[  478.660582][   T56] usb 6-1: config 0 descriptor??
[  478.664644][   T56] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  478.668599][   T56] usb 6-1: Detected FT232H
[  478.722160][T15769] syzkaller0: entered promiscuous mode
[  478.725507][T15769] syzkaller0: entered allmulticast mode
[  478.869957][   T56] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  478.872742][   T56] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  478.875026][   T56] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  478.901740][   T56] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  478.908138][   T56] usb 6-1: USB disconnect, device number 34
[  478.922109][   T56] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  478.925474][   T56] ftdi_sio 6-1:0.0: device disconnected
[  481.088058][T15824] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2665'.
[  481.145390][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  481.145400][   T39] audit: type=1326 audit(481.091:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.153392][   T39] audit: type=1326 audit(481.091:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.159964][   T39] audit: type=1326 audit(481.101:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.166534][T15838] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2672'.
[  481.172039][   T39] audit: type=1326 audit(481.101:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.173685][T15838] netlink: 312 bytes leftover after parsing attributes in process `syz.1.2672'.
[  481.178778][   T39] audit: type=1326 audit(481.101:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.181694][T15838] netlink: 312 bytes leftover after parsing attributes in process `syz.1.2672'.
[  481.187961][   T39] audit: type=1326 audit(481.111:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.187983][   T39] audit: type=1326 audit(481.111:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.187999][   T39] audit: type=1326 audit(481.111:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.188015][   T39] audit: type=1326 audit(481.121:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.188031][   T39] audit: type=1326 audit(481.121:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.3.2670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  481.345935][T15855] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2678'.
[  481.842900][ T1486] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  484.323799][T15940] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2707'.
[  485.284371][T15977] lo speed is unknown, defaulting to 1000
[  487.352533][ T5989] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  487.465150][T16054] bridge1: entered promiscuous mode
[  487.503969][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  487.507167][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.510845][ T5989] usb 5-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  487.513569][ T5989] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  487.516354][ T5989] usb 5-1: Manufacturer: syz
[  487.519581][ T5989] usb 5-1: config 0 descriptor??
[  488.014005][   T39] kauditd_printk_skb: 22 callbacks suppressed
[  488.014017][   T39] audit: type=1326 audit(487.961:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16065 comm="syz.2.2754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  488.021966][   T39] audit: type=1326 audit(487.961:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16065 comm="syz.2.2754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  488.028851][   T39] audit: type=1326 audit(487.961:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16065 comm="syz.2.2754" exe="/syz-executor" sig=0 arch=40000003 syscall=105 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  488.035405][   T39] audit: type=1326 audit(487.961:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16065 comm="syz.2.2754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  488.041399][   T39] audit: type=1326 audit(487.961:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16065 comm="syz.2.2754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5f579 code=0x7ffc0000
[  488.326871][   T39] audit: type=1326 audit(488.271:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.0.2745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  488.335308][   T39] audit: type=1326 audit(488.271:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.0.2745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  488.342346][   T39] audit: type=1326 audit(488.281:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.0.2745" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  488.348812][   T39] audit: type=1326 audit(488.281:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.0.2745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  488.354938][   T39] audit: type=1326 audit(488.281:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.0.2745" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  488.401416][ T5989] usbhid 5-1:0.0: can't add hid device: -71
[  488.403504][ T5989] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  488.415873][ T5989] usb 5-1: USB disconnect, device number 40
[  488.616139][T16083] syz.1.2760 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  488.974998][T16088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2762'.
[  489.715237][T16098] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  489.908486][T16105] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  489.913204][T16105] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]
[  489.917331][T16105] CPU: 3 UID: 0 PID: 16105 Comm: syz.0.2768 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  489.921753][T16105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.922388][T16107] ip6gre1: entered allmulticast mode
[  489.925733][T16105] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  489.929844][T16105] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d 3a 1d ca 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 f7 78 93 0f 84
[  489.937005][T16105] RSP: 0018:ffffc9000ea5f978 EFLAGS: 00010006
[  489.939297][T16105] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  489.942265][T16105] RDX: 0000000000000003 RSI: 1ffff92001d4bf41 RDI: 0000000000000018
[  489.945246][T16105] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  489.948207][T16105] R10: ffffffff905fc517 R11: 0000000000000006 R12: 0000000000000018
[  489.951147][T16105] R13: ffff88801f984880 R14: 0000000000000000 R15: 0000000000000000
[  489.954168][T16105] FS:  0000000000000000(0000) GS:ffff88802b700000(0063) knlGS:00000000f5056b40
[  489.957505][T16105] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  489.959959][T16105] CR2: 0000000000000000 CR3: 0000000025d44000 CR4: 0000000000352ef0
[  489.962916][T16105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  489.965872][T16105] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  489.968823][T16105] Call Trace:
[  489.970082][T16105]  <TASK>
[  489.971196][T16105]  ? die_addr+0x3b/0xa0
[  489.972765][T16105]  ? exc_general_protection+0x155/0x230
[  489.974861][T16105]  ? asm_exc_general_protection+0x26/0x30
[  489.977021][T16105]  ? __lock_acquire+0xe4/0x3c40
[  489.978847][T16105]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  489.980644][T16105]  ? find_held_lock+0x2d/0x110
[  489.982101][T16105]  ? __pfx_mark_lock+0x10/0x10
[  489.983520][T16105]  ? __queue_work+0x431/0x1080
[  489.984951][T16105]  ? __pfx_lock_release+0x10/0x10
[  489.986431][T16105]  ? __pfx___lock_acquire+0x10/0x10
[  489.987948][T16105]  lock_acquire.part.0+0x11b/0x380
[  489.989454][T16105]  ? add_wait_queue+0x45/0x230
[  489.990857][T16105]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  489.992492][T16105]  ? rcu_is_watching+0x12/0xc0
[  489.993924][T16105]  ? trace_lock_acquire+0x14e/0x1f0
[  489.995446][T16105]  ? queue_work_on+0x9d/0x140
[  489.996831][T16105]  ? add_wait_queue+0x45/0x230
[  489.998228][T16105]  ? lock_acquire+0x2f/0xb0
[  489.999557][T16105]  ? add_wait_queue+0x45/0x230
[  490.000958][T16105]  _raw_spin_lock_irqsave+0x3a/0x60
[  490.002475][T16105]  ? add_wait_queue+0x45/0x230
[  490.003873][T16105]  add_wait_queue+0x45/0x230
[  490.005233][T16105]  virtio_transport_release+0x644/0xa40
[  490.006843][T16105]  ? find_held_lock+0x2d/0x110
[  490.008246][T16105]  ? __pfx_virtio_transport_release+0x10/0x10
[  490.010015][T16105]  ? __pfx_lock_release+0x10/0x10
[  490.011484][T16105]  ? __pfx_woken_wake_function+0x10/0x10
[  490.013118][T16105]  ? mark_held_locks+0x9f/0xe0
[  490.014531][T16105]  ? __local_bh_enable_ip+0xa4/0x120
[  490.016079][T16105]  __vsock_release+0x109/0x580
[  490.017488][T16105]  ? __pfx_down_write+0x10/0x10
[  490.018910][T16105]  vsock_release+0x99/0x130
[  490.020252][T16105]  __sock_release+0xb0/0x270
[  490.021624][T16105]  ? __pfx_sock_close+0x10/0x10
[  490.023040][T16105]  sock_close+0x1c/0x30
[  490.024255][T16105]  __fput+0x3ff/0xb70
[  490.025434][T16105]  ? _raw_spin_unlock_irq+0x23/0x50
[  490.026942][T16105]  task_work_run+0x14e/0x250
[  490.028290][T16105]  ? __pfx_task_work_run+0x10/0x10
[  490.029782][T16105]  ? __pfx___do_sys_close_range+0x10/0x10
[  490.031442][T16105]  syscall_exit_to_user_mode+0x27b/0x2a0
[  490.033077][T16105]  __do_fast_syscall_32+0x80/0x120
[  490.034588][T16105]  do_fast_syscall_32+0x32/0x80
[  490.036019][T16105]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  490.037855][T16105] RIP: 0023:0xf73ce579
[  490.039046][T16105] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  490.044549][T16105] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 00000000000001b4
[  490.046947][T16105] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00000000ffffffff
[  490.049223][T16105] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  490.051491][T16105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  490.053808][T16105] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  490.056092][T16105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  490.058386][T16105]  </TASK>
[  490.059308][T16105] Modules linked in:
[  490.060468][T16105] ---[ end trace 0000000000000000 ]---
[  490.062051][T16105] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  490.063662][T16105] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d 3a 1d ca 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 f7 78 93 0f 84
[  490.069162][T16105] RSP: 0018:ffffc9000ea5f978 EFLAGS: 00010006
[  490.070918][T16105] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  490.073199][T16105] RDX: 0000000000000003 RSI: 1ffff92001d4bf41 RDI: 0000000000000018
[  490.075474][T16105] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  490.077746][T16105] R10: ffffffff905fc517 R11: 0000000000000006 R12: 0000000000000018
[  490.080015][T16105] R13: ffff88801f984880 R14: 0000000000000000 R15: 0000000000000000
[  490.082295][T16105] FS:  0000000000000000(0000) GS:ffff88802b700000(0063) knlGS:00000000f5056b40
[  490.084880][T16105] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  490.086796][T16105] CR2: 0000000000000000 CR3: 0000000025d44000 CR4: 0000000000352ef0
[  490.089093][T16105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  490.091388][T16105] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  490.093697][T16105] Kernel panic - not syncing: Fatal exception
[  490.095953][T16105] Kernel Offset: disabled
[  490.097231][T16105] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:13:35  Registers:
info registers vcpu 0

CPU#0
RAX=0000000001239a4c RBX=0000000000000000 RCX=ffffffff8b463e39 RDX=ffffed1005686f7e
RSI=ffffffff8bd2c300 RDI=ffffffff818ff929 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20
R8 =0000000000000000 R9 =ffffed1005686f7d R10=ffff88802b437beb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff905fc510 R15=0000000000000000
RIP=ffffffff8b46521f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057b2f4c0 CR3=000000006724c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffff888041d7e9d8 RBX=ffff888041d7e9d8 RCX=ffffffff822730a6 RDX=0000000000000000
RSI=0000000000000004 RDI=ffff888041d7e9d8 RBP=ffff888041d7e990 RSP=ffffc900037475d8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=000000000000001e
R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff821bb322 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f455c0 CR3=0000000052868000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000052cee4 RBX=0000000000000002 RCX=ffffffff8b463e39 RDX=ffffed10056c6f7e
RSI=ffffffff8bd2c300 RDI=ffffffff818ff929 RBP=ffffed1003ad8000 RSP=ffffc9000048fe08
R8 =0000000000000000 R9 =ffffed10056c6f7d R10=ffff88802b637beb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6c0000 R14=ffffffff905fc510 R15=0000000000000000
RIP=ffffffff8b46521f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000562ece081c08 CR3=000000002995e000 CR4=00352ef0
DR0=0000000000000006 DR1=0000000000003609 DR2=000000000000029f DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853824b5 RDI=ffffffff9aacfea0 RBP=ffffffff9aacfe60 RSP=ffffc9000ea5f2f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9aacfe60 R15=0000000000000000
RIP=ffffffff853824df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000025d44000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000