last executing test programs:

4.488453821s ago: executing program 2 (id=1439):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00')
write$FUSE_INIT(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8000009, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x4, 0x1, 0x2})
ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc0f8565c, &(0x7f0000000280)={0x0, 0x2ff, 0x4, {0x1, @pix_mp={0x17a5499b, 0x2, 0x38414762, 0x2, 0xa, [{0xa2b, 0x2}, {0x468b, 0x2}, {0x8, 0x200}, {0x40, 0x6b}, {0x1}, {0x4, 0x40}, {0x80000000, 0x6c8}, {0xe, 0x2}], 0xff, 0x4, 0x7, 0x0, 0x6}}})
ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f00000001c0)=0x1)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0cc5605, &(0x7f00000000c0)={0x0, @pix_mp={0x3, 0xffffffff, 0x34343459, 0x4, 0x7, [{0x0, 0x6044}, {0x8000}, {0xd, 0xffffffff}, {0x80000000, 0xf}, {0x47460afb}, {0x99b, 0x7}, {0x2, 0x4}, {0x4, 0x1}], 0x41, 0x9, 0x0, 0x0, 0x1}})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000006f80)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES8=r1, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x20040824}, 0x20000000)
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x80, 0x1, 0x2000200000a95e, 0x7, 0x9, 0x400, 0x48cd, 0x0, 0x800000df})
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x30, 0x3)
capset(&(0x7f0000002040)={0x20071026}, &(0x7f0000002080)={0x1, 0xffff, 0x0, 0x3, 0xb, 0x6})
r5 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
fchown(r5, 0xee01, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)={0x4, {{0xa, 0x4e22, 0xfff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}}, 0x0, 0x2, [{{0xa, 0x4e22, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}}, {{0xa, 0x4e20, 0x6, @mcast2, 0x1c0}}]}, 0x18c)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0x20002078)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000200)={0x1, 0x0, [{0x4, 0x33, 0x5, 0x0, 0x1ff, 0x0, 0x1000040}]})

4.404486866s ago: executing program 2 (id=1441):
syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r0, 0x4b52, &(0x7f0000000180)="b52be39221")
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r2, &(0x7f0000000240)=[{&(0x7f0000000340)=@in6={0xa, 0x4e20, 0x1, @local, 0xfffffffd}, 0x1c, &(0x7f00000030c0)=[{&(0x7f0000005d00)="ec", 0x1}], 0x1, 0x0, 0x0, 0x240c4054}], 0x1, 0x4081)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r4=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f00000001c0)={r4, 0xbe49}, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="02032000120000000000000020040000000000000000000000002d04f08d8782c8f8000000030006000000000002004e207f0000010000000000000000040004000000000005000000000000000000000000000000000000000000000002000100000000000000030000000000030005000000000002004e21ffffffff0000000000000000"], 0x90}}, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002cbd7000000000000900020073797a30000000000800410072786500140033006c6f0000000000000000000080000000"], 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x40000) (fail_nth: 4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$nl_route_sched(r8, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x20, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xd}, {0x480bd72125a0c189, 0xfff2}, {0xffe0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x400400c}, 0xc0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

3.490029709s ago: executing program 2 (id=1451):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000c22bed3e0ab27a9780e1b9c3a515ad763e83de2c98015017d44264b3aa172c9362e87a2645cb95b289837152cdd8f3dd46b815ef3fea69d8d79bb6f33a700aae91e2c5e0e2ecda6c038639ab3e7a304bbde36060e0a134c40d2e5a762c1345efc7e49e0cf111162ea5749aaa0f28f022688959c14d2952756971ab67c4fbf41789ba13a633dd53c3d5f6666f8a2550d6", @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000489000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x4011, 0xffffffffffffffff, 0xffffc000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x1000000000000]}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x1, 0x42, 0x40, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x1000, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r4}, 0x38)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e0a060e044c"], 0xd)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002382, 0x0)
r6 = dup(r5)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x1e, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r6, 0xff568000)
socket(0x22, 0x2, 0x3)

3.416390707s ago: executing program 3 (id=1452):
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x15, 0x8, &(0x7f0000005c00)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2001c000}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0xe, 0x0, 0x80000001}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffe}, &(0x7f0000000180), &(0x7f0000000500))
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x378, 0xffffffff, 0x1e4, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x3}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, [0xff000000, 0x0, 0x0, 0xff], [0xff000000, 0xff000000, 0x0, 0xffffffff], 'bridge_slave_1\x00', 'team_slave_1\x00', {}, {0xbf820dc36854cbc6}, 0x6, 0x9, 0x2, 0x43}, 0x2f2, 0xc8, 0xec, 0x0, {}, [@common=@inet=@ecn={{0x24}, {0x11, 0x1, 0x6, 0x4}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@common=@ipv6header={{0x24}, {0xa, 0x20, 0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x2, 0x79496b969af2e55d}, {0x2, 0x3, 0x6}, 0x8, 0x9}}}, {{@uncond, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x4, 0xfffd}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3d4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x3, 0x0, 0x4000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000280)="670f01d10f01f70f01b600000f23a10f01d12e660fd7fcbad104b0f4eec13d4e6766c7442400970000006766c7442402003600006766c744240600000000670f011424b848000f00d8", 0x49}], 0x1, 0x7d, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r8, 0x6)
r9 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70003000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r11 = dup(r10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r11, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

3.290015225s ago: executing program 2 (id=1453):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0xfffffffd, 0xd3}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r7, 0xc048aec8, &(0x7f00000005c0))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0x0, 0x0, 0x68, 0xb, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}})
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000100001000000001c000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000003140000001100010000000000000000000500000a"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c00028005000300010000000800014000000017080002400000000c0900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, 0x0}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000040)="b9", 0x1}], 0x1}}], 0x2, 0x0)

3.045188693s ago: executing program 2 (id=1455):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = getpid()
getpriority(0x2, r3)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, r1, 0x1, 0x300, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0xc0c4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f00000014c0)=@filter={'filter\x00', 0x42, 0x4, 0x430, 0xffffffff, 0x11a8, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x13c8, 0x13c8, 0x13c8, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00'}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'ip6gretap0\x00', 'team_slave_1\x00'}, 0x287, 0xb8, 0xe0, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x0, 0xfffffffffffffffe}}]}, @REJECT={0x28}}, {{@ip={@loopback, @broadcast, 0x0, 0x0, 'dvmrp1\x00', 'dummy0\x00'}, 0x0, 0x1c0, 0x220, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'gre0\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x1, 0x1, 0x5, 0x5, 0x1, 0x4], 0x6, 0x1}, {0x2, [0x0, 0x4, 0x5, 0x1, 0x2, 0x5], 0x0, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x490)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x34, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0xffffffff, 0x0]}, @NL80211_ATTR_CQM_RSSI_HYST={0x8}]}]}, 0x34}}, 0x0)

2.963461103s ago: executing program 2 (id=1456):
syz_usb_connect$uac1(0x3, 0xa2, &(0x7f0000000100)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902900003010380000904000000010100000a24010f00050201020c2402060602040c0032a304f0ffffff00010200000904010101010200000724012004"], 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x4}, 0x8)
r1 = open(0x0, 0x145142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81e8943c, &(0x7f0000000680)={0x0, ""/256, <r3=>0x0, <r4=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000013c0)={{0x0, 0x8, 0x9, 0x401, 0x8, 0x2876ab2c, 0xe, 0x7, 0x2, 0x1000, 0x7e, 0x4, 0x1965, 0x2, 0x80000001}})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000002840)={r4, r3, "bc1e0855a365eaa1acdc81db33f78a5870972834258e6de4227dcb959789ff3c8ed15b17016b3f3b23346bccc60450fcd3b800538f741d514e43bcd625167635a0fb63b710b50c132e8dbfb48c12d36eff686e7af8300f83279781d766f0be2913eca2371c0916835a5cd1e753e9c96cbcfdf7010b420808060018db55b67903cb3d8df67efdbc6c68a5a2d377829b75beafaf379b9d1f23219824e09d0124fb4ba65a8f59f2f2d24719d8cee69e75b669f74ab5d06b388286f6b5b1c45f97b465bf757eca2322a6fad8c630672d159e728e8308c252ae680b0f56aa696a64f85cdb3f9b4694abb1113b50c818069c220b8a50223fdbfc7f20146e3c18e38954", "ca3bf2e658667c480c6f87c712a0ba39e962071786df2c11b04bb2103b5e0f96f73be2a6fb6e25da5699cde50bf07838a36e6b1b2e2cba804d128c1b7bf3aaf1c03a70dd2bd1be9294aeaa8bff1983d5233a7cc2962e002d258606d79303cc0499b8d6b283424ca8a6fcd8f02625b918232b8f7f1990f5412d711b65a7fd10e0ff1abaa6dff500e2382f7fc46dad0803eecbc5926d88685e18e5b9eea871fba2f7d3d8dd03ffc23dfc2b0fc04a78596f79cf68a2272e5c10eefb7edf5dbd8677c904b0bbae7476248da610b511c3d65c89774b7f8b7fa011578a205e3f3a87f1033061875d88556ebfaa3318597d38ff17584ad66eef661083ed526e1924a6f13ed2dd99b68339b1eeeaa2f599d2c7c2da6bd6b377b1cf4603a432a85169ea2671f1eaec529021cd21658b9d13fdd6637904db0c0bb71e12aad8195491895a50042a328b33a037e2eac8cde159547c5249a7e686e1e5c24837552c67481d22d97989241e6f73afdb611c115f482b2b002a2725bbd5000ee1402ffb157ef881d11a8e6bcba24dfbc10732c2173960bd647073370cf422b1d7064fa5b5646910bf13a4d8d8c0fa471dea2ab927ee11e0769a28e25c0d9b8099a4edea38d4371b908b83e5ecfd83ff4463d7c5eb9b5ab488830c0db82cd68d517a432014814f50ccdb8734b7e731227489d925951cefeabf8ca1504aa8f6ac350cc1ce2f6400d8c8590a4b1d1d87c835f6226208d7106f5bc1aa0a5f1fad38ea764d82575a5947458cfe8d7cad4f77c7ad31bad11adfecf3e9c4a053f762e6cc378cca83f9ef3c72a9fd4beba64708e72ab1753c5f1bda7c90e027b2ac470e74fbcd52213ef707468d3c8d3eec5e2eceb8bf1c3e0802560c3c80a1abfd9b845f26142d4cbe57c1233b0dce2129fbdb647a0d150706f630253f85a999f85dce49d4944d3d0ae3517d9ee05163ddb3b44685b0daa4cfe83f34fa90666e06c1276ca3f1024d2aba16792e71db659f594327967cdd115e8e4f3ebc1b02fe7cf2c42cb67f3d6ce8ab3bb4a33db2ecae2db8c680fa088ec189523f98a019a13f508f3a5942c8ce071891e192657e53496b33a9611b8219a8be6f5197c1ac724b7a97b6307501c0c55e8838607265b9d495d2c6918603941b30b6d0bdd77d19fb4d61ce51cd8ffa0ba2d0ef234a4bfedb4cd1a6766ba5230132ef53caf4d3b9db0d578cd47c1f8f60050c194f6d79de36e6f8fd5e9dc2ebf306b9e2b263ef04efbba43172eb676ea8f328c8fd266df43b1e68a6c5b2b2404995bb3b271719d9d8480d863d9461a6916047344f7211dd392f40b811a175a79287369b25856732499ffbec9cb11822c2f1c1b8bd1faed5e2b69d8989b4504a7856bb40a1542cb066ad3a835691925c09df5f6acc28e7a54c78b4cc5f789676cda60fab27da49a70e6004be1526af6cf7d24966e37078da9b876d7a64126ab7dfe78e2c0a75c28beeca04d8964c545650c34ffbd57caeaaf64abefb8ef5619d1b7ae60b456d2b928f62e74c0ab29a84e36bfd9157f28e654b1ec2eaa87763ace9f5625d917395f3f48882dd68449a0924d9fa485e1511f141a3424eae3785f79fd061cec359cd988c6fd06e4ae1f51d453b4b45e040e09d54678251622cbc824e94e7118c9e7a645622eaa0328f35ab2f860765387203c020e12f3837b3d1c0c16cddd7157724bd2448a33b8663c3b49e99cec3d8b2c45390776eb4acb9f0212519fdfd395fcaab716716c49db6010ea23979f74d6f7555ab4211b5916b9998533a049eef76c1df031bc18861adb6a15a1e24ae8c793e275ac3a7896ff0cb7e55360643f74adf7f9bc3f4116b675f9571f561bd9de5db61e532f19b55745db2e4a0010b17d87b2b9cbb77747acb624a48562e8948f859d9bf4828674613405c0e36ab95327194cdb5da581b2c70466ac47ad7f4c210c7de5f2831e4f9ea5d42c8932b910a0b885c6bd85973c4b0f74a562708c1402812a12e5e3562f54e76104efc0b091c5d59dcebb535d41ff126c7241e840b5cd89c55b027c8610bd7b336de1fdad1590b2cdecd786d04b5574232c5ce852c448e555aa41d4502d9494fb6ba577b8027c8b7b30f34a8e19f142798144de2fb24a65306cada0ddb764ff74ba35d74a10e66494e9eb9c84e4af2122bf99a6e53100153fb0f43d4d329d754482890ba4933f3ab87c756b0433b87138e7016efc463a51fc135394c7dc6bcb2d8eb2d350311c996420e20b6482de7d06691430ace33ff7dc7a35087d6ed11422ff058025664929f6839c4073d8ef67f382e589c8e05aa4b2f552355bd2e9627255252a7e16a849bb6a86400c8304d41ae06178f000eb8b57ea72ad4e868254d12c53c324e2e6cbba20415aa40148fd3597c4b8e63fcaac2a4faad9fde4c829e10bd867b157ff1cb91de330530a5a6e1d70fd86738e76bfc6d8110c71c3b3a4fe102269d48861227e1c9758c90e4ce6695f1069c5bc008650b1b92860b0d5b96752dfb5f6f9a9e0baa28b57a3f6babfb27d1aac2ad1412266a30cdf100011cb3d497d67283cb35bf7844b37f5a37ec8bf2e1f75492fbf7463bff350b5dfc2ca838a76e1429232d5190284bfdea34c7cb541165258372871f418420d647b4c67f23a095e2fa45f5de80e365d8e983a3b29c4e14068ecfa3bafa2ce04e762d5974d56f359b93d9e42ae7f34934c1248d2b991bb31044c746e681e899ff553c8dff264e0723a7d989e351391f9e4eb3ca6f9669f4c67b4688457aea2c7df15355ebe18f27e0c0d49078787f53c8cc4f92ed628b957b3e2546d02bb90f17ff1b03e8a96b3b6a71436fc86845db838bcd3285a5080be7de7199b3553fffd781de5adeb591fd10b9b91ae450c15067a5fd3423bb94b207bc4736f4bbd2f01685161fe2d946ac7c1cb840f0f4e29dd1a657444e78a21c03b712209063958ab558a386a3464a5d777c5bb3ab5670a716ab7124c5bd868a6a39cf77331c6a3627733a2b126fb2860634eabcd5bdfa4d6f203ac6f178be0fe9f2fb98f1eec4b73802c0d8ecdb2d085e3a817b2a8251dc2489fd40e7e5eb5ef9fe39f8a6602040c7fa7dd66617c751b6210e5d89f5a19fe22c3c0cf4916a58d657a6565187a1c1f68c5ff5fa5fee6b4b2b0ee5f07f3ff26a0be7d38e1a392cb6e66b20c0cd9cd410f66377b83fb53277e6c3c1fd788fbad8474d5db1eec0fb3c782af8ee6f9219c3ecb01a454ae23b59164a2d3bb76aea40ec11b1b45b011f610c647cbfdffd612fb3289b45e14210c886ae13c7d2efd821bc2bf7f7f2b2ade46487b5ad7204aaba0de1a725519f3f6589c939025ad8221a9a270a1c954ce7b93884c0bfc6e8f6b324060799f3b9e6f904d7da215bd1e575931f3552e31a75341b461126058bec4d713ced9a894f3093b428ba1035a1431270ef4ccbced2829b5a32c8b629b85d3920b6a6798f5300871d2c8b89ceab1e2afbc2492b787cecd429a82d9f0e1577e696f3bc3095264c531b4c85d734ec7aaa792f12924874f5f91bcec9e01c608d6897655ca8fd4fd5c08fcb9507b317d19635848f10d3f3c5773f2da942e6128e0f14d54d8300f6e3a215020d4a278f316877b71fb1ae3fa9b79f9e8fa726e4e7db9342fd934482e2e0369dddf53f32c62e7e4615fed076be4eeecd7e3e81e206d83dbf14a1622d1c1e28d4501ef34e8835873f664c2e5c871dd7227d8e425ab0a4f8f506c0ae935da17253691081174f9cb0592ac32ea5c0a2403bcc96f44ce86a8cb2020f98909792ec5b370509a35d93a5b58b663da653e7a6d5b81ea6c0579cb5f69292152b4afef60dde1e27d1cf08aa447b63ff19bd3957955fa8f405d3926427d4b9ddfe8321bee57eeb9a5c8597205ce535eea40f3f4eb43e739cec257d6b521bedbf51d22f7b96f94b32f9841766d84d41945c49d4fa8871f528f3decc140ceaa7d825a9e7869cb69fe485f5ba4c20c9deed59cd3a486c5395ece885bdc86cb17f9f198ad4c5858f0fe6184ef3c367d017cc7138c84b565dab911443bc91f5fe55b303eea512b0caf7cd3bba4e269a7103615e69944921c2c0b00d1274e5a285b12f6ab69d68045e34f92d9a9cb5aaaa61c1cef56a05ef12480ee24602c54c9f0c053e6e465153029e86cc6ea49684a9f4c14675fb19a209a90ab35d6a744cdadc057d0bdcb0dfd813f6c8daf1c3c01328dffde48383b7cca4061e85f40eb2de6e1ce513c21132b7bb79d97a66b19a79b8d353339e67cf0c847686aaf6d40ef76e841e38c46709c47415dffe956cb71de9c042ed2c62444d22038f33a4cd0c51dd9594e36700861140a1461ed98e5d376224c5f9d38fb43cc5b55b6c8bad09505e053aace887ce4388826693ffeddafefaf39513a5a28e66ab6f7481e6581f0fcd67a232c893e05e10c263aa79412106d248797a2dd2bcf3b00a5b4ace23731e71f945007e97566bea4fe176892c055333f0d821553cf7ac8519e1082edeb33deee3a3ae2b07e2e5517ad410c549db4a6f83c38d5c13cf9284818da5ab63ab250c22dd659dd069c0fdf892e8e4aadb9909388d9be3ff2d6e1a6da66dd3e7ca81c1bc3d9e57d6ecc84dbc56ba354d39750d14dc8754fdddc9ab0862440718b4a912486be51ffa9ed51528d3194fac5f743414d806de9920276b346c7bb48cff4a33150a40e439406274f4d297dee9496f50f752ce3bfc602e054574d8830062171561a7e6b8b90e9fd7213af38de7923e3f031579fa9dc641df75a7e4fe5109c7be4cc6c48e3b9bd998a5f38be7bea661a429b1772c5004d68704a02fbe852cc8def7f26000ca895bd735ff1697efed520ccac77f49ebeaec57d2d49f3ef6de85f34d7bace6dbcb06939d67d4cc95aeca0a601c6cf982648d7666be91a2ba4730fd727168a00cddc75fbf3bdbcb46d5ae876a8c72aebe9329710b0a07ce872f8dc873ee2b03e85e6268470743227d912b428fb1a7a347e934d63003598082ec467b4b8223d8a7007c4f787606db8cc2a96b58bd67ffc20448dfc9863e8e9c873c7ab120b4b7be71331e340e5e3f75a0282a30f98ec39b06e4699279c6a690c8b88b360a15df6db41ca7dfc0db8a1d7a1aeb6994464e88c593165dcb31c79bde01c35d3bd9e104613a57bf733d50b56ef2870039f226d289bedd27d89758f31083f6390d1978b2614477cd237abd1cbd8eeca4f1c5f0b4064e1032a28bc4a0404c584676af07172e736ebe65d48c18f4d8798860204f75417775071e4e2deca57c32ac92e4ffdae1754fda1037d2c4c01a7876ed9e3b5c008ed2bb0a0aff3e6546a8cc6b0b0a052a7d7953819434d4da637da1944467fa94e37c49503522d5ba800fe63edcae862c3bafab41c8a25bcc5cc93fd9df36a83984fddc1d226a86b1cecb49bd5b3769"})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB='_\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000003000000200001800400028008000300fdffffff0e0001006574683a766c616e3000000034000980080001000d0000000800010001000000080002000900000008000200400000000800"], 0x68}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r5, 0x8982, &(0x7f00000001c0)={0x1, 'vlan0\x00', {}, 0x9})
sendto$inet6(r0, &(0x7f0000000380)='\f', 0x1, 0xcd4e8ec47367e7d3, &(0x7f0000000000)={0xa, 0x4e21, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x100}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0), 0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2.608765013s ago: executing program 3 (id=1459):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000005c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, 0x40c89, 0x40e01}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x45}, 0x0)
sendto$packet(r1, &(0x7f0000000180), 0x0, 0x20004000, &(0x7f0000000140)={0x11, 0xf2, r3, 0x1, 0x8, 0x6, @multicast}, 0x14)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)

2.585460113s ago: executing program 3 (id=1461):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000c22bed3e0ab27a9780e1b9c3a515ad763e83de2c98015017d44264b3aa172c9362e87a2645cb95b289837152cdd8f3dd46b815ef3fea69d8d79bb6f33a700aae91e2c5e0e2ecda6c038639ab3e7a304bbde36060e0a134c40d2e5a762c1345efc7e49e0cf111162ea5749aaa0f28f022688959c14d2952756971ab67c4fbf41789ba13a633dd53c3d5f6666f8a2550d6", @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000489000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x4011, 0xffffffffffffffff, 0xffffc000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x1000000000000]}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x1, 0x42, 0x40, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x1000, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r4}, 0x38)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e0a060e044c"], 0xd)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002382, 0x0)
r6 = dup(r5)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x1e, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r6, 0xff568000)
socket(0x22, 0x2, 0x3)

2.397958206s ago: executing program 3 (id=1463):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000001c0)={'wg1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400000010000100100001000000000000000000", @ANYRES32=r2, @ANYBLOB="0100020000000000080004000a0000001c001a8018000a8014000700fe"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
r5 = syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
recvmmsg(r8, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f00000000c0)=""/23, 0x17}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x6}, 0x80000000}], 0x3, 0x40008062, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f00000000000000050000000500003748a000"], 0x48}}, 0x0)

2.309399454s ago: executing program 1 (id=1466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000450000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8fffdffb702000008000000b703000000000000850000000500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000140), 0x4)
sendto$inet(r2, &(0x7f00000000c0)="8f", 0x1, 0x1, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)=0x6, 0x4)

2.309019176s ago: executing program 1 (id=1467):
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x15, 0x8, &(0x7f0000005c00)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2001c000}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0xe, 0x0, 0x80000001}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffe}, &(0x7f0000000180), &(0x7f0000000500))
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x378, 0xffffffff, 0x1e4, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x3}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, [0xff000000, 0x0, 0x0, 0xff], [0xff000000, 0xff000000, 0x0, 0xffffffff], 'bridge_slave_1\x00', 'team_slave_1\x00', {}, {0xbf820dc36854cbc6}, 0x6, 0x9, 0x2, 0x43}, 0x2f2, 0xc8, 0xec, 0x0, {}, [@common=@inet=@ecn={{0x24}, {0x11, 0x1, 0x6, 0x4}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@common=@ipv6header={{0x24}, {0xa, 0x20, 0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x2, 0x79496b969af2e55d}, {0x2, 0x3, 0x6}, 0x8, 0x9}}}, {{@uncond, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x4, 0xfffd}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3d4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x3, 0x0, 0x4000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000280)="670f01d10f01f70f01b600000f23a10f01d12e660fd7fcbad104b0f4eec13d4e6766c7442400970000006766c7442402003600006766c744240600000000670f011424b848000f00d8", 0x49}], 0x1, 0x7d, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r8, 0x6)
r9 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70003000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r11 = dup(r10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r11, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

1.299843125s ago: executing program 1 (id=1469):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000c22bed3e0ab27a9780e1b9c3a515ad763e83de2c98015017d44264b3aa172c9362e87a2645cb95b289837152cdd8f3dd46b815ef3fea69d8d79bb6f33a700aae91e2c5e0e2ecda6c038639ab3e7a304bbde36060e0a134c40d2e5a762c1345efc7e49e0cf111162ea5749aaa0f28f022688959c14d2952756971ab67c4fbf41789ba13a633dd53c3d5f6666f8a2550d6", @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000489000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x4011, 0xffffffffffffffff, 0xffffc000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x1000000000000]}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x1, 0x42, 0x40, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r4}, 0x38)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e0a060e044c"], 0xd)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002382, 0x0)
r6 = dup(r5)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x1e, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r6, 0xff568000)
socket(0x22, 0x2, 0x3)

1.131729773s ago: executing program 0 (id=1471):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000c22bed3e0ab27a9780e1b9c3a515ad763e83de2c98015017d44264b3aa172c9362e87a2645cb95b289837152cdd8f3dd46b815ef3fea69d8d79bb6f33a700aae91e2c5e0e2ecda6c038639ab3e7a304bbde36060e0a134c40d2e5a762c1345efc7e49e0cf111162ea5749aaa0f28f022688959c14d2952756971ab67c4fbf41789ba13a633dd53c3d5f6666f8a2550d6", @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000489000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x4011, 0xffffffffffffffff, 0xffffc000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x1000000000000]}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x1, 0x42, 0x40, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x1000, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r4}, 0x38)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e0a060e044c"], 0xd)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002382, 0x0)
r6 = dup(r5)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x1e, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r6, 0xff568000)
socket(0x22, 0x2, 0x3)

1.08544458s ago: executing program 1 (id=1472):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d37, 0x100, 0x10, 0x3fffffe, 0x0, r1})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_clone(0x10f4, 0x0, 0x0, 0x0, 0x0, 0x0)

939.579071ms ago: executing program 0 (id=1473):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @loopback}, 0x10)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000002800), &(0x7f0000002840)=0xc)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = getgid()
r5 = io_uring_setup(0x523e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000002e00)={{0x1, 0x1, 0x18, <r7=>r1, {<r8=>r0}}, './file0\x00'})
fcntl$getownex(r1, 0x10, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES16=r7])
read$FUSE(0xffffffffffffffff, &(0x7f0000006300)={0x2020, 0x0, <r9=>0x0, <r10=>0x0, <r11=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r9, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3966, 0x3, 0x8000, 0x0, r10, r11, 0xe, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r12 = getegid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000000c0)="aa3ede1eb9faa2bf219e83f2a033067ab9351637076372174ab506d88cd0345a82f1863ccefd0fdfb9b8c964d21613f20a685b10bf1b4c603908b7c13e1c979e7186af4d6cec369e871081cfe27e4e3dce8d63f44910727310e6be2cdd58952671575315097e7ab4b369d975e0f01dbc4c4f8fb21469fdb6", 0x78}, {&(0x7f0000000180)="b891298ec542b813c606fa76728d4e3980241426f9c06e81f380dab4a5097e27aeb1b985e75f5bf16c8d7e26045520c228f888", 0x33}, {&(0x7f00000001c0)="610dda5edc870cdf31850bdd810f50e48b90c501167552dc8bcf89a8dc425384d9c859a892e95bf5dc667b2cc2b8472dc6ed03c0c1e983cb51b3a01e7cd39dde272b8ccfc074fb64231268e3f85eeae55d6d1dc7f14df4bba64deda95077cd78833311df769b16c1807b18cfa864a4459a99465d4169963c0aa7263c6c58347aba111b83829e825d58eba3f8294e578f0037ae8ab781722e230fe2a7b81cc518d77801da5f92e0e3be458af00e31700d1ff59dad75cf626f5a2bb69285", 0xbd}, {&(0x7f0000000280)="9a851fb48ad28c40df0a6e885701c7123d8a31b80e03e65850bb8cc90861f1df258013fc5b8aa0b4565c3c89816c867c94de0d1e544e47b1bf114e5becbee8d1b6bd3967eda7b7c1ca0b5249da1b57dd0b7153d416f99f612f5954607a25a498b417b429f7eba0cff186e80653a01229d02f80300bc66df4afddd6b31048d21b91b088ae23c0a028a5c0113b34c6cfe5eabebdc03958d728852af9261d084df3c2f26d5fd813db34c0eb4b5559eb78f95efb1f9c69adce4f6671b93a60095933077fbd279c8f650cfc633243dd92f04d9fb3f18eccc704525600b367f808f60d6eac7716c74c5bb828d5affee030c703", 0xf0}, {&(0x7f0000000380)="fc7d1fb37f67b0e5bdf789eba52456fd00208d1a187532b786c7df172876d7531dc36a8b490944e9849b4a0b2f6d4d494d05", 0x32}, {&(0x7f00000003c0)="1012f9a860a6d2778f73edff32f912b036263fbad8be3a13e088271e90c85f2d70eceea6f012304024cbc6b7e2a15b219b40ec43669767a66dbe85bcd2cd6fcd95e7eb7eef40675cab7a1daf9f6979ef0971aafc2c4c6081abc3af5ae4b1cfec1b5d8f8f38f7a82e0dfe3e06d52715c0eacdb99a53338431f2c51c9a47463708ae91087a356decd98487f484d52bf0660449942797ac6f51c2b8a3b286c4a2aab5e19d7bf3a8371f210b3f7f10205bb6c09c81af177b7118782c83b103c82c2864bee3acc6e3ee547a8b746863bc070105167e0075aea84b3708d5a99793e034fa7f808d229bcf853f6bb43e6ab6", 0xee}, {&(0x7f00000004c0)="9c6e24defb5ad239925ad6bb46c8e430ad3c06d3f2d90c661cd801cf779e60fef2bab1c525beaaef914e4c9213dcd0f5c0174dec48cc59097d369dedf337b958267f743b2603cbc5438051896ee13b2b09c844442da9a5319f7794c0b825c08921b1f3dfe01f8dddbf76793a401ecf4c45fb2c68b2c9f45fb8e104a92b628ffd69b87b4e20c95eec46652cae8ce9e0cc3d1693b5aa1190a246993393e7a7666202f182a0d905a1f038b0ec6f75fbe1ecec50e7c7a9d63f8142e8af78f3b851", 0xbf}, {&(0x7f0000000580)="aec3c5c4c8d0a9ba633fb0480177d1d8b675e7615bd636edbc09dbf0b1535de401b414d6b047e8ea4c7c3ef0c8ed516bd8ebeea8074657a43f5665e246a5b3bae1977bced604fc9250cecfc3c687f2e04cb6cf48fa862b21279ec0981ee4e414350fca0047b8de32a04d2a30c735adf09be18c29b5a0228dcb6b46924481da7e0ed7d7eef0b0067e562a070badeb10ac4653524f", 0x94}], 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="140000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT=0x0, @ANYBLOB="100002000100000001000000", @ANYRES32=r0], 0x3c, 0x84894}}, {{&(0x7f00000028c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002a80)=[{&(0x7f0000002940)="6048e0d4ae161bcda66cf4d1c70eaf8f8a557133ce306b2be9fa185421f3d0350241e49e425bd81a6ea1ed5a383c6cbf786ca4f511817902845a3f6abfea092a03f90f9828432fad89ce9aefe1447ca3702a86836309a1f7c728e8c12609dc24f0cae8fcddc890db18fd1f7ad32c47955c552c35ddb4ad664a8ad861bd75cb245e4b7a8dc30268a0a9a65c2e5b6445e80df42ccb4959348b42ae25890dfdef1c8a84fae498bc0f6256675cc433cc7cbbf5a25ea5288d349037585c47404e1751bc501de5150cd9ec1cb7fdcf", 0xcc}, {&(0x7f0000002a40)="c46504c2b1f9fc604bcf91492630aa0388b6b045da8ee9fdc4aad4c2831dc5bcc32426c4", 0x24}], 0x2, &(0x7f0000002ac0), 0x0, 0x80}}, {{0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002b80)="916aed6fcbe0182c3b5e1c74363e70e5c421d6fa8abb9aba26631caaa846a134de78f37442de93e928dc35734e91e1616940ac5b", 0x34}, {&(0x7f0000002c00)="d44d1d1987498c9854f2911eb861b5218a409220417de4ff1b787c612beeb513b7d0bbb4bd29a6eb5b8ba9abb42e248ddc23a2dec9acf11e2c56af14a2656ccae6256994531929151d610dfc69cd1982974f949ec0931bb0c30aa7add6a40a4fcc71b1adc2a542b49d1f0cec3f91eebf9d6a9bc4e21c4c8b1408ebb6fd0a42c1c1cb5c97c02911db11189195de2f3cfb6e81c8ad3e4a22adf6f5a79a1111580250519654ca4e1020e84e5cf59316750967caf857f7f062ef3e2879d8e39d262666d1e7", 0xc3}, {&(0x7f0000002d00)="14a0802a255eec7b3a7ec59b78a128cade9e69d7dd9ef14a74facafe90f9ad408a", 0x21}, {&(0x7f0000002d40)="1f5e79482b3210c5ecf92dc167a911f77da5b2c849c827e37fbe9732db38e7dc4ae7a3cf7ef23078422f9b004c11f3945c5108c28cb81b9ad9ba63702a6dceb5685ea5a791263d3d541ebe5e216d13434dcfb491521558c51f7fa75a880a1c4bd18241eafac91f", 0x67}], 0x4, &(0x7f0000002e80)=[@cred={{0x18, 0x1, 0x2, {r2, r3, r4}}}, @rights={{0x24, 0x1, 0x1, [r1, r5, r1, r0, r6, r8]}}, @cred={{0x18, 0x1, 0x2, {0x0, r10, r12}}}], 0x54, 0x20000000}}], 0x3, 0x40010)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @random="6a4fdcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x62d8630c0ad2c5e5}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @random="6a4fdcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x62d8630c0ad2c5e5}}}}}}, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0xf0f003, 0x2})

859.585203ms ago: executing program 3 (id=1474):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-cast6-avx\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r4}, 0x10)
write$FUSE_INIT(r3, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x441, 0x0)
fallocate(r5, 0x0, 0x0, 0x1000005)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x8}]}}}]}, 0x3c}}, 0x0)
io_uring_setup(0xad5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3d0, 0x0, r5})
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c0}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x3c, r6, 0xd0b, 0x70bd2b, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x44000)

859.277255ms ago: executing program 0 (id=1475):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0xfffffffd, 0xd3}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r7, 0xc048aec8, &(0x7f00000005c0))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0x0, 0x0, 0x68, 0xb, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}})
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000100001000000001c000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000003140000001100010000000000000000000500000a"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c00028005000300010000000800014000000017080002400000000c0900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, 0x0}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000040)="b9", 0x1}], 0x1}}], 0x2, 0x0)

749.644739ms ago: executing program 1 (id=1476):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000001c0)={'wg1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400000010000100100001000000000000000000", @ANYRES32=r2, @ANYBLOB="0100020000000000080004000a0000001c001a8018000a8014000700fe"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
r3 = syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
recvmmsg(r6, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f00000000c0)=""/23, 0x17}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x6}, 0x80000000}], 0x3, 0x40008062, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f00000000000000050000000500003748a000"], 0x48}}, 0x0)

558.354038ms ago: executing program 1 (id=1477):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x30000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40081, 0x0) (fail_nth: 8)

545.057422ms ago: executing program 0 (id=1478):
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000440)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r0, 0x3)
socket$inet_dccp(0x2, 0x6, 0x0)
r1 = openat$tun(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f00000001c0))
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="91fd15e81f1d34472796f848e3619354310fa7430add1e055d7c1ff933bf5f0b23", 0x21}, {&(0x7f0000000240)}, {&(0x7f0000000240)="14e9e4983ed578382156f66c4028a3f328e1eefade1489e86734baa491c12790606df9d0181444710cf5c39f9e3b4835c9012ac2c43097a29f3ef0d87dddf7ed3b8507b75d4be9cd", 0x48}, {&(0x7f00000002c0)="1b4661b71234b7b4074edfcdf484c27ddebcc529aa716a629046a7886e7283c707edb91da77d89", 0x27}], 0x4, &(0x7f0000000340)=[{0xb0, 0x10d, 0x2, "e204dafb57f231146b2978632c55fdbe920411941973127a022135fa71966d4ce37f69e7a42eb174cee4ac1b33802076ccb65d6f902b404d46b5e973b6906aa5e82da69728719bb6d7d4a3ac817a6af9d18da756784687005e9512e9dcada45c95e61f96a39e8c79780002a3b75fc5d50d3021d5410e68f4374f09a1715faf7b202d85c01568b9769321744c2a7ef367b8a14e06d439e130bfa653c952f85bad73"}], 0xb0}}], 0x1, 0x0)
sendmsg$alg(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000480)="0e7fbbdb50cfbc456b549d07ce4322c849ff6dc9c13e8a8cebfd571ff978110cf4d535e1be8847d80fbe0c6626b375abde95c3a46356f213119174b79d522d8cfa9fac470932fac342fd9be1b59022564d1f49742067940fe9fce5bdf74ec5983cf0236fe3e071c30b054395219f78f9dbdf144a134a6cf5657bec79fba886c4a7ba0bfd835496c70db1187ff06502236609863109cb935142e44e6dc5a42123caf95192113348324867b42500ca3d498d34b70ffcdefb81e3437fa51de722b3324cec487a1e2d4bdf5699d77fbf9023c1ab73b1d0f2695dd172c870b01b4c8b21ea922dd9f62fe036a749eaa82670a0f4fb12400f40cc913cf09ad637d5b4845df3976d8fb3a159c62f7d8d7ae28d89b9325c3ea9e1eadb3439f70e909a98df3b606e11624628ffb511c7ae921d92e613927acbc30f55269d6319ab32568fcce9c213e4deaa5a56a5b15dd56c67cd181e5f7e77db42675aafc464d1736e7e4f0126bc382d87f66c450ce73e688a219e9cec0645bbd40212006692282ef600f51d768ff58b3bc9172cf88cac55aa664aba7033d12f1bb0882f6ad52a150df634c40ed7155b8f9212105ac2cf0923f710700a007bcd85fca7ff948795fb1fd7525f2bb8342f962760020ecd3fc276d4d3c57806d5a2463a726515b3be874e94c76a5d73a20963bba7c156596b33f2a72fe71544471532aa556095108e8a4cee9f40f6c4311366ea253dc76ef2bc5c753c168dcf68c86cd4495b54c5fd4ae20c1d63dbfec0af1d2644ef6837f938d96e1bf0159e5726240559b193d9dd77727129d47a71e775b4f54dc66d3606af2a204cf20e8900c115d9b7b46b6a809fc1fadc98d93bce479788d2ae4ccb32159636c74e6ff07e76b814e2699c2ce0b679971573d1cdc5ce02ac11d10ccdb9dba4a1de8be01bf24b7e4fdaa8a0b029ff833660e966b73d0329def385ca4c8abb376443540e83f87cf09e7c0ef617b91ecebb3400947ae45c3f4808ad422aa9347319b2327475cc7e9c8c8cdcee87c8e8493a7b8dd0768929380e47237d94a3248971fbd0f18f7d6e9cb5fd8c0fc31e105416712838a8567b5d64f2bd14bb1058c7957cd3f806c0100ee8ce69bd6c8cdadf10a78903d64986f5b8b3a0f52b45bddb05cec8d68cceb3197af8b6b8d8e81485648f058243774d56053b01fb7e8204e7126524e6ba81274146313d60446edb63af7e3f8a7c18b4636f9fe632f8e4622c4bb30ef418e4af3273bc0ba55a5bcdae757227bd8052c49fb7c9f3304bbefe4860aaa7ed9c91d423284a75eab8ff0f6a708aa09ec5f99da6d4f58c06751d91cc9c54c067de92806b848db7ea9cbff93987666a1046b07f725ce388f5347f443f6d572007d935b85e51486f3f6a589f35693628c269010847b3b885689bdd724f93f4ecc1a2a5a5dac03db1f9a8aab11bbd360aa807ea0c01afc5584edfcd410865867c29b475db7805648644aab7302f1af5a78c2c3657376feadc36fd2f02afb2d52090d87890c0671dc853b3b29352a3702c3c7996316ec03c4e0f240cdbbcb44ca54aca58aaf7ab65d1118909cff287535ce918cde7116683f9ac5300cb51a0c50b0ff2458488adcaf4ac3043c66f4aae8e0cb5c702d6766324439f93353cc96687c515a777c9f9695dcc0ec2316f72342519d41145c971efb7acf0672a30b763992a9f860f775d8960f68715de8ba9352efb35252a083d32da821cb1552f01d6d55a8ebd699454c680b5d6ebf9db55e028eecca838657022553cf946fc4113f41644b5b57f58225c5835929a61a8af7c5ba3ffa6cf84cd4608fe8364e2165e11448da084dbaa7dbdbb7008fd9cfc3c651af70d10b42380b3a6b1eddf2a49e14d6a1d59aad2e3c34bd964ffe5783d2a40a6971a02b09f088b9b5df7d83c054d7462bbb9e733e76c4d4c122e3461f12ddd844da045b60fe9687a8d22e2d0656e5a4b62aa28dccfdfd04165382de0dbf92ac9e259793b3d3b4dbf1ff2ed1fcc3e12841bdb68e07ccf2d1bfd2cb3189acccfe8cb3d62fd7c05fa65dc4f12aa43d5971bdf9afc538bfbaf4ffb1bcccbd9aef7ed164253ea7e1744bb59dbea42293fb82946e0e5579ec448d835deea5fcba1299356ac535d205e48f7cc73d4335a86fccdc57fa1cb61afe50d0d3c08b06cccb492db3e525b534dae63ce522367fdfd70e439367f1153128430a5bd7c9e697cc8228b3e20f7388e06b3f0f04d3c09535d6df42dc56f066cf0f311098d14947f0a0fd31e62f2869b48b4744171340b311602483dbfdc71dcba844407a9f3fa3c571c69a6c5e9e2adc49c2bdf6f3cc677aa0638c37bbebc7370ad24445211eb5a16e7789801604bb9bc063e943bdc93b01abba15aea39a35a04a173d2863fc33d6a4efdb20dd7a1b91e3c3f09076fcce6711ab324e85aa8e2d70cefe51e053196318033ad810dba0ff55ca2fce61d6c9eb906df5bc7db97490bf1eb9da25a8cd7cec5df0de2bcce01e98c77c81327293129efa9fd241d578abb14068fa444a58eab16a2d7c46b3d506691fd75663968d065de31624dcab8ddaea5ebe430af11322b6b1a5e60874e86ec074d5613ac9f3f5223b149a7b54cfe0fbb89dbe92991e97c4b399c652adf29c22cec5706ce2788964ec4889eba14e2f47e470fa21ae4888dba01ee0c43aab7e5b808a8eabf510c81e5bded827067a06835a5287b6c792c92a11349789f3f6f1a229b046f9cf338c43441236ae52497922005240d7807d456b1d5a40a89422ef662994b0f8b8d379f2608e5e5f444ef05306a746af89daa6abfbaf9daf744115c642ed1b583748ce2942a5c8a50ed8a505a94d0dcc11697679c6058960417e5082ae3d9bd6e989f5ceaa047ee5f8bfb1de6b82be0adf3f91af52d0bfaa02351ef98631939e8193daa8bb09e2b5067ed9f62adc9403fe75fbd7c20854dcce1fd980880d52659eec95c714b00b6ff4c975e21e538b6df4ec9d3a8d004a7c81394f6db2f5e0f44b08eb742cbda68c6d9c536d069f508739adb1b728c17e3f108c346c3d06a76a017546cc6f080ff5f552ee88a768446533c1a2e0c24dde4bafe6e535925f26585c0d69987ced9b97e0b2f622c2b2818031bfd489852a315f0806d4c0761775818aa1ed69fef95807b66fdb33a6a423e09c8e55408cccdcfc8a1098b3010dab1307047b0a38236b7966ab4bf81a980e3a1de8a745b2c2cbcd60aa9918eefd0ad7072315209f64a923a5e1c877bfd691980ab02ee5a9cad1f9018a9385cf0bf9bad946513cd191565a382fa5dde7d821e6b7f4bbddd3931ace5605c49425f93e7acdea1669dd7e761e515ecee84a6222fb231bc8e3b7f2dbd85003623d6e9f95fe01177b97ca6f422fe52cfa9fc6ad4a2b4d35ca4591a9045a61640563445d02e704300b94cd5dae19cceb66931a7011a88d342c0872551084de5423536e18931e6938e3edf56cb9230b90d2add340f1cf76e3c22d224330398a8ce5c4e8332f63f8bb24c0c20f05d2ad375eb931604913da037d9d78dfbd82b334bb5bce25401901549ca11f54e3d36680a3e30598c462a5c03e9c4edfad5f60584d75a85181cd7d9a3beb57e9611e16d9dc997b2fd49b444c9e227ad00d3d568547e20c70cf5a6b84a29f64082a2647f1ddaa3d15ab83957ff24cdc6f30ca9b5df5f8bb0330592f862dfe839c3829a6fb0b7dd123c55fe43463dc6f66eeb79ca1e17d15e6391c8528da72e836e8c48801d1cdb02caa652d92b6ce688a194454f42670d15a4bdbcf27de754f845e0ad93b6a303fe851015d0017cdad222a6c39967beea06cd5b08512fb40b87db5055e544631b6e98687fb066370ee4fd93a6c4afe9593b4353cc86257fedad8cfadd5dde9ec5438ca5911ba624d82404e265ed1938bcfe8da5a9920dfec9588d5a2e591bd62c4129a73eab4456eeefda093ca4bc636323bf110601f68ab79da678e12567b002829d1c38d4213b11589387924ebaa42b0e0b15f3d31a68d2bc2e7c39d21c8fe8620516bd8b0c53f6c30f4b436d0b4dea7e828b298108a2a6047e8a775e7561080c93d4e31c6cbd0b15f69a8c43013fa7aec0acc82f9650331089a84a955299143a77e43ccb40e844dca3fea4f2b97a0c9b9e773bb7ecf986fced45173fad20e48f34103c08af5a2186a42a4009dcf80297e532eeb6369e54c23308bbaf88ec650c36808cc5df6b33384460518b081b4d14cd7879f769e3de0206fce6756dac542eddf826292a7f997df333101eb413e39671fde891d5f3f9b206a1b11c564adfbd181578ec5295231b61db40718f51b8b672103accea24acba820ac24ace9998723fb67f4324c8aeeba13f20af82b6343579dda7ea212e5c02b6bd5a073a4dba30a049b62bacf2f6cd9559b08588d8723c64962b06561d48450045b44eac3ba777c4ade82c6acc90a0d97490fb35cfe621296bad86db223ba226d8082a0d98f2a4f774f09112bdfe34e45e119f14726121301e9c87f43628c67e077ec2cc5c4c6754d7ce3adcbac07a0897faf79f39d11794c6089ee79894e5093e9af1c0ba0b3eede47635f3fd95c2adacd3dac65a4ac89efed21a6c0eeea2c58de16fa7e41d17bb2051a564506b7f974b4c28dc7ac2f8eb9aeaa3117f78de5ea0c6c6c1b81169a687ceea0dafc51c59c93b19db4051ac192166a8a05e1cfe6cb6c084d5aac0501ef2c0a104f808aa4e28cf723328d4dcc60c3da5c311763be57f9cff4d47f9c1da0af94e0ef95360e41cab743ff74b48d54adcc429764b8328c4b3cb5cb4199be4a242705d450c234e3dea70b20f5f6688cbafdeb7226a3719ba9af8ac3852843d6140cfc1ec7acf2ab827c2ce39a7feb9eb480bfae47a2cb11e312e2efdd46737eda9a9daeafa3712c2748a10b7dacef37d58d7dd82be3e0480f67058a74565eb77e3755bf3ad8b7f96829b316768cbeab5130c85270e1e6bf8422573db95c2addbca1302b0ea91a16a7f9aeab47fbb8ef6d83e9fea4c59c4af8bf948c00af70828a29afe32061c099fa9a2bfc44ff79b953d04886271f9251579c305404d882da5e64613d497615fbd41c99f22bf8ec898e92a84e2fb0fa6349d3d1f8757b2d5ec3567255c8f696ef69d511331de6bbec39cce4208ac5902963802bf1eb5645d4e362f594d91ac5e6835431d146a8cac1f6f2c940a008f2e1087b90a4a829f1d080fd3a7660d0b763a6a1caee16dcb62e54b61fd1eef308c85c06110896a48487017f4fdf0b20f8661a4b907a03a39fd63f400c6232ffb7dc61020c6b72e9f7cdba9c3a36d2398b3957b2c3f3fc96ed099febf979796d46487c09034240b6040db4726ca835bf37d7d975697d4fcc5e04962be4a2a7769981f2c4cf7361cd3935d30b4f95f6555f0bfa72a321ad79ebe11c78a3293170f5ba391695cca023ddc12ca31021e241fa6f8ef401d5009ec8600bf535401765cef412de9adbd3a7aae1a3e4e7aef61935bf25c79b8e180434cbf9046e79d3bee0935bd5f09249a84f28cadaa7e082505233daf144310cbce85c4f6d78d764cfe621fed0aeede64897e6dc073259cb54eb7fe83bae2df2748ac5aaed2e41da2f38b133ab764a8a248d65b335a5b507fd44d38f9ff595bd140922534416b4974dad43a2d006e213c1edb40d35146d3467d386737c330251eb66b2bba61e50da53c524d8d286491c307d01068c0ac1266c18d8b498ec9db22c54c88e6410a44b00c11aeabc6536c3c34b28af23da84461892b0daa3c04d2050f51ec340d37b89d69d5e72fffd2787fc316a186237ddf", 0x1000}, {&(0x7f0000000000)="dd3fc2d0c596edf2ef1e5058103c9018e81d631bb212b6c75113c1043f9317c76edc179d2d79c9708758dd39c6482643e6eca539c2d9896bee5a8e79eeba448db3d77c24591c36193091360cef014a1b9d00b4549099f9736b0b09ac25d7abbca3e88d2dad6c2c226897445521ac5c82543ba2423992fc34e2c2d32e748711e929644de84214610b7229756307aa816a853ab91e0ec02f8ec9548e8efcf5d3430a7d4b14d9", 0xa5}, {&(0x7f00000000c0)="4b6c675c4662758ebf20420eb2c43bbf7afe61c7f3191b77bd6a3c09d25d25ec1c7165de9b43f3464ded591733246b35637de432bc54376db568b3668d", 0x3d}], 0x3, 0x0, 0x0, 0x6000011}, 0x4008090)

489.829049ms ago: executing program 0 (id=1479):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f00000002c0)={0x34, r1, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x98}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x3d}]}]}]}, 0x34}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x1100, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaabb000002000400d8928afb7028000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r5], 0x74}}, 0x0)
r7 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r7, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)

399.307539ms ago: executing program 0 (id=1480):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f3e23c9cb45dbcee4b0d4167053b9093315bd9eab0d06295720c28d5562d2371b7e5d5b4f4bba8b3ca14f5940fcdd93e8859e82a5b82bd003bb6c8b0ec3bdb776b284ece3686a25cdd08cfcce605551df40339f3048907ecbe162c96d7740fcf3b5098f2d5e6833c072a65200a10b4d33904000000000000002c55cc7712f9b82b454736b4740f37b0c1ee6be56462fc85cf0f6aa7f1dd63ae54a42e58dd866a653ef694c9d02fd148de02964ddc0d572905fbd9fa1bda3ae3f40e93bc", @ANYRES16=r1, @ANYBLOB="01002cbd700000000000010000001c000180060001000200000008000300ac14141c0800060003000000"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r2, &(0x7f00000012c0)='\f&', 0x2, 0x11, 0x0, 0x0)
r3 = fsopen(&(0x7f00000003c0)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='ro\x00', &(0x7f00000000c0)='proc\x00', 0x0)
recvmmsg(r2, &(0x7f0000021080)=[{{0x0, 0x0, &(0x7f000001fa00)=[{&(0x7f000001f9c0)=""/16, 0x10}], 0x1}, 0x3}, {{0x0, 0x0, &(0x7f000001fa40)=[{&(0x7f000001fe40)=""/4071, 0xfe7}], 0x1}, 0x92d}], 0x2, 0x20, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)

0s ago: executing program 3 (id=1481):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000001c0)={'wg1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
r5 = syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
recvmmsg(r8, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f00000000c0)=""/23, 0x17}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}], 0x5}, 0x80000000}], 0x3, 0x40008062, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f00000000000000050000000500003748a000"], 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

or opcode 0x040e
[  202.948333][ T9990] loop2: detected capacity change from 0 to 7
[  202.953640][ T9990] Dev loop2: unable to read RDB block 7
[  202.955441][ T9990]  loop2: unable to read partition table
[  202.957995][ T9990] loop2: partition table beyond EOD, truncated
[  202.960498][ T9990] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  203.036934][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  203.155460][ T9992] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1032'.
[  203.251602][ T9992] fuse: Unknown parameter 'group_id00000000000000000000'
[  203.256107][   T40] audit: type=1800 audit(1745549157.965:301): pid=9992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1032" name="file1" dev="tmpfs" ino=1350 res=0 errno=0
[  203.460881][T10001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1034'.
[  203.495279][T10001] fuse: Unknown parameter 'group_id00000000000000000000'
[  203.501362][   T40] audit: type=1800 audit(1745549158.205:302): pid=10001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1034" name="file1" dev="tmpfs" ino=1500 res=0 errno=0
[  204.260967][T10005] FAULT_INJECTION: forcing a failure.
[  204.260967][T10005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.271229][T10005] CPU: 0 UID: 0 PID: 10005 Comm: syz.3.1035 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  204.271252][T10005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.271261][T10005] Call Trace:
[  204.271269][T10005]  <TASK>
[  204.271276][T10005]  dump_stack_lvl+0x16c/0x1f0
[  204.271306][T10005]  should_fail_ex+0x512/0x640
[  204.271330][T10005]  _copy_from_user+0x2e/0xd0
[  204.271355][T10005]  compat_keyctl_dh_compute+0xdd/0x1c0
[  204.271387][T10005]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  204.271410][T10005]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  204.271444][T10005]  ? fput+0x70/0xf0
[  204.271463][T10005]  ? ksys_write+0x1b9/0x240
[  204.271481][T10005]  ? __pfx_ksys_write+0x10/0x10
[  204.271502][T10005]  __ia32_compat_sys_keyctl+0x347/0x540
[  204.271525][T10005]  __do_fast_syscall_32+0x73/0x120
[  204.271552][T10005]  do_fast_syscall_32+0x32/0x80
[  204.271577][T10005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.271599][T10005] RIP: 0023:0xf703e579
[  204.271614][T10005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.271632][T10005] RSP: 002b:00000000f500d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  204.271650][T10005] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000080000080
[  204.271659][T10005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000080000480
[  204.271668][T10005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.271679][T10005] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.271690][T10005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.271713][T10005]  </TASK>
[  204.491336][ T1984] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  204.594845][T10007] netlink: 'syz.1.1036': attribute type 7 has an invalid length.
[  204.610698][T10007] : entered promiscuous mode
[  204.615388][T10007] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1036'.
[  204.618010][T10007] ksmbd: Daemon and kernel module version mismatch. ksmbd: 49, kernel module: 1. User-space ksmbd should terminate.
[  204.653316][ T1984] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.657859][ T1984] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  204.661805][ T1984] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  204.665573][ T1984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.670268][ T1984] usb 7-1: config 0 descriptor??
[  204.675882][ T1984] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  204.678323][ T1984] dvb-usb: bulk message failed: -22 (3/0)
[  204.684020][ T1984] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  204.688199][ T1984] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  204.690867][ T1984] usb 7-1: media controller created
[  204.693524][ T1984] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  204.698688][ T1984] dvb-usb: bulk message failed: -22 (6/0)
[  204.702029][ T1984] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  204.709177][ T1984] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input7
[  204.714636][ T1984] dvb-usb: schedule remote query interval to 150 msecs.
[  204.716812][ T1984] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  204.781981][T10021] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1040'.
[  204.872728][ T1984] dvb-usb: bulk message failed: -22 (1/0)
[  204.875253][ T1984] dvb-usb: error while querying for an remote control event.
[  204.894869][ T1984] usb 7-1: USB disconnect, device number 2
[  204.910652][ T1984] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  206.210340][T10046] FAULT_INJECTION: forcing a failure.
[  206.210340][T10046] name failslab, interval 1, probability 0, space 0, times 0
[  206.213411][T10044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1044'.
[  206.216184][T10046] CPU: 3 UID: 0 PID: 10046 Comm: syz.0.1045 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  206.216199][T10046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.216206][T10046] Call Trace:
[  206.216209][T10046]  <TASK>
[  206.216213][T10046]  dump_stack_lvl+0x16c/0x1f0
[  206.216232][T10046]  should_fail_ex+0x512/0x640
[  206.216245][T10046]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  206.216259][T10046]  should_failslab+0xc2/0x120
[  206.216273][T10046]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  206.216290][T10046]  ? __alloc_skb+0x2b2/0x380
[  206.216306][T10046]  __alloc_skb+0x2b2/0x380
[  206.216318][T10046]  ? __pfx___alloc_skb+0x10/0x10
[  206.216332][T10046]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  206.216350][T10046]  netlink_alloc_large_skb+0x69/0x130
[  206.216365][T10046]  netlink_sendmsg+0x6a1/0xdd0
[  206.216382][T10046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.216397][T10046]  ? __import_iovec+0x1c8/0x660
[  206.216414][T10046]  ____sys_sendmsg+0xa95/0xc70
[  206.216425][T10046]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.216434][T10046]  ? get_compat_msghdr+0x11a/0x170
[  206.216452][T10046]  ___sys_sendmsg+0x134/0x1d0
[  206.216467][T10046]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.216495][T10046]  __sys_sendmsg+0x16d/0x220
[  206.216508][T10046]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.216527][T10046]  ? rcu_is_watching+0x12/0xc0
[  206.216541][T10046]  __do_fast_syscall_32+0x73/0x120
[  206.216558][T10046]  do_fast_syscall_32+0x32/0x80
[  206.216573][T10046]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.216586][T10046] RIP: 0023:0xf708e579
[  206.216594][T10046] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  206.216604][T10046] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  206.216614][T10046] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  206.216620][T10046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  206.216626][T10046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.216632][T10046] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  206.216637][T10046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.216649][T10046]  </TASK>
[  206.851223][T10059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1049'.
[  207.318155][T10066] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1052'.
[  208.897893][T10091] FAULT_INJECTION: forcing a failure.
[  208.897893][T10091] name failslab, interval 1, probability 0, space 0, times 0
[  208.902560][T10091] CPU: 1 UID: 0 PID: 10091 Comm: syz.3.1057 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  208.902573][T10091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.902580][T10091] Call Trace:
[  208.902584][T10091]  <TASK>
[  208.902588][T10091]  dump_stack_lvl+0x16c/0x1f0
[  208.902607][T10091]  should_fail_ex+0x512/0x640
[  208.902619][T10091]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  208.902635][T10091]  should_failslab+0xc2/0x120
[  208.902649][T10091]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  208.902663][T10091]  ? bpf_ksym_find+0x124/0x1c0
[  208.902672][T10091]  ? cfg80211_iter_combinations+0x86d/0x12d0
[  208.902690][T10091]  kmemdup_noprof+0x29/0x60
[  208.902704][T10091]  cfg80211_iter_combinations+0x86d/0x12d0
[  208.902723][T10091]  ? ieee80211_fill_ifcomb_params+0x676/0x930
[  208.902741][T10091]  ? __pfx_ieee80211_iter_max_chans+0x10/0x10
[  208.902757][T10091]  ieee80211_max_num_channels+0x135/0x220
[  208.902770][T10091]  ? __pfx_ieee80211_max_num_channels+0x10/0x10
[  208.902782][T10091]  ? lock_acquire+0x179/0x350
[  208.902803][T10091]  ieee80211_can_create_new_chanctx+0x130/0x2b0
[  208.902820][T10091]  ieee80211_link_reserve_chanctx+0x6e5/0x1060
[  208.902838][T10091]  ? __pfx_ieee80211_link_reserve_chanctx+0x10/0x10
[  208.902872][T10091]  ? __pfx___might_resched+0x10/0x10
[  208.902888][T10091]  __ieee80211_channel_switch+0x9b8/0x28b0
[  208.902909][T10091]  ? __pfx___ieee80211_channel_switch+0x10/0x10
[  208.902928][T10091]  ? cfg80211_chandef_dfs_required+0xda/0x11b0
[  208.902956][T10091]  nl80211_channel_switch+0xb8f/0xf40
[  208.902970][T10091]  ? __pfx_nl80211_channel_switch+0x10/0x10
[  208.902981][T10091]  ? __mutex_trylock_common+0xe9/0x250
[  208.902997][T10091]  ? __pfx___mutex_trylock_common+0x10/0x10
[  208.903030][T10091]  ? nl80211_pre_doit+0x1b0/0xb10
[  208.903046][T10091]  genl_family_rcv_msg_doit+0x206/0x2f0
[  208.903065][T10091]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  208.903082][T10091]  ? trace_cap_capable+0x18d/0x200
[  208.903096][T10091]  ? bpf_lsm_capable+0x9/0x10
[  208.903108][T10091]  ? security_capable+0x7e/0x260
[  208.903118][T10091]  ? ns_capable+0xd7/0x110
[  208.903131][T10091]  genl_rcv_msg+0x55c/0x800
[  208.903143][T10091]  ? __pfx_genl_rcv_msg+0x10/0x10
[  208.903152][T10091]  ? __pfx___dev_queue_xmit+0x10/0x10
[  208.903163][T10091]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  208.903176][T10091]  ? __pfx_nl80211_channel_switch+0x10/0x10
[  208.903187][T10091]  ? __pfx_nl80211_post_doit+0x10/0x10
[  208.903202][T10091]  ? __lock_acquire+0xaa4/0x1ba0
[  208.903219][T10091]  netlink_rcv_skb+0x16a/0x440
[  208.903233][T10091]  ? __pfx_genl_rcv_msg+0x10/0x10
[  208.903247][T10091]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  208.903269][T10091]  ? __pfx_down_read+0x10/0x10
[  208.903279][T10091]  ? netlink_deliver_tap+0x1ae/0xd30
[  208.903295][T10091]  genl_rcv+0x28/0x40
[  208.903309][T10091]  netlink_unicast+0x53a/0x7f0
[  208.903326][T10091]  ? __pfx_netlink_unicast+0x10/0x10
[  208.903345][T10091]  netlink_sendmsg+0x8d1/0xdd0
[  208.903362][T10091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.903377][T10091]  ? __import_iovec+0x1c8/0x660
[  208.903394][T10091]  ____sys_sendmsg+0xa95/0xc70
[  208.903405][T10091]  ? __pfx_____sys_sendmsg+0x10/0x10
[  208.903415][T10091]  ? get_compat_msghdr+0x11a/0x170
[  208.903434][T10091]  ___sys_sendmsg+0x134/0x1d0
[  208.903449][T10091]  ? __pfx____sys_sendmsg+0x10/0x10
[  208.903480][T10091]  __sys_sendmsg+0x16d/0x220
[  208.903494][T10091]  ? __pfx___sys_sendmsg+0x10/0x10
[  208.903514][T10091]  ? rcu_is_watching+0x12/0xc0
[  208.903526][T10091]  __do_fast_syscall_32+0x73/0x120
[  208.903542][T10091]  do_fast_syscall_32+0x32/0x80
[  208.903557][T10091]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.903571][T10091] RIP: 0023:0xf703e579
[  208.903579][T10091] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.903589][T10091] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  208.903599][T10091] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000200
[  208.903605][T10091] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  208.903611][T10091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.903616][T10091] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  208.903622][T10091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.903635][T10091]  </TASK>
[  209.563997][T10103] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1062'.
[  210.219234][T10116] netlink: 'syz.2.1064': attribute type 7 has an invalid length.
[  210.230326][T10116] : entered promiscuous mode
[  210.246643][T10116] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1064'.
[  210.249470][T10116] ksmbd: Daemon and kernel module version mismatch. ksmbd: 49, kernel module: 1. User-space ksmbd should terminate.
[  210.440731][T10126] loop2: detected capacity change from 0 to 7
[  210.455082][ T5971] Dev loop2: unable to read RDB block 7
[  210.457441][ T5971]  loop2: unable to read partition table
[  210.459824][ T5971] loop2: partition table beyond EOD, truncated
[  210.467428][T10126] Dev loop2: unable to read RDB block 7
[  210.469807][T10126]  loop2: unable to read partition table
[  210.470377][T10128] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  210.474277][T10126] loop2: partition table beyond EOD, truncated
[  210.481494][T10126] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  210.525337][ T5366] Dev loop2: unable to read RDB block 7
[  210.527445][ T5366]  loop2: unable to read partition table
[  210.529834][ T5366] loop2: partition table beyond EOD, truncated
[  210.637804][ T5366] Dev loop2: unable to read RDB block 7
[  210.640115][ T5366]  loop2: unable to read partition table
[  210.642183][ T5366] loop2: partition table beyond EOD, truncated
[  210.673861][ T5366] Dev loop2: unable to read RDB block 7
[  210.676201][ T5366]  loop2: unable to read partition table
[  210.678334][ T5366] loop2: partition table beyond EOD, truncated
[  210.743537][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  210.834970][ T5973] Bluetooth: hci3: unexpected event for opcode 0x040e
[  210.916509][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  211.021764][ T5366] Dev loop2: unable to read RDB block 7
[  211.024246][ T5366]  loop2: unable to read partition table
[  211.026386][ T5366] loop2: partition table beyond EOD, truncated
[  211.492225][T10148] netlink: 'syz.2.1074': attribute type 3 has an invalid length.
[  211.701479][T10160] FAULT_INJECTION: forcing a failure.
[  211.701479][T10160] name failslab, interval 1, probability 0, space 0, times 0
[  211.711521][T10160] CPU: 3 UID: 0 PID: 10160 Comm: syz.1.1077 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  211.711545][T10160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.711557][T10160] Call Trace:
[  211.711563][T10160]  <TASK>
[  211.711570][T10160]  dump_stack_lvl+0x16c/0x1f0
[  211.711598][T10160]  should_fail_ex+0x512/0x640
[  211.711614][T10160]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  211.711629][T10160]  should_failslab+0xc2/0x120
[  211.711642][T10160]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  211.711655][T10160]  ? __alloc_skb+0x2b2/0x380
[  211.711668][T10160]  ? bpf_lsm_capable+0x9/0x10
[  211.711683][T10160]  __alloc_skb+0x2b2/0x380
[  211.711696][T10160]  ? __pfx___alloc_skb+0x10/0x10
[  211.711708][T10160]  ? genl_rcv_msg+0x4f0/0x800
[  211.711717][T10160]  ? genl_rcv_msg+0x4bb/0x800
[  211.711730][T10160]  netlink_ack+0x15d/0xb80
[  211.711745][T10160]  ? __lock_acquire+0xaa4/0x1ba0
[  211.711762][T10160]  netlink_rcv_skb+0x347/0x440
[  211.711777][T10160]  ? __pfx_genl_rcv_msg+0x10/0x10
[  211.711787][T10160]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  211.711822][T10160]  ? __pfx_down_read+0x10/0x10
[  211.711832][T10160]  ? netlink_deliver_tap+0x1ae/0xd30
[  211.711848][T10160]  genl_rcv+0x28/0x40
[  211.711885][T10160]  netlink_unicast+0x53a/0x7f0
[  211.711903][T10160]  ? __pfx_netlink_unicast+0x10/0x10
[  211.711922][T10160]  netlink_sendmsg+0x8d1/0xdd0
[  211.711938][T10160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.711954][T10160]  ? __import_iovec+0x1c8/0x660
[  211.711971][T10160]  ____sys_sendmsg+0xa95/0xc70
[  211.711982][T10160]  ? __pfx_____sys_sendmsg+0x10/0x10
[  211.711991][T10160]  ? get_compat_msghdr+0x11a/0x170
[  211.712011][T10160]  ___sys_sendmsg+0x134/0x1d0
[  211.712025][T10160]  ? __pfx____sys_sendmsg+0x10/0x10
[  211.712055][T10160]  __sys_sendmsg+0x16d/0x220
[  211.712069][T10160]  ? __pfx___sys_sendmsg+0x10/0x10
[  211.712086][T10160]  ? rcu_is_watching+0x12/0xc0
[  211.712097][T10160]  ? rcu_is_watching+0x12/0xc0
[  211.712109][T10160]  __do_fast_syscall_32+0x73/0x120
[  211.712126][T10160]  do_fast_syscall_32+0x32/0x80
[  211.712141][T10160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.712153][T10160] RIP: 0023:0xf710e579
[  211.712162][T10160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.712172][T10160] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  211.712182][T10160] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000400
[  211.712189][T10160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.712194][T10160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.712200][T10160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  211.712206][T10160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.712218][T10160]  </TASK>
[  212.264474][T10168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1081'.
[  212.267250][T10168] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1081'.
[  212.467822][T10175] loop2: detected capacity change from 0 to 7
[  212.470652][ T5969] Dev loop2: unable to read RDB block 7
[  212.472799][ T5969]  loop2: unable to read partition table
[  212.474673][ T5969] loop2: partition table beyond EOD, truncated
[  212.531363][T10175] Dev loop2: unable to read RDB block 7
[  212.534389][T10175]  loop2: unable to read partition table
[  212.537681][T10175] loop2: partition table beyond EOD, truncated
[  212.539955][T10175] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  212.594248][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  212.950592][T10182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1083'.
[  213.200975][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  213.450528][T10196] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1086'.
[  213.683196][  T835] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  213.835275][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  213.840834][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  213.847562][  T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  213.859489][  T835] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  213.861294][T10199] loop2: detected capacity change from 0 to 7
[  213.865310][  T835] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.865806][T10199] Dev loop2: unable to read RDB block 7
[  213.868639][  T835] usb 8-1: Product: syz
[  213.870391][T10199]  loop2: unable to read partition table
[  213.874507][  T835] usb 8-1: Manufacturer: syz
[  213.876504][  T835] usb 8-1: SerialNumber: syz
[  213.883888][T10199] loop2: partition table beyond EOD, truncated
[  213.885834][T10199] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  213.889686][  T835] usb 8-1: config 0 descriptor??
[  213.983514][ T5973] Bluetooth: hci3: unexpected event for opcode 0x040e
[  214.096598][  T835] adutux 8-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  214.300221][  T835] usb 8-1: USB disconnect, device number 2
[  214.509522][T10216] FAULT_INJECTION: forcing a failure.
[  214.509522][T10216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.515459][T10216] CPU: 0 UID: 0 PID: 10216 Comm: syz.0.1095 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  214.515496][T10216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.515504][T10216] Call Trace:
[  214.515509][T10216]  <TASK>
[  214.515513][T10216]  dump_stack_lvl+0x16c/0x1f0
[  214.515539][T10216]  should_fail_ex+0x512/0x640
[  214.515561][T10216]  _copy_from_user+0x2e/0xd0
[  214.515581][T10216]  get_compat_msghdr+0xa7/0x170
[  214.515601][T10216]  ? __pfx_get_compat_msghdr+0x10/0x10
[  214.515627][T10216]  ___sys_sendmsg+0x1ae/0x1d0
[  214.515642][T10216]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.515674][T10216]  __sys_sendmsg+0x16d/0x220
[  214.515688][T10216]  ? __pfx___sys_sendmsg+0x10/0x10
[  214.515706][T10216]  ? rcu_is_watching+0x12/0xc0
[  214.515719][T10216]  ? rcu_is_watching+0x12/0xc0
[  214.515735][T10216]  __do_fast_syscall_32+0x73/0x120
[  214.515761][T10216]  do_fast_syscall_32+0x32/0x80
[  214.515784][T10216]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  214.515800][T10216] RIP: 0023:0xf708e579
[  214.515809][T10216] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  214.515821][T10216] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  214.515831][T10216] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340
[  214.515861][T10216] RDX: 0000000004044054 RSI: 0000000000000000 RDI: 0000000000000000
[  214.515872][T10216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  214.515881][T10216] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  214.515891][T10216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  214.515911][T10216]  </TASK>
[  214.884601][T10227] FAULT_INJECTION: forcing a failure.
[  214.884601][T10227] name failslab, interval 1, probability 0, space 0, times 0
[  214.888757][T10227] CPU: 2 UID: 0 PID: 10227 Comm: syz.3.1100 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  214.888777][T10227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.888787][T10227] Call Trace:
[  214.888793][T10227]  <TASK>
[  214.888800][T10227]  dump_stack_lvl+0x16c/0x1f0
[  214.888829][T10227]  should_fail_ex+0x512/0x640
[  214.888847][T10227]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  214.888870][T10227]  should_failslab+0xc2/0x120
[  214.888891][T10227]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  214.888911][T10227]  ? __alloc_skb+0x2b2/0x380
[  214.888933][T10227]  ? bpf_lsm_capable+0x9/0x10
[  214.888955][T10227]  __alloc_skb+0x2b2/0x380
[  214.888976][T10227]  ? __pfx___alloc_skb+0x10/0x10
[  214.888996][T10227]  ? genl_rcv_msg+0x4f0/0x800
[  214.889010][T10227]  ? genl_rcv_msg+0x4bb/0x800
[  214.889023][T10227]  netlink_ack+0x15d/0xb80
[  214.889038][T10227]  ? __lock_acquire+0xaa4/0x1ba0
[  214.889055][T10227]  netlink_rcv_skb+0x347/0x440
[  214.889070][T10227]  ? __pfx_genl_rcv_msg+0x10/0x10
[  214.889080][T10227]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  214.889101][T10227]  ? __pfx_down_read+0x10/0x10
[  214.889116][T10227]  ? netlink_deliver_tap+0x1ae/0xd30
[  214.889140][T10227]  genl_rcv+0x28/0x40
[  214.889164][T10227]  netlink_unicast+0x53a/0x7f0
[  214.889191][T10227]  ? __pfx_netlink_unicast+0x10/0x10
[  214.889221][T10227]  netlink_sendmsg+0x8d1/0xdd0
[  214.889248][T10227]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.889275][T10227]  ? __import_iovec+0x1c8/0x660
[  214.889302][T10227]  ____sys_sendmsg+0xa95/0xc70
[  214.889322][T10227]  ? __pfx_____sys_sendmsg+0x10/0x10
[  214.889335][T10227]  ? get_compat_msghdr+0x11a/0x170
[  214.889368][T10227]  ___sys_sendmsg+0x134/0x1d0
[  214.889392][T10227]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.889444][T10227]  __sys_sendmsg+0x16d/0x220
[  214.889466][T10227]  ? __pfx___sys_sendmsg+0x10/0x10
[  214.889502][T10227]  ? rcu_is_watching+0x12/0xc0
[  214.889521][T10227]  ? rcu_is_watching+0x12/0xc0
[  214.889541][T10227]  __do_fast_syscall_32+0x73/0x120
[  214.889567][T10227]  do_fast_syscall_32+0x32/0x80
[  214.889592][T10227]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  214.889612][T10227] RIP: 0023:0xf703e579
[  214.889626][T10227] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  214.889642][T10227] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  214.889658][T10227] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000400
[  214.889668][T10227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  214.889678][T10227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  214.889687][T10227] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  214.889696][T10227] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  214.889719][T10227]  </TASK>
[  214.996666][    C2] vkms_vblank_simulate: vblank timer overrun
[  215.124695][T10230] netlink: 'syz.0.1097': attribute type 3 has an invalid length.
[  216.073651][T10252] FAULT_INJECTION: forcing a failure.
[  216.073651][T10252] name failslab, interval 1, probability 0, space 0, times 0
[  216.077584][T10252] CPU: 0 UID: 0 PID: 10252 Comm: syz.2.1108 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  216.077598][T10252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.077605][T10252] Call Trace:
[  216.077608][T10252]  <TASK>
[  216.077613][T10252]  dump_stack_lvl+0x16c/0x1f0
[  216.077631][T10252]  should_fail_ex+0x512/0x640
[  216.077643][T10252]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  216.077656][T10252]  should_failslab+0xc2/0x120
[  216.077669][T10252]  __kmalloc_cache_noprof+0x6a/0x3e0
[  216.077680][T10252]  ? __might_fault+0xe3/0x190
[  216.077692][T10252]  ? kvm_set_irq_routing+0x24f/0x980
[  216.077705][T10252]  kvm_set_irq_routing+0x24f/0x980
[  216.077719][T10252]  kvm_vm_ioctl+0x179e/0x3d40
[  216.077732][T10252]  ? stack_trace_save+0x8e/0xc0
[  216.077744][T10252]  ? __pfx_stack_trace_save+0x10/0x10
[  216.077755][T10252]  ? stack_depot_save_flags+0x28/0xa50
[  216.077768][T10252]  ? __lock_acquire+0xaa4/0x1ba0
[  216.077782][T10252]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  216.077795][T10252]  ? kasan_save_stack+0x42/0x60
[  216.077806][T10252]  ? kasan_save_stack+0x33/0x60
[  216.077817][T10252]  ? kasan_save_track+0x14/0x30
[  216.077827][T10252]  ? kasan_save_free_info+0x3b/0x60
[  216.077842][T10252]  ? __kasan_slab_free+0x51/0x70
[  216.077853][T10252]  ? kfree+0x2b6/0x4d0
[  216.077861][T10252]  ? tomoyo_path_number_perm+0x470/0x580
[  216.077874][T10252]  ? security_file_ioctl_compat+0x9b/0x240
[  216.077887][T10252]  ? __ia32_compat_sys_ioctl+0xc3/0x360
[  216.077901][T10252]  ? __do_fast_syscall_32+0x73/0x120
[  216.077915][T10252]  ? do_fast_syscall_32+0x32/0x80
[  216.077929][T10252]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.077941][T10252]  ? kvm_arch_vm_compat_ioctl+0x2d0/0x470
[  216.077958][T10252]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[  216.077984][T10252]  ? kasan_quarantine_put+0x10a/0x240
[  216.077995][T10252]  ? lockdep_hardirqs_on+0x7c/0x110
[  216.078010][T10252]  ? find_held_lock+0x2b/0x80
[  216.078020][T10252]  ? tomoyo_path_number_perm+0x295/0x580
[  216.078035][T10252]  ? tomoyo_path_number_perm+0x18d/0x580
[  216.078048][T10252]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  216.078060][T10252]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  216.078076][T10252]  ? do_vfs_ioctl+0x512/0x1990
[  216.078093][T10252]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  216.078122][T10252]  kvm_vm_compat_ioctl+0x393/0x430
[  216.078141][T10252]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  216.078161][T10252]  ? find_held_lock+0x2b/0x80
[  216.078178][T10252]  ? hook_file_ioctl_common+0x145/0x410
[  216.078200][T10252]  ? __fget_files+0x20e/0x3c0
[  216.078215][T10252]  ? __fput_deferred+0x300/0x370
[  216.078236][T10252]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  216.078254][T10252]  __ia32_compat_sys_ioctl+0x24c/0x360
[  216.078279][T10252]  __do_fast_syscall_32+0x73/0x120
[  216.078304][T10252]  do_fast_syscall_32+0x32/0x80
[  216.078328][T10252]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.078346][T10252] RIP: 0023:0xf711e579
[  216.078355][T10252] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.078365][T10252] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  216.078376][T10252] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008ae6a
[  216.078382][T10252] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  216.078388][T10252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.078394][T10252] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.078399][T10252] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.078411][T10252]  </TASK>
[  216.560479][T10269] input: syz0 as /devices/virtual/input/input8
[  217.105359][T10288] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1116'.
[  217.186806][T10293] xt_ecn: cannot match TCP bits for non-tcp packets
[  217.312930][T10284] Driver unsupported XDP return value 0 on prog  (id 97) dev N/A, expect packet loss!
[  217.315742][T10299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1116'.
[  217.789593][T10315] FAULT_INJECTION: forcing a failure.
[  217.789593][T10315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.793979][T10315] CPU: 0 UID: 0 PID: 10315 Comm: syz.1.1123 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  217.793993][T10315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.794000][T10315] Call Trace:
[  217.794004][T10315]  <TASK>
[  217.794008][T10315]  dump_stack_lvl+0x16c/0x1f0
[  217.794026][T10315]  should_fail_ex+0x512/0x640
[  217.794041][T10315]  _copy_from_user+0x2e/0xd0
[  217.794055][T10315]  kstrtouint_from_user+0xd6/0x1d0
[  217.794065][T10315]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  217.794074][T10315]  ? __lock_acquire+0xaa4/0x1ba0
[  217.794094][T10315]  proc_fail_nth_write+0x83/0x250
[  217.794110][T10315]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  217.794129][T10315]  vfs_write+0x25c/0x1180
[  217.794140][T10315]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  217.794157][T10315]  ? __pfx___mutex_lock+0x10/0x10
[  217.794172][T10315]  ? __pfx_vfs_write+0x10/0x10
[  217.794186][T10315]  ? __fget_files+0x20e/0x3c0
[  217.794200][T10315]  ksys_write+0x12a/0x240
[  217.794210][T10315]  ? __pfx_ksys_write+0x10/0x10
[  217.794219][T10315]  ? rcu_is_watching+0x12/0xc0
[  217.794231][T10315]  ? rcu_is_watching+0x12/0xc0
[  217.794242][T10315]  __do_fast_syscall_32+0x73/0x120
[  217.794259][T10315]  do_fast_syscall_32+0x32/0x80
[  217.794274][T10315]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.794287][T10315] RIP: 0023:0xf710e579
[  217.794295][T10315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.794305][T10315] RSP: 002b:00000000f50dd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  217.794314][T10315] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50dd620
[  217.794321][T10315] RDX: 0000000000000001 RSI: 00000000f7472ff4 RDI: 0000000000000000
[  217.794326][T10315] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  217.794332][T10315] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.794338][T10315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.794350][T10315]  </TASK>
[  217.935687][T10323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1126'.
[  218.281197][ T6239] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  218.292871][T10335] tipc: Started in network mode
[  218.294474][T10335] tipc: Node identity 4, cluster identity 4711
[  218.296423][T10335] tipc: Node number set to 4
[  218.447616][ T6239] usb 6-1: Using ep0 maxpacket: 32
[  218.458022][ T6239] usb 6-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88
[  218.461481][ T6239] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.464617][ T6239] usb 6-1: Product: syz
[  218.466359][ T6239] usb 6-1: Manufacturer: syz
[  218.468049][ T6239] usb 6-1: SerialNumber: syz
[  218.472539][ T6239] usb 6-1: config 0 descriptor??
[  218.480903][ T6239] as10x_usb: device has been detected
[  218.491729][ T6239] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan)
[  218.519681][ T6239] usb 6-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)...
[  218.542985][ T6239] as10x_usb: error during firmware upload part1
[  218.545237][ T6239] Registered device Abilis Systems DVB-Titan
[  218.974535][T10349] loop2: detected capacity change from 0 to 7
[  218.980648][T10349] Dev loop2: unable to read RDB block 7
[  218.983048][T10349]  loop2: unable to read partition table
[  218.985296][T10349] loop2: partition table beyond EOD, truncated
[  219.001287][T10349] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  219.091295][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  219.330636][T10361] FAULT_INJECTION: forcing a failure.
[  219.330636][T10361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.335896][T10361] CPU: 0 UID: 0 PID: 10361 Comm: syz.3.1139 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  219.335910][T10361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.335917][T10361] Call Trace:
[  219.335921][T10361]  <TASK>
[  219.335925][T10361]  dump_stack_lvl+0x16c/0x1f0
[  219.335943][T10361]  should_fail_ex+0x512/0x640
[  219.335958][T10361]  _copy_from_user+0x2e/0xd0
[  219.335971][T10361]  bpf_prog_load+0x1a8d/0x2490
[  219.335989][T10361]  ? __pfx_bpf_prog_load+0x10/0x10
[  219.336014][T10361]  ? bpf_lsm_bpf+0x9/0x10
[  219.336026][T10361]  __sys_bpf+0x433c/0x4d80
[  219.336043][T10361]  ? __pfx___sys_bpf+0x10/0x10
[  219.336058][T10361]  ? ksys_write+0x190/0x240
[  219.336071][T10361]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  219.336093][T10361]  ? fput+0x70/0xf0
[  219.336105][T10361]  ? ksys_write+0x1b9/0x240
[  219.336116][T10361]  ? __pfx_ksys_write+0x10/0x10
[  219.336128][T10361]  __ia32_sys_bpf+0x76/0xe0
[  219.336138][T10361]  __do_fast_syscall_32+0x73/0x120
[  219.336154][T10361]  do_fast_syscall_32+0x32/0x80
[  219.336169][T10361]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  219.336182][T10361] RIP: 0023:0xf703e579
[  219.336190][T10361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  219.336200][T10361] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  219.336211][T10361] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000440
[  219.336217][T10361] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  219.336223][T10361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  219.336228][T10361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  219.336234][T10361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  219.336246][T10361]  </TASK>
[  219.458560][T10368] process 'syz.0.1141' launched '/dev/fd/5' with NULL argv: empty string added
[  219.892913][T10378] loop2: detected capacity change from 0 to 7
[  219.913793][T10378] Dev loop2: unable to read RDB block 7
[  219.917789][T10378]  loop2: unable to read partition table
[  219.920183][T10378] loop2: partition table beyond EOD, truncated
[  219.926774][T10378] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  219.982901][ T5366] Dev loop2: unable to read RDB block 7
[  219.985028][ T5366]  loop2: unable to read partition table
[  219.987136][ T5366] loop2: partition table beyond EOD, truncated
[  220.087039][ T5366] Dev loop2: unable to read RDB block 7
[  220.088918][ T5366]  loop2: unable to read partition table
[  220.090858][ T5366] loop2: partition table beyond EOD, truncated
[  220.109355][ T5366] Dev loop2: unable to read RDB block 7
[  220.113498][ T5366]  loop2: unable to read partition table
[  220.118104][ T5366] loop2: partition table beyond EOD, truncated
[  220.179732][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  220.304173][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  220.352847][ T5366] Dev loop2: unable to read RDB block 7
[  220.354600][ T5366]  loop2: unable to read partition table
[  220.356403][ T5366] loop2: partition table beyond EOD, truncated
[  220.357476][T10394] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1150'.
[  220.399332][ T5366] Dev loop2: unable to read RDB block 7
[  220.401474][ T5366]  loop2: unable to read partition table
[  220.403384][ T5366] loop2: partition table beyond EOD, truncated
[  220.509465][ T5973] Bluetooth: hci3: unexpected event for opcode 0x040e
[  220.537092][ T5366] Dev loop2: unable to read RDB block 7
[  220.542896][ T5366]  loop2: unable to read partition table
[  220.544865][ T5366] loop2: partition table beyond EOD, truncated
[  220.609606][ T5366] Dev loop2: unable to read RDB block 7
[  220.611325][ T5366]  loop2: unable to read partition table
[  220.613203][ T5366] loop2: partition table beyond EOD, truncated
[  220.633506][ T5366] Dev loop2: unable to read RDB block 7
[  220.635194][ T5366]  loop2: unable to read partition table
[  220.637016][ T5366] loop2: partition table beyond EOD, truncated
[  220.808966][T10411] netlink: 'syz.0.1153': attribute type 3 has an invalid length.
[  221.042437][  T834] usb 6-1: USB disconnect, device number 2
[  221.175057][  T834] Unregistered device Abilis Systems DVB-Titan
[  221.179752][  T834] as10x_usb: device has been disconnected
[  221.248730][T10423] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1160'.
[  223.288865][T10439] loop2: detected capacity change from 0 to 7
[  223.296045][ T5969] Dev loop2: unable to read RDB block 7
[  223.297805][ T5969]  loop2: unable to read partition table
[  223.299654][ T5969] loop2: partition table beyond EOD, truncated
[  223.337659][T10439] Dev loop2: unable to read RDB block 7
[  223.339418][T10439]  loop2: unable to read partition table
[  223.343695][T10439] loop2: partition table beyond EOD, truncated
[  223.355442][T10439] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  223.508236][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  223.612086][T10452] FAULT_INJECTION: forcing a failure.
[  223.612086][T10452] name failslab, interval 1, probability 0, space 0, times 0
[  223.616896][T10452] CPU: 0 UID: 0 PID: 10452 Comm: syz.1.1169 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  223.616918][T10452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.616929][T10452] Call Trace:
[  223.616935][T10452]  <TASK>
[  223.616941][T10452]  dump_stack_lvl+0x16c/0x1f0
[  223.616970][T10452]  should_fail_ex+0x512/0x640
[  223.616989][T10452]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  223.617013][T10452]  should_failslab+0xc2/0x120
[  223.617036][T10452]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  223.617056][T10452]  ? __alloc_skb+0x2b2/0x380
[  223.617077][T10452]  ? bpf_lsm_capable+0x9/0x10
[  223.617099][T10452]  __alloc_skb+0x2b2/0x380
[  223.617125][T10452]  ? __pfx___alloc_skb+0x10/0x10
[  223.617145][T10452]  ? genl_rcv_msg+0x4f0/0x800
[  223.617159][T10452]  ? genl_rcv_msg+0x4bb/0x800
[  223.617182][T10452]  netlink_ack+0x15d/0xb80
[  223.617206][T10452]  ? __lock_acquire+0xaa4/0x1ba0
[  223.617235][T10452]  netlink_rcv_skb+0x347/0x440
[  223.617258][T10452]  ? __pfx_genl_rcv_msg+0x10/0x10
[  223.617275][T10452]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.617311][T10452]  ? __pfx_down_read+0x10/0x10
[  223.617328][T10452]  ? netlink_deliver_tap+0x1ae/0xd30
[  223.617354][T10452]  genl_rcv+0x28/0x40
[  223.617376][T10452]  netlink_unicast+0x53a/0x7f0
[  223.617402][T10452]  ? __pfx_netlink_unicast+0x10/0x10
[  223.617431][T10452]  netlink_sendmsg+0x8d1/0xdd0
[  223.617458][T10452]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.617483][T10452]  ? __import_iovec+0x1c8/0x660
[  223.617510][T10452]  ____sys_sendmsg+0xa95/0xc70
[  223.617529][T10452]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.617544][T10452]  ? get_compat_msghdr+0x11a/0x170
[  223.617576][T10452]  ___sys_sendmsg+0x134/0x1d0
[  223.617599][T10452]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.617652][T10452]  __sys_sendmsg+0x16d/0x220
[  223.617674][T10452]  ? __pfx___sys_sendmsg+0x10/0x10
[  223.617703][T10452]  ? rcu_is_watching+0x12/0xc0
[  223.617722][T10452]  ? rcu_is_watching+0x12/0xc0
[  223.617742][T10452]  __do_fast_syscall_32+0x73/0x120
[  223.617767][T10452]  do_fast_syscall_32+0x32/0x80
[  223.617790][T10452]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.617811][T10452] RIP: 0023:0xf710e579
[  223.617824][T10452] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.617840][T10452] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  223.617856][T10452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  223.617866][T10452] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  223.617875][T10452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.617884][T10452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.617893][T10452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.617913][T10452]  </TASK>
[  223.651439][   T65] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  223.871348][   T65] usb 8-1: Using ep0 maxpacket: 32
[  223.877362][   T65] usb 8-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88
[  223.881155][   T65] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.883635][   T65] usb 8-1: Product: syz
[  223.885340][   T65] usb 8-1: Manufacturer: syz
[  223.887305][   T65] usb 8-1: SerialNumber: syz
[  223.893565][   T65] usb 8-1: config 0 descriptor??
[  223.900053][   T65] as10x_usb: device has been detected
[  223.903478][   T65] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan)
[  223.914637][   T65] usb 8-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)...
[  223.920489][   T65] as10x_usb: error during firmware upload part1
[  223.923022][   T65] Registered device Abilis Systems DVB-Titan
[  223.992346][ T1017] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  224.109139][T10458] FAULT_INJECTION: forcing a failure.
[  224.109139][T10458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.114246][T10458] CPU: 3 UID: 0 PID: 10458 Comm: syz.0.1173 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  224.114260][T10458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.114266][T10458] Call Trace:
[  224.114270][T10458]  <TASK>
[  224.114274][T10458]  dump_stack_lvl+0x16c/0x1f0
[  224.114292][T10458]  should_fail_ex+0x512/0x640
[  224.114307][T10458]  _copy_from_user+0x2e/0xd0
[  224.114321][T10458]  get_compat_msghdr+0xa7/0x170
[  224.114337][T10458]  ? __pfx_get_compat_msghdr+0x10/0x10
[  224.114355][T10458]  ___sys_sendmsg+0x1ae/0x1d0
[  224.114370][T10458]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.114399][T10458]  __sys_sendmsg+0x16d/0x220
[  224.114412][T10458]  ? __pfx___sys_sendmsg+0x10/0x10
[  224.114431][T10458]  ? rcu_is_watching+0x12/0xc0
[  224.114444][T10458]  __do_fast_syscall_32+0x73/0x120
[  224.114460][T10458]  do_fast_syscall_32+0x32/0x80
[  224.114475][T10458]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.114488][T10458] RIP: 0023:0xf708e579
[  224.114496][T10458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.114507][T10458] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  224.114517][T10458] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  224.114523][T10458] RDX: 0000000020050800 RSI: 0000000000000000 RDI: 0000000000000000
[  224.114529][T10458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.114535][T10458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.114540][T10458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.114552][T10458]  </TASK>
[  224.229189][ T1017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  224.235534][ T1017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  224.238545][ T1017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  224.249966][ T1017] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  224.253839][ T1017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.256443][ T1017] usb 6-1: Product: syz
[  224.257822][ T1017] usb 6-1: Manufacturer: syz
[  224.259372][ T1017] usb 6-1: SerialNumber: syz
[  224.267863][ T1017] usb 6-1: config 0 descriptor??
[  224.528781][ T1017] adutux 6-1:0.0: ADU208  now attached to /dev/usb/adutux1
[  224.537412][ T1017] usb 6-1: USB disconnect, device number 3
[  224.641463][T10473] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1175'.
[  225.128698][T10479] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1176'.
[  225.318477][T10494] loop2: detected capacity change from 0 to 7
[  225.322149][ T5969] Dev loop2: unable to read RDB block 7
[  225.323907][ T5969]  loop2: unable to read partition table
[  225.325715][ T5969] loop2: partition table beyond EOD, truncated
[  225.328480][T10494] Dev loop2: unable to read RDB block 7
[  225.330239][T10494]  loop2: unable to read partition table
[  225.333991][T10494] loop2: partition table beyond EOD, truncated
[  225.336225][T10494] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  225.383574][ T5973] Bluetooth: hci0: unexpected event for opcode 0x040e
[  225.541196][   T34] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  225.695047][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  225.698461][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  225.701715][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  225.707236][   T34] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  225.710138][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.714147][   T34] usb 7-1: Product: syz
[  225.715493][   T34] usb 7-1: Manufacturer: syz
[  225.717050][   T34] usb 7-1: SerialNumber: syz
[  225.719960][   T34] usb 7-1: config 0 descriptor??
[  225.743142][ T5952] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  225.893411][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  225.896909][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  225.899841][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  225.922377][ T5952] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  225.929279][ T5952] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.941167][ T5952] usb 6-1: Product: syz
[  225.942389][   T34] adutux 7-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux1
[  225.942487][ T5952] usb 6-1: Manufacturer: syz
[  225.946495][ T5952] usb 6-1: SerialNumber: syz
[  225.963761][ T5952] usb 6-1: config 0 descriptor??
[  226.133144][   T34] usb 7-1: USB disconnect, device number 3
[  226.176005][ T5952] adutux 6-1:0.0: ADU208  now attached to /dev/usb/adutux1
[  226.184275][ T5952] usb 6-1: USB disconnect, device number 4
[  226.440372][   T65] usb 8-1: USB disconnect, device number 3
[  226.455611][   T65] Unregistered device Abilis Systems DVB-Titan
[  226.457365][   T65] as10x_usb: device has been disconnected
[  226.491776][T10520] FAULT_INJECTION: forcing a failure.
[  226.491776][T10520] name failslab, interval 1, probability 0, space 0, times 0
[  226.495820][T10520] CPU: 3 UID: 0 PID: 10520 Comm: syz.3.1192 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  226.495834][T10520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.495853][T10520] Call Trace:
[  226.495857][T10520]  <TASK>
[  226.495861][T10520]  dump_stack_lvl+0x16c/0x1f0
[  226.495879][T10520]  should_fail_ex+0x512/0x640
[  226.495893][T10520]  ? __kmalloc_noprof+0xbf/0x510
[  226.495906][T10520]  ? io_cache_alloc_new+0x45/0xf0
[  226.495920][T10520]  should_failslab+0xc2/0x120
[  226.495934][T10520]  __kmalloc_noprof+0xd2/0x510
[  226.495948][T10520]  io_cache_alloc_new+0x45/0xf0
[  226.495963][T10520]  io_rsrc_node_alloc+0x221/0x2b0
[  226.495976][T10520]  io_sqe_files_register+0x2a7/0x960
[  226.495991][T10520]  ? __pfx_io_sqe_files_register+0x10/0x10
[  226.496005][T10520]  ? __mutex_trylock_common+0xe9/0x250
[  226.496021][T10520]  ? __pfx___mutex_trylock_common+0x10/0x10
[  226.496037][T10520]  __io_uring_register+0x12e7/0x2310
[  226.496052][T10520]  ? trace_contention_end+0xdd/0x130
[  226.496066][T10520]  ? __pfx___io_uring_register+0x10/0x10
[  226.496079][T10520]  ? __mutex_lock+0x1ca/0xb90
[  226.496094][T10520]  ? __ia32_sys_io_uring_register+0x159/0x280
[  226.496110][T10520]  ? __pfx___mutex_lock+0x10/0x10
[  226.496128][T10520]  ? __fget_files+0x20e/0x3c0
[  226.496137][T10520]  ? __fput_deferred+0x300/0x370
[  226.496157][T10520]  __ia32_sys_io_uring_register+0x169/0x280
[  226.496173][T10520]  __do_fast_syscall_32+0x73/0x120
[  226.496189][T10520]  do_fast_syscall_32+0x32/0x80
[  226.496204][T10520]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.496217][T10520] RIP: 0023:0xf703e579
[  226.496225][T10520] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.496235][T10520] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab
[  226.496246][T10520] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000002
[  226.496252][T10520] RDX: 0000000080000180 RSI: 00000000000000fe RDI: 0000000000000000
[  226.496258][T10520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.496263][T10520] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.496269][T10520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.496282][T10520]  </TASK>
[  226.772707][T10535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1196'.
[  226.891510][T10539] random: crng reseeded on system resumption
[  227.202163][   T12] wlan1: Trigger new scan to find an IBSS to join
[  227.889415][T10567] FAULT_INJECTION: forcing a failure.
[  227.889415][T10567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.891187][   T34] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  227.894181][T10567] CPU: 2 UID: 0 PID: 10567 Comm: syz.0.1209 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  227.894196][T10567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.894203][T10567] Call Trace:
[  227.894207][T10567]  <TASK>
[  227.894211][T10567]  dump_stack_lvl+0x16c/0x1f0
[  227.894229][T10567]  should_fail_ex+0x512/0x640
[  227.894244][T10567]  _copy_from_user+0x2e/0xd0
[  227.894258][T10567]  kstrtouint_from_user+0xd6/0x1d0
[  227.894268][T10567]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  227.894277][T10567]  ? __lock_acquire+0xaa4/0x1ba0
[  227.894298][T10567]  proc_fail_nth_write+0x83/0x250
[  227.894314][T10567]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  227.894333][T10567]  vfs_write+0x25c/0x1180
[  227.894343][T10567]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  227.894364][T10567]  ? __pfx___mutex_lock+0x10/0x10
[  227.894380][T10567]  ? __pfx_vfs_write+0x10/0x10
[  227.894394][T10567]  ? __fget_files+0x20e/0x3c0
[  227.894408][T10567]  ksys_write+0x12a/0x240
[  227.894418][T10567]  ? __pfx_ksys_write+0x10/0x10
[  227.894430][T10567]  ? rcu_is_watching+0x12/0xc0
[  227.894442][T10567]  __do_fast_syscall_32+0x73/0x120
[  227.894458][T10567]  do_fast_syscall_32+0x32/0x80
[  227.894473][T10567]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  227.894486][T10567] RIP: 0023:0xf708e579
[  227.894494][T10567] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  227.894505][T10567] RSP: 002b:00000000f507e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  227.894515][T10567] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f507e620
[  227.894521][T10567] RDX: 0000000000000001 RSI: 00000000f73f2ff4 RDI: 0000000000000000
[  227.894527][T10567] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  227.894533][T10567] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  227.894538][T10567] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  227.894551][T10567]  </TASK>
[  228.147497][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  228.151399][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  228.154782][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  228.159968][   T34] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  228.163431][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.165249][T10571] ÿ
: renamed from dummy0 (while UP)
[  228.166210][   T34] usb 6-1: Product: syz
[  228.166219][   T34] usb 6-1: Manufacturer: syz
[  228.171198][   T34] usb 6-1: SerialNumber: syz
[  228.178461][   T34] usb 6-1: config 0 descriptor??
[  228.391594][   T34] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  228.591838][   T34] usb 6-1: USB disconnect, device number 5
[  228.884302][T10575] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  228.886894][T10575] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  228.904046][T10575] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.910170][T10575] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  228.922516][T10575] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  228.924762][T10575] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  228.931002][T10575] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  228.933498][T10575] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  229.136606][T10585] FAULT_INJECTION: forcing a failure.
[  229.136606][T10585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.140553][T10585] CPU: 1 UID: 0 PID: 10585 Comm: syz.1.1216 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  229.140567][T10585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.140574][T10585] Call Trace:
[  229.140578][T10585]  <TASK>
[  229.140582][T10585]  dump_stack_lvl+0x16c/0x1f0
[  229.140600][T10585]  should_fail_ex+0x512/0x640
[  229.140614][T10585]  _copy_from_iter+0x2a4/0x15b0
[  229.140629][T10585]  ? __alloc_skb+0x200/0x380
[  229.140642][T10585]  ? __pfx__copy_from_iter+0x10/0x10
[  229.140656][T10585]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  229.140675][T10585]  netlink_sendmsg+0x829/0xdd0
[  229.140692][T10585]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.140708][T10585]  ? __import_iovec+0x1c8/0x660
[  229.140724][T10585]  ____sys_sendmsg+0xa95/0xc70
[  229.140735][T10585]  ? __pfx_____sys_sendmsg+0x10/0x10
[  229.140744][T10585]  ? get_compat_msghdr+0x11a/0x170
[  229.140762][T10585]  ___sys_sendmsg+0x134/0x1d0
[  229.140776][T10585]  ? __pfx____sys_sendmsg+0x10/0x10
[  229.140805][T10585]  __sys_sendmsg+0x16d/0x220
[  229.140818][T10585]  ? __pfx___sys_sendmsg+0x10/0x10
[  229.140837][T10585]  ? rcu_is_watching+0x12/0xc0
[  229.140850][T10585]  __do_fast_syscall_32+0x73/0x120
[  229.140866][T10585]  do_fast_syscall_32+0x32/0x80
[  229.140881][T10585]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.140894][T10585] RIP: 0023:0xf710e579
[  229.140902][T10585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.140912][T10585] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  229.140922][T10585] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  229.140928][T10585] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  229.140934][T10585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.140939][T10585] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.140945][T10585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.140957][T10585]  </TASK>
[  229.203235][   T65] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  229.249257][T10594] syzkaller1: entered promiscuous mode
[  229.251257][T10594] syzkaller1: entered allmulticast mode
[  229.362799][   T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  229.366264][   T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.369631][   T65] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  229.374930][   T65] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  229.378526][   T65] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.406224][   T65] usb 7-1: config 0 descriptor??
[  229.442317][T10611] loop2: detected capacity change from 0 to 7
[  229.455117][ T8294] Dev loop2: unable to read RDB block 7
[  229.457491][ T8294]  loop2: unable to read partition table
[  229.459822][ T8294] loop2: partition table beyond EOD, truncated
[  229.478941][T10611] Dev loop2: unable to read RDB block 7
[  229.481609][T10611]  loop2: unable to read partition table
[  229.484101][T10611] loop2: partition table beyond EOD, truncated
[  229.486390][T10611] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  229.508302][ T5973] Bluetooth: hci1: unexpected event for opcode 0x040e
[  229.829044][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.831864][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.834476][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.837184][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.839943][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.842573][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.845047][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.847527][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.850227][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.853062][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.855811][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.858331][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.860932][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.863556][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.866370][   T65] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  229.875647][   T65] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  229.890774][   T65] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  230.073572][   T57] usb 7-1: USB disconnect, device number 4
[  230.321321][   T46] wlan1: Trigger new scan to find an IBSS to join
[  230.401248][ T5973] Bluetooth: hci0: command 0x0406 tx timeout
[  230.939102][T10652] netlink: 'syz.2.1236': attribute type 4 has an invalid length.
[  230.944039][T10652] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1236'.
[  230.944136][T10651] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1238'.
[  230.961687][ T5973] Bluetooth: hci3: command 0x0406 tx timeout
[  230.963214][ T5959] Bluetooth: hci2: command 0x0406 tx timeout
[  230.998457][T10644] netlink: 276 bytes leftover after parsing attributes in process `syz.2.1236'.
[  231.001839][   T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  231.007857][T10644] netlink: 276 bytes leftover after parsing attributes in process `syz.2.1236'.
[  231.607999][T10673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1240'.
[  231.678070][T10673] fuse: Unknown parameter 'user_i00000000000000000000'
[  231.692764][   T40] audit: type=1800 audit(1745549186.405:303): pid=10673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1240" name="file1" dev="tmpfs" ino=1635 res=0 errno=0
[  231.872912][ T5959] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15
[  231.875627][ T5959] Bluetooth: hci2: Unable to find connection for dst 00:00:00:00:00:00 sid 0x00
[  231.882302][T10683] input: syz1 as /devices/virtual/input/input10
[  233.041489][ T5959] Bluetooth: hci3: command 0x0406 tx timeout
[  233.041541][ T5973] Bluetooth: hci2: command 0x0406 tx timeout
[  234.241381][ T1138] wlan1: Trigger new scan to find an IBSS to join
[  235.124086][   T12] wlan1: Creating new IBSS network, BSSID 3a:0b:c9:21:34:5f
[  238.369867][T10707] FAULT_INJECTION: forcing a failure.
[  238.369867][T10707] name failslab, interval 1, probability 0, space 0, times 0
[  238.374019][T10707] CPU: 2 UID: 0 PID: 10707 Comm: syz.1.1246 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  238.374034][T10707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.374041][T10707] Call Trace:
[  238.374045][T10707]  <TASK>
[  238.374049][T10707]  dump_stack_lvl+0x16c/0x1f0
[  238.374067][T10707]  should_fail_ex+0x512/0x640
[  238.374080][T10707]  ? __kmalloc_noprof+0xbf/0x510
[  238.374093][T10707]  ? ieee80211_alloc_chanctx+0xa1/0x550
[  238.374108][T10707]  should_failslab+0xc2/0x120
[  238.374122][T10707]  __kmalloc_noprof+0xd2/0x510
[  238.374137][T10707]  ieee80211_alloc_chanctx+0xa1/0x550
[  238.374152][T10707]  ieee80211_new_chanctx+0x84/0x320
[  238.374168][T10707]  _ieee80211_link_use_channel+0x903/0xd40
[  238.374185][T10707]  ? kasan_save_stack+0x42/0x60
[  238.374196][T10707]  ? kasan_save_stack+0x33/0x60
[  238.374207][T10707]  ? __pfx__ieee80211_link_use_channel+0x10/0x10
[  238.374222][T10707]  ? genl_family_rcv_msg_doit+0x206/0x2f0
[  238.374239][T10707]  ? genl_rcv_msg+0x55c/0x800
[  238.374247][T10707]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  238.374269][T10707]  ieee80211_start_ap+0x124d/0x3130
[  238.374289][T10707]  ? __pfx_ieee80211_start_ap+0x10/0x10
[  238.374307][T10707]  ? cfg80211_reg_check_beaconing+0x208/0xea0
[  238.374324][T10707]  ? cfg80211_find_elem_match+0x1aa/0x1f0
[  238.374340][T10707]  nl80211_start_ap+0x2af8/0x4700
[  238.374358][T10707]  ? __rtnl_unlock+0x68/0xf0
[  238.374373][T10707]  ? __pfx_nl80211_start_ap+0x10/0x10
[  238.374387][T10707]  ? ref_tracker_alloc+0x305/0x5b0
[  238.374401][T10707]  ? __pfx_netdev_run_todo+0x10/0x10
[  238.374415][T10707]  ? __pfx___mutex_lock+0x10/0x10
[  238.374435][T10707]  ? __nla_parse+0x40/0x60
[  238.374451][T10707]  ? nl80211_pre_doit+0x1b0/0xb10
[  238.374467][T10707]  genl_family_rcv_msg_doit+0x206/0x2f0
[  238.374484][T10707]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  238.374501][T10707]  ? trace_cap_capable+0x18d/0x200
[  238.374515][T10707]  ? bpf_lsm_capable+0x9/0x10
[  238.374526][T10707]  ? security_capable+0x7e/0x260
[  238.374537][T10707]  ? ns_capable+0xd7/0x110
[  238.374550][T10707]  genl_rcv_msg+0x55c/0x800
[  238.374561][T10707]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.374570][T10707]  ? __pfx___dev_queue_xmit+0x10/0x10
[  238.374581][T10707]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  238.374594][T10707]  ? __pfx_nl80211_start_ap+0x10/0x10
[  238.374607][T10707]  ? __pfx_nl80211_post_doit+0x10/0x10
[  238.374623][T10707]  ? __lock_acquire+0xaa4/0x1ba0
[  238.374639][T10707]  netlink_rcv_skb+0x16a/0x440
[  238.374654][T10707]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.374664][T10707]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  238.374685][T10707]  ? __pfx_down_read+0x10/0x10
[  238.374694][T10707]  ? netlink_deliver_tap+0x1ae/0xd30
[  238.374710][T10707]  genl_rcv+0x28/0x40
[  238.374724][T10707]  netlink_unicast+0x53a/0x7f0
[  238.374740][T10707]  ? __pfx_netlink_unicast+0x10/0x10
[  238.374759][T10707]  netlink_sendmsg+0x8d1/0xdd0
[  238.374775][T10707]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.374791][T10707]  ? __import_iovec+0x1c8/0x660
[  238.374807][T10707]  ____sys_sendmsg+0xa95/0xc70
[  238.374818][T10707]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.374828][T10707]  ? get_compat_msghdr+0x11a/0x170
[  238.374844][T10707]  ? find_held_lock+0x2b/0x80
[  238.374855][T10707]  ___sys_sendmsg+0x134/0x1d0
[  238.374870][T10707]  ? __pfx____sys_sendmsg+0x10/0x10
[  238.374899][T10707]  __sys_sendmsg+0x16d/0x220
[  238.374913][T10707]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.374930][T10707]  ? rcu_is_watching+0x12/0xc0
[  238.374941][T10707]  ? rcu_is_watching+0x12/0xc0
[  238.374953][T10707]  __do_fast_syscall_32+0x73/0x120
[  238.374970][T10707]  do_fast_syscall_32+0x32/0x80
[  238.374985][T10707]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  238.374998][T10707] RIP: 0023:0xf710e579
[  238.375006][T10707] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  238.375019][T10707] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  238.375029][T10707] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  238.375035][T10707] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  238.375041][T10707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.375046][T10707] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  238.375052][T10707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  238.375065][T10707]  </TASK>
[  238.453429][T10713] loop2: detected capacity change from 0 to 7
[  238.554332][ T5971] Dev loop2: unable to read RDB block 7
[  238.556149][ T5971]  loop2: unable to read partition table
[  238.558008][ T5971] loop2: partition table beyond EOD, truncated
[  238.595287][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  238.596448][T10713] Dev loop2: unable to read RDB block 7
[  238.599455][T10713]  loop2: unable to read partition table
[  238.601499][T10713] loop2: partition table beyond EOD, truncated
[  238.603456][T10713] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  238.607926][ T5366] Dev loop2: unable to read RDB block 7
[  238.610248][ T5366]  loop2: unable to read partition table
[  238.613356][ T5366] loop2: partition table beyond EOD, truncated
[  238.689550][ T5973] Bluetooth: hci3: unexpected event for opcode 0x040e
[  239.420127][T10735] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1254'.
[  240.965625][T10757] FAULT_INJECTION: forcing a failure.
[  240.965625][T10757] name failslab, interval 1, probability 0, space 0, times 0
[  240.969656][T10757] CPU: 2 UID: 0 PID: 10757 Comm: syz.1.1256 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  240.969670][T10757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  240.969677][T10757] Call Trace:
[  240.969680][T10757]  <TASK>
[  240.969685][T10757]  dump_stack_lvl+0x16c/0x1f0
[  240.969703][T10757]  should_fail_ex+0x512/0x640
[  240.969716][T10757]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  240.969730][T10757]  should_failslab+0xc2/0x120
[  240.969744][T10757]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  240.969756][T10757]  ? __alloc_skb+0x2b2/0x380
[  240.969772][T10757]  __alloc_skb+0x2b2/0x380
[  240.969784][T10757]  ? __pfx___alloc_skb+0x10/0x10
[  240.969798][T10757]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  240.969815][T10757]  netlink_alloc_large_skb+0x69/0x130
[  240.969831][T10757]  netlink_sendmsg+0x6a1/0xdd0
[  240.969847][T10757]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.969863][T10757]  ? __import_iovec+0x1c8/0x660
[  240.969879][T10757]  ____sys_sendmsg+0xa95/0xc70
[  240.969890][T10757]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.969900][T10757]  ? get_compat_msghdr+0x11a/0x170
[  240.969921][T10757]  ___sys_sendmsg+0x134/0x1d0
[  240.969935][T10757]  ? __pfx____sys_sendmsg+0x10/0x10
[  240.969963][T10757]  __sys_sendmsg+0x16d/0x220
[  240.969977][T10757]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.969996][T10757]  ? rcu_is_watching+0x12/0xc0
[  240.970009][T10757]  __do_fast_syscall_32+0x73/0x120
[  240.970025][T10757]  do_fast_syscall_32+0x32/0x80
[  240.970040][T10757]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.970053][T10757] RIP: 0023:0xf710e579
[  240.970061][T10757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.970071][T10757] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  240.970081][T10757] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  240.970087][T10757] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.970093][T10757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.970098][T10757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  240.970104][T10757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.970116][T10757]  </TASK>
[  241.449898][T10770] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.551560][T10773] netlink: 552 bytes leftover after parsing attributes in process `syz.0.1260'.
[  241.554523][T10773] netlink: 552 bytes leftover after parsing attributes in process `syz.0.1260'.
[  241.587059][T10770] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.706131][T10770] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.819447][T10770] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.043886][T10770] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.053096][T10770] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.060233][T10770] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.073780][T10770] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.460346][T10784] netlink: 'syz.1.1263': attribute type 4 has an invalid length.
[  242.476993][T10784] netlink: 'syz.1.1263': attribute type 4 has an invalid length.
[  242.947351][ T5973] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  243.038070][T10798] ptm ptm51: ldisc open failed (-12), clearing slot 51
[  243.171763][T10813] FAULT_INJECTION: forcing a failure.
[  243.171763][T10813] name failslab, interval 1, probability 0, space 0, times 0
[  243.175648][T10813] CPU: 2 UID: 0 PID: 10813 Comm: syz.2.1271 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  243.175663][T10813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.175669][T10813] Call Trace:
[  243.175673][T10813]  <TASK>
[  243.175677][T10813]  dump_stack_lvl+0x16c/0x1f0
[  243.175696][T10813]  should_fail_ex+0x512/0x640
[  243.175708][T10813]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  243.175723][T10813]  should_failslab+0xc2/0x120
[  243.175737][T10813]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  243.175749][T10813]  ? __alloc_skb+0x2b2/0x380
[  243.175765][T10813]  __alloc_skb+0x2b2/0x380
[  243.175777][T10813]  ? __pfx___alloc_skb+0x10/0x10
[  243.175791][T10813]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  243.175809][T10813]  netlink_alloc_large_skb+0x69/0x130
[  243.175824][T10813]  netlink_sendmsg+0x6a1/0xdd0
[  243.175841][T10813]  ? __pfx_netlink_sendmsg+0x10/0x10
[  243.175856][T10813]  ? __import_iovec+0x1c8/0x660
[  243.175872][T10813]  ____sys_sendmsg+0xa95/0xc70
[  243.175883][T10813]  ? __pfx_____sys_sendmsg+0x10/0x10
[  243.175896][T10813]  ? get_compat_msghdr+0x11a/0x170
[  243.175915][T10813]  ___sys_sendmsg+0x134/0x1d0
[  243.175929][T10813]  ? __pfx____sys_sendmsg+0x10/0x10
[  243.175957][T10813]  __sys_sendmsg+0x16d/0x220
[  243.175971][T10813]  ? __pfx___sys_sendmsg+0x10/0x10
[  243.175990][T10813]  ? rcu_is_watching+0x12/0xc0
[  243.176003][T10813]  __do_fast_syscall_32+0x73/0x120
[  243.176019][T10813]  do_fast_syscall_32+0x32/0x80
[  243.176034][T10813]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.176047][T10813] RIP: 0023:0xf711e579
[  243.176055][T10813] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.176065][T10813] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  243.176074][T10813] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  243.176081][T10813] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  243.176086][T10813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.176092][T10813] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.176098][T10813] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.176110][T10813]  </TASK>
[  243.878875][T10849] loop2: detected capacity change from 0 to 7
[  243.891587][T10849] Dev loop2: unable to read RDB block 7
[  243.893929][T10849]  loop2: unable to read partition table
[  243.896489][T10849] loop2: partition table beyond EOD, truncated
[  243.899034][T10849] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  244.001639][ T5973] Bluetooth: hci3: unexpected event for opcode 0x040e
[  244.275367][T10857] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1279'.
[  244.278320][T10857] FAULT_INJECTION: forcing a failure.
[  244.278320][T10857] name failslab, interval 1, probability 0, space 0, times 0
[  244.282470][T10857] CPU: 3 UID: 0 PID: 10857 Comm: syz.1.1279 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  244.282484][T10857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.282491][T10857] Call Trace:
[  244.282495][T10857]  <TASK>
[  244.282499][T10857]  dump_stack_lvl+0x16c/0x1f0
[  244.282518][T10857]  should_fail_ex+0x512/0x640
[  244.282530][T10857]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  244.282546][T10857]  should_failslab+0xc2/0x120
[  244.282560][T10857]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  244.282572][T10857]  ? __alloc_skb+0x2b2/0x380
[  244.282587][T10857]  __alloc_skb+0x2b2/0x380
[  244.282600][T10857]  ? __pfx___alloc_skb+0x10/0x10
[  244.282614][T10857]  ? if_nlmsg_size+0x475/0xaf0
[  244.282630][T10857]  rtmsg_ifinfo_build_skb+0x81/0x280
[  244.282649][T10857]  rtnetlink_event+0xf3/0x1f0
[  244.282665][T10857]  notifier_call_chain+0xb9/0x410
[  244.282679][T10857]  ? __pfx_rtnetlink_event+0x10/0x10
[  244.282696][T10857]  call_netdevice_notifiers_info+0xbe/0x140
[  244.282708][T10857]  netif_set_mac_address+0x378/0x4a0
[  244.282724][T10857]  ? __pfx_netif_set_mac_address+0x10/0x10
[  244.282740][T10857]  ? __pfx_down_write+0x10/0x10
[  244.282755][T10857]  ? __kmalloc_noprof+0x242/0x510
[  244.282767][T10857]  ? __irq_work_queue_local+0x31/0x450
[  244.282784][T10857]  do_setlink.constprop.0+0x9f1/0x44b0
[  244.282802][T10857]  ? __lock_acquire+0xaa4/0x1ba0
[  244.282816][T10857]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  244.282834][T10857]  ? __mutex_trylock_common+0xe9/0x250
[  244.282850][T10857]  ? __pfx___mutex_trylock_common+0x10/0x10
[  244.282865][T10857]  ? __pfx___might_resched+0x10/0x10
[  244.282878][T10857]  ? rcu_is_watching+0x12/0xc0
[  244.282889][T10857]  ? trace_contention_end+0xdd/0x130
[  244.282904][T10857]  ? __mutex_lock+0x1ca/0xb90
[  244.282918][T10857]  ? rcu_is_watching+0x12/0xc0
[  244.282928][T10857]  ? rtnl_newlink+0x600/0x2000
[  244.282940][T10857]  ? trace_cap_capable+0x18d/0x200
[  244.282952][T10857]  ? __pfx___mutex_lock+0x10/0x10
[  244.282966][T10857]  ? apparmor_capable+0x114/0x1d0
[  244.282982][T10857]  ? netlink_ns_capable+0xfa/0x130
[  244.282997][T10857]  rtnl_newlink+0x1446/0x2000
[  244.283015][T10857]  ? __pfx_rtnl_newlink+0x10/0x10
[  244.283030][T10857]  ? kasan_quarantine_put+0x10a/0x240
[  244.283041][T10857]  ? lockdep_hardirqs_on+0x7c/0x110
[  244.283058][T10857]  ? kfree_skbmem+0x1a4/0x1f0
[  244.283070][T10857]  ? __lock_acquire+0x5ca/0x1ba0
[  244.283085][T10857]  ? rcu_is_watching+0x12/0xc0
[  244.283095][T10857]  ? trace_cap_capable+0x18d/0x200
[  244.283108][T10857]  ? find_held_lock+0x2b/0x80
[  244.283118][T10857]  ? __pfx_rtnl_newlink+0x10/0x10
[  244.283131][T10857]  ? __pfx_rtnl_newlink+0x10/0x10
[  244.283144][T10857]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  244.283163][T10857]  ? __pfx_rtnl_newlink+0x10/0x10
[  244.283177][T10857]  rtnetlink_rcv_msg+0x95b/0xe90
[  244.283193][T10857]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.283213][T10857]  netlink_rcv_skb+0x16a/0x440
[  244.283228][T10857]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.283243][T10857]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  244.283265][T10857]  ? netlink_deliver_tap+0x1ae/0xd30
[  244.283281][T10857]  netlink_unicast+0x53a/0x7f0
[  244.283297][T10857]  ? __pfx_netlink_unicast+0x10/0x10
[  244.283316][T10857]  netlink_sendmsg+0x8d1/0xdd0
[  244.283332][T10857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.283348][T10857]  ? __import_iovec+0x1c8/0x660
[  244.283365][T10857]  ____sys_sendmsg+0xa95/0xc70
[  244.283376][T10857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.283385][T10857]  ? get_compat_msghdr+0x11a/0x170
[  244.283404][T10857]  ___sys_sendmsg+0x134/0x1d0
[  244.283419][T10857]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.283448][T10857]  __sys_sendmsg+0x16d/0x220
[  244.283462][T10857]  ? __pfx___sys_sendmsg+0x10/0x10
[  244.283481][T10857]  ? rcu_is_watching+0x12/0xc0
[  244.283493][T10857]  __do_fast_syscall_32+0x73/0x120
[  244.283509][T10857]  do_fast_syscall_32+0x32/0x80
[  244.283524][T10857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.283537][T10857] RIP: 0023:0xf710e579
[  244.283545][T10857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.283555][T10857] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  244.283586][T10857] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  244.283597][T10857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  244.283603][T10857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.283608][T10857] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  244.283614][T10857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.283627][T10857]  </TASK>
[  244.602478][T10860] netlink: 'syz.0.1278': attribute type 4 has an invalid length.
[  244.617871][T10860] netlink: 'syz.0.1278': attribute type 4 has an invalid length.
[  244.690984][T10866] "syz.1.1280" (10866) uses obsolete ecb(arc4) skcipher
[  244.853797][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.859501][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.865250][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.869829][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.874373][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.880686][T10871] netlink: 'syz.3.1273': attribute type 3 has an invalid length.
[  244.889628][T10871] capability: warning: `syz.3.1273' uses deprecated v2 capabilities in a way that may be insecure
[  245.095952][T10875] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1282'.
[  245.921385][ T5973] Bluetooth: hci2: unexpected event for opcode 0x040e
[  247.258114][T10938] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1295'.
[  248.266052][T10954] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.406335][T10954] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.481097][T10960] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1298'.
[  248.493351][   T40] audit: type=1326 audit(1745549203.205:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10956 comm="syz.0.1298" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x0
[  248.564657][T10954] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.648267][T10954] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.749597][T10954] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.757077][T10954] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.765287][T10954] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.771389][T10954] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.668940][T11001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1311'.
[  250.713765][T11001] fuse: Bad value for 'fd'
[  250.715977][   T40] audit: type=1800 audit(1745549205.425:305): pid=11001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1311" name="file1" dev="tmpfs" ino=1973 res=0 errno=0
[  250.915430][   T29] libceph: connect (1)[c::]:6789 error -101
[  250.917406][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  250.952034][T11010] ceph: No mds server is up or the cluster is laggy
[  252.781876][T11050] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1323'.
[  252.822713][T11050] fuse: Bad value for 'fd'
[  252.851365][   T40] audit: type=1800 audit(1745549207.535:306): pid=11050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1323" name="file1" dev="tmpfs" ino=1989 res=0 errno=0
[  253.046587][T11063] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1330'.
[  253.133425][ T6239] libceph: connect (1)[c::]:6789 error -101
[  253.135571][ T6239] libceph: mon0 (1)[c::]:6789 connect error
[  253.177718][T11066] ceph: No mds server is up or the cluster is laggy
[  253.231476][T11075] FAULT_INJECTION: forcing a failure.
[  253.231476][T11075] name failslab, interval 1, probability 0, space 0, times 0
[  253.235352][T11075] CPU: 0 UID: 0 PID: 11075 Comm: syz.2.1333 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  253.235366][T11075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.235373][T11075] Call Trace:
[  253.235377][T11075]  <TASK>
[  253.235382][T11075]  dump_stack_lvl+0x16c/0x1f0
[  253.235400][T11075]  should_fail_ex+0x512/0x640
[  253.235413][T11075]  ? __kmalloc_node_noprof+0xc5/0x500
[  253.235427][T11075]  should_failslab+0xc2/0x120
[  253.235441][T11075]  __kmalloc_node_noprof+0xd8/0x500
[  253.235453][T11075]  ? find_held_lock+0x2b/0x80
[  253.235464][T11075]  ? qdisc_alloc+0xbb/0xc50
[  253.235479][T11075]  qdisc_alloc+0xbb/0xc50
[  253.235508][T11075]  ? _raw_read_unlock+0x28/0x50
[  253.235524][T11075]  qdisc_create+0x71/0xfa0
[  253.235536][T11075]  tc_modify_qdisc+0x1287/0x2100
[  253.235549][T11075]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  253.235571][T11075]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  253.235582][T11075]  rtnetlink_rcv_msg+0x3c6/0xe90
[  253.235598][T11075]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  253.235619][T11075]  netlink_rcv_skb+0x16a/0x440
[  253.235634][T11075]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  253.235649][T11075]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.235671][T11075]  ? netlink_deliver_tap+0x1ae/0xd30
[  253.235687][T11075]  netlink_unicast+0x53a/0x7f0
[  253.235703][T11075]  ? __pfx_netlink_unicast+0x10/0x10
[  253.235722][T11075]  netlink_sendmsg+0x8d1/0xdd0
[  253.235738][T11075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.235754][T11075]  ? __import_iovec+0x1c8/0x660
[  253.235771][T11075]  ____sys_sendmsg+0xa95/0xc70
[  253.235782][T11075]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.235791][T11075]  ? get_compat_msghdr+0x11a/0x170
[  253.235811][T11075]  ___sys_sendmsg+0x134/0x1d0
[  253.235825][T11075]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.235858][T11075]  __sys_sendmsg+0x16d/0x220
[  253.235872][T11075]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.235891][T11075]  ? rcu_is_watching+0x12/0xc0
[  253.235904][T11075]  __do_fast_syscall_32+0x73/0x120
[  253.235920][T11075]  do_fast_syscall_32+0x32/0x80
[  253.235935][T11075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.235948][T11075] RIP: 0023:0xf711e579
[  253.235956][T11075] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.235966][T11075] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  253.235976][T11075] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800007c0
[  253.235982][T11075] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.235987][T11075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.235993][T11075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.235999][T11075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.236011][T11075]  </TASK>
[  253.430812][T11079] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1334'.
[  253.483711][T11079] fuse: Unknown parameter '0x0000000000000009'
[  253.489188][   T40] audit: type=1800 audit(1745549208.195:307): pid=11079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1334" name="file1" dev="tmpfs" ino=1783 res=0 errno=0
[  254.053420][T11089] trusted_key: encrypted_key: insufficient parameters specified
[  254.365980][T11103] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  254.371491][T11103] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  254.435241][T11107] 9pnet_virtio: no channels available for device syz
[  254.795895][T11123] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1348'.
[  254.927600][ T6018] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  255.112466][ T6018] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  255.115540][ T6018] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  255.118247][ T6018] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  255.123025][ T6018] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  255.125562][ T6018] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.127853][ T6018] usb 6-1: Product: syz
[  255.129059][ T6018] usb 6-1: Manufacturer: syz
[  255.130399][ T6018] usb 6-1: SerialNumber: syz
[  255.134213][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  255.136628][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  255.136974][ T6018] usb 6-1: config 0 descriptor??
[  255.344896][ T6018] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  255.788853][T11143] FAULT_INJECTION: forcing a failure.
[  255.788853][T11143] name failslab, interval 1, probability 0, space 0, times 0
[  255.795384][T11143] CPU: 1 UID: 0 PID: 11143 Comm: syz.3.1353 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  255.795400][T11143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.795406][T11143] Call Trace:
[  255.795410][T11143]  <TASK>
[  255.795414][T11143]  dump_stack_lvl+0x16c/0x1f0
[  255.795433][T11143]  should_fail_ex+0x512/0x640
[  255.795445][T11143]  ? fs_reclaim_acquire+0xae/0x150
[  255.795480][T11143]  should_failslab+0xc2/0x120
[  255.795495][T11143]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  255.795509][T11143]  ? security_inode_alloc+0x3b/0x2b0
[  255.795523][T11143]  security_inode_alloc+0x3b/0x2b0
[  255.795534][T11143]  inode_init_always_gfp+0xce4/0x1030
[  255.795547][T11143]  ? __pfx_ovl_inode_set+0x10/0x10
[  255.795562][T11143]  alloc_inode+0x86/0x240
[  255.795575][T11143]  iget5_locked+0x338/0x3d0
[  255.795588][T11143]  ? __pfx_ovl_inode_test+0x10/0x10
[  255.795603][T11143]  ? __pfx_ovl_inode_set+0x10/0x10
[  255.795618][T11143]  ? __pfx_iget5_locked+0x10/0x10
[  255.795632][T11143]  ? __lock_acquire+0xaa4/0x1ba0
[  255.795651][T11143]  ovl_get_inode+0xce9/0x13d0
[  255.795663][T11143]  ? __pfx_ovl_get_inode+0x10/0x10
[  255.795680][T11143]  ? do_raw_spin_unlock+0x172/0x230
[  255.795690][T11143]  ? _raw_spin_unlock+0x28/0x50
[  255.795704][T11143]  ovl_lookup+0xbe5/0x2270
[  255.795718][T11143]  ? __pfx_ovl_lookup+0x10/0x10
[  255.795728][T11143]  ? d_alloc_parallel+0x6ae/0x12e0
[  255.795743][T11143]  ? mark_lock+0x32d/0x610
[  255.795759][T11143]  ? __pfx_d_alloc_parallel+0x10/0x10
[  255.795782][T11143]  ? lockdep_init_map_type+0x5c/0x280
[  255.795799][T11143]  __lookup_slow+0x24e/0x460
[  255.795813][T11143]  ? __pfx___lookup_slow+0x10/0x10
[  255.795835][T11143]  ? lookup_fast+0x156/0x610
[  255.795853][T11143]  walk_component+0x353/0x5b0
[  255.795869][T11143]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  255.795891][T11143]  path_parentat+0xad/0x1b0
[  255.795900][T11143]  __filename_parentat+0x22f/0x680
[  255.795909][T11143]  ? __ia32_sys_rmdir+0xaf/0x110
[  255.795921][T11143]  ? __pfx___filename_parentat+0x10/0x10
[  255.795944][T11143]  ? find_held_lock+0x2b/0x80
[  255.795956][T11143]  do_rmdir+0xd7/0x3c0
[  255.795967][T11143]  ? __pfx_do_rmdir+0x10/0x10
[  255.795982][T11143]  ? getname_flags.part.0+0x1c5/0x550
[  255.795997][T11143]  __ia32_sys_rmdir+0xc4/0x110
[  255.796008][T11143]  __do_fast_syscall_32+0x73/0x120
[  255.796024][T11143]  do_fast_syscall_32+0x32/0x80
[  255.796039][T11143]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.796052][T11143] RIP: 0023:0xf703e579
[  255.796060][T11143] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.796070][T11143] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000028
[  255.796081][T11143] RAX: ffffffffffffffda RBX: 0000000080000380 RCX: 0000000000000000
[  255.796087][T11143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.796092][T11143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.796098][T11143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.796104][T11143] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.796116][T11143]  </TASK>
[  255.796284][T11143] overlayfs: failed to get inode (-12)
[  256.345518][T11153] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1357'.
[  257.269584][T11199] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.344873][T11199] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.404917][T11199] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.423611][T11206] dccp_close: ABORT with 4322 bytes unread
[  257.479361][T11199] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.563205][T11199] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.570209][T11199] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.578726][T11199] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.588351][T11199] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.603332][   T34] usb 6-1: USB disconnect, device number 6
[  257.608013][T11168] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  257.610510][T11168] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  257.616780][T11168] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  257.621189][T11168] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  257.625446][T11168] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  257.629424][T11168] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  258.447781][T11252] FAULT_INJECTION: forcing a failure.
[  258.447781][T11252] name failslab, interval 1, probability 0, space 0, times 0
[  258.452388][T11252] CPU: 1 UID: 0 PID: 11252 Comm: syz.2.1374 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  258.452414][T11252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.452420][T11252] Call Trace:
[  258.452424][T11252]  <TASK>
[  258.452428][T11252]  dump_stack_lvl+0x16c/0x1f0
[  258.452447][T11252]  should_fail_ex+0x512/0x640
[  258.452459][T11252]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  258.452474][T11252]  should_failslab+0xc2/0x120
[  258.452488][T11252]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  258.452501][T11252]  ? __alloc_skb+0x2b2/0x380
[  258.452516][T11252]  __alloc_skb+0x2b2/0x380
[  258.452528][T11252]  ? __pfx___alloc_skb+0x10/0x10
[  258.452540][T11252]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  258.452555][T11252]  netlink_ack+0x15d/0xb80
[  258.452574][T11252]  netlink_rcv_skb+0x347/0x440
[  258.452589][T11252]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  258.452604][T11252]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  258.452626][T11252]  ? netlink_deliver_tap+0x1ae/0xd30
[  258.452643][T11252]  netlink_unicast+0x53a/0x7f0
[  258.452658][T11252]  ? __pfx_netlink_unicast+0x10/0x10
[  258.452677][T11252]  netlink_sendmsg+0x8d1/0xdd0
[  258.452693][T11252]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.452709][T11252]  ? __import_iovec+0x1c8/0x660
[  258.452725][T11252]  ____sys_sendmsg+0xa95/0xc70
[  258.452736][T11252]  ? __pfx_____sys_sendmsg+0x10/0x10
[  258.452745][T11252]  ? get_compat_msghdr+0x11a/0x170
[  258.452780][T11252]  ___sys_sendmsg+0x134/0x1d0
[  258.452794][T11252]  ? __pfx____sys_sendmsg+0x10/0x10
[  258.452824][T11252]  __sys_sendmsg+0x16d/0x220
[  258.452838][T11252]  ? __pfx___sys_sendmsg+0x10/0x10
[  258.452857][T11252]  ? rcu_is_watching+0x12/0xc0
[  258.452869][T11252]  __do_fast_syscall_32+0x73/0x120
[  258.452886][T11252]  do_fast_syscall_32+0x32/0x80
[  258.452901][T11252]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.452913][T11252] RIP: 0023:0xf711e579
[  258.452922][T11252] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  258.452932][T11252] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  258.452942][T11252] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800007c0
[  258.452948][T11252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  258.452954][T11252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.452960][T11252] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  258.452965][T11252] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.452978][T11252]  </TASK>
[  258.679829][T11259] capability: warning: `syz.1.1373' uses 32-bit capabilities (legacy support in use)
[  258.812944][T11263] loop7: detected capacity change from 0 to 16384
[  258.866794][T11262] Dev loop7: unable to read RDB block 8
[  258.868606][T11262]  loop7: unable to read partition table
[  258.870363][T11262] loop_reread_partitions: partition scan of loop7 (îÝ·ÂU@™:ÖB$Œ{
WÎÉ´å) failed (rc=-5)
[  259.298634][   T34] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  259.472479][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  259.475786][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  259.478671][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  259.496170][   T34] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  259.498893][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.501700][   T34] usb 5-1: Product: syz
[  259.503112][   T34] usb 5-1: Manufacturer: syz
[  259.504586][   T34] usb 5-1: SerialNumber: syz
[  259.511669][   T34] usb 5-1: config 0 descriptor??
[  259.724782][   T34] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  260.722036][T11303] loop2: detected capacity change from 0 to 7
[  260.731922][T11303] Dev loop2: unable to read RDB block 7
[  260.733828][T11303]  loop2: unable to read partition table
[  260.736547][T11303] loop2: partition table beyond EOD, truncated
[  260.738629][T11303] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  261.214490][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1391'.
[  261.284021][T11312] fuse: Unknown parameter 'fd0x0000000000000009'
[  261.287337][   T40] audit: type=1800 audit(1745549215.995:308): pid=11312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1391" name="file1" dev="tmpfs" ino=1866 res=0 errno=0
[  262.006574][  T835] usb 5-1: USB disconnect, device number 5
[  262.506934][T10829] Bluetooth: hci4: Frame reassembly failed (-84)
[  262.545694][T11340] loop2: detected capacity change from 0 to 7
[  262.551887][T11340] Dev loop2: unable to read RDB block 7
[  262.553816][T11340]  loop2: unable to read partition table
[  262.556317][T11340] loop2: partition table beyond EOD, truncated
[  262.558577][T11340] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  262.584083][T11342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1401'.
[  262.635235][T11342] fuse: Unknown parameter 'fd0x0000000000000009'
[  262.638436][   T40] audit: type=1800 audit(1745549217.345:309): pid=11342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1401" name="file1" dev="tmpfs" ino=2060 res=0 errno=0
[  262.763949][T11351] loop2: detected capacity change from 0 to 7
[  262.771752][T11351] Dev loop2: unable to read RDB block 7
[  262.777776][T11351]  loop2: unable to read partition table
[  262.783881][T11351] loop2: partition table beyond EOD, truncated
[  262.785988][T11351] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  262.917698][T11360] xt_ecn: cannot match TCP bits for non-tcp packets
[  263.193511][   T40] audit: type=1800 audit(1745549217.905:310): pid=11365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1408" name="bus" dev="9p" ino=36831599 res=0 errno=0
[  263.194457][T11365] FAULT_INJECTION: forcing a failure.
[  263.194457][T11365] name failslab, interval 1, probability 0, space 0, times 0
[  263.204708][T11365] CPU: 1 UID: 0 PID: 11365 Comm: syz.3.1408 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  263.204723][T11365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.204730][T11365] Call Trace:
[  263.204734][T11365]  <TASK>
[  263.204738][T11365]  dump_stack_lvl+0x16c/0x1f0
[  263.204757][T11365]  should_fail_ex+0x512/0x640
[  263.204769][T11365]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  263.204786][T11365]  should_failslab+0xc2/0x120
[  263.204800][T11365]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  263.204812][T11365]  ? io_submit_one+0x122/0x1da0
[  263.204830][T11365]  io_submit_one+0x122/0x1da0
[  263.204846][T11365]  ? __lock_acquire+0xaa4/0x1ba0
[  263.204863][T11365]  ? __pfx_io_submit_one+0x10/0x10
[  263.204883][T11365]  ? __might_fault+0xe3/0x190
[  263.204895][T11365]  ? __might_fault+0x13b/0x190
[  263.204910][T11365]  ? __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  263.204920][T11365]  __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  263.204931][T11365]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  263.204941][T11365]  ? fput+0x70/0xf0
[  263.204956][T11365]  ? rcu_is_watching+0x12/0xc0
[  263.204968][T11365]  __do_fast_syscall_32+0x73/0x120
[  263.204984][T11365]  do_fast_syscall_32+0x32/0x80
[  263.204999][T11365]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  263.205013][T11365] RIP: 0023:0xf703e579
[  263.205022][T11365] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  263.205036][T11365] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  263.205046][T11365] RAX: ffffffffffffffda RBX: 00000000f7f0d000 RCX: 0000000000000001
[  263.205053][T11365] RDX: 0000000080001d00 RSI: 0000000000000000 RDI: 0000000000000000
[  263.205059][T11365] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  263.205064][T11365] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  263.205070][T11365] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  263.205082][T11365]  </TASK>
[  263.313342][ T6000] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  263.321249][ T6000] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  263.856649][T11389] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1414'.
[  263.861547][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1414'.
[  263.870442][T11389] validate_nla: 43 callbacks suppressed
[  263.870454][T11389] netlink: 'syz.2.1414': attribute type 1 has an invalid length.
[  263.978498][T11392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1415'.
[  264.042949][T11392] fuse: Unknown parameter 'fd0x0000000000000009'
[  264.045691][   T40] audit: type=1800 audit(1745549218.755:311): pid=11392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1415" name="file1" dev="tmpfs" ino=1929 res=0 errno=0
[  264.561514][ T5973] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  264.632723][T11429] loop2: detected capacity change from 0 to 7
[  264.643406][T11429] Dev loop2: unable to read RDB block 7
[  264.645496][T11429]  loop2: unable to read partition table
[  264.648223][T11429] loop2: partition table beyond EOD, truncated
[  264.650347][T11429] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  265.349318][T11453] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1430'.
[  265.353125][T11453] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  265.355749][T11453] FAULT_INJECTION: forcing a failure.
[  265.355749][T11453] name failslab, interval 1, probability 0, space 0, times 0
[  265.359664][T11453] CPU: 3 UID: 0 PID: 11453 Comm: syz.1.1430 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  265.359689][T11453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  265.359696][T11453] Call Trace:
[  265.359700][T11453]  <TASK>
[  265.359704][T11453]  dump_stack_lvl+0x16c/0x1f0
[  265.359722][T11453]  should_fail_ex+0x512/0x640
[  265.359734][T11453]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  265.359749][T11453]  should_failslab+0xc2/0x120
[  265.359763][T11453]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  265.359775][T11453]  ? __alloc_skb+0x2b2/0x380
[  265.359789][T11453]  ? bpf_lsm_capable+0x9/0x10
[  265.359802][T11453]  __alloc_skb+0x2b2/0x380
[  265.359815][T11453]  ? __pfx___alloc_skb+0x10/0x10
[  265.359827][T11453]  ? genl_rcv_msg+0x4f0/0x800
[  265.359836][T11453]  ? genl_rcv_msg+0x4bb/0x800
[  265.359848][T11453]  netlink_ack+0x15d/0xb80
[  265.359863][T11453]  ? __lock_acquire+0xaa4/0x1ba0
[  265.359880][T11453]  netlink_rcv_skb+0x347/0x440
[  265.359895][T11453]  ? __pfx_genl_rcv_msg+0x10/0x10
[  265.359905][T11453]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  265.359926][T11453]  ? __pfx_down_read+0x10/0x10
[  265.359936][T11453]  ? netlink_deliver_tap+0x1ae/0xd30
[  265.359955][T11453]  genl_rcv+0x28/0x40
[  265.359969][T11453]  netlink_unicast+0x53a/0x7f0
[  265.359986][T11453]  ? __pfx_netlink_unicast+0x10/0x10
[  265.359999][T11453]  ? __build_skb_around+0x278/0x3b0
[  265.360011][T11453]  ? __build_skb+0x6e/0x90
[  265.360022][T11453]  ? is_vmalloc_addr+0x30/0x40
[  265.360036][T11453]  netlink_sendmsg+0x8d1/0xdd0
[  265.360053][T11453]  ? __pfx_netlink_sendmsg+0x10/0x10
[  265.360068][T11453]  ? __import_iovec+0x1c8/0x660
[  265.360085][T11453]  ____sys_sendmsg+0xa95/0xc70
[  265.360096][T11453]  ? __pfx_____sys_sendmsg+0x10/0x10
[  265.360105][T11453]  ? get_compat_msghdr+0x11a/0x170
[  265.360124][T11453]  ___sys_sendmsg+0x134/0x1d0
[  265.360139][T11453]  ? __pfx____sys_sendmsg+0x10/0x10
[  265.360168][T11453]  __sys_sendmsg+0x16d/0x220
[  265.360182][T11453]  ? __pfx___sys_sendmsg+0x10/0x10
[  265.360201][T11453]  ? rcu_is_watching+0x12/0xc0
[  265.360213][T11453]  __do_fast_syscall_32+0x73/0x120
[  265.360229][T11453]  do_fast_syscall_32+0x32/0x80
[  265.360244][T11453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  265.360257][T11453] RIP: 0023:0xf710e579
[  265.360265][T11453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  265.360276][T11453] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  265.360285][T11453] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  265.360291][T11453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  265.360297][T11453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  265.360303][T11453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  265.360308][T11453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  265.360321][T11453]  </TASK>
[  265.452739][    C3] vkms_vblank_simulate: vblank timer overrun
[  265.595059][T11455] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1432'.
[  265.597888][T11455] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1432'.
[  265.602146][T11461] FAULT_INJECTION: forcing a failure.
[  265.602146][T11461] name failslab, interval 1, probability 0, space 0, times 0
[  265.606298][T11461] CPU: 3 UID: 0 PID: 11461 Comm: syz.1.1435 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  265.606312][T11461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  265.606319][T11461] Call Trace:
[  265.606323][T11461]  <TASK>
[  265.606327][T11461]  dump_stack_lvl+0x16c/0x1f0
[  265.606345][T11461]  should_fail_ex+0x512/0x640
[  265.606358][T11461]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  265.606371][T11461]  should_failslab+0xc2/0x120
[  265.606385][T11461]  __kmalloc_cache_noprof+0x6a/0x3e0
[  265.606395][T11461]  ? __lock_acquire+0xaa4/0x1ba0
[  265.606409][T11461]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  265.606422][T11461]  tcp_sendmsg_fastopen+0x24d/0x750
[  265.606434][T11461]  tcp_sendmsg_locked+0x203a/0x3930
[  265.606444][T11461]  ? find_held_lock+0x2b/0x80
[  265.606457][T11461]  ? __lock_acquire+0xaa4/0x1ba0
[  265.606475][T11461]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  265.606486][T11461]  ? do_raw_spin_lock+0x12c/0x2b0
[  265.606496][T11461]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  265.606514][T11461]  ? __local_bh_enable_ip+0xa4/0x120
[  265.606529][T11461]  tcp_sendmsg+0x2e/0x50
[  265.606537][T11461]  ? __pfx_tcp_sendmsg+0x10/0x10
[  265.606547][T11461]  inet_sendmsg+0xb9/0x140
[  265.606557][T11461]  __sys_sendto+0x431/0x510
[  265.606570][T11461]  ? __pfx___sys_sendto+0x10/0x10
[  265.606593][T11461]  ? ksys_write+0x1b9/0x240
[  265.606604][T11461]  ? __pfx_ksys_write+0x10/0x10
[  265.606616][T11461]  __ia32_sys_sendto+0xdd/0x1b0
[  265.606628][T11461]  ? lockdep_hardirqs_on+0x7c/0x110
[  265.606642][T11461]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  265.606657][T11461]  __do_fast_syscall_32+0x73/0x120
[  265.606673][T11461]  do_fast_syscall_32+0x32/0x80
[  265.606692][T11461]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  265.606705][T11461] RIP: 0023:0xf710e579
[  265.606713][T11461] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  265.606723][T11461] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  265.606733][T11461] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[  265.606740][T11461] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000
[  265.606746][T11461] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  265.606752][T11461] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  265.606758][T11461] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  265.606770][T11461]  </TASK>
[  265.687081][    C3] vkms_vblank_simulate: vblank timer overrun
[  265.820383][T11472] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.859666][T11476] netlink: 14212 bytes leftover after parsing attributes in process `'.
[  265.885250][T11472] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.891406][T11480] loop2: detected capacity change from 0 to 7
[  265.894478][T11480] Dev loop2: unable to read RDB block 7
[  265.896256][T11480]  loop2: unable to read partition table
[  265.898341][T11480] loop2: partition table beyond EOD, truncated
[  265.900559][T11480] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  265.905233][T11476] tmpfs: Unknown parameter 'usrquota'
[  265.945763][T11472] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.015882][T11472] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.024390][T11486] loop2: detected capacity change from 0 to 7
[  266.028156][T11118] Dev loop2: unable to read RDB block 7
[  266.029928][T11118]  loop2: unable to read partition table
[  266.033600][T11118] loop2: partition table beyond EOD, truncated
[  266.040853][T11486] Dev loop2: unable to read RDB block 7
[  266.042911][T11486]  loop2: unable to read partition table
[  266.045066][T11486] loop2: partition table beyond EOD, truncated
[  266.049104][T11486] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  266.113766][T11472] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.123056][T11472] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.136082][T11472] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.145143][T11472] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.182439][T11494] FAULT_INJECTION: forcing a failure.
[  266.182439][T11494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.186496][T11494] CPU: 1 UID: 0 PID: 11494 Comm: syz.2.1441 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  266.186510][T11494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.186517][T11494] Call Trace:
[  266.186521][T11494]  <TASK>
[  266.186524][T11494]  dump_stack_lvl+0x16c/0x1f0
[  266.186543][T11494]  should_fail_ex+0x512/0x640
[  266.186557][T11494]  _copy_from_iter+0x2a4/0x15b0
[  266.186572][T11494]  ? __alloc_skb+0x200/0x380
[  266.186586][T11494]  ? __pfx__copy_from_iter+0x10/0x10
[  266.186600][T11494]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  266.186619][T11494]  netlink_sendmsg+0x829/0xdd0
[  266.186636][T11494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.186652][T11494]  ? __import_iovec+0x1c8/0x660
[  266.186668][T11494]  ____sys_sendmsg+0xa95/0xc70
[  266.186679][T11494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.186689][T11494]  ? get_compat_msghdr+0x11a/0x170
[  266.186708][T11494]  ___sys_sendmsg+0x134/0x1d0
[  266.186722][T11494]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.186751][T11494]  __sys_sendmsg+0x16d/0x220
[  266.186764][T11494]  ? __pfx___sys_sendmsg+0x10/0x10
[  266.186784][T11494]  ? rcu_is_watching+0x12/0xc0
[  266.186797][T11494]  __do_fast_syscall_32+0x73/0x120
[  266.186813][T11494]  do_fast_syscall_32+0x32/0x80
[  266.186827][T11494]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  266.186840][T11494] RIP: 0023:0xf711e579
[  266.186849][T11494] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  266.186859][T11494] RSP: 002b:00000000f50cc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  266.186868][T11494] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080001780
[  266.186875][T11494] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  266.186881][T11494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  266.186887][T11494] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  266.186892][T11494] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  266.186904][T11494]  </TASK>
[  266.541315][ T6239] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  266.712116][ T6239] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  266.712168][T11503] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1447'.
[  266.715269][ T6239] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  266.718212][T11503] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  266.721016][ T6239] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  266.721029][ T6239] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.742326][ T6239] usb 5-1: config 0 descriptor??
[  266.762186][ T6239] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  266.766052][T11507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1448'.
[  266.771335][ T6239] dvb-usb: bulk message failed: -22 (3/0)
[  266.781717][ T6239] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  266.785407][ T6239] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  266.787657][ T6239] usb 5-1: media controller created
[  266.788301][ T6239] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  266.812345][ T6239] dvb-usb: bulk message failed: -22 (6/0)
[  266.821279][ T6239] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  266.826126][ T6239] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input11
[  266.843649][ T6239] dvb-usb: schedule remote query interval to 150 msecs.
[  266.845819][ T6239] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  266.867089][T11509] tmpfs: Unknown parameter 'usrquota'
[  266.937473][T11514] loop2: detected capacity change from 0 to 7
[  266.947608][T11514] Dev loop2: unable to read RDB block 7
[  266.949501][T11514]  loop2: unable to read partition table
[  266.958128][T11514] loop2: partition table beyond EOD, truncated
[  266.961194][T11514] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  266.984335][ T6239] usb 5-1: USB disconnect, device number 6
[  267.003438][ T6239] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  267.093647][T11519] xt_ecn: cannot match TCP bits for non-tcp packets
[  267.227532][T11524] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.289542][T11524] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.426746][T11524] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.494184][T11524] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.621750][T11534] loop2: detected capacity change from 0 to 7
[  267.631475][T11534] Dev loop2: unable to read RDB block 7
[  267.633269][T11534]  loop2: unable to read partition table
[  267.635191][T11534] loop2: partition table beyond EOD, truncated
[  267.637766][T11534] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  267.643132][T11524] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.646098][   T34] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  267.656498][T11524] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.666028][T11524] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.676221][T11524] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.729094][T11536] __nla_validate_parse: 1 callbacks suppressed
[  267.729106][T11536] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1459'.
[  267.734955][T11536] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  267.767477][T11538] sp0: Synchronizing with TNC
[  267.792359][   T34] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  267.795012][   T34] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  267.798065][   T34] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  267.802432][   T34] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  267.805246][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.807722][   T34] usb 7-1: Product: syz
[  267.809038][   T34] usb 7-1: Manufacturer: syz
[  267.810489][   T34] usb 7-1: SerialNumber: syz
[  267.828741][T11541] loop2: detected capacity change from 0 to 7
[  267.832589][T11117] Dev loop2: unable to read RDB block 7
[  267.834410][T11117]  loop2: unable to read partition table
[  267.837335][T11117] loop2: partition table beyond EOD, truncated
[  267.848397][T11541] Dev loop2: unable to read RDB block 7
[  267.850296][T11541]  loop2: unable to read partition table
[  267.853325][T11541] loop2: partition table beyond EOD, truncated
[  267.855403][T11541] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  268.003507][T11551] sctp: [Deprecated]: syz.1.1466 (pid 11551) Use of int in max_burst socket option deprecated.
[  268.003507][T11551] Use struct sctp_assoc_value instead
[  268.095293][T11554] xt_ecn: cannot match TCP bits for non-tcp packets
[  268.259558][T11557] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1456'.
[  268.262803][T11557] tipc: Started in network mode
[  268.264436][T11557] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  268.267080][T11557] tipc: Enabled bearer <eth:vlan0>, priority 10
[  268.278917][T11557] tipc: Resetting bearer <eth:vlan0>
[  268.317076][T11557] tipc: Disabling bearer <eth:vlan0>
[  269.122671][T11568] loop2: detected capacity change from 0 to 7
[  269.147574][T11568] Dev loop2: unable to read RDB block 7
[  269.150767][T11568]  loop2: unable to read partition table
[  269.153558][T11568] loop2: partition table beyond EOD, truncated
[  269.155859][T11568] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  269.187222][T11570] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1470'.
[  269.190187][T11570] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  269.287397][T11575] loop2: detected capacity change from 0 to 7
[  269.290211][T11575] Dev loop2: unable to read RDB block 7
[  269.294211][T11575]  loop2: unable to read partition table
[  269.298421][T11575] loop2: partition table beyond EOD, truncated
[  269.303696][T11575] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  269.553685][T11586] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.620388][T11586] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.740629][T11586] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.824598][T11586] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.002422][T11602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1480'.
[  270.005121][T11602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1480'.
[  270.011293][   T65] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  270.053297][T11586] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.059322][T11586] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.066560][T11586] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.072783][T11586] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.161260][   T65] usb 6-1: Using ep0 maxpacket: 16
[  270.165834][   T65] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  270.168666][   T65] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.171177][   T65] usb 6-1: Product: syz
[  270.172548][   T65] usb 6-1: Manufacturer: syz
[  270.174136][   T65] usb 6-1: SerialNumber: syz
[  270.179772][   T65] usb 6-1: config 0 descriptor??
[  270.186036][   T65] as10x_usb: device has been detected
[  270.188998][   T65] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  270.202886][   T65] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  270.212018][   T65] as10x_usb: error during firmware upload part1
[  270.215050][   T65] Registered device Sky IT Digital Key (green led)
[  270.383310][T11592] random: crng reseeded on system resumption
[  270.389814][T11592] FAULT_INJECTION: forcing a failure.
[  270.389814][T11592] name failslab, interval 1, probability 0, space 0, times 0
[  270.396172][T11592] CPU: 2 UID: 0 PID: 11592 Comm: syz.1.1477 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  270.396194][T11592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.396204][T11592] Call Trace:
[  270.396211][T11592]  <TASK>
[  270.396217][T11592]  dump_stack_lvl+0x16c/0x1f0
[  270.396244][T11592]  should_fail_ex+0x512/0x640
[  270.396267][T11592]  should_failslab+0xc2/0x120
[  270.396288][T11592]  __kmalloc_cache_noprof+0x6a/0x3e0
[  270.396304][T11592]  ? do_raw_spin_lock+0x12c/0x2b0
[  270.396317][T11592]  ? find_held_lock+0x2b/0x80
[  270.396332][T11592]  ? async_schedule_node_domain+0x54/0x120
[  270.396354][T11592]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  270.396375][T11592]  async_schedule_node_domain+0x54/0x120
[  270.396396][T11592]  dev_cache_fw_image+0x38e/0x490
[  270.396416][T11592]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  270.396440][T11592]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  270.396459][T11592]  dpm_for_each_dev+0x5a/0xb0
[  270.396478][T11592]  fw_pm_notify+0x81/0x150
[  270.396495][T11592]  notifier_call_chain+0xb9/0x410
[  270.396513][T11592]  ? __pfx_fw_pm_notify+0x10/0x10
[  270.396536][T11592]  blocking_notifier_call_chain_robust+0xc8/0x160
[  270.396558][T11592]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  270.396588][T11592]  pm_notifier_call_chain_robust+0x27/0x60
[  270.396609][T11592]  snapshot_open+0x218/0x2b0
[  270.396627][T11592]  ? __pfx_snapshot_open+0x10/0x10
[  270.396651][T11592]  misc_open+0x35a/0x420
[  270.396671][T11592]  ? __pfx_misc_open+0x10/0x10
[  270.396690][T11592]  chrdev_open+0x231/0x6a0
[  270.396707][T11592]  ? __pfx_apparmor_file_open+0x10/0x10
[  270.396728][T11592]  ? __pfx_chrdev_open+0x10/0x10
[  270.396747][T11592]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  270.396775][T11592]  do_dentry_open+0x741/0x1c10
[  270.396792][T11592]  ? __pfx_chrdev_open+0x10/0x10
[  270.396814][T11592]  vfs_open+0x82/0x3f0
[  270.396838][T11592]  path_openat+0x1e5e/0x2d40
[  270.396864][T11592]  ? __pfx_path_openat+0x10/0x10
[  270.396888][T11592]  do_filp_open+0x20b/0x470
[  270.396904][T11592]  ? __pfx_do_filp_open+0x10/0x10
[  270.396920][T11592]  ? mark_held_locks+0x49/0x80
[  270.396957][T11592]  ? alloc_fd+0x471/0x7d0
[  270.396979][T11592]  do_sys_openat2+0x11b/0x1d0
[  270.397000][T11592]  ? __pfx_do_sys_openat2+0x10/0x10
[  270.397024][T11592]  ? __fget_files+0x20e/0x3c0
[  270.397043][T11592]  __ia32_compat_sys_openat+0x16d/0x210
[  270.397065][T11592]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  270.397087][T11592]  ? ksys_write+0x1b9/0x240
[  270.397103][T11592]  ? rcu_is_watching+0x12/0xc0
[  270.397120][T11592]  ? rcu_is_watching+0x12/0xc0
[  270.397138][T11592]  __do_fast_syscall_32+0x73/0x120
[  270.397163][T11592]  do_fast_syscall_32+0x32/0x80
[  270.397185][T11592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.397204][T11592] RIP: 0023:0xf710e579
[  270.397217][T11592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.397231][T11592] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  270.397246][T11592] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  270.397256][T11592] RDX: 0000000000040081 RSI: 0000000000000000 RDI: 0000000000000000
[  270.397264][T11592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.397273][T11592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.397282][T11592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.397303][T11592]  </TASK>
[  270.399591][T11592] 
[  270.504352][T11592] ============================================
[  270.506254][T11592] WARNING: possible recursive locking detected
[  270.508155][T11592] 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 Not tainted
[  270.511301][T11592] --------------------------------------------
[  270.513530][T11592] syz.1.1477/11592 is trying to acquire lock:
[  270.515441][T11592] ffffffff8f2f08c8 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[  270.517888][T11592] 
[  270.517888][T11592] but task is already holding lock:
[  270.520176][T11592] ffffffff8f2f08c8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  270.522685][T11592] 
[  270.522685][T11592] other info that might help us debug this:
[  270.525158][T11592]  Possible unsafe locking scenario:
[  270.525158][T11592] 
[  270.527546][T11592]        CPU0
[  270.528577][T11592]        ----
[  270.529674][T11592]   lock(fw_lock);
[  270.530854][T11592]   lock(fw_lock);
[  270.532050][T11592] 
[  270.532050][T11592]  *** DEADLOCK ***
[  270.532050][T11592] 
[  270.534522][T11592]  May be due to missing lock nesting notation
[  270.534522][T11592] 
[  270.537113][T11592] 5 locks held by syz.1.1477/11592:
[  270.538727][T11592]  #0: ffffffff8f0e10c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  270.541333][T11592]  #1: ffffffff8e283608 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[  270.544521][T11592]  #2: ffffffff8e2c3150 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[  270.548157][T11592]  #3: ffffffff8f2f08c8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  270.550747][T11592]  #4: ffffffff8f2eb4e8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[  270.553517][T11592] 
[  270.553517][T11592] stack backtrace:
[  270.555195][T11592] CPU: 2 UID: 0 PID: 11592 Comm: syz.1.1477 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) 
[  270.555208][T11592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.555215][T11592] Call Trace:
[  270.555219][T11592]  <TASK>
[  270.555223][T11592]  dump_stack_lvl+0x116/0x1f0
[  270.555238][T11592]  print_deadlock_bug+0x1e9/0x240
[  270.555251][T11592]  __lock_acquire+0xff7/0x1ba0
[  270.555266][T11592]  ? __kasan_slab_free+0x51/0x70
[  270.555279][T11592]  lock_acquire+0x179/0x350
[  270.555292][T11592]  ? assign_fw+0x4e/0x640
[  270.555304][T11592]  ? __pfx___might_resched+0x10/0x10
[  270.555316][T11592]  ? do_sys_openat2+0x11b/0x1d0
[  270.555344][T11592]  ? __ia32_compat_sys_openat+0x16d/0x210
[  270.555359][T11592]  ? __do_fast_syscall_32+0x73/0x120
[  270.555374][T11592]  __mutex_lock+0x199/0xb90
[  270.555388][T11592]  ? assign_fw+0x4e/0x640
[  270.555400][T11592]  ? assign_fw+0x4e/0x640
[  270.555412][T11592]  ? __pfx___mutex_lock+0x10/0x10
[  270.555427][T11592]  ? kasan_quarantine_put+0x10a/0x240
[  270.555438][T11592]  ? lockdep_hardirqs_on+0x7c/0x110
[  270.555452][T11592]  ? assign_fw+0x4e/0x640
[  270.555463][T11592]  assign_fw+0x4e/0x640
[  270.555475][T11592]  ? _request_firmware+0x957/0x1470
[  270.555488][T11592]  _request_firmware+0x988/0x1470
[  270.555502][T11592]  ? __pfx__request_firmware+0x10/0x10
[  270.555517][T11592]  __async_dev_cache_fw_image+0xb1/0x340
[  270.555531][T11592]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  270.555544][T11592]  ? mark_held_locks+0x49/0x80
[  270.555557][T11592]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  270.555570][T11592]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  270.555584][T11592]  async_schedule_node_domain+0xd1/0x120
[  270.555597][T11592]  dev_cache_fw_image+0x38e/0x490
[  270.555610][T11592]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  270.555622][T11592]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  270.555639][T11592]  dpm_for_each_dev+0x5a/0xb0
[  270.555650][T11592]  fw_pm_notify+0x81/0x150
[  270.555661][T11592]  notifier_call_chain+0xb9/0x410
[  270.555673][T11592]  ? __pfx_fw_pm_notify+0x10/0x10
[  270.555685][T11592]  blocking_notifier_call_chain_robust+0xc8/0x160
[  270.555699][T11592]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  270.555715][T11592]  pm_notifier_call_chain_robust+0x27/0x60
[  270.555729][T11592]  snapshot_open+0x218/0x2b0
[  270.555741][T11592]  ? __pfx_snapshot_open+0x10/0x10
[  270.555753][T11592]  misc_open+0x35a/0x420
[  270.555766][T11592]  ? __pfx_misc_open+0x10/0x10
[  270.555778][T11592]  chrdev_open+0x231/0x6a0
[  270.555789][T11592]  ? __pfx_apparmor_file_open+0x10/0x10
[  270.555802][T11592]  ? __pfx_chrdev_open+0x10/0x10
[  270.555814][T11592]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  270.555832][T11592]  do_dentry_open+0x741/0x1c10
[  270.555842][T11592]  ? __pfx_chrdev_open+0x10/0x10
[  270.555854][T11592]  vfs_open+0x82/0x3f0
[  270.555868][T11592]  path_openat+0x1e5e/0x2d40
[  270.555881][T11592]  ? __pfx_path_openat+0x10/0x10
[  270.555892][T11592]  do_filp_open+0x20b/0x470
[  270.555902][T11592]  ? __pfx_do_filp_open+0x10/0x10
[  270.555911][T11592]  ? mark_held_locks+0x49/0x80
[  270.555927][T11592]  ? alloc_fd+0x471/0x7d0
[  270.555938][T11592]  do_sys_openat2+0x11b/0x1d0
[  270.555951][T11592]  ? __pfx_do_sys_openat2+0x10/0x10
[  270.555965][T11592]  ? __fget_files+0x20e/0x3c0
[  270.555975][T11592]  __ia32_compat_sys_openat+0x16d/0x210
[  270.555990][T11592]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  270.556005][T11592]  ? ksys_write+0x1b9/0x240
[  270.556015][T11592]  ? rcu_is_watching+0x12/0xc0
[  270.556025][T11592]  ? rcu_is_watching+0x12/0xc0
[  270.556035][T11592]  __do_fast_syscall_32+0x73/0x120
[  270.556050][T11592]  do_fast_syscall_32+0x32/0x80
[  270.556064][T11592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.556077][T11592] RIP: 0023:0xf710e579
[  270.556085][T11592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.556095][T11592] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  270.556104][T11592] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  270.556110][T11592] RDX: 0000000000040081 RSI: 0000000000000000 RDI: 0000000000000000
[  270.556116][T11592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.556122][T11592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.556128][T11592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.556136][T11592]  </TASK>

VM DIAGNOSIS:
02:47:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b43f880 RCX=ffffffff81ae9b89 RDX=ffff8880219f8000
RSI=ffffffff81ae9b63 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003a67938
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed1005687f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180
RIP=ffffffff81ae9b65 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977bf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000003061affc CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=f6a87840 EBX=ffffffff ECX=00000000 EDX=82031468
ESI=82031468 EDI=ffffffff EBP=f6a87828 ESP=ffd84570
EIP=f7077aad EFL=00000287 [--S--PC] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 5722c440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 0004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005641db50d050 CR3=000000006e15c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff854afc80 RDI=ffffffff9ae0cb80 RBP=ffffffff9ae0cb40 RSP=ffffc90026d8eca0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35c19c2 R15=dffffc0000000000
RIP=ffffffff854afca7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979bf000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5218658 CR3=000000006bf2e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b4414a0 RCX=ffffffff81ae9b89 RDX=ffff8880221c4880
RSI=ffffffff81ae9b63 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900047b77e8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=000000000000001e
R12=ffffed1005688295 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b53b180
RIP=ffffffff81ae9b65 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097abf000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fe55c0 CR3=000000006735c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000