last executing test programs:

22.911587253s ago: executing program 3 (id=1996):
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1345, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
socket$netlink(0x10, 0x3, 0xc)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="89e7ee00000000", 0x7}], 0x1)
setreuid(0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
request_key(&(0x7f00000003c0)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, 0x0, 0xfffffffffffffffe)
ptrace(0x11, r1)
writev(0xffffffffffffffff, &(0x7f0000000140), 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000000)={'macvlan0\x00', {0x2, 0x4e22, @local}})
open(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="050000000000006000000300f4e7617b652274616d28dda7f9bfc14bccda9933b12522ad26e87b7091cbec8dea3f1047083463803f04005998fc10d2d8f12a08e8f6c16d9682bcd08d9d8ab8530943e488ccda9152c75f2bca0400d59547983b48b7b28359c07982a9c01746204c2761fc5852bbaab49fe5ac1688a1b7338d8a7257ad8f5cab9feb93a2f99d31bd6d4a1637a1af0294cd1ff79b5d46fea8d8cc4539db2b3e84", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x23c080, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, 0x0)
socket(0x9, 0x800, 0x2010001)

22.5619287s ago: executing program 3 (id=2001):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0'}, 0xb)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xcb, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010300800000000000000c00"], 0x14}}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140002001400010600000000050080002b000000"], 0x14}}, 0x0)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000180)='ntfs3\x00', 0x8, 0x0)

21.439629255s ago: executing program 3 (id=2005):
r0 = io_uring_setup(0x7ac3, &(0x7f0000000080)={0x0, 0x0, 0x10d2})
io_uring_register$IORING_REGISTER_IOWQ_AFF(r0, 0x11, &(0x7f0000000000), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x170, 0x30, 0x1, 0x70bd26, 0x0, {}, [{0x15c, 0x1, [@m_ct={0x110, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0xd0, 0x6, "67807190503c942a4b94c5d7eceb1848e924e3c8cfc6dc90d7169ba90183be35a12bce2f9fb3c0d9c38fbcd456f692fe64916aa0f247021d5e10619724f40b31146e5a0f0769dc6f3e59ad4f2e6b478cf79246e48bb9d0766e848bdcde85616cf6cb05a5bcc297bf8cee3157684fe8de8108c1b7b7ad6f9c40f207d0c32eadad2cda74333af74e844e2448dd0d266d67f57ad05683a21b679b8cfe0038c45bd3da73f0b109f6c73b1c2b3d2b5113f3e4c7d6b528238111a564d538782093ab57243180a1fade7376f9024124"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x170}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000100)='binfmt_misc\x00', 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r4, 0x0, 0x48c, &(0x7f0000000440)={0x2, 'syzkaller1\x00', 0x3}, 0x18)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfffffd9d)

17.621648958s ago: executing program 0 (id=2018):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[], 0xa0}}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r0, 0x4e4b, &(0x7f0000000000))

17.483297465s ago: executing program 0 (id=2020):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
open$dir(0x0, 0x4ba502, 0x2fc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x6, 0x2)

16.205918433s ago: executing program 0 (id=2024):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x5c, r1, 0x5, 0xc00, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x60}]}, 0x5c}}, 0x0)

16.083400892s ago: executing program 0 (id=2025):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r5, 0x40082102, &(0x7f0000000080)=r6)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={r6, 0x2, r3, 0x3})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r4, 0x0, 0x4000, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10408, 0x8}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r7, r1)
r8 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xef1d, 0x3010, 0x1}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

15.104746803s ago: executing program 0 (id=2028):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x236, &(0x7f0000000400)={0x0, 0xf691, 0x10100, 0x0, 0x2b5}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
getpeername$packet(r5, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x14, 0x5, 0x5ae, 0xc, 0x8b04, 0xffffffffffffffff, 0x8, '\x00', r6, 0xffffffffffffffff, 0x1, 0x4, 0x400002, 0x0, @value=r5, @void, @void, @value}, 0x50)
openat$binder_debug(0xffffff9c, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x2)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x20000004)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r8 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)

14.569935695s ago: executing program 0 (id=2030):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f000000a380)="065748d9b7201aa0b78b7de922fadebde23085f7286d91a9a726e31c8d5bdde37cf9143da9cd46109b49bfaa90276cb858b34bbd86ce50be3ca34a012e8debba01cdabb953229b8b9e107bcd8176718c3e464ba51397fb2a9b0419e22faa0fe47c404a80e947345384857c843ac837c137cb2f80dc3eb198cd04df6dc7debcee1348a2e9f31610357bff2511876fc419aee012d479e33599e4c2f2004c4bc139f8e2d93b3aa078a7b3e2c6a800a9e99cfe5668cb3a92e286d073e2adfd49e4ed76ecd7b257b95955d2d4b908fb6d7eae977beffe662f044fc72361d6000314d2c1949bd77a974562172e0a6576e7503bc15503721b3002d48dff082f393f344f483da6431f200db0bef07361ee5ad0cdb3beef2046df35e705c46615cd99801287dd68a3ed4cd3e64474162b32a992c84224f9f873138bbb2905b773e79411c7a5da36490f6432e2c02f381b0992a65d24276e9d4f38518d6eb343e10e6087c30b660661543e4cd7aa52eaab5a599216396cc88205d0f1fc8d571b513ba28a841206ae80aea64d1817b1c68183a2fc11cca719c1a2892d023274487d7278522aca7f0094abc81ee44cf34635371889518c572cfd431f9ef293afed5e27b5b53ae2b2702d88ff531c801877dd232cd74ae66aecc2a2d6269696994444d15a50870300db65c764e55e0855dc6e658d84e9c7b7b35a0ce03d1fc1ca4d40f0419d48903c9de8d23d1fd9f20cedf2fc1c2fa18082fa88ab9694ef3ca98b732bb9b067c339ce4c52cf0f1e226c4a8f9bedbdc339e49f48eecd108501e944506ca688d47ee34bd76a3c6584f4840718c2c1f5325e1abde71c42f93055c00046f6444eadb46c0026bd69d80819eb9d66dbec1d69f3915e2ecee5e8f3fe8d6e7706373c0f104da9724f4ce08c454c02ac78a85ae3375dc4354eff648abc61b3f50f6e5cfdde78606de33e15cc13ad41caf3e40591711624132ca7f2b9e865d675e046fd0692d6d7154478722277103327265e77ec0612324c6c3997212060863ebbdf1aea928954e0d8b30ba196bcaacbb49674fe6815d45548fdfdca20fb5628ba26c67dcca0f2edfa8587f00188724eeadade9c9ef907d87bb4c3ef4dd4b9eb3ce00aa58e5735514204ec66c3f5b286e0aa6748e2b238357b571fd74184424b92afc07e58d4bc1ae0332f27b40b4eba38bde14a29825566086c10f383fcb44158f7113d70055ddc0729f3b820c921eea1c612016ba48d4705f251ddcd7f006b005cffa5465c354b7ba2cc2d6814b8a12199007e3309451d85db070a91fcc0e9408a6f00bd6ea7d39981e124b9f47dbc87b6cb81254d15afa535cc8380578e502a7ba710f777777852797f9d0bd31131ce725d36725a59dde63674007a92616fcab1e289f3b592e1f2ba52aed2e6e209e1b8f1e791ac4bf76a06b63d16df391d4306c03e7e69aa7f1e66e249be67318d41437853d4f89d360c98771ba0efe69a039f15c04e0f2690d7cfd14408c4b1dd18132af1107b19d728689a8300083a84e131316b48be17ff9961b6282c1ef2a8d8179987350b2ec9fa1d53f1f2024c3ffcd5057287c76a28a3274602ff71efb05d879992c06a8e08739c192f61ac3c4da7522ed53b3af0e0171511744a170f9b59bd203889e6a523198c28cd17ac642547a96d7e617ee0af59ea60fc8f991583ab35bdce1a7b55c41592b237e5b93b7401d56380ee2673d3197e3de56e1ebd6a3c47e49ba156a6465e3b6d7d2a7a4a18690a816d831ccda929c7c3ba4d7c3eda1825941ae7b7eae1e157440e1085dbf1783db6cf5ff21a2f357fd3caea58a92d0249983255a27cd7271020caaf94dc11d43e490a29ac0ee2ae7fbbee2bd4160cf87a8c1bd2815b93ca6ff0f1a58e036dbc32fdbd7a645bf28b330a313fabd3ee1a552f9a801c1360fd962cd7238247acce9e94662828f8294e820d557965503619da71a46b8ea0e6dd671793d6b95d2b91672c28e9f5bcd00d6002dd2514321df80e9b1087736f6c3836ec53f88c62a24b193b780c4600855749b4dcd966679ce329f49700b7e5e81c69dee3f944db6e7abc722dd477585dee084ad30007a8dc3a14d7cf247c6e79c66a5c0b656f89bec73bec2bf8d6a122e82b69d591e31b6bb16988b577c939528431d254b70d657f65882552898f8a8362c27bfd038d4263a744bfdb1d75a2c0640103532179a8d4a8aa5990a9cd1bcf50a6ad2b9dc0c6aa843275bc658389f518238035818c43e1bedb037fd064634e4d1c1dc3d88798e526ad1a8e6ac65bc5f84271211079c917f5db94ae032b9c31c7dfdfea3e541089f047f2695fc65e05c2c59dae4460ff54d52e9bc0b3921f77b5aeab1f588896753ebc583da303cde439a8e303e55f98134e2a7ae3cf9f7308cdee5e1971ea353ab9e5a070833b0ffba2aa3aa7de25a56472e99b7b5f6be08910626cdd55e9f438f5144f33976280cbf90738ac7f3d544f2f68e91209155c858ed7dea622740ae27be77376119dfabbae10f88082f50862151ee8ea345779933de42d62eecd9111b4225640cddf53a01614fa60b73e0144380bc4ad019048bb3ea2e77271dfe4e41c8d45fbe650137a0bbd23d8a6e8d82fb506a0f9d8322cb2bddbdecdb2c0675b0652f6eb36bb4644a6912a2e48b4791022dc7d7a8185f59145cb0c5c79b9a7cb608d0de9518002c442e7aa8f7f1a66e5c73a521c156ea80d857db4c8825b6cf8ce624a6d410f25e9e6a59f51ad5cf653a83c79d3a2fef5581843d923aeb94db2697ec4fa00e300719ff9c5829bb99704d94e4bc9997c645e7db0ffb40c2f5bbf3ee38e060aff51bdf027f54396b21485a0223c382853338d2bfce45dc0b15a4d5eca797186798195bc7b2ad733851656fcb65f80bd1222520463edd1e6ea91ec8c0ab5e9a2194095fd1bc827a6c93b0cce274f2bb8253d41a860e7fa675f1b3c5810dae9296f090e269aad4ce1fb9dab2009b83ed28772fca57492b5bbc1548a983ebb17c21285b0e38f3096db173fcce32ca57f7ac03ea907218f2ebc8b172154e2b79aef23455a93481f2ed5218e5075ba1db7b66c50526bf013485045c5eb173df6b79f9e63c13106b33655c63c2ad3d2e11bd2a45e7205046878d845411c00c2cae49afdc4ee9b8964e99d77d0428efd2cc7269d15c7517ee403d7ac42884bccb8aa8ff78226241a5e44140b8431eed9a441982976066b9c474ecb2d275341f95fdf3cf5386c350f00cabc58c5a877d8ae4811fa824f841b949cc168c0d03b9d27e3bbcd0dc5fc3f0accf68c4e03d52785155482a250f769f81d109b0231201d5ae78d38f13648e10d6637bcaf4ba54223e4fe86f598e60540d0c1ecde18929480cadbcc43210d9ef515aac4246aa88028f06f3ba5c29511f21f636c29f4ef3a6c725fcd6154be0182476dbdd0502c198fb92b37df83fc7aba910db906aaddbbb50307cae65b0f8ec9b93129747af1b836cfeacb51209c0fd465f7bc22437dcabd17d618e904043032b12c525664f87e3c4b698f8f09baa7e5dea3444331cf9be77d48286257aefb0e631e3e910ac29de8cd18380508a4d9e2e19f810352933847e651be135cac0bedf4aac280cf8fbbcd01de324e50b00e32ae830a0b2e273bd3af2b126b2149499d3055596c9a1e8666c05f202b8a76fcf316fc524b8de7632e9014a63f9378edac8fcf2520a3535c55833ac0c61d332d3ece1891090d151eb4a95e801bb11410dc7356d742dacff2153ddcfe1e4784fb70dbff3cb0b1745e69ca09b0d0a2dd5d3898e99f79f71c3e6524989c0e09b5a6fbeaa788fa28600702b8293546051eaac79c8caa6527b396f9878b7ac78cd0a243847b86b30cb8add0f9e26f7c35b0cda5b07d3789056f224937d815c2f026945eee3d4473aa46b0192b6faee92252d9d5bbff3194b9ebed539dea987bcd48c1445ea9e429a947b955876c7cf9360e580f38a7dbacd7257454198aaf3018601583c63aecde81915aa068ffa320e9d915f8d026534d992c5303f94c40d9bda02d4d74dc98e2b766d731f6b8e1474fa5d5400822808439678ca5c7ba8aadab2fbf3b78bcf779629db33c9278732dfb2d33f7fb27de3a80e6c467c6a4e0d09fcca9ad9edb16a87d77f7d5d00ae9c31b868fc767684e4086d8fa73be4dac01c80cd67b4833ebd199147725f35d89d357ebc30d33a756d39f6b83ec013e1ece2c0a5e7a89886bc3f7bb3360d554ce9bd52ac5b8ee48a0f05c8de19d403487321146a2ec091da62b7840dc95a905396a80f1a8dbcbac0d949fc3d56944634e32e69d0d6ae37506db7274a1f05b68d1f38b5b117b75881d5e1a617e894052be9d9546e3bd06f4c91e29a1e28c2b3273b3354993c6af189150d7ffcea609f88eacdb90bff39c1469851d3513d14b22ae9888b9ae916cb26ea3a4554ea4492ebeeaec2987b6df8925d21772ae72f685cde759b61db4e63a3dc6081d6bb41bc4c6c3dd0a60e27a05320d62bcb97393d8100119e969da03f748b1c704deb834f1367439187aa6c3b9b3db28ea068b87658c3f79b5b8664b6e548f24f66afa60b423a70784299126c5b064e9be1f2d4a825acfe23de7d2d161ca4593e9d0703cd3731520d09aa1b72bf95165baf7aca7f0052a0f6e7f3bd5a9969d48b6a6002d4513431f27ec938254a635f5a7c68e927aaa54509065a9f78eda2d8f086e297bd5305dc42e9f96f6fc3b2a17c832776bb0cef34d62eb933b3e7ecf8e4beb1a6540f563d9c9a88203f48b3b978718fa15b8e2b1ffb4667bf3cda922700a89b1bbe39d7ce149fd0d3a50dc17ea5eaad611c627f4f94438c05ebb35fdf88cc6c8fda5b6e6486e39e3efd219be5863bdd3b4bee4b09df2033008ce53cc39b6bfb3c0d4b1cda24737deb79bd9ff189e35d471163886190f5882c8443dec42b48fcd451212376f39f0312342e7b62dd733fc73d3e11fd43a7c24b80400314aad26e6d22b52fa9c8cea85ade80948bd8abea17b25978e9cb0980209056b80295f2eb6f953f1cd36e6eac86ec17a2fb2bfdc9a5eb7186b2fe3341f3ad82846a17993c7cdb148d65eaf0bee316252d2e9c268447d497005888ae68edf96ec97b8f86672abf3e2e039f04ff5b0e169f6106ae1941f9faa755582a4742e10882bff6cf15d5d64ebc84e0c1f4af1f9a91c9711fae41a8dd729d7f3c4739558aff77968e7ea29cf63bc3adc013fb427da5e9edb19f1fb7059eb2fdc35e9fc8022f0bd260ac7cb426bbf405ce59f44715370024d870bd56f6d3a8651d9a391253e7e5467437e022f0124afa1c5380bee17555ef126865312fa6cee8dedd66b6008f0d4988c4ec03a96bf2a341df62aeb1162ed0421b9bee22d6ce30666ee7df599d04c9c43f392b19ad0a616565bbbbce1946a30ebb61b86936b82ef4c3536c3519f251cba3c4e815e1fef58745ae5ea3d1204c0a6dd4927812b144681dc4ffca7e5bcb933a517f05f91d5232b9eb9d8e75152afa50d62b11df24fb82b249f467fb1adb66b0ed933e3ca9d411527c8d5467dd2c5fb84d708b83c59b3b516d8cc273824063a76b94aeb9c577789bb6fd182c6bfabe0539bf8c2b01f266f3c7d33f768aa89f57f32f0d433b4d75e39dd88bbb978d6212080adf36a74a7d8d96dee94c37b8cfe43ef73eb4e83845e13f46d3c29ddff3d54442923fa68e86123f340ec0fe225b9232c09f942db2871dda8851e6154926c400da5ea34b12d6425c47db84b18adb8e18d70b0cfb31be51d8957f5b26e8170b40acb37b3e0ff991fa0f9a92449fafe30c82dbe03a4732070771d797e7659182d1030a1325a6b7c2d5fe51c87c02ba779089c211db7ffcb2fc5594465707b5baecbae7ffb416d2535a4255811b180659e61547f54d839809ae61a7531718a50c9c6f29e12aed1615000f11be8f6668dc83520de17eb64a2e7782a9e10fa8d4ab8bf2a4f73263e0668515c683abf251e8c467dd8fca06e1c1f1ee72907d28b1e151edd6629b6594c8d4a66b3bb2669347e846c76427693f1c9d2160a2bd5757018d1c79dc34148f8f46ba365b692c4ea6724a8e65ed66a28164bce9f8aeafb17b49486f4281e10126d5dcb75dc885e5a388378642b9197cda99718edbb98a0b98d51faaa37208dbf7642c8d64a19b10073e30bf0e654a537a40eb74f08156f805143c299ac9092498cd0800d4d1703a8d867a7efcc677762a71870470a8ce1e4655b350805231ded49255f299101b36eee5f657f261298c9e1f285bac3419c368025f5bf0144256eb75d37b99b4d2bc69f4b24128e6b222c463b3d0320a89d43d6efb74bf35d6d41f2e320105aca2e3362a91fbb259752dcbf4039aebbea6433813d637027b5cc93bb659d99d7be3d9af84802a8036bcc80146290e4868021ee0b873da8cff62caaca96fa4f2f3210ec2a63bc63f43bca0367c5ee6a24627218855fe659068445a7a64943364a14df7a49a569b9a9007d49eff51985eeb3a97edae677e3d9d269703a972bdc694796e3a8013c492ebc7ea0b3e47ff2b3495705459d070559ceb6c92be5fac6312dcf93ac5b3c0575d4016ff211efe161df8443b57d51dba1f9cb9d2724d1bb5fb744c372d60c05bc20083b77a01a119713726879b997185f25abb869da9ba903bd40cdffaee3f863746595e5d4d6b630f46659d7cfec576dfae74f8b2c57c5c34b50174c7311d402f2299c074b288681d526dcfe10291afd93bc8780e5994a5f3b500394d5bcb8496035667ad5dacf0b610f0760eae71456d5cd1c81067e78dbec0de9242b65549434981322f5340b4abc7cc9ab54b22f8a33413355c32e29294a81fe5e0338e3f975a064c58d734a09d632f599260b9370034c0a9356a9d4ab58e72803475cb95a6dc4334351a257b2dfb7afb5709e008a77b4730c564936857834be2aed8365dcc3f7cc15f98585b02d448428324f652485e66eccbd87cc69c03abcc62de27c6c38c774343f128c54ff71d2146d80432549df7f7e4076652a4914e54b85a97e6d055d50c6212aa3bf723d9110c2488f88f6bef16666e224ce339c3fc07ebfb8bee55d8f68fc736151a530b573827b16f820df72c26674ba883544143c63904f2d955c9d79069f5c8cfc71d1288a95befc6ecfedc3b28f761d3628ae5285fd767f78011457be099f217830e4d9db7759b101768af743058fd678efde72ca10d8c6dc0f01748e71e9138e7e023cc2735f98c6095cc963274a0947702a3d9bce0eff3c84616c243a3055cd46f3af40ef2caf86178fc93da0d189c2cbe11271d3933b557a1b38fbc16e98f790b91d10468ae9216a9d155830cf9990a88d2991ecf966a1cfd664e6427680133e14a23d11bc4fd5a9020c5f1b7bd3ebe319d351b6aeffa4ea9364fe322aaf814f5982528b034c23cf8935c1e75bd18e06e9ec4dc7bd638965b00356484404527652bd125960b2898284b339b8d3199568a28b7f873737015b5712dd770ccdfa9dbdcdd37cf075d84dc67815afa219ccc9717f0b82f9336104b5c19a68bf6b838fff7e3fdc6a7067c88d40af83cdeb72907d57eab0794bdb9e7dd520c98665fc54eeef9be50d6b836390e60dd9d124639213d8f97abcc0ce2c8331a43232ac184ed11525b025e3cc590567eb9d151d62b76a1f15948460489a3a84fe49ea8e058c7636c5a15dc67c88d0df6724eab919f6eebc56f340ff8a862f2a88a339a5cb8541b434255cfdb2ac622c0ebaedce683b425bfff76b291409ec53afb6cd5a8b9b998972514125b417f7e9ae34b7a2e33f794706b767c644efe482ba46988915132e1c3cb2ec434af8326d8b22b2043e0f3d80a08fc5997afeb7c4c5c60cd38a687d100cc3ac811781d9978942a155e1e0e9427751e9f6d32814e8a2b96f15565eda33c89b0aeff1536b1ba4bf36f207c3507d3df89b50cef6318ab411d5721b2703ffd301a8992b4d61e34ada52bba910915180eb12a3c821dd97866a66ce9634bb9d6db7772b8fbbef35c11b4f69d4c6a156129b309de5e1b1c3718abf8e4d479046966e4686d7d2917d8a8d1f627ee4fe41469d6839d67dfd5f51503879371c33b130b68c0608e6509352d3ac8016f6c3dd8342249981141887673e0fbb145bea824b2ba6f140a3d22af3813f90256dae0a5d068d97a0d050f2aa1ccdaf329d5d898e90a18931e1053db28adf2931a33cc00836188e12205d18af01a2c54353b27b915cdf9b427c0b17e04099f8b7a43ccfc6bbc3516baae5d7cab3f123a43b623bce7a9e0dc55c5ed5cffe8afd1b404b27fb85fe9455a157c163e8c389695a8063d69eab25d252aa6a43872a6bdabeb382860b38aaf4825f3e5b56a84c5967de64ce7061ebf18f99f3472883329708b4c61f66ead92f457c8a9e8086d3f9d345e0337d0c9766732260473e75311ecb9f7bf610ba222555a8b14711f21bb76cd49a275409eb9d67640a3923759c0c4af42c2bec765a338c18f5c5857fc5cfe80be88da826f1f3867c04257d5b72727f7bff17d08cee8b7a28d074de0f451c9ca373abbbcd092071b0b71795d5e7a62159b37dcf902b0f610c8de0ec2fabae735871e56533cb3a754d6bd39dcf0a0085afb173fc85f3a42fd0bbceae9b2593502eaf2008e177686294930c8155d5621d8369f33541e2fcaadf191c6887a0104a5d87dae8c9488d870fe2e415ec0298a7da20f29c38252389166f304f5bb5d358cec045338c502bce1ae981fcac892c42aa56b6b867341405773cacb63eda91723b7c612a55dc2d9b602149d4728e964a5183d8cecdda8e97fdd6711cb0915921ca737c9fa9e56f8638f38c99cd9c2c48be548639f8d10c7afeea759ff10cd0c7e761e3a317061523c1d91015ee538b703f1e83bd460bd2a44aed8ee40ca9ba02c5126e5e5664c11df8b25e93418e2a1bdeea1113f5a4871dd001074f0f0d03d9d289690ad698115ff45e608d6d46a17250dcb409ffb4e053fdb4a9e359e466eb08fbdd19edc697765ac43c0e3ec192415a8cb5ada08247b9553eb0d9318872c0a711f995be72c402e792a3fb91b8444d0a66bef376db69eaa0bfe487db30554b236b7cd1377ba22fa1f7b0ca48125a0f27957b0984f8fa11a6e49c731f50c58f7e78d155c52c9072db463a37b3591bdc9a370260bfaa7d845cc4090c5edce816ad282184f3a02c3802405e9c888b4f0ca4517eb5499e68cfc5944934e626030aad8cc5e725e961a66d4613f9d28914858e07c8ce7d474c92ad5f5996e8e827d151729c8f55ad7ff405922c04162a745a7dbc2228807bb96acf40c350aff8fafeb6053f1bff920cec2809257deb1b57f705fe76e06409242955b9e3df523d2ead5ade85dafbf33b5c5722320556cb64e2eb1fcb6a087941c047cea24b535b5d36b5064783b7c0f3f7706cd486c0d8aacb7325e089c0cdd3d08fc87ed3a7402b9cbeefccf1beb051b655745cb491dbb505fc966702c5dbaa72ea6fa54cefdb6288bf489d5c80ed5b8ea5b266f248826e48f872ad1238c2d76f8bf7afc1d7c4a47964741fcba94c328c6740daf60ff783c2379fc45aa9172a43a83390b9525be41eccea840b05756c82b84690f5bd1268ae6164442c1b39efd8e31afc51d463fc4f01f0311daaaae2acb3f634cc257f3278542a416a69e4447ccb77afdd966f4c3fcdfa5bcc0eef02f15d5bda90eddb41b9523c3e37ed0c0d0bd79da91789bce33f59e9a28de77a2ce60365ced233dead6ecbde9ccbe6cd97864ae6063eaf10ce2af4597d22ceca973a72a561e3da7d773b21c71a3d273fdec4f978bbe493c4b17c55dd2fb722d22dc72ff056ec1949b27b7872f9cba69f044e6bff58b699f8c7bd00dab055c95d520436277de40d821cbd1574f63edec7a6b0cd558b977bba421659f2076c85fcc4be012ef3407a1b11aedf226795a61237d34c4cc7b5266542a72db471fbd54b47cb3b59fed8cbac6b0bb348f30904ff87126654b9b04682a2e72632b90a59acabcb1f1d52afabef4096860350f0c8282f3f70bd0393a80d96dfa076ae340a961d47bd29143768e67cf1904cafa56a76bec785a68fc0b6f1e6ee45182463214eb37b51eb967ba09d41714621b81fd4330dd9455cfcb7ba5baffee0686ef17965c29d1976eb1c69236a4ce61781fe9e8734667b35f610dcd47b2d4060e219d0342c06ce1ef5a6ffebbcb77bccbe94c047fc828112d0a82948f60d5afd4df5bee1fb5c709d05ae81fddbb2ddcc44b9cf0b1d99d3d873d13f6ab8d1c45df8adfed2bf171ca2db4c702586b63c3a7cc73a58cc538780029a80a5b8d09eab132646f8c98d47a9005991dc6a3f3d95b636d780be323be0a5eeb42e352a5351a473f65f8e2cc4cd470133b5cb9b59d444f1cc301b37c2cedf29744f68a40aa6cffa3dfbb5967f4ab3128a2ccfcd7f65d0584c35dac57a4ee266934c0449db1557b51ad6f9770e169c4dd31f9f47528a44409d112696964d3d6adf9ded4261783f63c9b6e0c0d07a292137edd3042821d2d8d6bee28e15c853818cb563384641e38feda07991c155c6e3ec1d8ece6a7f98cf25de3f03a477367e62e32b15a11d59a60eec2dffe84fe50387d7b6c2ebf6c933c35668464277dbb4bf4f27cf0b5bee138366458f3f34bc4d4eb7a6d999de9a20eddd96b88fd7866f1022a2db946cf19f996720fb44dd6c1be3322130429877b9c54a46348da05f9a52589a6a19edea80942985f459b8c4b270d0ec4a9f498f833b9c0f5c815065c2bb75cc248d6041caed90ef1d66b60e5a4585fe48c6723b750d75ce01e34700da77ccd3fd81f060a6a49301151e7926ae13fe58b791ce1e5cb5a1e960ccc8c7e3d07506c6790c949eec49dd45b4e8fde85a1f337446b269088bf8f5517ed30dd22fcdcc747ad756dd6ef3059fb72900bc6708a7f384f6e64d06ac68ff3850167dd4d20bd4e78ee3ba1dd85a90ee3af3d71ca45471375a3c2eda1bc6735be407a05e36d5972a59e7429985f481bd2e9444d82a9b0ee68d598c9ab8cdc0c535459821cae4e73a7bf76a5419e365d7847e865accda1da75300b1e695eaa10e14869564da3f7b2e8f8d369bc1a7b6d1924ee0982d0a77375ea7b98bb1c358cccc89041d29a2b0a797f78e55fbb32bfe5d9dd5e7422c085f0a287b22bae4769d68518ffffe559cf4d999826dd60216aae4a191b6e20b11923827382662c53cf6c367dbdd4929ab09364214bb43ceae2d13c9fa989b10609bbefd61ce0880a01394127138c3c33e1a15aca603418f759c31e697ffff9a4cd94b2fa21249b880ed9a9093096c518209dcab0124ff237715d59de99d74195e5e2bce80cc436ff0dd2ba5d27409e6b5ea77bd06e5bbdc97ed85063e8d323bfeb9fc31be007b13094a11b020fa3b62e24fca1d472d13498e158c1932b5af994f66d24a1d48931d88dc0d03e06986e27b3a01fa0f9e1395d2f1f4180d6c1b9c2b71f8c3508c0307e92dad460d30bffd16d225712a20d041028c8819d8bcc4023b8e42b8e56becb3430284ccaef7891ec17450a9c1e243b528540a8434c2212e98356b935ecdb40b90b6097ef4e9504c25ff7db8bb61ab561ff5bb76d7acc994c9f598b9", 0x2000, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x6, 0x80000001, 0x0, {0x5, 0x4, 0x7, 0x4, 0x0, 0x4, 0xfffffff8, 0x88, 0x6, 0x8000, 0x2686, r2, r3, 0x10001}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
lseek(r4, 0x5a03e851, 0x3)

14.183200149s ago: executing program 32 (id=2030):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f000000a380)="065748d9b7201aa0b78b7de922fadebde23085f7286d91a9a726e31c8d5bdde37cf9143da9cd46109b49bfaa90276cb858b34bbd86ce50be3ca34a012e8debba01cdabb953229b8b9e107bcd8176718c3e464ba51397fb2a9b0419e22faa0fe47c404a80e947345384857c843ac837c137cb2f80dc3eb198cd04df6dc7debcee1348a2e9f31610357bff2511876fc419aee012d479e33599e4c2f2004c4bc139f8e2d93b3aa078a7b3e2c6a800a9e99cfe5668cb3a92e286d073e2adfd49e4ed76ecd7b257b95955d2d4b908fb6d7eae977beffe662f044fc72361d6000314d2c1949bd77a974562172e0a6576e7503bc15503721b3002d48dff082f393f344f483da6431f200db0bef07361ee5ad0cdb3beef2046df35e705c46615cd99801287dd68a3ed4cd3e64474162b32a992c84224f9f873138bbb2905b773e79411c7a5da36490f6432e2c02f381b0992a65d24276e9d4f38518d6eb343e10e6087c30b660661543e4cd7aa52eaab5a599216396cc88205d0f1fc8d571b513ba28a841206ae80aea64d1817b1c68183a2fc11cca719c1a2892d023274487d7278522aca7f0094abc81ee44cf34635371889518c572cfd431f9ef293afed5e27b5b53ae2b2702d88ff531c801877dd232cd74ae66aecc2a2d6269696994444d15a50870300db65c764e55e0855dc6e658d84e9c7b7b35a0ce03d1fc1ca4d40f0419d48903c9de8d23d1fd9f20cedf2fc1c2fa18082fa88ab9694ef3ca98b732bb9b067c339ce4c52cf0f1e226c4a8f9bedbdc339e49f48eecd108501e944506ca688d47ee34bd76a3c6584f4840718c2c1f5325e1abde71c42f93055c00046f6444eadb46c0026bd69d80819eb9d66dbec1d69f3915e2ecee5e8f3fe8d6e7706373c0f104da9724f4ce08c454c02ac78a85ae3375dc4354eff648abc61b3f50f6e5cfdde78606de33e15cc13ad41caf3e40591711624132ca7f2b9e865d675e046fd0692d6d7154478722277103327265e77ec0612324c6c3997212060863ebbdf1aea928954e0d8b30ba196bcaacbb49674fe6815d45548fdfdca20fb5628ba26c67dcca0f2edfa8587f00188724eeadade9c9ef907d87bb4c3ef4dd4b9eb3ce00aa58e5735514204ec66c3f5b286e0aa6748e2b238357b571fd74184424b92afc07e58d4bc1ae0332f27b40b4eba38bde14a29825566086c10f383fcb44158f7113d70055ddc0729f3b820c921eea1c612016ba48d4705f251ddcd7f006b005cffa5465c354b7ba2cc2d6814b8a12199007e3309451d85db070a91fcc0e9408a6f00bd6ea7d39981e124b9f47dbc87b6cb81254d15afa535cc8380578e502a7ba710f777777852797f9d0bd31131ce725d36725a59dde63674007a92616fcab1e289f3b592e1f2ba52aed2e6e209e1b8f1e791ac4bf76a06b63d16df391d4306c03e7e69aa7f1e66e249be67318d41437853d4f89d360c98771ba0efe69a039f15c04e0f2690d7cfd14408c4b1dd18132af1107b19d728689a8300083a84e131316b48be17ff9961b6282c1ef2a8d8179987350b2ec9fa1d53f1f2024c3ffcd5057287c76a28a3274602ff71efb05d879992c06a8e08739c192f61ac3c4da7522ed53b3af0e0171511744a170f9b59bd203889e6a523198c28cd17ac642547a96d7e617ee0af59ea60fc8f991583ab35bdce1a7b55c41592b237e5b93b7401d56380ee2673d3197e3de56e1ebd6a3c47e49ba156a6465e3b6d7d2a7a4a18690a816d831ccda929c7c3ba4d7c3eda1825941ae7b7eae1e157440e1085dbf1783db6cf5ff21a2f357fd3caea58a92d0249983255a27cd7271020caaf94dc11d43e490a29ac0ee2ae7fbbee2bd4160cf87a8c1bd2815b93ca6ff0f1a58e036dbc32fdbd7a645bf28b330a313fabd3ee1a552f9a801c1360fd962cd7238247acce9e94662828f8294e820d557965503619da71a46b8ea0e6dd671793d6b95d2b91672c28e9f5bcd00d6002dd2514321df80e9b1087736f6c3836ec53f88c62a24b193b780c4600855749b4dcd966679ce329f49700b7e5e81c69dee3f944db6e7abc722dd477585dee084ad30007a8dc3a14d7cf247c6e79c66a5c0b656f89bec73bec2bf8d6a122e82b69d591e31b6bb16988b577c939528431d254b70d657f65882552898f8a8362c27bfd038d4263a744bfdb1d75a2c0640103532179a8d4a8aa5990a9cd1bcf50a6ad2b9dc0c6aa843275bc658389f518238035818c43e1bedb037fd064634e4d1c1dc3d88798e526ad1a8e6ac65bc5f84271211079c917f5db94ae032b9c31c7dfdfea3e541089f047f2695fc65e05c2c59dae4460ff54d52e9bc0b3921f77b5aeab1f588896753ebc583da303cde439a8e303e55f98134e2a7ae3cf9f7308cdee5e1971ea353ab9e5a070833b0ffba2aa3aa7de25a56472e99b7b5f6be08910626cdd55e9f438f5144f33976280cbf90738ac7f3d544f2f68e91209155c858ed7dea622740ae27be77376119dfabbae10f88082f50862151ee8ea345779933de42d62eecd9111b4225640cddf53a01614fa60b73e0144380bc4ad019048bb3ea2e77271dfe4e41c8d45fbe650137a0bbd23d8a6e8d82fb506a0f9d8322cb2bddbdecdb2c0675b0652f6eb36bb4644a6912a2e48b4791022dc7d7a8185f59145cb0c5c79b9a7cb608d0de9518002c442e7aa8f7f1a66e5c73a521c156ea80d857db4c8825b6cf8ce624a6d410f25e9e6a59f51ad5cf653a83c79d3a2fef5581843d923aeb94db2697ec4fa00e300719ff9c5829bb99704d94e4bc9997c645e7db0ffb40c2f5bbf3ee38e060aff51bdf027f54396b21485a0223c382853338d2bfce45dc0b15a4d5eca797186798195bc7b2ad733851656fcb65f80bd1222520463edd1e6ea91ec8c0ab5e9a2194095fd1bc827a6c93b0cce274f2bb8253d41a860e7fa675f1b3c5810dae9296f090e269aad4ce1fb9dab2009b83ed28772fca57492b5bbc1548a983ebb17c21285b0e38f3096db173fcce32ca57f7ac03ea907218f2ebc8b172154e2b79aef23455a93481f2ed5218e5075ba1db7b66c50526bf013485045c5eb173df6b79f9e63c13106b33655c63c2ad3d2e11bd2a45e7205046878d845411c00c2cae49afdc4ee9b8964e99d77d0428efd2cc7269d15c7517ee403d7ac42884bccb8aa8ff78226241a5e44140b8431eed9a441982976066b9c474ecb2d275341f95fdf3cf5386c350f00cabc58c5a877d8ae4811fa824f841b949cc168c0d03b9d27e3bbcd0dc5fc3f0accf68c4e03d52785155482a250f769f81d109b0231201d5ae78d38f13648e10d6637bcaf4ba54223e4fe86f598e60540d0c1ecde18929480cadbcc43210d9ef515aac4246aa88028f06f3ba5c29511f21f636c29f4ef3a6c725fcd6154be0182476dbdd0502c198fb92b37df83fc7aba910db906aaddbbb50307cae65b0f8ec9b93129747af1b836cfeacb51209c0fd465f7bc22437dcabd17d618e904043032b12c525664f87e3c4b698f8f09baa7e5dea3444331cf9be77d48286257aefb0e631e3e910ac29de8cd18380508a4d9e2e19f810352933847e651be135cac0bedf4aac280cf8fbbcd01de324e50b00e32ae830a0b2e273bd3af2b126b2149499d3055596c9a1e8666c05f202b8a76fcf316fc524b8de7632e9014a63f9378edac8fcf2520a3535c55833ac0c61d332d3ece1891090d151eb4a95e801bb11410dc7356d742dacff2153ddcfe1e4784fb70dbff3cb0b1745e69ca09b0d0a2dd5d3898e99f79f71c3e6524989c0e09b5a6fbeaa788fa28600702b8293546051eaac79c8caa6527b396f9878b7ac78cd0a243847b86b30cb8add0f9e26f7c35b0cda5b07d3789056f224937d815c2f026945eee3d4473aa46b0192b6faee92252d9d5bbff3194b9ebed539dea987bcd48c1445ea9e429a947b955876c7cf9360e580f38a7dbacd7257454198aaf3018601583c63aecde81915aa068ffa320e9d915f8d026534d992c5303f94c40d9bda02d4d74dc98e2b766d731f6b8e1474fa5d5400822808439678ca5c7ba8aadab2fbf3b78bcf779629db33c9278732dfb2d33f7fb27de3a80e6c467c6a4e0d09fcca9ad9edb16a87d77f7d5d00ae9c31b868fc767684e4086d8fa73be4dac01c80cd67b4833ebd199147725f35d89d357ebc30d33a756d39f6b83ec013e1ece2c0a5e7a89886bc3f7bb3360d554ce9bd52ac5b8ee48a0f05c8de19d403487321146a2ec091da62b7840dc95a905396a80f1a8dbcbac0d949fc3d56944634e32e69d0d6ae37506db7274a1f05b68d1f38b5b117b75881d5e1a617e894052be9d9546e3bd06f4c91e29a1e28c2b3273b3354993c6af189150d7ffcea609f88eacdb90bff39c1469851d3513d14b22ae9888b9ae916cb26ea3a4554ea4492ebeeaec2987b6df8925d21772ae72f685cde759b61db4e63a3dc6081d6bb41bc4c6c3dd0a60e27a05320d62bcb97393d8100119e969da03f748b1c704deb834f1367439187aa6c3b9b3db28ea068b87658c3f79b5b8664b6e548f24f66afa60b423a70784299126c5b064e9be1f2d4a825acfe23de7d2d161ca4593e9d0703cd3731520d09aa1b72bf95165baf7aca7f0052a0f6e7f3bd5a9969d48b6a6002d4513431f27ec938254a635f5a7c68e927aaa54509065a9f78eda2d8f086e297bd5305dc42e9f96f6fc3b2a17c832776bb0cef34d62eb933b3e7ecf8e4beb1a6540f563d9c9a88203f48b3b978718fa15b8e2b1ffb4667bf3cda922700a89b1bbe39d7ce149fd0d3a50dc17ea5eaad611c627f4f94438c05ebb35fdf88cc6c8fda5b6e6486e39e3efd219be5863bdd3b4bee4b09df2033008ce53cc39b6bfb3c0d4b1cda24737deb79bd9ff189e35d471163886190f5882c8443dec42b48fcd451212376f39f0312342e7b62dd733fc73d3e11fd43a7c24b80400314aad26e6d22b52fa9c8cea85ade80948bd8abea17b25978e9cb0980209056b80295f2eb6f953f1cd36e6eac86ec17a2fb2bfdc9a5eb7186b2fe3341f3ad82846a17993c7cdb148d65eaf0bee316252d2e9c268447d497005888ae68edf96ec97b8f86672abf3e2e039f04ff5b0e169f6106ae1941f9faa755582a4742e10882bff6cf15d5d64ebc84e0c1f4af1f9a91c9711fae41a8dd729d7f3c4739558aff77968e7ea29cf63bc3adc013fb427da5e9edb19f1fb7059eb2fdc35e9fc8022f0bd260ac7cb426bbf405ce59f44715370024d870bd56f6d3a8651d9a391253e7e5467437e022f0124afa1c5380bee17555ef126865312fa6cee8dedd66b6008f0d4988c4ec03a96bf2a341df62aeb1162ed0421b9bee22d6ce30666ee7df599d04c9c43f392b19ad0a616565bbbbce1946a30ebb61b86936b82ef4c3536c3519f251cba3c4e815e1fef58745ae5ea3d1204c0a6dd4927812b144681dc4ffca7e5bcb933a517f05f91d5232b9eb9d8e75152afa50d62b11df24fb82b249f467fb1adb66b0ed933e3ca9d411527c8d5467dd2c5fb84d708b83c59b3b516d8cc273824063a76b94aeb9c577789bb6fd182c6bfabe0539bf8c2b01f266f3c7d33f768aa89f57f32f0d433b4d75e39dd88bbb978d6212080adf36a74a7d8d96dee94c37b8cfe43ef73eb4e83845e13f46d3c29ddff3d54442923fa68e86123f340ec0fe225b9232c09f942db2871dda8851e6154926c400da5ea34b12d6425c47db84b18adb8e18d70b0cfb31be51d8957f5b26e8170b40acb37b3e0ff991fa0f9a92449fafe30c82dbe03a4732070771d797e7659182d1030a1325a6b7c2d5fe51c87c02ba779089c211db7ffcb2fc5594465707b5baecbae7ffb416d2535a4255811b180659e61547f54d839809ae61a7531718a50c9c6f29e12aed1615000f11be8f6668dc83520de17eb64a2e7782a9e10fa8d4ab8bf2a4f73263e0668515c683abf251e8c467dd8fca06e1c1f1ee72907d28b1e151edd6629b6594c8d4a66b3bb2669347e846c76427693f1c9d2160a2bd5757018d1c79dc34148f8f46ba365b692c4ea6724a8e65ed66a28164bce9f8aeafb17b49486f4281e10126d5dcb75dc885e5a388378642b9197cda99718edbb98a0b98d51faaa37208dbf7642c8d64a19b10073e30bf0e654a537a40eb74f08156f805143c299ac9092498cd0800d4d1703a8d867a7efcc677762a71870470a8ce1e4655b350805231ded49255f299101b36eee5f657f261298c9e1f285bac3419c368025f5bf0144256eb75d37b99b4d2bc69f4b24128e6b222c463b3d0320a89d43d6efb74bf35d6d41f2e320105aca2e3362a91fbb259752dcbf4039aebbea6433813d637027b5cc93bb659d99d7be3d9af84802a8036bcc80146290e4868021ee0b873da8cff62caaca96fa4f2f3210ec2a63bc63f43bca0367c5ee6a24627218855fe659068445a7a64943364a14df7a49a569b9a9007d49eff51985eeb3a97edae677e3d9d269703a972bdc694796e3a8013c492ebc7ea0b3e47ff2b3495705459d070559ceb6c92be5fac6312dcf93ac5b3c0575d4016ff211efe161df8443b57d51dba1f9cb9d2724d1bb5fb744c372d60c05bc20083b77a01a119713726879b997185f25abb869da9ba903bd40cdffaee3f863746595e5d4d6b630f46659d7cfec576dfae74f8b2c57c5c34b50174c7311d402f2299c074b288681d526dcfe10291afd93bc8780e5994a5f3b500394d5bcb8496035667ad5dacf0b610f0760eae71456d5cd1c81067e78dbec0de9242b65549434981322f5340b4abc7cc9ab54b22f8a33413355c32e29294a81fe5e0338e3f975a064c58d734a09d632f599260b9370034c0a9356a9d4ab58e72803475cb95a6dc4334351a257b2dfb7afb5709e008a77b4730c564936857834be2aed8365dcc3f7cc15f98585b02d448428324f652485e66eccbd87cc69c03abcc62de27c6c38c774343f128c54ff71d2146d80432549df7f7e4076652a4914e54b85a97e6d055d50c6212aa3bf723d9110c2488f88f6bef16666e224ce339c3fc07ebfb8bee55d8f68fc736151a530b573827b16f820df72c26674ba883544143c63904f2d955c9d79069f5c8cfc71d1288a95befc6ecfedc3b28f761d3628ae5285fd767f78011457be099f217830e4d9db7759b101768af743058fd678efde72ca10d8c6dc0f01748e71e9138e7e023cc2735f98c6095cc963274a0947702a3d9bce0eff3c84616c243a3055cd46f3af40ef2caf86178fc93da0d189c2cbe11271d3933b557a1b38fbc16e98f790b91d10468ae9216a9d155830cf9990a88d2991ecf966a1cfd664e6427680133e14a23d11bc4fd5a9020c5f1b7bd3ebe319d351b6aeffa4ea9364fe322aaf814f5982528b034c23cf8935c1e75bd18e06e9ec4dc7bd638965b00356484404527652bd125960b2898284b339b8d3199568a28b7f873737015b5712dd770ccdfa9dbdcdd37cf075d84dc67815afa219ccc9717f0b82f9336104b5c19a68bf6b838fff7e3fdc6a7067c88d40af83cdeb72907d57eab0794bdb9e7dd520c98665fc54eeef9be50d6b836390e60dd9d124639213d8f97abcc0ce2c8331a43232ac184ed11525b025e3cc590567eb9d151d62b76a1f15948460489a3a84fe49ea8e058c7636c5a15dc67c88d0df6724eab919f6eebc56f340ff8a862f2a88a339a5cb8541b434255cfdb2ac622c0ebaedce683b425bfff76b291409ec53afb6cd5a8b9b998972514125b417f7e9ae34b7a2e33f794706b767c644efe482ba46988915132e1c3cb2ec434af8326d8b22b2043e0f3d80a08fc5997afeb7c4c5c60cd38a687d100cc3ac811781d9978942a155e1e0e9427751e9f6d32814e8a2b96f15565eda33c89b0aeff1536b1ba4bf36f207c3507d3df89b50cef6318ab411d5721b2703ffd301a8992b4d61e34ada52bba910915180eb12a3c821dd97866a66ce9634bb9d6db7772b8fbbef35c11b4f69d4c6a156129b309de5e1b1c3718abf8e4d479046966e4686d7d2917d8a8d1f627ee4fe41469d6839d67dfd5f51503879371c33b130b68c0608e6509352d3ac8016f6c3dd8342249981141887673e0fbb145bea824b2ba6f140a3d22af3813f90256dae0a5d068d97a0d050f2aa1ccdaf329d5d898e90a18931e1053db28adf2931a33cc00836188e12205d18af01a2c54353b27b915cdf9b427c0b17e04099f8b7a43ccfc6bbc3516baae5d7cab3f123a43b623bce7a9e0dc55c5ed5cffe8afd1b404b27fb85fe9455a157c163e8c389695a8063d69eab25d252aa6a43872a6bdabeb382860b38aaf4825f3e5b56a84c5967de64ce7061ebf18f99f3472883329708b4c61f66ead92f457c8a9e8086d3f9d345e0337d0c9766732260473e75311ecb9f7bf610ba222555a8b14711f21bb76cd49a275409eb9d67640a3923759c0c4af42c2bec765a338c18f5c5857fc5cfe80be88da826f1f3867c04257d5b72727f7bff17d08cee8b7a28d074de0f451c9ca373abbbcd092071b0b71795d5e7a62159b37dcf902b0f610c8de0ec2fabae735871e56533cb3a754d6bd39dcf0a0085afb173fc85f3a42fd0bbceae9b2593502eaf2008e177686294930c8155d5621d8369f33541e2fcaadf191c6887a0104a5d87dae8c9488d870fe2e415ec0298a7da20f29c38252389166f304f5bb5d358cec045338c502bce1ae981fcac892c42aa56b6b867341405773cacb63eda91723b7c612a55dc2d9b602149d4728e964a5183d8cecdda8e97fdd6711cb0915921ca737c9fa9e56f8638f38c99cd9c2c48be548639f8d10c7afeea759ff10cd0c7e761e3a317061523c1d91015ee538b703f1e83bd460bd2a44aed8ee40ca9ba02c5126e5e5664c11df8b25e93418e2a1bdeea1113f5a4871dd001074f0f0d03d9d289690ad698115ff45e608d6d46a17250dcb409ffb4e053fdb4a9e359e466eb08fbdd19edc697765ac43c0e3ec192415a8cb5ada08247b9553eb0d9318872c0a711f995be72c402e792a3fb91b8444d0a66bef376db69eaa0bfe487db30554b236b7cd1377ba22fa1f7b0ca48125a0f27957b0984f8fa11a6e49c731f50c58f7e78d155c52c9072db463a37b3591bdc9a370260bfaa7d845cc4090c5edce816ad282184f3a02c3802405e9c888b4f0ca4517eb5499e68cfc5944934e626030aad8cc5e725e961a66d4613f9d28914858e07c8ce7d474c92ad5f5996e8e827d151729c8f55ad7ff405922c04162a745a7dbc2228807bb96acf40c350aff8fafeb6053f1bff920cec2809257deb1b57f705fe76e06409242955b9e3df523d2ead5ade85dafbf33b5c5722320556cb64e2eb1fcb6a087941c047cea24b535b5d36b5064783b7c0f3f7706cd486c0d8aacb7325e089c0cdd3d08fc87ed3a7402b9cbeefccf1beb051b655745cb491dbb505fc966702c5dbaa72ea6fa54cefdb6288bf489d5c80ed5b8ea5b266f248826e48f872ad1238c2d76f8bf7afc1d7c4a47964741fcba94c328c6740daf60ff783c2379fc45aa9172a43a83390b9525be41eccea840b05756c82b84690f5bd1268ae6164442c1b39efd8e31afc51d463fc4f01f0311daaaae2acb3f634cc257f3278542a416a69e4447ccb77afdd966f4c3fcdfa5bcc0eef02f15d5bda90eddb41b9523c3e37ed0c0d0bd79da91789bce33f59e9a28de77a2ce60365ced233dead6ecbde9ccbe6cd97864ae6063eaf10ce2af4597d22ceca973a72a561e3da7d773b21c71a3d273fdec4f978bbe493c4b17c55dd2fb722d22dc72ff056ec1949b27b7872f9cba69f044e6bff58b699f8c7bd00dab055c95d520436277de40d821cbd1574f63edec7a6b0cd558b977bba421659f2076c85fcc4be012ef3407a1b11aedf226795a61237d34c4cc7b5266542a72db471fbd54b47cb3b59fed8cbac6b0bb348f30904ff87126654b9b04682a2e72632b90a59acabcb1f1d52afabef4096860350f0c8282f3f70bd0393a80d96dfa076ae340a961d47bd29143768e67cf1904cafa56a76bec785a68fc0b6f1e6ee45182463214eb37b51eb967ba09d41714621b81fd4330dd9455cfcb7ba5baffee0686ef17965c29d1976eb1c69236a4ce61781fe9e8734667b35f610dcd47b2d4060e219d0342c06ce1ef5a6ffebbcb77bccbe94c047fc828112d0a82948f60d5afd4df5bee1fb5c709d05ae81fddbb2ddcc44b9cf0b1d99d3d873d13f6ab8d1c45df8adfed2bf171ca2db4c702586b63c3a7cc73a58cc538780029a80a5b8d09eab132646f8c98d47a9005991dc6a3f3d95b636d780be323be0a5eeb42e352a5351a473f65f8e2cc4cd470133b5cb9b59d444f1cc301b37c2cedf29744f68a40aa6cffa3dfbb5967f4ab3128a2ccfcd7f65d0584c35dac57a4ee266934c0449db1557b51ad6f9770e169c4dd31f9f47528a44409d112696964d3d6adf9ded4261783f63c9b6e0c0d07a292137edd3042821d2d8d6bee28e15c853818cb563384641e38feda07991c155c6e3ec1d8ece6a7f98cf25de3f03a477367e62e32b15a11d59a60eec2dffe84fe50387d7b6c2ebf6c933c35668464277dbb4bf4f27cf0b5bee138366458f3f34bc4d4eb7a6d999de9a20eddd96b88fd7866f1022a2db946cf19f996720fb44dd6c1be3322130429877b9c54a46348da05f9a52589a6a19edea80942985f459b8c4b270d0ec4a9f498f833b9c0f5c815065c2bb75cc248d6041caed90ef1d66b60e5a4585fe48c6723b750d75ce01e34700da77ccd3fd81f060a6a49301151e7926ae13fe58b791ce1e5cb5a1e960ccc8c7e3d07506c6790c949eec49dd45b4e8fde85a1f337446b269088bf8f5517ed30dd22fcdcc747ad756dd6ef3059fb72900bc6708a7f384f6e64d06ac68ff3850167dd4d20bd4e78ee3ba1dd85a90ee3af3d71ca45471375a3c2eda1bc6735be407a05e36d5972a59e7429985f481bd2e9444d82a9b0ee68d598c9ab8cdc0c535459821cae4e73a7bf76a5419e365d7847e865accda1da75300b1e695eaa10e14869564da3f7b2e8f8d369bc1a7b6d1924ee0982d0a77375ea7b98bb1c358cccc89041d29a2b0a797f78e55fbb32bfe5d9dd5e7422c085f0a287b22bae4769d68518ffffe559cf4d999826dd60216aae4a191b6e20b11923827382662c53cf6c367dbdd4929ab09364214bb43ceae2d13c9fa989b10609bbefd61ce0880a01394127138c3c33e1a15aca603418f759c31e697ffff9a4cd94b2fa21249b880ed9a9093096c518209dcab0124ff237715d59de99d74195e5e2bce80cc436ff0dd2ba5d27409e6b5ea77bd06e5bbdc97ed85063e8d323bfeb9fc31be007b13094a11b020fa3b62e24fca1d472d13498e158c1932b5af994f66d24a1d48931d88dc0d03e06986e27b3a01fa0f9e1395d2f1f4180d6c1b9c2b71f8c3508c0307e92dad460d30bffd16d225712a20d041028c8819d8bcc4023b8e42b8e56becb3430284ccaef7891ec17450a9c1e243b528540a8434c2212e98356b935ecdb40b90b6097ef4e9504c25ff7db8bb61ab561ff5bb76d7acc994c9f598b9", 0x2000, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x6, 0x80000001, 0x0, {0x5, 0x4, 0x7, 0x4, 0x0, 0x4, 0xfffffff8, 0x88, 0x6, 0x8000, 0x2686, r2, r3, 0x10001}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
lseek(r4, 0x5a03e851, 0x3)

9.684943548s ago: executing program 1 (id=2041):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0'}, 0xb)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xcb, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010300800000000000000c0000"], 0x14}}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140002001400010600000000050080002b000000"], 0x14}}, 0x0)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000180)='ntfs3\x00', 0x8, 0x0)

9.371022304s ago: executing program 3 (id=2042):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x0, 0x0, 0x0)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x3, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000040)={0xd54})
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r4=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ppoll(&(0x7f0000000140)=[{r2, 0x1}], 0x1, &(0x7f00000001c0), &(0x7f0000000200)={[0x0, 0x7]}, 0x8)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)
dup(0xffffffffffffffff)
r8 = accept4(r7, 0x0, 0x0, 0x0)
recvfrom(r8, &(0x7f0000000080)=""/175, 0x59000, 0x0, 0x0, 0x10000000000000)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x235, 0x0, 0x0, &(0x7f0000000280))
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r9, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @remote}, 0x10)
socket$netlink(0x10, 0x3, 0x14)

9.2125312s ago: executing program 2 (id=2043):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='illinois\x00', 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7c, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffe, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$bt_sco(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000280)={0x0, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000300)={&(0x7f00000001c0), 0x0, r3})
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000c40)="5c00000016006bab9a3fe3d86e17aa0a046b876c060048007ea60864160af36504811a0038001d001931a0e69ee517d34460be06000000a705251e6182949a9a7b9bcb84c9f4d4938037e70e4509c5bb4de385aa2adb88a899a655ab", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110c230000)
recvmsg$kcm(r6, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x40002120)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038", 0x1d, 0x0, 0x0, 0x0)

3.187084622s ago: executing program 2 (id=2044):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
open$dir(0x0, 0x4ba502, 0x2fc)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x6, 0x2)

3.18628172s ago: executing program 1 (id=2045):
syz_emit_ethernet(0xe, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x1002, 0x4, 0x3d8, 0x1ec, 0x0, 0xf00, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xbc, 0xe0}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0x1ec}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@multicast, @rand_addr=0x64010102, @rand_addr=0x64010101, 0x4, 0x1}}}, {{@arp={@remote, @remote, 0xff000000, 0x80800000, 0x6, 0x4, {@mac=@multicast, {[0x0, 0x0, 0x0, 0x0, 0xff, 0xff]}}, {@mac=@local, {[0x0, 0xff, 0x0, 0xff]}}, 0x6, 0x81, 0x1, 0x1, 0xd13, 0xe106, 'pimreg1\x00', 'veth1_virt_wifi\x00', {0xff}, {0xff}, 0x0, 0x19}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private=0xa010102, @broadcast}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x424)
syz_emit_ethernet(0x8b, &(0x7f00000007c0)=ANY=[@ANYBLOB="0180c2000002000000000000001142f20bde1def01166271adebc67ec708541bab1b100f999dbfd1ac7cb19726f99f4dfc7d6926107b67b82519fb5120b53d4ee48de39b632c4b7669f2e42b10bcc514d775cdcbaf67791a590743d5d54ff5411c3a775dfc59312dbaec686e585bc1efe663b3de7947dee2ff72bff67963e790556352c730a9081b75350e1381249840c47e6258fad6eada9c6637b3e82a74327a32f591bc8556ae69b0d82fd782a0b3d480b813b50ed73aa3b66778795b5f9aeff03f888cd9276e0929a9420de9449bf5bc7cfaeae2fe279d4456eef628348157a4478815d8e175586ddc800689b56db085a2ad23ed71123a3f499ab99e68f21f6815966f8eaf93e957264a62ce85b8c7929771bde1641955ca57022df8c3445d10dd751b5b53ae743b2aa2861fe9fe5cce7cd5781a4025918f857a4dc8cb3c"], &(0x7f0000000540)={0x0, 0x4, [0x550, 0xf4d, 0xad7, 0x6]})
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000001c0)=ANY=[@ANYRES16=0x0], 0x14}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000006c0)=@newlink={0x58, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_LACP_ACTIVE={0x5}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xf0a9}, @IFLA_BROADCAST={0xa, 0x2, @broadcast}]}, 0x58}}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/81, 0x0, 0x10000})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000380))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
r2 = open(&(0x7f0000000340)='./cgroup\x00', 0x20000, 0x84)
fcntl$setlease(r2, 0x400, 0x0)
openat$tun(0xffffff9c, &(0x7f0000000380), 0x2402, 0x0)
socket(0x25, 0x5, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f00000000c0)={0x18, 0x0, {0x2, @random="f41c0cedfafd", 'ip6_vti0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r3, 0x80047453, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2fe, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r4, 0x5408, 0x0)

3.062810613s ago: executing program 3 (id=2046):
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x44050)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048001000905", @ANYBLOB="f7", @ANYRESDEC], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @loopback}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x3f}]}}}]}, 0x40}}, 0x0)
sendto$packet(r0, &(0x7f0000000000)='1', 0x1, 0x40081, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x4, 0x6, @local}, 0x14)

2.949564436s ago: executing program 2 (id=2047):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7c, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffe, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$bt_sco(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000280)={0x0, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000300)={&(0x7f00000001c0), 0x0, r3})
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000c40)="5c00000016006bab9a3fe3d86e17aa0a046b876c060048007ea60864160af36504811a0038001d001931a0e69ee517d34460be06000000a705251e6182949a9a7b9bcb84c9f4d4938037e70e4509c5bb4de385aa2adb88a899a655ab", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110c230000)
recvmsg$kcm(r6, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x40002120)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038", 0x1d, 0x0, 0x0, 0x0)

2.723506763s ago: executing program 1 (id=2048):
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020}, 0x2020)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000180)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r3, 0x40082102, &(0x7f0000000080)=r4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r2, 0x0, 0x4000, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)

1.786657942s ago: executing program 1 (id=2049):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_rxfh_indir={0x39}})
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb010018000000000000001401000014010000030000000b0000000000000e0100000002000000050000000000001205000000050000000000000e05000000020000000d00000006000085000000000400000003000000c60c00000300000005000000060000000400000005000000050000000200000003000000000000001000000003000000020000001000000000000000020000000a00000003000004060000000800000000000000950000000400000003000000000e00000200000002000000000000000200000004000085070000000c00000003000000fd09000004000000010000009b0000000800000000000000040000000600000003000000010100000000000000000003000000000300000005000000f9ffffff030000000000000e0400000002000000000000f9e00e558ee33dbffb046757db274f3ed77716c39238e64f4a9541f9b4fd573b35e8577456741e1fc063f463fb53"], &(0x7f0000000000)=""/207, 0x12f, 0xcf, 0x0, 0x5, 0x0, @void, @value}, 0x28)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)={0x54, 0x0, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x8}}]}, 0x54}}, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="14010000220001002100000000000000020100800c0000000000000000000000140002"], 0x114}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3, 0x0, 0x6}, 0x18)
r5 = dup2(r2, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/188, 0xbc, 0x1, &(0x7f0000000500)=""/166, 0xa6}, &(0x7f00000001c0)=0x40)
r6 = shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
shmdt(r6)

1.625689531s ago: executing program 2 (id=2050):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x236, &(0x7f0000000400)={0x0, 0xf691, 0x10100, 0x0, 0x2b5}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
getpeername$packet(r5, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x14, 0x5, 0x5ae, 0xc, 0x8b04, 0xffffffffffffffff, 0x8, '\x00', r6, 0xffffffffffffffff, 0x1, 0x4, 0x400002, 0x0, @value=r5, @void, @void, @value}, 0x50)
openat$binder_debug(0xffffff9c, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
open(&(0x7f0000000180)='.\x00', 0x10000, 0x0)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x20000004)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r8 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)

1.462741909s ago: executing program 1 (id=2051):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
r1 = openat$dsp(0xffffff9c, &(0x7f0000002300), 0x80080, 0x0)
r2 = openat$bsg(0xffffff9c, &(0x7f00000063c0), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x14, r4, 0x61f3d6293b7647c9, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x20004000)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', <r5=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000300)=0x14)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x84, r4, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x7}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x9}, @ETHTOOL_A_CHANNELS_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x401}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x8}]}, 0x84}, 0x1, 0x0, 0x0, 0x4800}, 0x20000000)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x6c}}, 0x0)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r7, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x48, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7fff}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x81}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x5]}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @local}}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}]}, 0x48}}, 0x10)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r10 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
setsockopt$MRT_INIT(r10, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r10, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$inet_mreq(r9, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

606.085331ms ago: executing program 2 (id=2052):
r0 = openat$tcp_mem(0xffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000040)=<r1=>0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000100)={{r0}, r1, 0xe, @inherit={0x78, &(0x7f0000000080)={0x1, 0x6, 0x6, 0x8, {0x4, 0xf, 0x3, 0x8001, 0x9}, [0x80000001, 0x2, 0x80000001, 0x10, 0xf, 0x9]}}, @subvolid=0x9})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_AUTHENTICATE(r2, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001140)={0x78, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="db9696ba4bd9"}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}, @key_params=[@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "3291592a8d"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}], @NL80211_ATTR_MAC={0xa, 0x6, @random="b561d3944422"}]}, 0x78}, 0x1, 0x0, 0x0, 0x8010}, 0x4000)
r3 = openat$vhost_vsock(0xffffff9c, &(0x7f0000001240), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f0000001280)={0x3})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x1c, 0x0, 0x10, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40054}, 0x4)
openat$ttynull(0xffffff9c, 0x0, 0x240, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001440), r2)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000001480)={0x2, 0x4, {<r5=>0x0}, {0xee01}, 0x9, 0x8})
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000001540)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001500)={&(0x7f00000014c0)={0x38, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8001}, 0x1)
request_key(&(0x7f0000001580)='cifs.spnego\x00', &(0x7f00000015c0)={'syz', 0x2}, &(0x7f0000001600)='/dev/ttynull\x00', 0xfffffffffffffffd)
socket$inet6(0xa, 0x3, 0x7)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000001640)={@hyper})
socketpair(0x1a, 0x2, 0x1, &(0x7f0000001680)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$inet6_mtu(r6, 0x29, 0x17, &(0x7f00000016c0), &(0x7f0000001700)=0x4)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
preadv(r8, &(0x7f0000001780)=[{&(0x7f0000001740)=""/55, 0x37}], 0x1, 0x0, 0x8)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r7, 0x660c)
r9 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r9, 0x800448d2, &(0x7f0000001b40)={0x6, &(0x7f00000017c0)=[{@none}, {}, {}, {@fixed}, {@none}, {}]})

465.073951ms ago: executing program 2 (id=2053):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40081, 0x0) (fail_nth: 8)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x100, 0x800, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r2, 0x6, 0x3, 0x0, 0x0)

435.193854ms ago: executing program 1 (id=2054):
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044801, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000001c80), 0x2, 0x8800)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000001cc0)={0x7f})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002700)=@delchain={0x5c0, 0x65, 0x2, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x8}, {0x0, 0x9}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}, @filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0x44}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x22}}, @filter_kind_options=@f_route={{0xa}, {0x55c, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0xca}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x48, 0x6, [@m_bpf={0x44, 0x4, 0x0, 0x0, {{0x8}, {0x4}, {0x19, 0x6, "4eb89c51973e125e35ef79022782dbe75e0fb784e1"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_ROUTE4_POLICE={0x4f8, 0x5, [@TCA_POLICE_TBF={0x3c, 0x1, {0x7ff, 0xffffffffffffffff, 0x3, 0xa, 0x6, {0x7, 0x2, 0x1, 0x9, 0x0, 0x4}, {0x10, 0x2, 0x6, 0xfffe, 0x1, 0xeaa1}, 0x6, 0x200, 0x8}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x8, 0xf4, 0x7fffffff, 0x7, {0x9, 0x0, 0x4, 0xd0c7, 0xffff, 0x86}, {0x10, 0x0, 0x0, 0xe, 0x1, 0xfffffffd}, 0x9, 0x80000, 0x9}}, @TCA_POLICE_RATE={0x404, 0x2, [0xb4b, 0x10001, 0x8, 0xfff, 0x8, 0x41, 0x8001, 0x100, 0x8, 0x5, 0x3, 0xeb96, 0x8, 0xc1, 0xd, 0x22f, 0x4, 0x4, 0x8001, 0x0, 0x0, 0x8, 0x1, 0x80, 0xf0, 0x6, 0x9a94, 0xfffffff1, 0x8, 0x80, 0xd626, 0x9, 0x5, 0xfffffc00, 0x0, 0x7fff, 0x9c73, 0x2, 0x4, 0x3, 0x400, 0x9, 0xffffff01, 0xfffffffe, 0xfffffffe, 0x7, 0x7, 0x5, 0x2, 0x7, 0x0, 0x8, 0x3, 0x0, 0x0, 0x5, 0x9, 0x0, 0x5af, 0x1, 0x5, 0x4, 0x2, 0x3, 0x2, 0x77, 0x7, 0x49d, 0x5, 0x1, 0x3, 0x6, 0x1, 0x7, 0xf173, 0xfffffff8, 0x5fa, 0x9, 0xbb6c, 0x6, 0x1, 0xe, 0x4, 0x10001, 0xf, 0x800, 0x0, 0x4, 0xd, 0xe, 0xe3f3, 0x7dd8, 0x0, 0x0, 0xe9e6, 0x4, 0x5, 0xc, 0x95, 0x2, 0xa, 0x30000000, 0x3, 0x9, 0x8, 0x409, 0x7, 0xfffffffc, 0x6, 0x2, 0x8, 0x0, 0x9, 0x1ff, 0x2, 0x80000000, 0x7, 0x3ff, 0x1, 0x7, 0x5, 0x4, 0xfffffffc, 0x7fff, 0x8, 0x34, 0x3, 0x0, 0x1200, 0x5, 0x8001, 0x2, 0x80, 0x8, 0x7, 0x0, 0xfffffbff, 0xd964, 0x0, 0x4, 0x8001, 0x8, 0x1ff, 0x401, 0x6, 0xfffffff8, 0xf8, 0x394f53a9, 0x5, 0x5, 0x80000001, 0x10, 0x1ec4, 0x5, 0x3, 0x6, 0x4, 0xffff, 0x3, 0x1, 0x6, 0x0, 0x3, 0x5, 0x800, 0x7, 0x4, 0x5, 0xfffffbff, 0xf08, 0x2, 0x8, 0xfffffff8, 0x3, 0x4, 0x6, 0x8, 0x8, 0x0, 0x8, 0x7, 0x9, 0x5, 0x329f, 0x7, 0x9, 0xfad, 0x7ff, 0x8000, 0x3, 0x4, 0x0, 0x6, 0x7ff, 0xc728, 0x10000, 0xb, 0x5, 0x4f90, 0x2, 0x7, 0x9, 0x100, 0xfffffbbd, 0x9, 0x8, 0x7, 0x0, 0x3, 0xe, 0xfffffffe, 0x5, 0x400, 0x0, 0x21, 0x8, 0x9, 0x8001, 0xc, 0x200, 0x1, 0x9, 0x9, 0x7, 0x9, 0x100, 0x6, 0x7, 0x9, 0x80000000, 0x7, 0x10000, 0x5, 0x8, 0xfffff801, 0x9, 0x28, 0x9, 0xe5, 0x0, 0xae5, 0x3, 0x6, 0x2, 0xf22, 0xd, 0xa, 0x101, 0x42d, 0x4, 0xfffffffb, 0x4, 0x1600, 0x7, 0xb, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x2, 0x3ff, 0x3, 0x8, {0xf, 0x2, 0x9, 0x101, 0x6, 0x6}, {0x8, 0x0, 0x4, 0x7fff, 0x3, 0xa}, 0xf943, 0x80000000, 0x8}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x10000000, 0x7, 0x400, 0x1, {0x6, 0x2, 0x5, 0x5, 0x80, 0x7fff}, {0x0, 0x1, 0x6, 0x2, 0x7ff, 0x8000}, 0x401, 0x28f}}]}]}}]}, 0x5c0}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r2 = fsopen(&(0x7f0000000140)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
r3 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendto(r4, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800460000200000000000119078ac1414ffac1414160000000042000000000890780847ec81c641f358089386276a55d1fcba9531eb4031c979ad65f82d2458d387a0bb5e03c72e2a5b39390413"], 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40201, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r7, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe80000000"], 0xffe)
recvmmsg(r6, &(0x7f0000001980)=[{{&(0x7f0000000300)=@un=@abs, 0x80, &(0x7f0000000100)=[{&(0x7f0000000540)=""/164, 0xa4}], 0x1, &(0x7f00000006c0)=""/143, 0x8f}, 0xa}, {{&(0x7f0000000880)=@x25, 0x80, &(0x7f00000003c0)=[{&(0x7f0000003800)=""/4096, 0x1000}], 0x1, &(0x7f0000000a00)=""/180, 0xb4}, 0x3}, {{&(0x7f0000000900)=@caif=@dgm, 0x80, &(0x7f0000000780)=[{&(0x7f0000000ac0)=""/89, 0x59}, {&(0x7f0000000b40)=""/224, 0xe0}, {&(0x7f0000000c40)=""/78, 0x4e}, {&(0x7f0000000cc0)=""/195, 0xc3}, {&(0x7f0000000dc0)=""/73, 0x49}, {&(0x7f0000000e40)=""/144, 0x90}, {&(0x7f0000000f00)=""/245, 0xf5}], 0x7, &(0x7f0000001000)=""/91, 0x5b}, 0x9}, {{&(0x7f0000001080)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000001200)=[{&(0x7f0000001180)=""/90, 0x5a}], 0x1}, 0x8}, {{&(0x7f0000001240)=@tipc, 0x80, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/66, 0x42}, {&(0x7f0000001340)=""/203, 0xcb}, {&(0x7f0000004800)=""/4096, 0x1000}, {&(0x7f0000001440)=""/186, 0xba}, {&(0x7f0000001500)=""/37, 0x25}, {&(0x7f0000005800)=""/4096, 0x1000}], 0x6, &(0x7f0000001580)=""/95, 0x5f}}, {{&(0x7f0000001600)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f0000001780)=[{&(0x7f0000001680)=""/213, 0xd5}], 0x1}}], 0x6, 0x1100, &(0x7f00000018c0))
recvmmsg(r4, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf, 0xca9a3b}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
ioctl$sock_TIOCINQ(r5, 0x541b, &(0x7f0000000040))

157.706886ms ago: executing program 4 (id=2033):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100), 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095", @ANYRES8], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='mm_shrink_slab_end\x00', r0, 0x0, 0x3}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffffc)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f0000000580)=0x64, 0x800)

0s ago: executing program 3 (id=2055):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x20000840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000400)}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='f2fs_file_write_iter\x00', r5, 0x0, 0xc}, 0x18)
fstatat64(0xffffff9c, 0x0, 0x0, 0x1000)
ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
write$uinput_user_dev(r4, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="0202bb082200000028bd7000fddbdf2502001300080000002dbd7000ff34000002000b0009000000070000000000000002000100000004d4f2037601010000000800120003000100b26b6e0005000000060032000400000000000000000000000a010100000000000000000000000000fc02000000000000000000000000000005000700338000000a004e200000000700000000000000000000000000000000001000000000000004000400ff000000bb00000000000000ff7f000000000000070000000000000007001900000000000a004e210000b456f68000000000000000000000000000181000000002004e2464010100000000000000000000000000010015004e210000010015004e240000"], 0x110}}, 0x5)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)

kernel console output (not intermixed with test programs):

imulate: vblank timer overrun
[  372.380070][T11580] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  372.390276][T11582] netlink: 'syz.1.1461': attribute type 8 has an invalid length.
[  372.574210][T11581] delete_channel: no stack
[  372.578838][T11590] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  372.630454][T11580] /dev/sr0: Can't open blockdev
[  372.804580][T11583] /dev/sr0: Can't open blockdev
[  372.860441][    C0] vkms_vblank_simulate: vblank timer overrun
[  373.083802][    C0] vkms_vblank_simulate: vblank timer overrun
[  374.601764][T11626] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  376.348812][T11651] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1482'.
[  378.045792][ T6251] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  378.073643][ T1408] ieee802154 phy0 wpan0: encryption failed: -22
[  378.076787][ T1408] ieee802154 phy1 wpan1: encryption failed: -22
[  379.088482][T11699] netlink: 'syz.2.1495': attribute type 8 has an invalid length.
[  379.156315][T11703] netlink: 'syz.3.1494': attribute type 10 has an invalid length.
[  379.162029][T11703] team0: Device hsr_slave_0 failed to register rx_handler
[  379.259575][T11698] delete_channel: no stack
[  379.725924][T11714] batadv_slave_0: entered promiscuous mode
[  380.305576][T11708] batadv_slave_0: left promiscuous mode
[  380.634306][T11720] lo speed is unknown, defaulting to 1000
[  381.657200][T11751] netlink: 'syz.0.1506': attribute type 10 has an invalid length.
[  381.671595][T11751] team0: Device hsr_slave_0 failed to register rx_handler
[  382.094740][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  382.094755][   T40] audit: type=1326 audit(2000000251.344:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.121993][T11756] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1507'.
[  382.126240][T11756] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1507'.
[  382.130615][   T40] audit: type=1326 audit(2000000251.374:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.153527][   T40] audit: type=1326 audit(2000000251.374:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=317 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.190115][   T40] audit: type=1326 audit(2000000251.374:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.200623][T11758] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1507'.
[  382.229031][   T40] audit: type=1326 audit(2000000251.374:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.229077][   T40] audit: type=1326 audit(2000000251.374:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.229109][   T40] audit: type=1326 audit(2000000251.374:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.229144][   T40] audit: type=1326 audit(2000000251.374:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.229179][   T40] audit: type=1326 audit(2000000251.374:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  382.229215][   T40] audit: type=1326 audit(2000000251.374:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11755 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  383.165247][ T6251] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  383.300211][T11777] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1512'.
[  383.305616][T11777] FAULT_INJECTION: forcing a failure.
[  383.305616][T11777] name failslab, interval 1, probability 0, space 0, times 0
[  383.314335][T11777] CPU: 2 UID: 0 PID: 11777 Comm: syz.2.1512 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  383.314358][T11777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  383.314366][T11777] Call Trace:
[  383.314371][T11777]  <TASK>
[  383.314376][T11777]  dump_stack_lvl+0x16c/0x1f0
[  383.314409][T11777]  should_fail_ex+0x512/0x640
[  383.314431][T11777]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  383.314460][T11777]  should_failslab+0xc2/0x120
[  383.314480][T11777]  __kmalloc_cache_noprof+0x6a/0x3e0
[  383.314503][T11777]  ? alloc_netdev_mqs+0xf3a/0x1570
[  383.314522][T11777]  ? kasan_save_track+0x14/0x30
[  383.314542][T11777]  alloc_netdev_mqs+0xf3a/0x1570
[  383.314565][T11777]  rtnl_create_link+0xc10/0xfa0
[  383.314589][T11777]  rtnl_newlink+0xb69/0x2000
[  383.314615][T11777]  ? __pfx_rtnl_newlink+0x10/0x10
[  383.314641][T11777]  ? kfree_skbmem+0x1a4/0x1f0
[  383.314669][T11777]  ? rcu_is_watching+0x12/0xc0
[  383.314683][T11777]  ? trace_cap_capable+0x18d/0x200
[  383.314703][T11777]  ? find_held_lock+0x2b/0x80
[  383.314717][T11777]  ? __pfx_rtnl_newlink+0x10/0x10
[  383.314733][T11777]  ? __pfx_rtnl_newlink+0x10/0x10
[  383.314749][T11777]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  383.314766][T11777]  ? __pfx_rtnl_newlink+0x10/0x10
[  383.314782][T11777]  rtnetlink_rcv_msg+0x95b/0xe90
[  383.314802][T11777]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  383.314832][T11777]  netlink_rcv_skb+0x16a/0x440
[  383.314852][T11777]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  383.314873][T11777]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  383.314910][T11777]  ? netlink_deliver_tap+0x1ae/0xd30
[  383.314936][T11777]  netlink_unicast+0x53a/0x7f0
[  383.314957][T11777]  ? __pfx_netlink_unicast+0x10/0x10
[  383.314981][T11777]  netlink_sendmsg+0x8d1/0xdd0
[  383.315005][T11777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  383.315024][T11777]  ? __import_iovec+0x1c8/0x660
[  383.315053][T11777]  ____sys_sendmsg+0xa95/0xc70
[  383.315077][T11777]  ? __pfx_____sys_sendmsg+0x10/0x10
[  383.315097][T11777]  ? get_compat_msghdr+0x11a/0x170
[  383.315123][T11777]  ___sys_sendmsg+0x134/0x1d0
[  383.315142][T11777]  ? __pfx____sys_sendmsg+0x10/0x10
[  383.315189][T11777]  __sys_sendmsg+0x16d/0x220
[  383.315208][T11777]  ? __pfx___sys_sendmsg+0x10/0x10
[  383.315233][T11777]  ? rcu_is_watching+0x12/0xc0
[  383.315251][T11777]  __do_fast_syscall_32+0x73/0x120
[  383.315274][T11777]  do_fast_syscall_32+0x32/0x80
[  383.315292][T11777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  383.315310][T11777] RIP: 0023:0xf70de579
[  383.315322][T11777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  383.315335][T11777] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  383.315349][T11777] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000080
[  383.315359][T11777] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  383.315368][T11777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  383.315375][T11777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  383.315383][T11777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  383.315413][T11777]  </TASK>
[  383.652641][T11781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1514'.
[  383.784106][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784156][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784174][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784191][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784208][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784253][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784270][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784287][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784303][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784320][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784337][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784353][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784370][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784387][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784404][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784420][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784445][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784462][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784478][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784495][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784511][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784528][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784545][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784562][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784579][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784595][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784611][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784627][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784644][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784661][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784677][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784694][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784711][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784728][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784744][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784764][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784780][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784798][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784815][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784831][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784848][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784865][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.784882][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0
[  383.795310][ T5939] hid-generic 0000:007F:FFFFFFFE.0004: hidraw1: <UNKNOWN> HID v0.08 Device [syz1] on syz1
[  384.519413][T11794] FAULT_INJECTION: forcing a failure.
[  384.519413][T11794] name failslab, interval 1, probability 0, space 0, times 0
[  384.831944][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.3.1517 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  384.831967][T11794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  384.831994][T11794] Call Trace:
[  384.832000][T11794]  <TASK>
[  384.832006][T11794]  dump_stack_lvl+0x16c/0x1f0
[  384.832030][T11794]  should_fail_ex+0x512/0x640
[  384.832049][T11794]  ? fs_reclaim_acquire+0xae/0x150
[  384.832070][T11794]  ? kobject_get_path+0xd2/0x2a0
[  384.832090][T11794]  should_failslab+0xc2/0x120
[  384.832109][T11794]  __kmalloc_noprof+0xd2/0x510
[  384.832131][T11794]  kobject_get_path+0xd2/0x2a0
[  384.832157][T11794]  kobject_uevent_env+0x289/0x1870
[  384.832171][T11794]  ? __pfx_dev_uevent_name+0x10/0x10
[  384.832199][T11794]  ? bus_to_subsys+0x131/0x160
[  384.832247][T11794]  device_del+0x623/0x9f0
[  384.832266][T11794]  ? __pfx_device_del+0x10/0x10
[  384.832289][T11794]  device_unregister+0x1d/0xc0
[  384.832305][T11794]  device_destroy+0x99/0xe0
[  384.832321][T11794]  ? __pfx_device_destroy+0x10/0x10
[  384.832339][T11794]  ? __pfx_down_write+0x10/0x10
[  384.832365][T11794]  drop_ref+0xd8/0x390
[  384.832387][T11794]  hidraw_disconnect+0x4b/0x60
[  384.832406][T11794]  hid_disconnect+0x13e/0x1b0
[  384.832430][T11794]  hid_device_remove+0x1a8/0x260
[  384.832445][T11794]  ? __pfx_hid_device_remove+0x10/0x10
[  384.832461][T11794]  device_remove+0xc8/0x170
[  384.832476][T11794]  device_release_driver_internal+0x44b/0x620
[  384.832500][T11794]  bus_remove_device+0x22f/0x420
[  384.832518][T11794]  device_del+0x396/0x9f0
[  384.832536][T11794]  ? __pfx_device_del+0x10/0x10
[  384.832554][T11794]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  384.832576][T11794]  hid_destroy_device+0x19c/0x240
[  384.832593][T11794]  uhid_char_write+0xdcb/0x1060
[  384.832617][T11794]  vfs_write+0x25c/0x1180
[  384.832631][T11794]  ? __pfx_uhid_char_write+0x10/0x10
[  384.832658][T11794]  ? __pfx_vfs_write+0x10/0x10
[  384.832670][T11794]  ? find_held_lock+0x2b/0x80
[  384.832685][T11794]  ? __fget_files+0x204/0x3c0
[  384.832717][T11794]  ? __fget_files+0x20e/0x3c0
[  384.832745][T11794]  ksys_write+0x205/0x240
[  384.832759][T11794]  ? __pfx_ksys_write+0x10/0x10
[  384.832775][T11794]  ? rcu_is_watching+0x12/0xc0
[  384.832793][T11794]  __do_fast_syscall_32+0x73/0x120
[  384.832816][T11794]  do_fast_syscall_32+0x32/0x80
[  384.832837][T11794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  384.832856][T11794] RIP: 0023:0xf70ce579
[  384.832869][T11794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  384.832884][T11794] RSP: 002b:00000000f504b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  384.832899][T11794] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  384.832908][T11794] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  384.832917][T11794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  384.832926][T11794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  384.832935][T11794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  384.832956][T11794]  </TASK>
[  386.988834][   T57] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  387.097391][    C0] vkms_vblank_simulate: vblank timer overrun
[  387.148286][    C0] vkms_vblank_simulate: vblank timer overrun
[  387.197942][   T57] usb 6-1: Using ep0 maxpacket: 32
[  387.208647][   T57] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  387.231842][   T57] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  387.238497][   T57] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  387.244337][   T57] usb 6-1: Product: syz
[  387.249047][   T57] usb 6-1: Manufacturer: syz
[  387.251913][   T57] usb 6-1: SerialNumber: syz
[  387.275122][   T57] usb 6-1: config 0 descriptor??
[  387.287417][T11819] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  387.748711][T11841] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1531'.
[  387.764488][    C0] vkms_vblank_simulate: vblank timer overrun
[  387.800338][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.017008][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.204052][ T6252] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  388.387704][ T1337] usb 6-1: USB disconnect, device number 4
[  389.616671][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.548270][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.846073][T11912] batadv_slave_0: entered promiscuous mode
[  392.322490][T11899] batadv_slave_0: left promiscuous mode
[  393.153270][T11916] netlink: 'syz.3.1550': attribute type 10 has an invalid length.
[  393.158152][T11916] team0: Device hsr_slave_0 failed to register rx_handler
[  394.054419][ T6258] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  394.864434][T11960] batadv_slave_0: entered promiscuous mode
[  395.037540][T11962] netlink: 'syz.3.1562': attribute type 10 has an invalid length.
[  395.041460][T11962] team0: Device hsr_slave_0 failed to register rx_handler
[  395.584663][T11967] binder: 11965:11967 ioctl c0306201 80001d40 returned -14
[  395.859120][T11969] 9pnet_fd: Insufficient options for proto=fd
[  395.874991][T11953] batadv_slave_0: left promiscuous mode
[  396.021722][T11970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1565'.
[  396.553264][   T40] kauditd_printk_skb: 29 callbacks suppressed
[  396.553285][   T40] audit: type=1107 audit(2000000265.804:257): pid=11985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ý'
[  397.030688][   T40] audit: type=1800 audit(2000000266.284:258): pid=12003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1575" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  397.393031][T12010] netlink: 'syz.3.1573': attribute type 10 has an invalid length.
[  397.408908][T12010] team0: Device hsr_slave_0 failed to register rx_handler
[  398.805238][T12040] overlay: Unknown parameter 'fowner>00000000000000000000'
[  398.935268][T12040] netlink: 'syz.2.1582': attribute type 8 has an invalid length.
[  399.454393][T12052] batadv_slave_0: entered promiscuous mode
[  399.816551][T11753] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  400.838562][T12048] batadv_slave_0: left promiscuous mode
[  400.997180][T12062] Invalid ELF header magic: != ELF
[  401.431198][T12074] overlayfs: failed to get inode (-116)
[  401.436639][T12074] overlayfs: failed to get inode (-116)
[  402.153153][T12079] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1595'.
[  403.077216][T12089] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  403.404428][T12097] batadv_slave_0: entered promiscuous mode
[  403.648554][T12089] /dev/sr0: Can't open blockdev
[  403.979530][T12091] batadv_slave_0: left promiscuous mode
[  404.583607][T12094] /dev/sr0: Can't open blockdev
[  404.934278][T11753] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  404.960599][T12119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1607'.
[  404.991025][T12119] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  405.007882][T12119] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  405.022612][T12119] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  405.027597][T12119] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  405.038204][T12120] random: crng reseeded on system resumption
[  405.048221][T12120] Restarting kernel threads ... done.
[  405.051676][T12119] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  405.055257][T12119] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  405.059039][T12119] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  405.063206][T12119] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  405.351282][T12125] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1608'.
[  405.620194][    C0] vkms_vblank_simulate: vblank timer overrun
[  405.685056][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.094334][T12137] loop6: detected capacity change from 0 to 63
[  406.264623][T12143] netlink: 'syz.3.1612': attribute type 10 has an invalid length.
[  406.268576][T12143] team0: Device hsr_slave_0 failed to register rx_handler
[  406.464110][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.684124][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.838143][T12150] netlink: 'syz.1.1616': attribute type 10 has an invalid length.
[  406.854338][T12150] team0: Device hsr_slave_0 failed to register rx_handler
[  407.147621][T12156] lo speed is unknown, defaulting to 1000
[  407.179949][T12156] lo speed is unknown, defaulting to 1000
[  407.222407][T12156] lo speed is unknown, defaulting to 1000
[  407.272248][T12158] input: syz1 as /devices/virtual/input/input59
[  407.298083][T12156] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  407.336319][T12156] lo speed is unknown, defaulting to 1000
[  407.354620][T12156] lo speed is unknown, defaulting to 1000
[  407.371863][T12156] lo speed is unknown, defaulting to 1000
[  407.398699][T12156] lo speed is unknown, defaulting to 1000
[  407.514369][    C2] sr 2:0:0:0: [sr0] tag#19 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  407.520946][    C2] sr 2:0:0:0: [sr0] tag#19 CDB: ATA command pass through(12)/Blank a1 36 b6 0b fa d6
[  407.634326][T12167] FAULT_INJECTION: forcing a failure.
[  407.634326][T12167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.639513][T12167] CPU: 2 UID: 0 PID: 12167 Comm: syz.1.1621 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  407.639535][T12167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.639544][T12167] Call Trace:
[  407.639552][T12167]  <TASK>
[  407.639559][T12167]  dump_stack_lvl+0x16c/0x1f0
[  407.639584][T12167]  should_fail_ex+0x512/0x640
[  407.639609][T12167]  _copy_to_user+0x32/0xd0
[  407.639632][T12167]  simple_read_from_buffer+0xcb/0x170
[  407.639653][T12167]  proc_fail_nth_read+0x197/0x270
[  407.639674][T12167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.639694][T12167]  ? rw_verify_area+0xcf/0x680
[  407.639712][T12167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.639730][T12167]  vfs_read+0x1de/0xc70
[  407.639744][T12167]  ? __pfx___mutex_lock+0x10/0x10
[  407.639764][T12167]  ? __pfx_vfs_read+0x10/0x10
[  407.639782][T12167]  ? __fget_files+0x20e/0x3c0
[  407.639809][T12167]  ksys_read+0x12a/0x240
[  407.639821][T12167]  ? __pfx_ksys_read+0x10/0x10
[  407.639833][T12167]  ? rcu_is_watching+0x12/0xc0
[  407.639847][T12167]  ? rcu_is_watching+0x12/0xc0
[  407.639862][T12167]  __do_fast_syscall_32+0x73/0x120
[  407.639885][T12167]  do_fast_syscall_32+0x32/0x80
[  407.639903][T12167]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.639921][T12167] RIP: 0023:0xf7fd2579
[  407.639934][T12167] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.639948][T12167] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  407.639963][T12167] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50f6620
[  407.639973][T12167] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[  407.639981][T12167] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  407.639990][T12167] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  407.640025][T12167] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.640048][T12167]  </TASK>
[  408.299110][    C0] vkms_vblank_simulate: vblank timer overrun
[  408.553164][T12179] batadv_slave_0: entered promiscuous mode
[  409.002982][T12182] netlink: 'syz.2.1625': attribute type 10 has an invalid length.
[  409.022874][T12182] team0: Device hsr_slave_0 failed to register rx_handler
[  409.236024][T12175] batadv_slave_0: left promiscuous mode
[  409.268816][T12190] dlm: no local IP address has been set
[  409.272346][T12190] dlm: cannot start dlm midcomms -107
[  409.277165][T12190] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1627'.
[  409.499711][T12192] FAULT_INJECTION: forcing a failure.
[  409.499711][T12192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.530780][T12194] netlink: 'syz.3.1629': attribute type 4 has an invalid length.
[  409.531361][T12192] CPU: 0 UID: 0 PID: 12192 Comm: syz.1.1628 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  409.531385][T12192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  409.531394][T12192] Call Trace:
[  409.531400][T12192]  <TASK>
[  409.531408][T12192]  dump_stack_lvl+0x16c/0x1f0
[  409.531436][T12192]  should_fail_ex+0x512/0x640
[  409.531470][T12192]  _copy_to_user+0x32/0xd0
[  409.531499][T12192]  simple_read_from_buffer+0xcb/0x170
[  409.531526][T12192]  proc_fail_nth_read+0x197/0x270
[  409.531547][T12192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  409.531570][T12192]  ? rw_verify_area+0xcf/0x680
[  409.531593][T12192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  409.531615][T12192]  vfs_read+0x1de/0xc70
[  409.531633][T12192]  ? __pfx___mutex_lock+0x10/0x10
[  409.531656][T12192]  ? __pfx_vfs_read+0x10/0x10
[  409.531678][T12192]  ? __fget_files+0x20e/0x3c0
[  409.531710][T12192]  ksys_read+0x12a/0x240
[  409.531725][T12192]  ? __pfx_ksys_read+0x10/0x10
[  409.531741][T12192]  ? rcu_is_watching+0x12/0xc0
[  409.531761][T12192]  __do_fast_syscall_32+0x73/0x120
[  409.531785][T12192]  do_fast_syscall_32+0x32/0x80
[  409.531808][T12192]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  409.531829][T12192] RIP: 0023:0xf7fd2579
[  409.531844][T12192] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  409.531858][T12192] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  409.531874][T12192] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50f6620
[  409.531884][T12192] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[  409.531894][T12192] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  409.531905][T12192] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  409.531913][T12192] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  409.531935][T12192]  </TASK>
[  409.590990][    C0] vkms_vblank_simulate: vblank timer overrun
[  409.609984][T12194] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1629'.
[  409.754767][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.348724][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.530161][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.679186][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.684030][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.688825][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.694691][ T6258] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  410.763713][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.773649][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.778256][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.782792][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.809320][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.812830][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.819495][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.833638][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.836523][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.839401][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.853661][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.873540][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.903795][ T6002] hid-generic FFF9:0000:0203.0005: unknown main item tag 0x0
[  410.914035][ T6002] hid-generic FFF9:0000:0203.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  411.252139][    C0] vkms_vblank_simulate: vblank timer overrun
[  411.680148][    C0] vkms_vblank_simulate: vblank timer overrun
[  412.063718][    C0] vkms_vblank_simulate: vblank timer overrun
[  413.392135][    C0] vkms_vblank_simulate: vblank timer overrun
[  413.677393][    C0] vkms_vblank_simulate: vblank timer overrun
[  413.936041][    C0] vkms_vblank_simulate: vblank timer overrun
[  414.048069][T12228] batadv_slave_0: entered promiscuous mode
[  414.379006][    C0] vkms_vblank_simulate: vblank timer overrun
[  414.650104][T12221] batadv_slave_0: left promiscuous mode
[  414.800030][    C0] vkms_vblank_simulate: vblank timer overrun
[  414.845786][    C0] vkms_vblank_simulate: vblank timer overrun
[  414.969650][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.002995][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.187968][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.279595][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.483850][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.956093][   T40] audit: type=1326 audit(2000000285.200:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  415.980348][   T40] audit: type=1326 audit(2000000285.200:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  415.993914][   T40] audit: type=1326 audit(2000000285.200:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  415.993922][T12253] kAFS: unable to lookup cell '/,'
[  416.010882][T12254] kAFS: unable to lookup cell '/,'
[  416.013975][   T40] audit: type=1326 audit(2000000285.200:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.030674][   T40] audit: type=1326 audit(2000000285.200:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.044646][   T40] audit: type=1326 audit(2000000285.200:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.062686][   T40] audit: type=1326 audit(2000000285.200:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.077085][   T40] audit: type=1326 audit(2000000285.230:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=51 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.095231][   T40] audit: type=1326 audit(2000000285.230:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.133222][   T40] audit: type=1326 audit(2000000285.230:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12252 comm="syz.3.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  416.264077][    C3] vkms_vblank_simulate: vblank timer overrun
[  416.454964][T11952] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  417.538829][T12290] FAULT_INJECTION: forcing a failure.
[  417.538829][T12290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.545246][T12290] CPU: 2 UID: 0 PID: 12290 Comm: syz.1.1655 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  417.545268][T12290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.545278][T12290] Call Trace:
[  417.545284][T12290]  <TASK>
[  417.545290][T12290]  dump_stack_lvl+0x16c/0x1f0
[  417.545317][T12290]  should_fail_ex+0x512/0x640
[  417.545342][T12290]  _copy_to_user+0x32/0xd0
[  417.545367][T12290]  simple_read_from_buffer+0xcb/0x170
[  417.545392][T12290]  proc_fail_nth_read+0x197/0x270
[  417.545415][T12290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  417.545438][T12290]  ? rw_verify_area+0xcf/0x680
[  417.545466][T12290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  417.545487][T12290]  vfs_read+0x1de/0xc70
[  417.545504][T12290]  ? __pfx___mutex_lock+0x10/0x10
[  417.545524][T12290]  ? __pfx_vfs_read+0x10/0x10
[  417.545546][T12290]  ? __fget_files+0x20e/0x3c0
[  417.545577][T12290]  ksys_read+0x12a/0x240
[  417.545591][T12290]  ? __pfx_ksys_read+0x10/0x10
[  417.545608][T12290]  ? rcu_is_watching+0x12/0xc0
[  417.545628][T12290]  __do_fast_syscall_32+0x73/0x120
[  417.545653][T12290]  do_fast_syscall_32+0x32/0x80
[  417.545676][T12290]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.545698][T12290] RIP: 0023:0xf7fd2579
[  417.545712][T12290] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.545729][T12290] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  417.545746][T12290] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50f6620
[  417.545756][T12290] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[  417.545766][T12290] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  417.545775][T12290] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  417.545785][T12290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.545808][T12290]  </TASK>
[  417.564056][    C3] vkms_vblank_simulate: vblank timer overrun
[  417.742862][    C3] vkms_vblank_simulate: vblank timer overrun
[  417.773387][    C3] vkms_vblank_simulate: vblank timer overrun
[  417.776642][    C3] hrtimer: interrupt took 212613802 ns
[  417.854857][T12282] input: syz1 as /devices/virtual/input/input61
[  417.876691][    C3] vkms_vblank_simulate: vblank timer overrun
[  418.080018][    C3] vkms_vblank_simulate: vblank timer overrun
[  418.312129][    C3] vkms_vblank_simulate: vblank timer overrun
[  418.504206][T12298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1658'.
[  418.648057][    C3] vkms_vblank_simulate: vblank timer overrun
[  418.826720][T12310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1660'.
[  418.881111][T12310] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  418.902669][T12310] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  418.909868][T12310] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  418.928485][T12310] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  418.985624][T12312] random: crng reseeded on system resumption
[  418.998179][T12312] Restarting kernel threads ... done.
[  419.065122][T12310] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  419.084306][T12310] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  419.125479][T12310] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  419.163164][T12310] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  419.180074][    C3] vkms_vblank_simulate: vblank timer overrun
[  419.240021][    C3] vkms_vblank_simulate: vblank timer overrun
[  419.711976][    C3] vkms_vblank_simulate: vblank timer overrun
[  420.067726][    C3] vkms_vblank_simulate: vblank timer overrun
[  420.354823][T12328] batadv_slave_0: entered promiscuous mode
[  420.488098][    C3] vkms_vblank_simulate: vblank timer overrun
[  420.601657][T12332] lo speed is unknown, defaulting to 1000
[  421.233646][T12327] batadv_slave_0: left promiscuous mode
[  422.059659][T12363] FAULT_INJECTION: forcing a failure.
[  422.059659][T12363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.095433][T12363] CPU: 2 UID: 0 PID: 12363 Comm: syz.0.1680 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  422.095459][T12363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.095469][T12363] Call Trace:
[  422.095476][T12363]  <TASK>
[  422.095482][T12363]  dump_stack_lvl+0x16c/0x1f0
[  422.095508][T12363]  should_fail_ex+0x512/0x640
[  422.095532][T12363]  _copy_to_user+0x32/0xd0
[  422.095558][T12363]  simple_read_from_buffer+0xcb/0x170
[  422.095782][T12363]  proc_fail_nth_read+0x197/0x270
[  422.096120][T12363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  422.096596][T12363]  ? rw_verify_area+0xcf/0x680
[  422.096731][T12363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  422.097037][T12363]  vfs_read+0x1de/0xc70
[  422.097119][T12363]  ? __pfx___mutex_lock+0x10/0x10
[  422.097279][T12363]  ? __pfx_vfs_read+0x10/0x10
[  422.097429][T12363]  ? __fget_files+0x20e/0x3c0
[  422.097660][T12363]  ksys_read+0x12a/0x240
[  422.097807][T12363]  ? __pfx_ksys_read+0x10/0x10
[  422.097949][T12363]  ? rcu_is_watching+0x12/0xc0
[  422.098035][T12363]  ? rcu_is_watching+0x12/0xc0
[  422.098054][T12363]  __do_fast_syscall_32+0x73/0x120
[  422.098652][T12363]  do_fast_syscall_32+0x32/0x80
[  422.099096][T12363]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.099171][T12363] RIP: 0023:0xf7f32579
[  422.099189][T12363] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.099207][T12363] RSP: 002b:00000000f5056590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  422.099227][T12363] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5056620
[  422.099239][T12363] RDX: 000000000000000f RSI: 00000000f73c2ff4 RDI: 0000000000000000
[  422.099249][T12363] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  422.099259][T12363] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  422.099333][T12363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.099704][T12363]  </TASK>
[  422.205922][ T6259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  423.270442][T12370] block nbd0: shutting down sockets
[  423.868326][ T5287] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  423.931233][T12394] FAULT_INJECTION: forcing a failure.
[  423.931233][T12394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  423.941123][T12394] CPU: 3 UID: 0 PID: 12394 Comm: syz.1.1688 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  423.941147][T12394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  423.941158][T12394] Call Trace:
[  423.941164][T12394]  <TASK>
[  423.941170][T12394]  dump_stack_lvl+0x16c/0x1f0
[  423.941197][T12394]  should_fail_ex+0x512/0x640
[  423.941225][T12394]  _copy_from_user+0x2e/0xd0
[  423.941248][T12394]  kstrtouint_from_user+0xd6/0x1d0
[  423.941267][T12394]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  423.941284][T12394]  ? __lock_acquire+0xaa4/0x1ba0
[  423.941315][T12394]  proc_fail_nth_write+0x83/0x250
[  423.941338][T12394]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  423.941365][T12394]  vfs_write+0x25c/0x1180
[  423.941379][T12394]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  423.941403][T12394]  ? __pfx___mutex_lock+0x10/0x10
[  423.941424][T12394]  ? __pfx_vfs_write+0x10/0x10
[  423.941446][T12394]  ? __fget_files+0x20e/0x3c0
[  423.941476][T12394]  ksys_write+0x12a/0x240
[  423.941491][T12394]  ? __pfx_ksys_write+0x10/0x10
[  423.941508][T12394]  ? rcu_is_watching+0x12/0xc0
[  423.941526][T12394]  __do_fast_syscall_32+0x73/0x120
[  423.941549][T12394]  do_fast_syscall_32+0x32/0x80
[  423.941571][T12394]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  423.941590][T12394] RIP: 0023:0xf7fd2579
[  423.941602][T12394] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  423.941617][T12394] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  423.941632][T12394] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50f6620
[  423.941642][T12394] RDX: 0000000000000001 RSI: 00000000f7462ff4 RDI: 0000000000000000
[  423.941650][T12394] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  423.941659][T12394] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  423.941667][T12394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  423.941688][T12394]  </TASK>
[  424.164298][ T5287] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3
[  424.171385][ T5287] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 48545, setting to 1024
[  424.196261][ T5287] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  424.202073][ T5287] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  424.208268][ T5287] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  424.211960][ T5287] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.221813][T12398] kvm: pic: non byte read
[  424.225287][ T5287] usb 7-1: config 0 descriptor??
[  424.255149][T12398] kvm: pic: level sensitive irq not supported
[  424.255441][T12398] kvm: pic: non byte read
[  424.285270][T12398] kvm: pic: level sensitive irq not supported
[  424.285650][T12398] kvm: pic: non byte read
[  424.291282][T12390] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  424.299192][T12398] kvm: pic: level sensitive irq not supported
[  424.299538][T12398] kvm: pic: non byte read
[  424.310506][ T5287] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  424.410665][T12402] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1690'.
[  424.538571][T12407] FAULT_INJECTION: forcing a failure.
[  424.538571][T12407] name failslab, interval 1, probability 0, space 0, times 0
[  424.551796][T12407] CPU: 1 UID: 0 PID: 12407 Comm: syz.0.1691 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  424.551823][T12407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  424.551833][T12407] Call Trace:
[  424.551840][T12407]  <TASK>
[  424.551874][T12407]  dump_stack_lvl+0x16c/0x1f0
[  424.551898][T12407]  should_fail_ex+0x512/0x640
[  424.551917][T12407]  ? fs_reclaim_acquire+0xae/0x150
[  424.551940][T12407]  should_failslab+0xc2/0x120
[  424.551956][T12407]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  424.551972][T12407]  ? security_inode_alloc+0x3b/0x2b0
[  424.551991][T12407]  security_inode_alloc+0x3b/0x2b0
[  424.552007][T12407]  inode_init_always_gfp+0xce4/0x1030
[  424.552031][T12407]  ? __pfx_fuse_inode_set+0x10/0x10
[  424.552045][T12407]  alloc_inode+0x86/0x240
[  424.552063][T12407]  iget5_locked+0x338/0x3d0
[  424.552080][T12407]  ? __pfx_fuse_inode_eq+0x10/0x10
[  424.552096][T12407]  ? __pfx_fuse_inode_set+0x10/0x10
[  424.552126][T12407]  ? __pfx_iget5_locked+0x10/0x10
[  424.552146][T12407]  ? kasan_quarantine_put+0x10a/0x240
[  424.552161][T12407]  ? lockdep_hardirqs_on+0x7c/0x110
[  424.552185][T12407]  fuse_iget+0x165/0x8e0
[  424.552206][T12407]  ? __pfx_fuse_iget+0x10/0x10
[  424.552225][T12407]  ? __fuse_simple_request+0x462/0xcb0
[  424.552252][T12407]  fuse_lookup_name+0x481/0x780
[  424.552275][T12407]  ? __pfx_fuse_lookup_name+0x10/0x10
[  424.552304][T12407]  ? save_trace+0x4e/0x380
[  424.552321][T12407]  ? add_lock_to_list+0x9d/0x130
[  424.552343][T12407]  fuse_lookup+0x1af/0x420
[  424.552360][T12407]  ? __pfx_fuse_lookup+0x10/0x10
[  424.552389][T12407]  ? do_raw_spin_unlock+0x172/0x230
[  424.552411][T12407]  ? _raw_spin_unlock+0x28/0x50
[  424.552432][T12407]  lookup_one_qstr_excl_raw.part.0+0xec/0x160
[  424.552451][T12407]  ? lookup_dcache+0x66/0x170
[  424.552471][T12407]  lookup_one_qstr_excl+0x3e/0x120
[  424.552493][T12407]  do_unlinkat+0x284/0x6a0
[  424.552511][T12407]  ? __pfx_do_unlinkat+0x10/0x10
[  424.552534][T12407]  ? getname_flags.part.0+0x1c5/0x550
[  424.552556][T12407]  __ia32_sys_unlink+0xc4/0x110
[  424.552571][T12407]  __do_fast_syscall_32+0x73/0x120
[  424.552593][T12407]  do_fast_syscall_32+0x32/0x80
[  424.552613][T12407]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.552632][T12407] RIP: 0023:0xf7f32579
[  424.552646][T12407] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  424.552661][T12407] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 000000000000000a
[  424.552677][T12407] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 0000000000000000
[  424.552687][T12407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  424.552696][T12407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  424.552704][T12407] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  424.552713][T12407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.552734][T12407]  </TASK>
[  425.312929][T12421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.318132][T12421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.323866][T12421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1686'.
[  425.489612][T12414] wireguard0: entered promiscuous mode
[  425.492860][T12414] wireguard0: entered allmulticast mode
[  426.249743][ T1337] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  426.506053][T12437] batadv_slave_0: entered promiscuous mode
[  426.562051][ T1337] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  426.612179][ T1337] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  426.616114][ T1337] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.623617][ T1337] usb 6-1: Product: syz
[  426.642754][ T1337] usb 6-1: Manufacturer: syz
[  426.645320][ T1337] usb 6-1: SerialNumber: syz
[  426.650506][T12432] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  426.718150][ T6285] usb 7-1: USB disconnect, device number 11
[  426.808762][T12444] input: syz1 as /devices/virtual/input/input62
[  426.886558][T12432] process 'syz.1.1698' launched './file0' with NULL argv: empty string added
[  426.947595][T12433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  426.952204][T12433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  426.980068][T12433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  426.984666][T12433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.017350][T12434] batadv_slave_0: left promiscuous mode
[  427.125915][T12452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1698'.
[  427.150266][ T1337] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  427.187565][ T1337] usb 6-1: USB disconnect, device number 5
[  427.815968][T12473] FAULT_INJECTION: forcing a failure.
[  427.815968][T12473] name failslab, interval 1, probability 0, space 0, times 0
[  427.823074][T12473] CPU: 1 UID: 0 PID: 12473 Comm: syz.0.1708 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  427.823115][T12473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  427.823126][T12473] Call Trace:
[  427.823134][T12473]  <TASK>
[  427.823142][T12473]  dump_stack_lvl+0x16c/0x1f0
[  427.823164][T12473]  should_fail_ex+0x512/0x640
[  427.823181][T12473]  ? __kmalloc_noprof+0xbf/0x510
[  427.823195][T12473]  ? sk_prot_alloc+0x1a8/0x2a0
[  427.823210][T12473]  should_failslab+0xc2/0x120
[  427.823224][T12473]  __kmalloc_noprof+0xd2/0x510
[  427.823236][T12473]  ? do_raw_spin_lock+0x12c/0x2b0
[  427.823254][T12473]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  427.823272][T12473]  sk_prot_alloc+0x1a8/0x2a0
[  427.823289][T12473]  sk_alloc+0x36/0xc20
[  427.823303][T12473]  af_alg_accept+0xd1/0x610
[  427.823322][T12473]  do_accept+0x33b/0x530
[  427.823342][T12473]  ? __pfx_do_accept+0x10/0x10
[  427.823380][T12473]  io_accept+0x259/0x950
[  427.823423][T12473]  ? __pfx_io_accept+0x10/0x10
[  427.823449][T12473]  ? rcu_is_watching+0x12/0xc0
[  427.823467][T12473]  io_issue_sqe+0x4f2/0x1350
[  427.823488][T12473]  io_submit_sqes+0x921/0x25d0
[  427.823519][T12473]  __do_sys_io_uring_enter+0xd6a/0x1630
[  427.823544][T12473]  ? __fget_files+0x20e/0x3c0
[  427.823568][T12473]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  427.823590][T12473]  ? fput+0x70/0xf0
[  427.823609][T12473]  ? ksys_write+0x1b9/0x240
[  427.823625][T12473]  ? __pfx_ksys_write+0x10/0x10
[  427.823641][T12473]  ? rcu_is_watching+0x12/0xc0
[  427.823660][T12473]  __do_fast_syscall_32+0x73/0x120
[  427.823706][T12473]  do_fast_syscall_32+0x32/0x80
[  427.823727][T12473]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.823746][T12473] RIP: 0023:0xf7f32579
[  427.823760][T12473] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  427.823776][T12473] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  427.823789][T12473] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000003516
[  427.823798][T12473] RDX: 0000000000003e44 RSI: 0000000000000008 RDI: 0000000000000000
[  427.823805][T12473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  427.823844][T12473] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  427.823856][T12473] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  427.823876][T12473]  </TASK>
[  428.575576][T12489] batadv_slave_0: entered promiscuous mode
[  428.618985][T12493] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1720'.
[  428.623032][T12493] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1720'.
[  429.026312][T12510] kvm: pic: non byte read
[  429.030570][T12510] kvm: pic: level sensitive irq not supported
[  429.030926][T12510] kvm: pic: non byte read
[  429.039438][T12509] netlink: 'syz.0.1721': attribute type 27 has an invalid length.
[  429.106470][T12510] kvm: pic: non byte read
[  429.139065][T12512] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[  429.173881][T12515] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1721'.
[  429.178797][T12515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1721'.
[  429.182172][T12515] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1721'.
[  429.397542][T12509] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.401426][T12509] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.621254][T12509] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  429.633916][T12509] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.131721][T12509] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  430.248499][T12509] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  430.251759][T12509] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  430.257610][T12509] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  430.267248][T12509] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  430.309648][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.324122][T12509] geneve2: left promiscuous mode
[  430.403950][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.488883][T12514] 8021q: adding VLAN 0 to HW filter on device bond0
[  430.493771][T12514] 8021q: adding VLAN 0 to HW filter on device team0
[  430.544252][T12514] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  430.555435][T12477] batadv_slave_0: left promiscuous mode
[  430.803185][T12534] mmap: syz.3.1725 (12534) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  430.920447][T12534] FAULT_INJECTION: forcing a failure.
[  430.920447][T12534] name failslab, interval 1, probability 0, space 0, times 0
[  430.948429][T12534] CPU: 3 UID: 0 PID: 12534 Comm: syz.3.1725 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  430.948456][T12534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.948466][T12534] Call Trace:
[  430.948473][T12534]  <TASK>
[  430.948480][T12534]  dump_stack_lvl+0x16c/0x1f0
[  430.948529][T12534]  should_fail_ex+0x512/0x640
[  430.948556][T12534]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  430.948576][T12534]  should_failslab+0xc2/0x120
[  430.948593][T12534]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  430.948610][T12534]  ? security_file_alloc+0x34/0x2b0
[  430.948634][T12534]  security_file_alloc+0x34/0x2b0
[  430.948654][T12534]  init_file+0x93/0x4c0
[  430.948672][T12534]  alloc_empty_file+0x73/0x1e0
[  430.948691][T12534]  alloc_file_pseudo+0x13a/0x230
[  430.948711][T12534]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  430.948731][T12534]  ? do_raw_spin_unlock+0x172/0x230
[  430.948758][T12534]  __anon_inode_getfile+0xf7/0x370
[  430.948785][T12534]  anon_inode_getfd+0x52/0xb0
[  430.948808][T12534]  __ia32_sys_fsopen+0x18f/0x240
[  430.948824][T12534]  __do_fast_syscall_32+0x73/0x120
[  430.948871][T12534]  do_fast_syscall_32+0x32/0x80
[  430.948890][T12534]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.948909][T12534] RIP: 0023:0xf70ce579
[  430.948921][T12534] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.948935][T12534] RSP: 002b:00000000f509d55c EFLAGS: 00000296 ORIG_RAX: 00000000000001ae
[  430.948951][T12534] RAX: ffffffffffffffda RBX: 0000000080000280 RCX: 0000000000000001
[  430.948960][T12534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  430.948968][T12534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.948977][T12534] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.948985][T12534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.949004][T12534]  </TASK>
[  431.155289][T12544] FAULT_INJECTION: forcing a failure.
[  431.155289][T12544] name failslab, interval 1, probability 0, space 0, times 0
[  431.161281][T12544] CPU: 1 UID: 0 PID: 12544 Comm: syz.1.1731 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  431.161302][T12544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.161311][T12544] Call Trace:
[  431.161316][T12544]  <TASK>
[  431.161322][T12544]  dump_stack_lvl+0x16c/0x1f0
[  431.161347][T12544]  should_fail_ex+0x512/0x640
[  431.161366][T12544]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  431.161384][T12544]  should_failslab+0xc2/0x120
[  431.161401][T12544]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  431.161416][T12544]  ? sock_alloc_inode+0x25/0x1c0
[  431.161437][T12544]  ? __pfx_sock_alloc_inode+0x10/0x10
[  431.161453][T12544]  sock_alloc_inode+0x25/0x1c0
[  431.161470][T12544]  alloc_inode+0x61/0x240
[  431.161487][T12544]  sock_alloc+0x40/0x280
[  431.161504][T12544]  __sock_create+0xc1/0x8d0
[  431.161525][T12544]  l2tp_tunnel_sock_create+0x614/0xaa0
[  431.161548][T12544]  ? __pfx_l2tp_tunnel_sock_create+0x10/0x10
[  431.161567][T12544]  ? node_tag_clear+0x105/0x290
[  431.161586][T12544]  ? idr_alloc_u32+0x20f/0x2f0
[  431.161612][T12544]  ? __local_bh_enable_ip+0xa4/0x120
[  431.161631][T12544]  l2tp_tunnel_register+0x49a/0xbe0
[  431.161644][T12544]  ? __debug_object_init+0x2de/0x3d0
[  431.161660][T12544]  ? __pfx___debug_object_init+0x10/0x10
[  431.161673][T12544]  ? __pfx_l2tp_tunnel_register+0x10/0x10
[  431.161694][T12544]  ? lockdep_init_map_type+0x5c/0x280
[  431.161714][T12544]  ? l2tp_tunnel_create+0x2cf/0x460
[  431.161732][T12544]  ? l2tp_tunnel_create+0x37d/0x460
[  431.161753][T12544]  l2tp_nl_cmd_tunnel_create+0x44e/0x990
[  431.161776][T12544]  ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10
[  431.161800][T12544]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  431.161821][T12544]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  431.161845][T12544]  genl_family_rcv_msg_doit+0x206/0x2f0
[  431.161865][T12544]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  431.161883][T12544]  ? trace_cap_capable+0x18d/0x200
[  431.161902][T12544]  ? bpf_lsm_capable+0x9/0x10
[  431.161916][T12544]  ? security_capable+0x7e/0x260
[  431.161930][T12544]  ? ns_capable+0xd7/0x110
[  431.161946][T12544]  genl_rcv_msg+0x55c/0x800
[  431.161968][T12544]  ? __pfx_genl_rcv_msg+0x10/0x10
[  431.161986][T12544]  ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10
[  431.162006][T12544]  ? __lock_acquire+0xaa4/0x1ba0
[  431.162027][T12544]  netlink_rcv_skb+0x16a/0x440
[  431.162044][T12544]  ? __pfx_genl_rcv_msg+0x10/0x10
[  431.162063][T12544]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  431.162089][T12544]  ? __pfx_down_read+0x10/0x10
[  431.162110][T12544]  ? netlink_deliver_tap+0x1ae/0xd30
[  431.162128][T12544]  genl_rcv+0x28/0x40
[  431.162144][T12544]  netlink_unicast+0x53a/0x7f0
[  431.162163][T12544]  ? __pfx_netlink_unicast+0x10/0x10
[  431.162185][T12544]  netlink_sendmsg+0x8d1/0xdd0
[  431.162204][T12544]  ? __pfx_netlink_sendmsg+0x10/0x10
[  431.162220][T12544]  ? __import_iovec+0x1c8/0x660
[  431.162251][T12544]  ____sys_sendmsg+0xa95/0xc70
[  431.162272][T12544]  ? __pfx_____sys_sendmsg+0x10/0x10
[  431.162289][T12544]  ? get_compat_msghdr+0x11a/0x170
[  431.162313][T12544]  ___sys_sendmsg+0x134/0x1d0
[  431.162330][T12544]  ? __pfx____sys_sendmsg+0x10/0x10
[  431.162371][T12544]  __sys_sendmsg+0x16d/0x220
[  431.162387][T12544]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.162411][T12544]  ? rcu_is_watching+0x12/0xc0
[  431.162427][T12544]  __do_fast_syscall_32+0x73/0x120
[  431.162449][T12544]  do_fast_syscall_32+0x32/0x80
[  431.162468][T12544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.162486][T12544] RIP: 0023:0xf7fd2579
[  431.162498][T12544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.162511][T12544] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  431.162527][T12544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  431.162536][T12544] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  431.162544][T12544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.162552][T12544] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.162560][T12544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.162578][T12544]  </TASK>
[  431.162588][T12544] socket: no more sockets
[  431.711898][    C0] vkms_vblank_simulate: vblank timer overrun
[  432.867037][T12577] lo speed is unknown, defaulting to 1000
[  433.248060][    C0] vkms_vblank_simulate: vblank timer overrun
[  433.389761][    C0] vkms_vblank_simulate: vblank timer overrun
[  433.600362][T12593] syzkaller1: entered promiscuous mode
[  433.609578][T12593] syzkaller1: entered allmulticast mode
[  433.876276][T12610] netlink: 'syz.0.1748': attribute type 4 has an invalid length.
[  434.446650][    C0] vkms_vblank_simulate: vblank timer overrun
[  434.684066][    C0] vkms_vblank_simulate: vblank timer overrun
[  434.896886][T12636] batadv_slave_0: entered promiscuous mode
[  435.323864][T12641] pim6reg1: entered promiscuous mode
[  435.369571][T12641] pim6reg1: entered allmulticast mode
[  435.459537][T12631] batadv_slave_0: left promiscuous mode
[  435.784833][    C0] vkms_vblank_simulate: vblank timer overrun
[  435.831727][T12651] netlink: 'syz.0.1761': attribute type 10 has an invalid length.
[  435.835350][T12651] team0: Device hsr_slave_0 failed to register rx_handler
[  435.893952][    C0] vkms_vblank_simulate: vblank timer overrun
[  435.941848][T12657] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1763'.
[  437.334132][T12670] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1766'.
[  437.364102][T12669] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1767'.
[  437.381248][T12670] syz_tun: entered allmulticast mode
[  437.518607][T12669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1767'.
[  437.562492][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.627297][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.933190][T12678] batadv_slave_0: entered promiscuous mode
[  437.947836][    C0] vkms_vblank_simulate: vblank timer overrun
[  438.137808][T12666] syz_tun: left allmulticast mode
[  438.369913][T12674] batadv_slave_0: left promiscuous mode
[  438.479761][T12694] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  438.486552][T12694] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  438.534427][T12685] netlink: 'syz.0.1771': attribute type 10 has an invalid length.
[  438.560820][T12685] team0: Device hsr_slave_0 failed to register rx_handler
[  438.764622][T12700] 9pnet_fd: Insufficient options for proto=fd
[  438.861598][T12700] nbd: nbd1 already in use
[  439.059476][T12709] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1778'.
[  439.149051][T12709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1778'.
[  439.484099][T12718] FAULT_INJECTION: forcing a failure.
[  439.484099][T12718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.496350][T12718] CPU: 1 UID: 0 PID: 12718 Comm: syz.0.1777 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  439.496372][T12718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.496381][T12718] Call Trace:
[  439.496387][T12718]  <TASK>
[  439.496393][T12718]  dump_stack_lvl+0x16c/0x1f0
[  439.496417][T12718]  should_fail_ex+0x512/0x640
[  439.496440][T12718]  _copy_from_user+0x2e/0xd0
[  439.496462][T12718]  csum_and_copy_from_iter_full+0x214/0x1e20
[  439.496490][T12718]  ? policy_nodemask+0xea/0x4e0
[  439.496509][T12718]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  439.496529][T12718]  ? alloc_pages_mpol+0x25a/0x550
[  439.496546][T12718]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  439.496561][T12718]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  439.496577][T12718]  ? is_bpf_text_address+0x94/0x1a0
[  439.496594][T12718]  ? kernel_text_address+0x8d/0x100
[  439.496615][T12718]  ? __kernel_text_address+0xd/0x40
[  439.496638][T12718]  ip_generic_getfrag+0x170/0x270
[  439.496656][T12718]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  439.496674][T12718]  ? sk_page_frag_refill+0x6c/0x300
[  439.496697][T12718]  __ip6_append_data+0x1b5b/0x4710
[  439.496721][T12718]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  439.496746][T12718]  ? __pfx___ip6_append_data+0x10/0x10
[  439.496778][T12718]  ip6_append_data+0x1bd/0x4c0
[  439.496796][T12718]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  439.496816][T12718]  udpv6_sendmsg+0xd66/0x3070
[  439.496840][T12718]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  439.496863][T12718]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  439.496882][T12718]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  439.496931][T12718]  ? __pfx_aa_sk_perm+0x10/0x10
[  439.496948][T12718]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  439.496973][T12718]  ? inet6_sendmsg+0x105/0x140
[  439.496985][T12718]  inet6_sendmsg+0x105/0x140
[  439.497000][T12718]  ____sys_sendmsg+0x705/0xc70
[  439.497022][T12718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  439.497040][T12718]  ? get_compat_msghdr+0x11a/0x170
[  439.497059][T12718]  ? __pfx__kstrtoull+0x10/0x10
[  439.497080][T12718]  ___sys_sendmsg+0x134/0x1d0
[  439.497098][T12718]  ? __pfx____sys_sendmsg+0x10/0x10
[  439.497125][T12718]  ? find_held_lock+0x2b/0x80
[  439.497154][T12718]  __sys_sendmmsg+0x2f9/0x420
[  439.497173][T12718]  ? __pfx___sys_sendmmsg+0x10/0x10
[  439.497203][T12718]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  439.497234][T12718]  ? fput+0x70/0xf0
[  439.497250][T12718]  ? ksys_write+0x1b9/0x240
[  439.497264][T12718]  ? __pfx_ksys_write+0x10/0x10
[  439.497281][T12718]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  439.497297][T12718]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  439.497317][T12718]  __do_fast_syscall_32+0x73/0x120
[  439.497339][T12718]  do_fast_syscall_32+0x32/0x80
[  439.497358][T12718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.497376][T12718] RIP: 0023:0xf7f32579
[  439.497390][T12718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.497405][T12718] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  439.497420][T12718] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080006780
[  439.497430][T12718] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  439.497438][T12718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.497447][T12718] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.497456][T12718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.497476][T12718]  </TASK>
[  439.497869][ T1408] ieee802154 phy0 wpan0: encryption failed: -22
[  439.697481][ T1408] ieee802154 phy1 wpan1: encryption failed: -22
[  439.823743][T12723] 9pnet_virtio: no channels available for device syz
[  440.588123][    C0] vkms_vblank_simulate: vblank timer overrun
[  441.023760][    C0] vkms_vblank_simulate: vblank timer overrun
[  441.033237][T12748] netlink: 'syz.2.1789': attribute type 10 has an invalid length.
[  441.607886][    C0] vkms_vblank_simulate: vblank timer overrun
[  441.959800][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.116592][T12763] siw: device registration error -23
[  442.146178][T12763] input: syz1 as /devices/virtual/input/input63
[  442.687861][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.694702][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  442.694720][   T40] audit: type=1326 audit(2000000311.922:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.3.1791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7fc00000
[  443.227147][T12783] batadv_slave_0: entered promiscuous mode
[  443.231516][T12785] ALSA: mixer_oss: invalid OSS volume 'VMIX'
[  443.240634][T12785] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  443.577628][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.621806][T12792] FAULT_INJECTION: forcing a failure.
[  443.621806][T12792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.639570][T12792] CPU: 1 UID: 0 PID: 12792 Comm: syz.2.1801 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  443.639596][T12792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.639607][T12792] Call Trace:
[  443.639614][T12792]  <TASK>
[  443.639621][T12792]  dump_stack_lvl+0x16c/0x1f0
[  443.639650][T12792]  should_fail_ex+0x512/0x640
[  443.639699][T12792]  _copy_to_user+0x32/0xd0
[  443.639726][T12792]  simple_read_from_buffer+0xcb/0x170
[  443.639753][T12792]  proc_fail_nth_read+0x197/0x270
[  443.639778][T12792]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  443.639802][T12792]  ? rw_verify_area+0xcf/0x680
[  443.639824][T12792]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  443.639843][T12792]  vfs_read+0x1de/0xc70
[  443.639859][T12792]  ? __pfx___mutex_lock+0x10/0x10
[  443.639879][T12792]  ? __pfx_vfs_read+0x10/0x10
[  443.639899][T12792]  ? __fget_files+0x20e/0x3c0
[  443.639928][T12792]  ksys_read+0x12a/0x240
[  443.639942][T12792]  ? __pfx_ksys_read+0x10/0x10
[  443.639958][T12792]  ? rcu_is_watching+0x12/0xc0
[  443.639977][T12792]  __do_fast_syscall_32+0x73/0x120
[  443.639999][T12792]  do_fast_syscall_32+0x32/0x80
[  443.640019][T12792]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  443.640039][T12792] RIP: 0023:0xf70de579
[  443.640054][T12792] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  443.640070][T12792] RSP: 002b:00000000f50ce590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  443.640085][T12792] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50ce620
[  443.640095][T12792] RDX: 000000000000000f RSI: 00000000f7442ff4 RDI: 0000000000000000
[  443.640103][T12792] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  443.640112][T12792] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  443.640121][T12792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  443.640143][T12792]  </TASK>
[  443.730112][T12779] batadv_slave_0: left promiscuous mode
[  444.755305][T12812] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  445.012196][T12811] input: syz1 as /devices/virtual/input/input64
[  445.173577][T12812] /dev/sr0: Can't open blockdev
[  445.404939][T12813] /dev/sr0: Can't open blockdev
[  445.652119][T12821] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1809'.
[  445.661108][T12821] syz_tun: entered allmulticast mode
[  446.113591][T12831] batadv_slave_0: entered promiscuous mode
[  446.405762][T12834] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1812'.
[  446.619470][T12820] syz_tun: left allmulticast mode
[  446.688234][T12825] batadv_slave_0: left promiscuous mode
[  448.105724][T12858] input: syz1 as /devices/virtual/input/input65
[  448.229079][T12861] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  448.434915][T12861] /dev/sr0: Can't open blockdev
[  448.604437][T12857] /dev/sr0: Can't open blockdev
[  448.917775][T12876] FAULT_INJECTION: forcing a failure.
[  448.917775][T12876] name failslab, interval 1, probability 0, space 0, times 0
[  448.926455][T12876] CPU: 2 UID: 0 PID: 12876 Comm: syz.3.1824 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  448.926478][T12876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  448.926487][T12876] Call Trace:
[  448.926494][T12876]  <TASK>
[  448.926500][T12876]  dump_stack_lvl+0x16c/0x1f0
[  448.926528][T12876]  should_fail_ex+0x512/0x640
[  448.926549][T12876]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  448.926574][T12876]  ? __pfx_route4_classify+0x10/0x10
[  448.926588][T12876]  should_failslab+0xc2/0x120
[  448.926607][T12876]  __kmalloc_cache_noprof+0x6a/0x3e0
[  448.926629][T12876]  ? _raw_read_unlock+0x28/0x50
[  448.926647][T12876]  ? route4_init+0x3f/0xa0
[  448.926662][T12876]  ? __pfx_route4_classify+0x10/0x10
[  448.926677][T12876]  route4_init+0x3f/0xa0
[  448.926691][T12876]  tc_new_tfilter+0x1147/0x2340
[  448.926728][T12876]  ? kasan_quarantine_put+0x10a/0x240
[  448.926744][T12876]  ? __pfx_tc_new_tfilter+0x10/0x10
[  448.926766][T12876]  ? kfree_skbmem+0x1a4/0x1f0
[  448.926790][T12876]  ? __lock_acquire+0x5ca/0x1ba0
[  448.926821][T12876]  ? find_held_lock+0x2b/0x80
[  448.926836][T12876]  ? __pfx_tc_new_tfilter+0x10/0x10
[  448.926853][T12876]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  448.926872][T12876]  ? __pfx_tc_new_tfilter+0x10/0x10
[  448.926890][T12876]  rtnetlink_rcv_msg+0x95b/0xe90
[  448.927094][T12876]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  448.927120][T12876]  netlink_rcv_skb+0x16a/0x440
[  448.927148][T12876]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  448.927166][T12876]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  448.927195][T12876]  ? netlink_deliver_tap+0x1ae/0xd30
[  448.927216][T12876]  netlink_unicast+0x53a/0x7f0
[  448.927236][T12876]  ? __pfx_netlink_unicast+0x10/0x10
[  448.927261][T12876]  netlink_sendmsg+0x8d1/0xdd0
[  448.927282][T12876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  448.927300][T12876]  ? __import_iovec+0x1c8/0x660
[  448.927326][T12876]  ____sys_sendmsg+0xa95/0xc70
[  448.927344][T12876]  ? gfs2_create_inode+0x1ea0/0x32c0
[  448.927364][T12876]  ? __pfx_____sys_sendmsg+0x10/0x10
[  448.927383][T12876]  ? get_compat_msghdr+0x11a/0x170
[  448.927409][T12876]  ___sys_sendmsg+0x134/0x1d0
[  448.927426][T12876]  ? __pfx____sys_sendmsg+0x10/0x10
[  448.927469][T12876]  __sys_sendmsg+0x16d/0x220
[  448.927488][T12876]  ? __pfx___sys_sendmsg+0x10/0x10
[  448.927515][T12876]  ? rcu_is_watching+0x12/0xc0
[  448.927534][T12876]  __do_fast_syscall_32+0x73/0x120
[  448.927558][T12876]  do_fast_syscall_32+0x32/0x80
[  448.927578][T12876]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  448.927598][T12876] RIP: 0023:0xf70ce579
[  448.927612][T12876] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  448.927651][T12876] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  448.927667][T12876] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080006040
[  448.927677][T12876] RDX: 0000000004000800 RSI: 0000000000000000 RDI: 0000000000000000
[  448.927685][T12876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  448.927694][T12876] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  448.927702][T12876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  448.927723][T12876]  </TASK>
[  449.183616][ T7746] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  449.440267][ T7746] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  449.483513][ T7746] usb 7-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  449.543531][ T7746] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  449.563281][ T7746] usb 7-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  449.594378][ T7746] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 52, changing to 7
[  449.599857][ T7746] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 9272, setting to 1024
[  449.606590][ T7746] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  449.614192][ T7746] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  449.619027][ T7746] usb 7-1: Product: syz
[  449.622861][ T7746] usb 7-1: Manufacturer: syz
[  449.630535][ T7746] cdc_wdm 7-1:1.0: skipping garbage
[  449.633901][ T7746] cdc_wdm 7-1:1.0: skipping garbage
[  449.636170][ T7746] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  449.953738][T11507] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  449.955556][   T57] usb 7-1: USB disconnect, device number 12
[  450.134848][T11507] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  450.138569][T11507] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  450.142355][T11507] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  450.146740][T11507] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.166217][T11507] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  450.169985][T11507] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  450.172952][T11507] usb 5-1: Product: syz
[  450.176719][T11507] usb 5-1: Manufacturer: syz
[  450.192654][T11507] cdc_wdm 5-1:1.0: skipping garbage
[  450.211241][T11507] cdc_wdm 5-1:1.0: skipping garbage
[  450.238479][T11507] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  450.247768][T11507] cdc_wdm 5-1:1.0: Unknown control protocol
[  451.100083][T12892] netlink: 'syz.1.1829': attribute type 10 has an invalid length.
[  451.104181][T12892] team0: Device hsr_slave_0 failed to register rx_handler
[  451.339732][T12910] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  451.566336][T12910] /dev/sr0: Can't open blockdev
[  451.897327][T12911] /dev/sr0: Can't open blockdev
[  453.022029][T12938] siw: device registration error -23
[  453.034734][ T7746] usb 5-1: USB disconnect, device number 5
[  453.131038][T12938] input: syz1 as /devices/virtual/input/input66
[  453.557441][T12943] netlink: 'syz.0.1841': attribute type 10 has an invalid length.
[  453.567429][T12943] team0: Device hsr_slave_0 failed to register rx_handler
[  454.713119][T12964] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  454.991668][T12967] Cache volume key already in use (9p,syz,)
[  455.222737][T12975] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1847'.
[  455.293515][   T40] audit: type=1326 audit(2000000324.495:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.309679][T12975] bond19: entered promiscuous mode
[  455.313277][   T40] audit: type=1326 audit(2000000324.495:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.344117][T12975] 8021q: adding VLAN 0 to HW filter on device bond19
[  455.352051][   T40] audit: type=1326 audit(2000000324.545:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.364169][T12964] /dev/sr0: Can't open blockdev
[  455.378183][   T40] audit: type=1326 audit(2000000324.545:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378227][   T40] audit: type=1326 audit(2000000324.545:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378265][   T40] audit: type=1326 audit(2000000324.565:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378300][   T40] audit: type=1326 audit(2000000324.565:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378335][   T40] audit: type=1326 audit(2000000324.565:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378372][   T40] audit: type=1326 audit(2000000324.565:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.378407][   T40] audit: type=1326 audit(2000000324.565:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.1.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[  455.833919][T12965] /dev/sr0: Can't open blockdev
[  456.627063][T13003] FAULT_INJECTION: forcing a failure.
[  456.627063][T13003] name failslab, interval 1, probability 0, space 0, times 0
[  456.650698][T13003] CPU: 3 UID: 0 PID: 13003 Comm: syz.2.1853 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  456.650721][T13003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.650731][T13003] Call Trace:
[  456.650747][T13003]  <TASK>
[  456.650754][T13003]  dump_stack_lvl+0x16c/0x1f0
[  456.650780][T13003]  should_fail_ex+0x512/0x640
[  456.650803][T13003]  should_failslab+0xc2/0x120
[  456.650822][T13003]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  456.650839][T13003]  ? skb_clone+0x190/0x3f0
[  456.650859][T13003]  skb_clone+0x190/0x3f0
[  456.650877][T13003]  netlink_deliver_tap+0xabd/0xd30
[  456.650899][T13003]  netlink_unicast+0x5df/0x7f0
[  456.650919][T13003]  ? __pfx_netlink_unicast+0x10/0x10
[  456.650943][T13003]  netlink_sendmsg+0x8d1/0xdd0
[  456.650964][T13003]  ? __pfx_netlink_sendmsg+0x10/0x10
[  456.650984][T13003]  ? __import_iovec+0x1c8/0x660
[  456.651010][T13003]  ____sys_sendmsg+0xa95/0xc70
[  456.651030][T13003]  ? gdlm_lock+0x5a0/0xd30
[  456.651046][T13003]  ? __pfx_____sys_sendmsg+0x10/0x10
[  456.651065][T13003]  ? get_compat_msghdr+0x11a/0x170
[  456.651090][T13003]  ___sys_sendmsg+0x134/0x1d0
[  456.651109][T13003]  ? __pfx____sys_sendmsg+0x10/0x10
[  456.651152][T13003]  __sys_sendmsg+0x16d/0x220
[  456.651169][T13003]  ? __pfx___sys_sendmsg+0x10/0x10
[  456.651191][T13003]  ? rcu_is_watching+0x12/0xc0
[  456.651208][T13003]  ? rcu_is_watching+0x12/0xc0
[  456.651224][T13003]  __do_fast_syscall_32+0x73/0x120
[  456.651246][T13003]  do_fast_syscall_32+0x32/0x80
[  456.651266][T13003]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.651283][T13003] RIP: 0023:0xf70de579
[  456.651296][T13003] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.651311][T13003] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  456.651327][T13003] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  456.651337][T13003] RDX: 0000000004040140 RSI: 0000000000000000 RDI: 0000000000000000
[  456.651347][T13003] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.651356][T13003] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.651365][T13003] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.651385][T13003]  </TASK>
[  456.823324][T13008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1856'.
[  456.879473][T13008] syz_tun: entered allmulticast mode
[  457.689336][T13007] syz_tun: left allmulticast mode
[  458.147255][T13029] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  458.150433][T13029] /dev/sr0: Can't open blockdev
[  458.184194][T13029] /dev/sr0: Can't open blockdev
[  458.643571][T11476] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  458.796816][T11476] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  458.801013][T11476] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  458.807081][T11476] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  458.814311][T11476] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.654370][T11476] usb 5-1: GET_CAPABILITIES returned 0
[  459.659873][T11476] usbtmc 5-1:16.0: can't read capabilities
[  460.312833][ T7746] usb 5-1: USB disconnect, device number 6
[  461.314990][T13079] netlink: 'syz.0.1872': attribute type 10 has an invalid length.
[  461.363978][T13079] team0: Device hsr_slave_0 failed to register rx_handler
[  461.953574][T13089] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  462.290187][T13089] /dev/sr0: Can't open blockdev
[  462.625733][T13090] /dev/sr0: Can't open blockdev
[  462.863271][T13101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1878'.
[  463.728569][T13103] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1877'.
[  463.908850][T13122] FAULT_INJECTION: forcing a failure.
[  463.908850][T13122] name failslab, interval 1, probability 0, space 0, times 0
[  463.916967][T13122] CPU: 1 UID: 0 PID: 13122 Comm: syz.1.1883 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  463.916993][T13122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  463.917002][T13122] Call Trace:
[  463.917009][T13122]  <TASK>
[  463.917016][T13122]  dump_stack_lvl+0x16c/0x1f0
[  463.917041][T13122]  should_fail_ex+0x512/0x640
[  463.917062][T13122]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  463.917083][T13122]  should_failslab+0xc2/0x120
[  463.917101][T13122]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  463.917120][T13122]  ? __alloc_skb+0x2b2/0x380
[  463.917141][T13122]  __alloc_skb+0x2b2/0x380
[  463.917157][T13122]  ? __pfx___alloc_skb+0x10/0x10
[  463.917170][T13122]  ? do_raw_spin_lock+0x12c/0x2b0
[  463.917193][T13122]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  463.917220][T13122]  sock_wmalloc+0xd4/0x120
[  463.917236][T13122]  l2tp_ip_sendmsg+0x1b5/0x18d0
[  463.917258][T13122]  ? __import_iovec+0x1c8/0x660
[  463.917280][T13122]  ? __pfx_l2tp_ip_sendmsg+0x10/0x10
[  463.917300][T13122]  inet_sendmsg+0x119/0x140
[  463.917324][T13122]  ____sys_sendmsg+0x973/0xc70
[  463.917348][T13122]  ? __pfx_____sys_sendmsg+0x10/0x10
[  463.917368][T13122]  ? get_compat_msghdr+0x11a/0x170
[  463.917388][T13122]  ? __pfx__kstrtoull+0x10/0x10
[  463.917410][T13122]  ___sys_sendmsg+0x134/0x1d0
[  463.917428][T13122]  ? __pfx____sys_sendmsg+0x10/0x10
[  463.917456][T13122]  ? find_held_lock+0x2b/0x80
[  463.917479][T13122]  ? __pfx___might_resched+0x10/0x10
[  463.917500][T13122]  __sys_sendmmsg+0x2f9/0x420
[  463.917520][T13122]  ? __pfx___sys_sendmmsg+0x10/0x10
[  463.917545][T13122]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  463.917575][T13122]  ? fput+0x70/0xf0
[  463.917593][T13122]  ? ksys_write+0x1b9/0x240
[  463.917607][T13122]  ? __pfx_ksys_write+0x10/0x10
[  463.917626][T13122]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  463.917643][T13122]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  463.917665][T13122]  __do_fast_syscall_32+0x73/0x120
[  463.917688][T13122]  do_fast_syscall_32+0x32/0x80
[  463.917717][T13122]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  463.917736][T13122] RIP: 0023:0xf7fd2579
[  463.917768][T13122] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  463.917784][T13122] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  463.917800][T13122] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000900
[  463.917810][T13122] RDX: 00000000040000cf RSI: 0000000000000000 RDI: 0000000000000000
[  463.917820][T13122] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  463.917829][T13122] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  463.917837][T13122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  463.917857][T13122]  </TASK>
[  465.833555][T13141] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  467.127225][T13141] /dev/sr0: Can't open blockdev
[  467.294635][T13144] /dev/sr0: Can't open blockdev
[  468.529438][T13168] input: syz1 as /devices/virtual/input/input67
[  469.177475][T13179] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1900'.
[  469.201417][T13179] syz_tun: entered allmulticast mode
[  469.226881][T13178] syz_tun: left allmulticast mode
[  469.386541][T13184] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1901'.
[  469.440356][T13184] syz_tun: entered allmulticast mode
[  469.485142][T13182] syz_tun: left allmulticast mode
[  470.927905][T13192] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  470.931041][T13192] /dev/sr0: Can't open blockdev
[  470.936073][T13192] /dev/sr0: Can't open blockdev
[  471.248543][T13201] input: syz1 as /devices/virtual/input/input68
[  473.137819][T13223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1912'.
[  473.144779][T13223] syz_tun: entered allmulticast mode
[  473.216143][T13219] netlink: 'syz.3.1911': attribute type 10 has an invalid length.
[  473.219982][T13219] team0: Device hsr_slave_0 failed to register rx_handler
[  473.246043][T13230] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1920'.
[  473.287676][T13230] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  473.295377][T13230] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  473.301077][T13230] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  473.306931][T13230] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  473.332379][T13230] vxlan0: entered promiscuous mode
[  474.068219][T13222] syz_tun: left allmulticast mode
[  476.195353][T13273] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  476.924074][T13278] netlink: 'syz.1.1923': attribute type 10 has an invalid length.
[  476.942494][T13278] team0: Device hsr_slave_0 failed to register rx_handler
[  477.470997][T13273] /dev/sr0: Can't open blockdev
[  477.797265][T13272] /dev/sr0: Can't open blockdev
[  477.803054][T13288] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1925'.
[  477.815640][T13288] syz_tun: entered allmulticast mode
[  477.885962][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  477.886029][   T40] audit: type=1326 audit(2000000347.125:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  477.890364][T13290] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1933'.
[  477.908710][T13290] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1933'.
[  477.917131][   T40] audit: type=1326 audit(2000000347.125:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  477.949846][   T40] audit: type=1326 audit(2000000347.125:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=317 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  477.957521][   T40] audit: type=1326 audit(2000000347.125:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  477.981565][   T40] audit: type=1326 audit(2000000347.125:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  477.991841][T13290] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1933'.
[  478.008808][   T40] audit: type=1326 audit(2000000347.125:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  478.008854][   T40] audit: type=1326 audit(2000000347.125:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  478.008887][   T40] audit: type=1326 audit(2000000347.125:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  478.094012][   T40] audit: type=1326 audit(2000000347.125:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  478.109199][   T40] audit: type=1326 audit(2000000347.125:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13289 comm="syz.0.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  478.565115][T13299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1928'.
[  478.789230][T13286] syz_tun: left allmulticast mode
[  479.301308][T13307] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1932'.
[  479.351438][T13307] syz_tun: entered allmulticast mode
[  479.964808][T13323] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1937'.
[  479.987424][T13323] syz_tun: entered allmulticast mode
[  480.040267][T13321] syz_tun: left allmulticast mode
[  480.139470][T13325] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1936'.
[  480.331245][T13325] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  480.337805][T13325] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  480.349281][T13325] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  480.352677][T13325] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  480.407836][T13325] vxlan0: entered promiscuous mode
[  480.441984][T13306] syz_tun: left allmulticast mode
[  480.825526][T13343] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1941'.
[  480.839306][T13343] sctp: [Deprecated]: syz.0.1941 (pid 13343) Use of struct sctp_assoc_value in delayed_ack socket option.
[  480.839306][T13343] Use struct sctp_sack_info instead
[  481.748242][T13358] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1946'.
[  481.752829][T13358] syz_tun: entered allmulticast mode
[  482.357388][T13372] FAULT_INJECTION: forcing a failure.
[  482.357388][T13372] name failslab, interval 1, probability 0, space 0, times 0
[  482.373586][T13372] CPU: 0 UID: 0 PID: 13372 Comm: syz.0.1950 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  482.373620][T13372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  482.373630][T13372] Call Trace:
[  482.373635][T13372]  <TASK>
[  482.373657][T13372]  dump_stack_lvl+0x16c/0x1f0
[  482.373707][T13372]  should_fail_ex+0x512/0x640
[  482.373731][T13372]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  482.373758][T13372]  should_failslab+0xc2/0x120
[  482.373774][T13372]  __kmalloc_cache_noprof+0x6a/0x3e0
[  482.373797][T13372]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  482.373819][T13372]  ? aa_label_sk_perm+0x19b/0x5a0
[  482.373839][T13372]  tcp_sendmsg_fastopen+0x24d/0x750
[  482.373864][T13372]  tcp_sendmsg_locked+0x203a/0x3930
[  482.373885][T13372]  ? __pfx___might_resched+0x10/0x10
[  482.373905][T13372]  ? __pfx_get_page_from_freelist+0x10/0x10
[  482.373925][T13372]  ? __lock_acquire+0xaa4/0x1ba0
[  482.373952][T13372]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  482.373976][T13372]  ? do_raw_spin_lock+0x12c/0x2b0
[  482.374001][T13372]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  482.374028][T13372]  ? __local_bh_enable_ip+0xa4/0x120
[  482.374047][T13372]  tcp_sendmsg+0x2e/0x50
[  482.374064][T13372]  ? __pfx_tcp_sendmsg+0x10/0x10
[  482.374083][T13372]  inet_sendmsg+0xb9/0x140
[  482.374104][T13372]  ____sys_sendmsg+0x973/0xc70
[  482.374128][T13372]  ? __pfx_____sys_sendmsg+0x10/0x10
[  482.374149][T13372]  ? get_compat_msghdr+0x11a/0x170
[  482.374169][T13372]  ? __pfx__kstrtoull+0x10/0x10
[  482.374191][T13372]  ___sys_sendmsg+0x134/0x1d0
[  482.374210][T13372]  ? __pfx____sys_sendmsg+0x10/0x10
[  482.374239][T13372]  ? find_held_lock+0x2b/0x80
[  482.374269][T13372]  __sys_sendmmsg+0x2f9/0x420
[  482.374290][T13372]  ? __pfx___sys_sendmmsg+0x10/0x10
[  482.374316][T13372]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  482.374348][T13372]  ? fput+0x70/0xf0
[  482.374368][T13372]  ? ksys_write+0x1b9/0x240
[  482.374383][T13372]  ? __pfx_ksys_write+0x10/0x10
[  482.374402][T13372]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  482.374420][T13372]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  482.374442][T13372]  __do_fast_syscall_32+0x73/0x120
[  482.374465][T13372]  do_fast_syscall_32+0x32/0x80
[  482.374486][T13372]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  482.374505][T13372] RIP: 0023:0xf7f32579
[  482.374518][T13372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  482.374534][T13372] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  482.374552][T13372] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002000
[  482.374562][T13372] RDX: 0000000000000001 RSI: 000000002400c040 RDI: 0000000000000000
[  482.374571][T13372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  482.374580][T13372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  482.374595][T13372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  482.374616][T13372]  </TASK>
[  482.871994][T13357] syz_tun: left allmulticast mode
[  484.547557][T13410] __nla_validate_parse: 1 callbacks suppressed
[  484.547576][T13410] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1962'.
[  484.575045][T13410] netlink: 452 bytes leftover after parsing attributes in process `syz.2.1962'.
[  484.580809][T13410] netlink: 452 bytes leftover after parsing attributes in process `syz.2.1962'.
[  485.292385][T13428] batadv_slave_0: entered promiscuous mode
[  486.023179][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  486.023196][   T40] audit: type=1326 audit(2000000355.281:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.1.1952" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7fc00000
[  486.070188][T13419] batadv_slave_0: left promiscuous mode
[  487.173696][T13346] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  487.372862][T13346] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  487.385336][T13346] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  487.398416][T13346] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.402348][T13346] usb 6-1: Product: syz
[  487.405167][T13346] usb 6-1: Manufacturer: syz
[  487.407969][T13346] usb 6-1: SerialNumber: syz
[  487.470389][T13468] batadv_slave_0: entered promiscuous mode
[  487.787689][T13346] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  488.105818][T13464] batadv_slave_0: left promiscuous mode
[  488.299049][T13477] FAULT_INJECTION: forcing a failure.
[  488.299049][T13477] name failslab, interval 1, probability 0, space 0, times 0
[  488.316798][T13477] CPU: 0 UID: 0 PID: 13477 Comm: syz.2.1982 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  488.316822][T13477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.316832][T13477] Call Trace:
[  488.316837][T13477]  <TASK>
[  488.316843][T13477]  dump_stack_lvl+0x16c/0x1f0
[  488.316870][T13477]  should_fail_ex+0x512/0x640
[  488.316890][T13477]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  488.316909][T13477]  should_failslab+0xc2/0x120
[  488.316928][T13477]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  488.316943][T13477]  ? __pfx_tcp_current_mss+0x10/0x10
[  488.316965][T13477]  ? unwind_get_return_address+0x59/0xa0
[  488.316982][T13477]  ? __alloc_skb+0x2b2/0x380
[  488.317001][T13477]  __alloc_skb+0x2b2/0x380
[  488.317015][T13477]  ? __pfx___alloc_skb+0x10/0x10
[  488.317030][T13477]  ? __lock_acquire+0xaa4/0x1ba0
[  488.317050][T13477]  ? aa_label_sk_perm+0x19b/0x5a0
[  488.317070][T13477]  tcp_stream_alloc_skb+0x34/0x570
[  488.317092][T13477]  tcp_sendmsg_locked+0xec1/0x3930
[  488.317126][T13477]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  488.317148][T13477]  ? do_raw_spin_lock+0x12c/0x2b0
[  488.317168][T13477]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  488.317194][T13477]  ? __local_bh_enable_ip+0xa4/0x120
[  488.317215][T13477]  tcp_sendmsg+0x2e/0x50
[  488.317233][T13477]  ? __pfx_tcp_sendmsg+0x10/0x10
[  488.317253][T13477]  inet_sendmsg+0xb9/0x140
[  488.317275][T13477]  __sys_sendto+0x431/0x510
[  488.317291][T13477]  ? __pfx___sys_sendto+0x10/0x10
[  488.317324][T13477]  ? ksys_write+0x1b9/0x240
[  488.317339][T13477]  ? __pfx_ksys_write+0x10/0x10
[  488.317355][T13477]  __ia32_sys_sendto+0xdd/0x1b0
[  488.317369][T13477]  ? lockdep_hardirqs_on+0x7c/0x110
[  488.317388][T13477]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  488.317408][T13477]  __do_fast_syscall_32+0x73/0x120
[  488.317430][T13477]  do_fast_syscall_32+0x32/0x80
[  488.318137][T13477]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  488.318159][T13477] RIP: 0023:0xf70de579
[  488.318172][T13477] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  488.318188][T13477] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  488.318204][T13477] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  488.318215][T13477] RDX: 00000000000020c8 RSI: 0000000000000011 RDI: 0000000000000000
[  488.318224][T13477] RBP: 0000000000000027 R08: 0000000000000000 R09: 0000000000000000
[  488.318233][T13477] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  488.318242][T13477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  488.318263][T13477]  </TASK>
[  488.810915][T13486] usb usb8: usbfs: process 13486 (syz.0.1985) did not claim interface 0 before use
[  489.297471][T13498] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1989'.
[  489.339115][T13498] syz_tun: entered allmulticast mode
[  489.374753][ T6285] hid-generic C990:0003:0000.0006: unknown main item tag 0x0
[  489.414573][ T6285] hid-generic C990:0003:0000.0006: unknown main item tag 0x0
[  489.420630][ T6285] hid-generic C990:0003:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  489.459838][T13494] tmpfs: Cannot change global quota limit on remount
[  489.527822][T13495] syz_tun: left allmulticast mode
[  489.619153][T13501] FAULT_INJECTION: forcing a failure.
[  489.619153][T13501] name failslab, interval 1, probability 0, space 0, times 0
[  489.624911][T13501] CPU: 3 UID: 0 PID: 13501 Comm: syz.0.1990 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  489.624934][T13501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.624944][T13501] Call Trace:
[  489.625089][T13501]  <TASK>
[  489.625097][T13501]  dump_stack_lvl+0x16c/0x1f0
[  489.625124][T13501]  should_fail_ex+0x512/0x640
[  489.625146][T13501]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  489.625166][T13501]  should_failslab+0xc2/0x120
[  489.625187][T13501]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  489.625203][T13501]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  489.625218][T13501]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  489.625241][T13501]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  489.625260][T13501]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  489.625281][T13501]  mmu_topup_memory_caches+0x25/0x170
[  489.625316][T13501]  kvm_mmu_load+0xd9/0x22a0
[  489.625337][T13501]  ? kvm_apic_has_interrupt+0xb5/0x190
[  489.625354][T13501]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  489.625373][T13501]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  489.625393][T13501]  ? __pfx_kvm_mmu_load+0x10/0x10
[  489.625414][T13501]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  489.625432][T13501]  ? kvm_check_and_inject_events+0x71c/0x1310
[  489.625459][T13501]  vcpu_run+0x33d9/0x5320
[  489.625481][T13501]  ? __lock_acquire+0xaa4/0x1ba0
[  489.625508][T13501]  ? __pfx_vcpu_run+0x10/0x10
[  489.625531][T13501]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[  489.625549][T13501]  ? __local_bh_enable_ip+0xa4/0x120
[  489.625573][T13501]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  489.625595][T13501]  kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  489.625624][T13501]  kvm_vcpu_ioctl+0x5e9/0x1680
[  489.625651][T13501]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  489.625675][T13501]  ? tomoyo_path_number_perm+0x18d/0x580
[  489.625697][T13501]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  489.625715][T13501]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  489.625747][T13501]  ? do_vfs_ioctl+0x512/0x1990
[  489.625769][T13501]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  489.625809][T13501]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  489.625834][T13501]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  489.625857][T13501]  ? __fget_files+0x20e/0x3c0
[  489.625880][T13501]  ? fput+0x20/0xf0
[  489.625901][T13501]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  489.625926][T13501]  __ia32_compat_sys_ioctl+0x24c/0x360
[  489.625950][T13501]  __do_fast_syscall_32+0x73/0x120
[  489.625976][T13501]  do_fast_syscall_32+0x32/0x80
[  489.625999][T13501]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.626019][T13501] RIP: 0023:0xf7f32579
[  489.626177][T13501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  489.626193][T13501] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  489.626210][T13501] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  489.626220][T13501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  489.626421][T13501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  489.626430][T13501] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  489.626437][T13501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  489.626458][T13501]  </TASK>
[  489.871532][ T1337] usb 6-1: USB disconnect, device number 6
[  489.894025][ T1337] usblp0: removed
[  490.244218][   T40] audit: type=1326 audit(2000000359.496:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.267354][T13513] batadv_slave_0: entered promiscuous mode
[  490.283588][   T40] audit: type=1326 audit(2000000359.496:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.301224][   T40] audit: type=1326 audit(2000000359.516:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.339900][T13511] binder: 13510:13511 ioctl c0306201 80000540 returned -14
[  490.415889][   T40] audit: type=1326 audit(2000000359.516:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.467880][   T40] audit: type=1326 audit(2000000359.516:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.573633][   T40] audit: type=1326 audit(2000000359.516:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.637111][   T40] audit: type=1326 audit(2000000359.516:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.651599][T13503] batadv_slave_0: left promiscuous mode
[  490.673110][   T40] audit: type=1326 audit(2000000359.516:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.732661][   T40] audit: type=1326 audit(2000000359.516:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13510 comm="syz.2.1993" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70de579 code=0x7ffc0000
[  490.952742][T13529] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1998'.
[  490.982101][T13529] syz_tun: entered allmulticast mode
[  491.031134][T13528] syz_tun: left allmulticast mode
[  491.428815][ T1337] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  491.621207][T13542] lo speed is unknown, defaulting to 1000
[  491.654827][ T1337] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  491.703871][ T1337] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  491.704663][T13545] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  491.709320][ T1337] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.724041][ T1337] usb 5-1: Product: syz
[  491.730876][ T1337] usb 5-1: Manufacturer: syz
[  491.733803][ T1337] usb 5-1: SerialNumber: syz
[  491.965033][T13545] /dev/sr0: Can't open blockdev
[  492.088687][ T1337] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  492.204698][T13546] /dev/sr0: Can't open blockdev
[  492.541243][T13566] batadv_slave_0: entered promiscuous mode
[  493.209032][T13560] batadv_slave_0: left promiscuous mode
[  494.104212][ T1337] usb 5-1: USB disconnect, device number 7
[  494.112620][ T1337] usblp0: removed
[  494.295082][    C3] vkms_vblank_simulate: vblank timer overrun
[  494.835457][T13589] netlink: 'syz.0.2014': attribute type 1 has an invalid length.
[  495.075354][    C3] vkms_vblank_simulate: vblank timer overrun
[  495.312097][T13592] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  495.609867][T13592] /dev/sr0: Can't open blockdev
[  495.672038][T13595] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2015'.
[  495.799542][T13595] fuse: Bad value for 'fd'
[  495.907318][    C3] vkms_vblank_simulate: vblank timer overrun
[  496.070615][T13593] /dev/sr0: Can't open blockdev
[  496.407041][T13614] batadv_slave_0: entered promiscuous mode
[  496.491283][    C3] vkms_vblank_simulate: vblank timer overrun
[  496.740242][T13618] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2021'.
[  496.823599][    C3] vkms_vblank_simulate: vblank timer overrun
[  496.923340][    C3] vkms_vblank_simulate: vblank timer overrun
[  496.969335][T13603] batadv_slave_0: left promiscuous mode
[  497.075290][    C3] vkms_vblank_simulate: vblank timer overrun
[  497.793556][    C3] vkms_vblank_simulate: vblank timer overrun
[  498.441737][    C3] vkms_vblank_simulate: vblank timer overrun
[  498.750627][T13643] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  498.983280][    C3] vkms_vblank_simulate: vblank timer overrun
[  499.177255][T13648] 9pnet_virtio: no channels available for device syz
[  499.206214][T13643] /dev/sr0: Can't open blockdev
[  499.365647][T11952] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  499.435659][T13645] /dev/sr0: Can't open blockdev
[  499.472430][T13652] batadv_slave_0: entered promiscuous mode
[  499.541935][T11952] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  499.744901][T11952] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  499.872911][T11952] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  499.929137][T13649] batadv_slave_0: left promiscuous mode
[  499.955647][T13657] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  499.959905][T13657] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  499.965263][T13657] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  499.971390][T13657] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  499.983079][T13657] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  499.983331][    C2] vkms_vblank_simulate: vblank timer overrun
[  500.008251][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  500.013212][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  500.017048][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  500.023906][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  500.027993][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  500.183217][T11952] bridge_slave_1: left allmulticast mode
[  500.199180][T11952] bridge_slave_1: left promiscuous mode
[  500.216505][T11952] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.240421][T11952] bridge_slave_0: left allmulticast mode
[  500.245236][T11952] bridge_slave_0: left promiscuous mode
[  500.251146][T11952] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.826544][    C2] vkms_vblank_simulate: vblank timer overrun
[  500.936541][ T1408] ieee802154 phy0 wpan0: encryption failed: -22
[  500.953878][ T1408] ieee802154 phy1 wpan1: encryption failed: -22
[  501.171716][ T6002] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  501.380642][ T6002] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  501.384773][ T6002] usb 6-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  501.402588][ T6002] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  501.418999][ T6002] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  501.446819][ T6002] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 52, changing to 7
[  501.457292][ T6002] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 9272, setting to 1024
[  501.479463][ T6002] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  501.485746][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  501.490928][ T6002] usb 6-1: Product: syz
[  501.493844][ T6002] usb 6-1: Manufacturer: syz
[  501.501372][ T6002] cdc_wdm 6-1:1.0: skipping garbage
[  501.505495][ T6002] cdc_wdm 6-1:1.0: skipping garbage
[  501.509151][ T6002] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  501.859620][T11952] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  501.890283][T11952] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  501.908719][T11952] bond0 (unregistering): Released all slaves
[  501.922418][T11952] bond1 (unregistering): Released all slaves
[  501.936446][T11952] bond2 (unregistering): Released all slaves
[  501.953788][T11952] bond3 (unregistering): Released all slaves
[  501.978979][T11952] bond4 (unregistering): Released all slaves
[  502.021949][T11952] bond5 (unregistering): Released all slaves
[  502.050106][T11952] bond6 (unregistering): Released all slaves
[  502.064127][T11952] bond7 (unregistering): Released all slaves
[  502.133056][T13657] Bluetooth: hci2: command tx timeout
[  502.174071][T11952] bond8 (unregistering): Released all slaves
[  502.184463][T11952] bond9 (unregistering): Released all slaves
[  502.204207][T11952] bond10 (unregistering): Released all slaves
[  502.241972][T11952] bond11 (unregistering): Released all slaves
[  502.260307][T11952] bond12 (unregistering): Released all slaves
[  502.277536][T11952] bond13 (unregistering): Released all slaves
[  502.306689][T11952] bond14 (unregistering): Released all slaves
[  502.337784][T11952] bond15 (unregistering): Released all slaves
[  502.356159][T11952] bond16 (unregistering): Released all slaves
[  502.370738][T11952] bond17 (unregistering): Released all slaves
[  502.398115][T13656] lo speed is unknown, defaulting to 1000
[  502.604889][    C2] vkms_vblank_simulate: vblank timer overrun
[  502.668758][   T57] usb 6-1: USB disconnect, device number 7
[  502.797824][T11952] tipc: Left network mode
[  502.910191][T13656] chnl_net:caif_netlink_parms(): no params data found
[  503.167268][    C2] vkms_vblank_simulate: vblank timer overrun
[  503.483662][   T40] kauditd_printk_skb: 62 callbacks suppressed
[  503.483680][   T40] audit: type=1326 audit(2000000372.732:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13669 comm="syz.2.2038" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7fc00000
[  503.637541][T13656] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.641516][T13656] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.646413][T13656] bridge_slave_0: entered allmulticast mode
[  503.651103][T13656] bridge_slave_0: entered promiscuous mode
[  503.656728][T13656] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.660854][T13656] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.665839][T13656] bridge_slave_1: entered allmulticast mode
[  503.670594][T13656] bridge_slave_1: entered promiscuous mode
[  504.078377][T11952] hsr_slave_0: left promiscuous mode
[  504.131279][    C2] vkms_vblank_simulate: vblank timer overrun
[  504.141716][T11952] hsr_slave_1: left promiscuous mode
[  504.148578][T11952] batman_adv: batadv0: Removing interface: batadv_slave_0
[  504.213700][T13657] Bluetooth: hci2: command tx timeout
[  504.217727][T11952] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.588845][T13689] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  505.204175][T13689] /dev/sr0: Can't open blockdev
[  505.675339][T13694] /dev/sr0: Can't open blockdev
[  506.283865][T13657] Bluetooth: hci2: command tx timeout
[  507.340012][T11952] team0 (unregistering): Port device team_slave_1 removed
[  507.714628][T11952] team0 (unregistering): Port device team_slave_0 removed
[  508.370104][T13657] Bluetooth: hci2: command tx timeout
[  510.195543][T13656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  510.214554][T13656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.376211][T13700] batadv_slave_0: entered promiscuous mode
[  510.603981][T13700] batadv_slave_0: left promiscuous mode
[  510.621132][T13656] team0: Port device team_slave_0 added
[  510.674466][T13656] team0: Port device team_slave_1 added
[  510.888001][T13656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  510.892306][T13656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.919129][T13656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  510.926419][T13656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  510.929771][T13656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.954337][T13656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  511.148025][T13656] hsr_slave_0: entered promiscuous mode
[  511.197348][T13656] hsr_slave_1: entered promiscuous mode
[  511.206531][T13656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  511.222431][T13656] Cannot create hsr debugfs directory
[  511.317565][T11952] IPVS: stop unused estimator thread 0...
[  511.648571][T13656] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  511.659145][T13656] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  511.673329][T13656] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  511.700551][T13656] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  511.908745][   T40] audit: type=1326 audit(2000000381.167:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7fc00000
[  511.936931][T13656] 8021q: adding VLAN 0 to HW filter on device bond0
[  511.965386][T13656] 8021q: adding VLAN 0 to HW filter on device team0
[  511.993330][ T6259] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.996659][ T6259] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.031599][T11952] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.041248][T11952] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.153160][T13722] netlink: 192 bytes leftover after parsing attributes in process `syz.1.2049'.
[  512.209404][T13656] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  512.504368][T13734] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2051'.
[  512.508647][T13734] syz_tun: entered allmulticast mode
[  512.541770][T13656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  513.008494][T13656] veth0_vlan: entered promiscuous mode
[  513.039735][T13656] veth1_vlan: entered promiscuous mode
[  513.106483][T13656] veth0_macvtap: entered promiscuous mode
[  513.124556][T13656] veth1_macvtap: entered promiscuous mode
[  513.178374][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  513.182105][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  513.200839][T13656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  513.212348][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  513.225670][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  513.247682][T13656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  513.258240][T13656] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  513.262333][T13656] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  513.269273][T13656] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  513.287418][T13656] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  513.327637][T13729] syz_tun: left allmulticast mode
[  513.462381][ T6251] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.468667][ T6251] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.528727][ T6260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.531917][ T6260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.596792][  T833] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  513.779770][  T833] usb 7-1: Using ep0 maxpacket: 16
[  513.790802][  T833] usb 7-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  513.811100][  T833] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.837684][  T833] usb 7-1: Product: syz
[  513.856129][  T833] usb 7-1: Manufacturer: syz
[  513.858309][  T833] usb 7-1: SerialNumber: syz
[  513.880337][  T833] usb 7-1: config 0 descriptor??
[  513.926298][  T833] as10x_usb: device has been detected
[  513.929375][  T833] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  513.955773][  T833] usb 7-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  514.082204][  T833] as10x_usb: error during firmware upload part1
[  514.085724][  T833] Registered device Sky IT Digital Key (green led)
[  514.087749][T13747] random: crng reseeded on system resumption
[  514.098820][T13747] FAULT_INJECTION: forcing a failure.
[  514.098820][T13747] name failslab, interval 1, probability 0, space 0, times 0
[  514.115342][T13747] CPU: 2 UID: 0 PID: 13747 Comm: syz.2.2053 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  514.115370][T13747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  514.115382][T13747] Call Trace:
[  514.115388][T13747]  <TASK>
[  514.115396][T13747]  dump_stack_lvl+0x16c/0x1f0
[  514.115425][T13747]  should_fail_ex+0x512/0x640
[  514.115453][T13747]  should_failslab+0xc2/0x120
[  514.115474][T13747]  __kmalloc_cache_noprof+0x6a/0x3e0
[  514.115502][T13747]  ? do_raw_spin_lock+0x12c/0x2b0
[  514.115527][T13747]  ? find_held_lock+0x2b/0x80
[  514.115542][T13747]  ? async_schedule_node_domain+0x54/0x120
[  514.115566][T13747]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  514.115599][T13747]  async_schedule_node_domain+0x54/0x120
[  514.115622][T13747]  dev_cache_fw_image+0x38e/0x490
[  514.115650][T13747]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  514.115679][T13747]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  514.115701][T13747]  dpm_for_each_dev+0x5a/0xb0
[  514.115722][T13747]  fw_pm_notify+0x81/0x150
[  514.115738][T13747]  notifier_call_chain+0xb9/0x410
[  514.115753][T13747]  ? __pfx_fw_pm_notify+0x10/0x10
[  514.115775][T13747]  blocking_notifier_call_chain_robust+0xc8/0x160
[  514.115792][T13747]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  514.115815][T13747]  pm_notifier_call_chain_robust+0x27/0x60
[  514.115831][T13747]  snapshot_open+0x218/0x2b0
[  514.115845][T13747]  ? __pfx_snapshot_open+0x10/0x10
[  514.115860][T13747]  misc_open+0x35a/0x420
[  514.115880][T13747]  ? __pfx_misc_open+0x10/0x10
[  514.115898][T13747]  chrdev_open+0x231/0x6a0
[  514.115912][T13747]  ? __pfx_apparmor_file_open+0x10/0x10
[  514.115929][T13747]  ? __pfx_chrdev_open+0x10/0x10
[  514.115944][T13747]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  514.115968][T13747]  do_dentry_open+0x741/0x1c10
[  514.115983][T13747]  ? __pfx_chrdev_open+0x10/0x10
[  514.116002][T13747]  vfs_open+0x82/0x3f0
[  514.116021][T13747]  path_openat+0x1e5e/0x2d40
[  514.116043][T13747]  ? __pfx_path_openat+0x10/0x10
[  514.116062][T13747]  do_filp_open+0x20b/0x470
[  514.116075][T13747]  ? __pfx_do_filp_open+0x10/0x10
[  514.116103][T13747]  ? alloc_fd+0x471/0x7d0
[  514.116131][T13747]  do_sys_openat2+0x11b/0x1d0
[  514.116149][T13747]  ? __pfx_do_sys_openat2+0x10/0x10
[  514.116168][T13747]  ? __fget_files+0x20e/0x3c0
[  514.116190][T13747]  __ia32_compat_sys_openat+0x16d/0x210
[  514.116208][T13747]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  514.116225][T13747]  ? ksys_write+0x1b9/0x240
[  514.116237][T13747]  ? rcu_is_watching+0x12/0xc0
[  514.116252][T13747]  ? rcu_is_watching+0x12/0xc0
[  514.116265][T13747]  __do_fast_syscall_32+0x73/0x120
[  514.116286][T13747]  do_fast_syscall_32+0x32/0x80
[  514.116304][T13747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.116320][T13747] RIP: 0023:0xf70de579
[  514.116334][T13747] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  514.116347][T13747] RSP: 002b:00000000f50ad55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  514.116361][T13747] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  514.116369][T13747] RDX: 0000000000040081 RSI: 0000000000000000 RDI: 0000000000000000
[  514.116377][T13747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  514.116384][T13747] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  514.116391][T13747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  514.116409][T13747]  </TASK>
[  514.118972][T13747] 
[  514.204425][T13754] siw: device registration error -23
[  514.205909][T13747] ============================================
[  514.266133][T13752] syz.4.2033 (13752): drop_caches: 2
[  514.266464][T13747] WARNING: possible recursive locking detected
[  514.269194][T13752] syz.4.2033 (13752): drop_caches: 2
[  514.272188][T13747] 6.15.0-rc5-syzkaller #0 Not tainted
[  514.272204][T13747] --------------------------------------------
[  514.377073][T13747] syz.2.2053/13747 is trying to acquire lock:
[  514.380661][T13747] ffffffff8f2f2288 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[  514.386031][T13747] 
[  514.386031][T13747] but task is already holding lock:
[  514.391469][T13747] ffffffff8f2f2288 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  514.398381][T13747] 
[  514.398381][T13747] other info that might help us debug this:
[  514.406335][T13747]  Possible unsafe locking scenario:
[  514.406335][T13747] 
[  514.411064][T13747]        CPU0
[  514.414231][T13747]        ----
[  514.416670][T13747]   lock(fw_lock);
[  514.419594][T13747]   lock(fw_lock);
[  514.423142][T13747] 
[  514.423142][T13747]  *** DEADLOCK ***
[  514.423142][T13747] 
[  514.428748][T13747]  May be due to missing lock nesting notation
[  514.428748][T13747] 
[  514.436144][T13747] 5 locks held by syz.2.2053/13747:
[  514.439665][T13747]  #0: ffffffff8f0e2a88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  514.444642][T13747]  #1: ffffffff8e283608 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[  514.451265][T13747]  #2: ffffffff8e2c3150 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[  514.460153][T13747]  #3: ffffffff8f2f2288 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  514.468480][T13747]  #4: ffffffff8f2ecea8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[  514.476615][T13747] 
[  514.476615][T13747] stack backtrace:
[  514.482053][T13747] CPU: 2 UID: 0 PID: 13747 Comm: syz.2.2053 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  514.482196][T13747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  514.482325][T13747] Call Trace:
[  514.482333][T13747]  <TASK>
[  514.482457][T13747]  dump_stack_lvl+0x116/0x1f0
[  514.482590][T13747]  print_deadlock_bug+0x1e9/0x240
[  514.482664][T13747]  __lock_acquire+0xff7/0x1ba0
[  514.482768][T13747]  ? __kasan_slab_free+0x51/0x70
[  514.482786][T13747]  lock_acquire+0x179/0x350
[  514.482804][T13747]  ? assign_fw+0x4e/0x640
[  514.482864][T13747]  ? __pfx___might_resched+0x10/0x10
[  514.482880][T13747]  ? do_sys_openat2+0x11b/0x1d0
[  514.482938][T13747]  ? __ia32_compat_sys_openat+0x16d/0x210
[  514.482958][T13747]  ? __do_fast_syscall_32+0x73/0x120
[  514.483019][T13747]  __mutex_lock+0x199/0xb90
[  514.483099][T13747]  ? assign_fw+0x4e/0x640
[  514.483119][T13747]  ? assign_fw+0x4e/0x640
[  514.483177][T13747]  ? __pfx___mutex_lock+0x10/0x10
[  514.483236][T13747]  ? kasan_quarantine_put+0x10a/0x240
[  514.483252][T13747]  ? lockdep_hardirqs_on+0x7c/0x110
[  514.483272][T13747]  ? assign_fw+0x4e/0x640
[  514.483329][T13747]  assign_fw+0x4e/0x640
[  514.483384][T13747]  ? _request_firmware+0x957/0x1470
[  514.483547][T13747]  _request_firmware+0x988/0x1470
[  514.483609][T13747]  ? __pfx__request_firmware+0x10/0x10
[  514.483634][T13747]  __async_dev_cache_fw_image+0xb1/0x340
[  514.483696][T13747]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  514.483787][T13747]  ? mark_held_locks+0x49/0x80
[  514.483844][T13747]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  514.483901][T13747]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  514.483924][T13747]  async_schedule_node_domain+0xd1/0x120
[  514.483979][T13747]  dev_cache_fw_image+0x38e/0x490
[  514.484040][T13747]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  514.484062][T13747]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  514.484121][T13747]  dpm_for_each_dev+0x5a/0xb0
[  514.484447][T13747]  fw_pm_notify+0x81/0x150
[  514.484633][T13747]  notifier_call_chain+0xb9/0x410
[  514.484809][T13747]  ? __pfx_fw_pm_notify+0x10/0x10
[  514.485003][T13747]  blocking_notifier_call_chain_robust+0xc8/0x160
[  514.485022][T13747]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  514.485040][T13747]  pm_notifier_call_chain_robust+0x27/0x60
[  514.485096][T13747]  snapshot_open+0x218/0x2b0
[  514.485111][T13747]  ? __pfx_snapshot_open+0x10/0x10
[  514.485124][T13747]  misc_open+0x35a/0x420
[  514.485180][T13747]  ? __pfx_misc_open+0x10/0x10
[  514.485197][T13747]  chrdev_open+0x231/0x6a0
[  514.485211][T13747]  ? __pfx_apparmor_file_open+0x10/0x10
[  514.485263][T13747]  ? __pfx_chrdev_open+0x10/0x10
[  514.485311][T13747]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  514.485332][T13747]  do_dentry_open+0x741/0x1c10
[  514.485345][T13747]  ? __pfx_chrdev_open+0x10/0x10
[  514.485359][T13747]  vfs_open+0x82/0x3f0
[  514.485412][T13747]  path_openat+0x1e5e/0x2d40
[  514.485461][T13747]  ? __pfx_path_openat+0x10/0x10
[  514.485474][T13747]  do_filp_open+0x20b/0x470
[  514.485484][T13747]  ? __pfx_do_filp_open+0x10/0x10
[  514.485501][T13747]  ? alloc_fd+0x471/0x7d0
[  514.485562][T13747]  do_sys_openat2+0x11b/0x1d0
[  514.485578][T13747]  ? __pfx_do_sys_openat2+0x10/0x10
[  514.485594][T13747]  ? __fget_files+0x20e/0x3c0
[  514.485649][T13747]  __ia32_compat_sys_openat+0x16d/0x210
[  514.485666][T13747]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  514.485682][T13747]  ? ksys_write+0x1b9/0x240
[  514.485725][T13747]  ? rcu_is_watching+0x12/0xc0
[  514.485737][T13747]  ? rcu_is_watching+0x12/0xc0
[  514.485871][T13747]  __do_fast_syscall_32+0x73/0x120
[  514.485926][T13747]  do_fast_syscall_32+0x32/0x80
[  514.485945][T13747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.485961][T13747] RIP: 0023:0xf70de579
[  514.485972][T13747] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  514.486019][T13747] RSP: 002b:00000000f50ad55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  514.486033][T13747] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  514.486074][T13747] RDX: 0000000000040081 RSI: 0000000000000000 RDI: 0000000000000000
[  514.486081][T13747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  514.486089][T13747] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  514.486095][T13747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  514.486109][T13747]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)

VM DIAGNOSIS:
17:47:40  Registers:
info registers vcpu 0

CPU#0
RAX=00000000003a8aec RBX=0000000000000000 RCX=ffffffff8b6953e9 RDX=ffffed10056465be
RSI=ffffffff8bf46ba0 RDI=ffffffff81913241 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000000 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90852310 R15=0000000000000000
RIP=ffffffff8b693c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977ec000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3db62b CR3=000000006637f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000002 RBX=ffff88802b33b100 RCX=ffffffff81aec3ce RDX=ffff88801dab4880
RSI=0000000000000000 RDI=0000000000000005 RBP=ffffc9000044fd10 RSP=ffffc9000044fc38
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c7944e
R12=1ffff92000089f8c R13=0000000000000003 R14=0000000000000001 R15=ffffed1005667621
RIP=ffffffff81baa68c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978ec000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f507cda4 CR3=000000006637f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c26b5 RDI=ffffffff9addfbc0 RBP=ffffffff9addfb80 RSP=ffffc90003c7ecf8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=32203a7365687973
R12=0000000000000000 R13=0000000000000035 R14=ffffffff9addfb80 R15=ffffffff854c2650
RIP=ffffffff854c26df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979ec000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7f955c0 CR3=0000000012f56000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b4414a0 RCX=ffffffff81ae9e69 RDX=ffff888024d82440
RSI=ffffffff81ae9e43 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000782f938
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff9ad72660
R12=ffffed1005688295 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b53b180
RIP=ffffffff81ae9e45 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097aec000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c3376e5 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000