last executing test programs:

14m3.902094253s ago: executing program 2 (id=347):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0xa, 0x1, 0x100)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]})
mmap$IORING_OFF_SQES(&(0x7f0000647000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
pipe2(0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x12c180, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x42080000, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0xffff, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x1f, 0x1003, 0x62}, 0x2c)

14m2.182952159s ago: executing program 2 (id=350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)={0x28, r1, 0x1, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x800) (fail_nth: 10)

14m1.645469949s ago: executing program 2 (id=353):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}, @IPSET_ATTR_COMMENT={0xe, 0x1a, ':*$\']](*,\x00'}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r3)
sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
setsockopt$sock_int(r5, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
splice(r2, 0x0, r5, 0x0, 0xd9d7, 0x5)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x1, 0xc002e38, 0x7ff, 0x80, 0x10000, 0xa79, 0x0, 0x0, 0x100}}, 0xffffffed)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r6, 0x8982, &(0x7f0000000000)={0x8, 'netdevsim0\x00', {'veth0_vlan\x00'}, 0x1})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x31c, 0xa, 0x148, 0x31c, 0x60, 0x3ac, 0x2a8, 0x2a8, 0x3ac, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x31c, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x2, 0xffffffff, 0xfff}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0x5}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x49c)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x30, 0x24, 0x1, 0x8000000, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}}, 0x0)

13m56.378661442s ago: executing program 2 (id=359):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x1, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400003366"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000180), 0x0}, 0x1c)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r5 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r6 = openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)
close(r6)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
r7 = openat$binfmt(0xffffffffffffff9c, r5, 0x2, 0x0)
close(r7)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r5, &(0x7f00000004c0)={[&(0x7f0000000000)='\x00', &(0x7f00000003c0)=')!}\x00']}, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r9=>0x0})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x6, "0e4c894c3f98dd7642d68e1c287922a9f7b77ff1fae6538c885783bf2c29629d"})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r9, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0xc000}})

13m54.619246666s ago: executing program 2 (id=364):
r0 = dup(0xffffffffffffffff)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000016c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000d71000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000179000/0x2000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000240))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000240)=@arm64={0x6, 0x8b, 0x0, '\x00', 0x359})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0x0, 0x10000})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0x3, &(0x7f0000000180)=ANY=[@ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x785})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
socket$netlink(0x10, 0x3, 0x5)

13m50.887200176s ago: executing program 2 (id=371):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f00004a6000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0xffffffffffffff76)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$KVM_GET_MSRS_sys(r2, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x483, 0x0, 0x800000}]})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$uinput(0xffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000100)={0x785f, {0x5, 0x101, 0x7, 0x7, 0xffffffff, 0x10001}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640001000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000090601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe0500030008"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r6)

13m35.700259906s ago: executing program 32 (id=371):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f00004a6000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0xffffffffffffff76)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$KVM_GET_MSRS_sys(r2, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x483, 0x0, 0x800000}]})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$uinput(0xffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000100)={0x785f, {0x5, 0x101, 0x7, 0x7, 0xffffffff, 0x10001}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640001000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000090601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe0500030008"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r6)

15.152374673s ago: executing program 4 (id=4401):
r0 = dup(0xffffffffffffffff)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000016c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000d71000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000179000/0x2000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000240))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000240)=@arm64={0x6, 0x8b, 0x0, '\x00', 0x359})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0x0, 0x10000})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0), 0x0)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0x3, &(0x7f0000000180)=ANY=[@ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x785})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
socket$netlink(0x10, 0x3, 0x5)

12.692237236s ago: executing program 4 (id=4404):
socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x60}}, 0x20004000)
syz_open_dev$radio(0x0, 0x2, 0x2)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000000000fc000d00080045000008000000b8daa22714411614141900"/42], 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000200)={0x0, 0x100, 0x7ff, 0x5, 0x5, 0x2, 0x5, 0x7, {0x0, @in={{0x2, 0x4e24, @rand_addr=0x64010102}}, 0x2002, 0x7, 0x3, 0xaeac, 0x9}}, &(0x7f00000002c0)=0xb0)
r3 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000080)={0x1, @pix_mp={0x400000, 0x5, 0x20385655, 0x32525942, 0x3, [{0x0, 0xfffffffe}, {}, {0x3, 0x8}, {0x1, 0xfffffffc}, {}, {0x0, 0x1}, {0xfffffffc}, {0x200}], 0x3, 0xfc, 0x0, 0x0, 0x5}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r8, 0x4008ae8a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000010000000700000007000000090000000700000000000000a31224018b734a6676"])
ioctl$KVM_SET_LAPIC(r8, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

9.441794037s ago: executing program 4 (id=4410):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x80601)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r2, 0x400454a4, &(0x7f0000000280))
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1})
unshare(0x22020600)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETSTEERINGEBPF(r7, 0x800454e0, &(0x7f0000000140)=r6)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r8, 0xc0046686, &(0x7f0000000180)={0x2, 0xa1, "f8b44c29c4e098e9f0edc973f77434e5a410ad765fb0de23b77b3cf90be2bf194b992b50c613eee504624a9d9449e66abb0b2c35227fb6b91d32e663beecee4a18f876ba4fcd7b0706940d115fecd1937c2efc4804f391b556ca94e75167bfc20424912f8929e89909fc36a220e12a6b956e1e3961eb994b162623f6e71803cd95eb07d65a17d2dbfeeb4de56ae19305c4fed3c19531ad8fb1646a4d690c7ca0b0"})
r9 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
pwrite64(r9, &(0x7f0000000040)="a6", 0x1, 0xa)
execveat(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
close_range(r0, r8, 0x0)

9.232374075s ago: executing program 0 (id=4411):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r3, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r3, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000000)=0x10000)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b0000"])
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x400000000c8301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r7, 0xc0045002, &(0x7f0000000040)=0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0, 0x0, 0x6}}, 0x20)
write$dsp(r7, &(0x7f0000000400)="c4322f5c57ef1e8c2d500b7efabd1af0b06ee646f0d7c11ea4a8f86ecc05d60b7021cc9a2bf2b1fbb537f242c642619e1fdea2c7dd2e019267f3eec05db7b7805888178436eccf92c044357bd1e45b9a6f1d42b23f2549ef8211fdf9ead0e6c005fb76f054bce224fa814166ca756011e32bd2af7e2855846f25732d", 0x7c)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x22020400)

9.099569766s ago: executing program 1 (id=4413):
r0 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(0x0, 0xf, &(0x7f0000000180)={0xfffffffffffffff9, 0xbe}, 0x0)
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000480), 0x6dce6cf62e96ac40, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = syz_open_dev$vbi(&(0x7f00000002c0), 0x3, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x2)
preadv(r5, &(0x7f0000000740)=[{&(0x7f0000000340)=""/162, 0xca80}], 0x1, 0x80000001, 0x3f7a)
ioctl$TUNSETLINK(r4, 0x400454cd, 0xfef0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000500)=@ethtool_coalesce={0xe, 0x6, 0x2, 0x60000000, 0x8, 0x814, 0x7ff, 0x5, 0x10000, 0x6, 0x9a, 0x6, 0x4, 0x951, 0x3, 0x2, 0x8, 0x7, 0x5, 0x8, 0x2, 0x5, 0x1}})
close(0x3)
ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000001c0))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r7, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r3, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r7, r8, <r9=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
ioctl$IOMMU_HWPT_INVALIDATE$TEST(r3, 0x3b8d, &(0x7f0000000c40)={0x20, r9, 0x0})
r10 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_MOD(r10, 0x3, r6, &(0x7f0000000280)={0x11})

8.255933129s ago: executing program 4 (id=4416):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r2, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close(r3)
close(0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x11, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0x25, 0x2, 0x1}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000140), 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$sndseq(r7, &(0x7f0000001780)=[{0xf9, 0x3, 0x3, 0x1, @tick=0x40, {0x81, 0x4}, {0x0, 0x7e}, @ext={0x0, 0x0}}], 0x1c)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'lo\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0xffffffffffffff41, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x800000, 0x25dfdbff, {0x2, 0x18, 0x32, 0xff, r10}, [@IFA_LOCAL={0x8, 0x2, @loopback}]}, 0x20}, 0x1, 0x0, 0x0, 0xc091}, 0x20008840)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r9, 0x89f6, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000180)={@initdev={0xac, 0x1e, 0x0, 0x0}}})

6.921627704s ago: executing program 0 (id=4417):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
clock_gettime(0x0, &(0x7f0000000080)={<r1=>0x0, <r2=>0x0})
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100)={r1, r2/1000+10000}, 0x8)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x2f, &(0x7f0000000280)={@broadcast, @dev, @void, {@arp={0x806, @generic={0x2, 0x1a, 0x6, 0x1, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, "d5", @local, "91714673c45e42448a91b2bf"}}}}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004140)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c7132fd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799e59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0887a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4d824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26ed577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147e3ed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c316969ab068208b031338bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0xd55, {0x4, 0x2, 0x0, 0x9, 0x20000009, 0x40, {0x200000000006, 0xfffffffffffffffb, 0x4, 0x100000001, 0x0, 0x10000000, 0x6, 0x3, 0x80000002, 0xc000, 0x3, 0x0, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006140)="7672139f6dfe7e10c37e3d50cbf562f2d282560a8454436f47e3f8ebc8e1fd792cee485f0bbe04efd996204a61c0d0772d8e489b6f4c7f78727738db2cd945bd9c9e3acea680ff3cf19e93fecd8832112f3ba0c952d39a0ec4e181e428d2a0b3a0e2da56673973a046eeb1bbb5190f22b2bca28b7bbe31ad76a1f78b6a029a8af489f6504b065915d63ac878725830e46aaad9db413d3d077bd674f5378f86e919a9fe9048a31f6534cacee89e88089851073c7b83642426efe63bf03edb870437a89f8b3f969cd80fe93dd4c55de2ff8560e72be3bbcd5ab399a7804abda51819a6d7b4083ae0371595ed9d6039787398c95617fa2db5bc3d786635de6777ec73518ec0d34e57683465c813e1ced803af62718f6b048d766174900789c3c0bdbe13e1cc48923c418402a93685f777c66e358c1fca553960565574f7c4d9167774a6347df159c4f3ad0caa4af45e4f0a9aaff419e85187cdcd8e38b5983997a926167e2287f8d9e1c8204734d3dc1e25b551cdfa566bac00ad849bf423bef21fc2197f2388bb3b347933bab61425787ff52577f3805e2d1f1bb20d2f288f88b9859db8208e2608eef52e573c36e5109d39826354dc3a562c23d87c585d968fde51ebf91911cd4f33a84f75b7731fac2eed48257bd054d6182f8cdbcd8a722ef32a8597f437e763db99dd7ebb43d9f3882451c24f66ca50ec0ad9058b24601685308133d367c480b7f4999a82ddd179051b43da6b98272928872c19a49834d79726aaac3724dc160d15cf92846a41ecc92948cc5a9cc4f7d6bdd01ceb79cd673cda60a56ff4bd75d8ad6a2bbeefce74f3480496196bf0b74388b7307bd57cc6c67dae4e621766614a4b0adf03aafa2c692b7d200276cb6720c4c00b0f16d0554a13feb1d9b95b5a8596cdcffcb5f43620ad0bb5ee700833aeacb20fe79059e3151d2ff31d737f9b1ebdafb0dbb75aa1b7f426670af32935ccd077137f0ed698b18013d9ca8d4fdb9c1ad59332726db8429af47775d7427bc6d49fdbdfb90daaa1b7e4997082296aad53f8044d26bb56989d0361d83175eedfb10dd3b54bcac20c3222e10af2853085b6d9c2a3132df8678d6cfdb6378bea6f9d308ad85e64d6b1adbacf190135003812c501df017a335cf80ed58ff3f237c9a7bc50dc411059056f00fdd4957cfb0d6cab6e7d24f240ff0530779f9daa7ab351149f0a2666bae744d6c56a67c259eba851cb114aad7f7529ef3eba66a5ddc3bfdc1168c76bb8eb7d0d4a6895b20dec236ef791078e97c480a01e7b2ef2bcb1da0bc493d6cb6cabc6e188a64835fbe1bb56fd0445df647ec41249db6efb4d68adf66449154e04c8cd7348ef02cd0afdec17ace65c2dfc4e024e0e2f3539508821b6cab7f1648d7b5b1a18ff301377f4f98f56ef05328d9fc62fd719cfaf49855f60272cddae74db365623efff3963e40e094a099b5b67fb8f9576be4549b1545d3231203aa30b4a5387860e8487be93bf13e7fdf70a92c4f9d2369f6ed84e2fc4ed938b512f6d5de28f020d7757ced0a7257794b634987d573250639fe66905e7713693de3a7870813803df631d626f4cec977ddc9f6cd62b1e425e9290ebe017c1f563452145a620d52663967cb3f29251607ca9b334e1334967e72d8c89cbbd4059705e6fca7124250f1338a3cb6a1b06c9b3624bbfb4b05dfbf397ff788499ebd2d2800ca5e22c12746041d04699728cf90e4441b82f45ee75bebb6aedcebef826c3b7b177104db327c78b90bee755f0b37fab27853a861108880864c123a70877e649e848abcfb94d4b996ace0734103cdf877e6669019d6017183406335b218858e0330de80f6860030d21e5cc29f165a38df3e5a63ecafc5d50ff4d93339af3a10ba1ab4aa89243b8c9d886a127c93bb946a7c80b6144673483653680dd7adbc25e7841ca9f393c42e9cf6b1fdfa91549c0d6a205dd7eef3a6b4e8dff9fd6c4f5e2b2511990fb38439392c9fda618a1f7dd797e3db4f6651956cd465aaee32ea18c02b9a3e2301dfc63289af5762bbe7e639f6ed0a19cc5acbdb3571c7fbb10f01a1d33038b75c762b6f0ea20d564fc1c7fff81cfd16bcddb051f93057584f4c17afc2c353c90570b71c856113cb58a2e514e75f8b06b2e55b9474199f21a848a4b18d34b1c0eb851be03467d79a40dbcc6ae670cbd1895bc46e6d27bfd9959512e8b4634dc498c63e42331f34a0707e486dc810f361d97953d5eaa0783f3a856081a6e41c057ca2d70c7f44623898af8d39841727a80ac1368135ee5024ff51868ba82fe618433666de64944892783761ec674d05f16f7828b9b24c95210c94fedcc20f58c638c74c12ae14c1287d3bcff75764aecc79aa71ce1c18deb39a4f2274ad661ccb703dc70249eed802577e4d6258010d53294bde2cd2e8167adbf9cb8db10f009a57b29ca1f22a3091638ec9087f35f22cdd359f3a1d102e2cbc7423ec4a6a1a4f8cf6358b8112656d5019d74aede5f7fa4778498fa9414519626e89d1cc09a1ec07e67f984b15d9fbccee6d50acc83a817024f503687df684c768dc96c90941f3279d68d8c804508f7a79d92e7bb8c22520847ced2f1f0ec71cabf96feedcec35ee52326fc45fff73673547e8e55f452c9dfd29231eb9b4f9a70d4e11b43112bc7cb457d371a93f53e2f7d96cf24839bc19b4c9b741aa565128064a92caf8338bf1a05a371684dbab7b45742d2735fc089c0dc740ebd14e70628de5eabc01fdd3080647fa283e95726f3ea9aef5537a534eb8741a7a47c675be8d65d17ef204a12757e8d4eec0d2a7df77f735be0ee6ef8dfe777571fc17acd0b1b9ee1a0845a5a1167ebbd9f771b83c2a5bbbc015a97091225319e13bf0985778da02e51c1909da0dbad32f00b400f1489880cec6237e36d3c1a50a13119aface904090e58f8707ab93f3b565d446568f68d4b3b62ffec0d7ff62191f5c9fcb8219abf1df71c7a5e7a1025e32ea576a01b0e0cf69d3af1b39f6a6896371a7bc1be6c51d971030b1b9ed6d8ae653f5c57368248280129c084122c50b2172c4f905e09dd0301cd2825806fcc6765ac6df707412b3be6a1d05557634d79eb41630ebd71b11434b68ab631a46855e19d71fefb77a01d3a9f8a43e978de8885394c3f5ca51dedb7bcd99b596e8beb2ea4ebd1079cd1e74f3642940119b1173f1ef3cce44c93516d52fa6da11158a432484e8a0b90152c8d4cf5012d48ad4b8ab1bf76e9ef921ece129be5834acf8b93e5816a4db2203f27f3255a83a8dcb457b8ffaccd6598fcf507b30c385c3df4aa47519c3d70f8683025cbca6e5b103e39280ba7a7ba33eddf5ace5065380747e8cbca9a2cd0781f9c9b93fef674a53935c5cb5f3e38cea7155eb959ad241cc635f4e86297c839d48288065a6bd45eb717b1b6ea20a213dc4834a297119eac95ba0ed4ec2245c4692653d670f45261bd54d7772d8d052efafe4486f37c54a94d7022b4b78c4bc7a567fe965d49639004a57b0e45e017bbb149026bcfc12092717dc468cad62bcaa18979582636ce88305140254f7b334b55200f5047387381ffd1f7d34b0fb7bff311f613d7e1b0cf6d8b38702ce9b650350abdcc5a81d0cc97a2b0a5aa11d945c9c302fd23272aef4bf3eece57c765a241893969a3e7d195eaded5af7f1f2845866aeee79a84907bfe6e78526c3b1f107cc28b3732b52bfa8859bceab06263bc8e85e96cf482044bc7516e42583a5b2139b0393c6fac2965b07944d954e74a2430def8ccf574fdc54ddfe5a1d167a0d791cdf202bf99a62bbbfb7c1aac776bde76dc3541228d3230a15fb7c6f687e262bc85a1b1508019369062ca77933b9afccc35f0f8265ee5eae168ece37324de2538a9721934332112f54402d244c82940bcda0a867dfc11d2a99dcd54c7d3b32fcb6eb19ed8950336eeddbf372c91a66f31f7f065a8ab86ec6d40350591bdc0cbf3aa9cad447c4906b00bfd376ca489d48bd49401b5d25f5852d0eff001502ec6fc869c9d5791b3161df0dfc0d6f4994cf277cbce6bbc99e9d409d2a293cbb37ab3d8655b88abdd34ad47bc035dfd504c9ec8b88d657b6376853a1933d4a0f4828aa020cfef3e518fdfacd3d9900b5b9a482dd593c01788ddbd6978f1a7ba80471a3891050451b1f170943181de415f0907b798bc701aaae564e30724c167ab58bed0ab85a75a957a196d2a51f3c6ff01fe57199fa8c526526b552d29b6cb0a41112aee4aa54a7aab1fd5504f7a3c5db2a7c1afcc840991d929a7faecf2e7dc0688f07da2981ca8a78db871ba770c971c561e4521932bf7c08ac554ecc531bfa16e767ee3e2fc54d45d8ff5ec92dd846632f140f9f7a70c4eab2b194317835f3b1e8d4064c2d564d0d61639b9c62d1ad04f76dec2d3251ae4685e152f3b0940ef6d02c81307de3e98bbcbdc1db14b8ba68baaeb3c3d387b4ac0e6b7e9ed144d85565c95120e3548fa1836dfc444ade6be458d9d43f6192d9d83cd7b2aa0f5ae9c238297787b91ac72bb9218f810d00006b2091f2b8a95cdaf60e9e79dbcfe52dccc93efcb729c15323e21ceb886252339dda73d9f07aba55ccc88af838c4ee739b13794884cd12ad6ccb02e821100f03b200af7e4bea30fc88a057622b71b13ef7f99c46f662b344dd4a6c1a6645ec552e2bd329f30cb4c4a06447f6741596e53a2f7d095a2ac618722543de728602d8bd65e6ea442c7e7353c497368107002bd10a50a752d18b90292aefd5e0b40c31b162914bd60d4a80d6ea36b008c795de53e0114b658d75b08c1279541c0e27971e65d6770bf8ecaacd8f0d16eda72167e5028582fb9873e2b55bd1d248d77e8d95aeb5d4ae46e8e9acb0726e1147374e344e22af5d5aa304a8d628e511f3a42a014ef500234147a817b8e34acc3c34ab3df1765a7d767c97bf71ced449b0d4af0a484205447d5129a6c5854a3597ba7aed9fe762dde593b85099f613f8ee8e9306786cb54a0d4aee73f45a1d53c91480a73b110fc366f95805dbb87556316241aa71856358910109931dcca820d10b783238e43dafac54666b73096722d415b6dabbc97795ac8ffccdc507ef3b232a13fb6c5a813eebd72060b8d99eda46e23a97ebf718f7ebff1e2a98c9af045e8474c0c94cbadd9097b36c6df5de20d2496b4048422a8e15097e6ce16145b737f84e7e86441496d1363273bcddc634b5fd9497091214fd7c5d5ea576f0035a8ecb207669a502020483f65b105c1ec0f2f43c45923a5fe1bef8e98a8a391c95b5f29afa2dc0257e073ad354d58ace6f74f6ad65dcb54a2e052b28a61ae06da59e993a14c39962f8a8fd02ad04c1d98503f3aec3b77426d460bf7bf5384ca02353c850db2fffe47e64d476a79583db1a53c98fb1492dd9a91031ff56a44594453b6f2f1ad96e4c8d19e434fbaff9451a73149942b612e4b85a02112ee67b323c1157b0da54045e44a859ecc7c0bd38ff4a26dc249ada967b7fe85fd0c82af5009b75da343422ed8bbb30dc6896b33ff4f0b3b29093f34fb782654827b45479f3c7b7839acd519c45442d7ba3a0cfd3cbba10a5a465608831054499f71ae35edd44d1ce9ef7b064f6790c8689854cd0c766c08c8307b57b1f4c956ad081c064e656d1582c56ed9fdd577f84fbf3ee451acd4d10f0c0a4dc1e6ab1f85261ec686580ecdbbfeb6fb0d291f7e08477fd3935142c2ed8caa847b9d19299c32f62d320cc5237fce666d181777568521e1d5e93c78dd99fc0301335b61cec3f8ae050175f0f07812793ab5025b7f16115789f4519ea79775ceeb2b9ee339b0a80ea2eecd4edf2393a28e0ca4c1252bb24fa7420bab46e2937095e5b9f96cde111de110213dade07359aadfd74c7ee3b893d713662ed204bb9a77b8e9cb4c3ea253ed400f068f5eb84d192ec1bf8d0cb311b875e097e924f5444e748d540fb40ab800b06f5de0c11fef6af640835b552d0b9cd95cf7f79aa9610b850f597372f4334513f4bdb8155cfc2831ba6fff1c8d66fe1372fc211906e816bb4d6c5dc765d49a57d130bcb9734e53bad549d35b53028211e532583e4c1f05d2d3ff0ad57747b57b8004492988dccaa5c3dc7edaa1f3e23c614f897da273648807a50fff28b3ab314966277f76ff5be2a708971c1ca494fd50e0c64e43671b1b07b4e5e0c51732e3dee53ff4d10cfd75bb6f0e09fcc5a7f32d073b1b9bd610d5189c8178af7d52dd7f91b8f9e292b87b320163e6374fcf874db938c17351f43be3f641e92812d72bca591f809ba06349572c1b063e37a59571599bbbbfe6989fcee3d27b7466357a8a5ba48e643a2899f92b208bc0dd48f553dd1f2a6fc95621f4c68067d7dd5ba691b99b3addd839c6391c1ffcdd2832941e2fe7c25490f7a1580ff17a62d4063a8feb35ceef20ad6bfe252697d4631156f8dc8b03107cd1640e1fe8450a89f0565f011b47b9536f6c639b67a32a45542be789cd7aa4e08dbf6e1a8a87f7a74248a976d14eeb7c7139ff00f5cf3e0d0557051a75348ac3c1418ec78ebd3ae32bec0b1e9bc4043f74453b86bc2c6099ab8425a0d2cc9e56879b8fe50b41002af7b3b851860a8108ee284c6f21a25985678e555c2ab5fce4c614dc01c45b943c5045773d314b3aae06f696620d5341b20729c971f0944e86cb012c90ddc315e12572e3517d2e5d4df33c60f30e84cb1ba94125d13e38fff920e292660a32a9a1ee693201be938419a92e6d73a939fbaef1c2d463be57d555902292855ac250cb68429aae8e9f0f6dbfb960e51ca48c1b49e6d2780f2a123d943abf0dd93150d41380b3d99dabf27a7212e86a741650a6634c4e569cc5a8c5d97ec6d70e5cd66f5848e8a09f2a76cd11482f6d3717eef5bab444cb90d7360237bfa65dc75ba3d864d688c2d4e983de7d978a6222e2c0bdf4111f645ce8e409124844455b347415142c886fc95ba869fb4b770dbfad34e267590341ce287ee591f6cd5b6e4a5604b6b0f57cdca1b457c66d1c731ee1002839a1263d8b75b256c90eab7b43d36b7495e50e0865c2a14bfb87713b9ada89bdd453791f6c18046d220bd9e16bbe021df828d2deca20cbb77553e3f54c418179283b236bc231e478558c25af5cd14cd3dabb1cf3e359f7389ee84fad8c98faf560da9b36694e86a80c8d9d3261900bc195d441770774653bd78e66e0999a0f99c9675ed3030c74499c67d869d14cf3ac4df406ea91799de18b129be5d3eb8409047778d063f3bb6e6e6a5820e899ebf43049a079997ff8e36d36e5ccf49cbeb52e5db213c5e46654428cb773a72c6bb01454133aab163b537675e4ace88579c840fcb555e96e3b362869650194b654762b10d0d490b9a4ef1f91f6c32aad575b5cbccb6bb1666476985534ab3159c42c1545bfc1018fb5279c049467a8a46c16f8ba86e1d4041828e68a6c7d7c9a0481718da4ff29ed21f3956f7afa84c54369ac4d85fd93c60491cb5155a751e17dd1bea07854b6fddfeb6eebef32029e8353fca32c0d8831e0c33aca792c71a2792067442c1964c69b7ae56d80abb62dacb502bba580af066d851d69f47012433bfd02fc681c6687261d7709da82a2cdfbe46e2157c54166ce2e041d97f5a824b7ed4b9f25067072617a27ce4f74c574b435da03c2afa4acbd8c1d2d43bffe4570d236e2374fbeb85fd8672bf62b89f8d3cefd63aaaf0054db14d23c4df208bff4d211299d547f5f3b4c7f57d79c1983ac0f2b6fdc60acc7bbdcafc5eebe1ece85bc31e57e9f553444e20d22b7578df116b83d34a91caae699c770e14af09c1cb9814381294f3c7d6e13735e982b2ab17d6bdb74cf7328a7d3b3e963cae944dbc9f91aa1ca629e471ecbffe8c573885209b772e5de04ca6954a9fa196733066d1219380bac92cf297ddc4aab061406fa5f4e73e16398316934be86be4feb69b94ba4ded5996fa17abee2d8015f41b293bc643826672a4d4b007baa9cb93754efa0d5a08b153a1f389e6c1753cb248ea21a18c7e7d58e54f61b6d07c400b105d1364a091c7ac92309e8951a840edd590dde3a3994b53a5c3302fb404094c8787da420c3034d3b289d3667276d2220de8cc8f94989f900483acda9b6d878bf360477dd59cce976e0a4ab29129492e35adc83b41ae4f84483bb89876ec4955e83f9a22a0c506f5532e5390f3d548d327516e5fa7ef8d613be77b4967dd8602de27f28a97cab485f2ccd97f244df27f5969c3626b5e50d7cc802bdb6203494f7cc4d7e1ffc31a6df947f91f1ad8f8110d773840ad3beec8197e7516467b62882af0b7cd0db18e18d86535cca2d00b8d4b1ac22f8f264d22c36a50c8a342da8b0222f657b04b17a1e282d366e6799cfbbd6d8429c79cd989d6cfffcd83790803cc608c3815cf4013a54f07100db8770b7deb1873905ae9d29d0918e06fe0ff42020940ae136a1b01cc283507a051ac23795736213421ac88ea2f7cc3a84bf63ca45957a14986e906a73a9b4f578064d3e34eb3952e01b7b8d239e31c95756539028cbaeba975134b7fde393f0b365f01f5757c89f8db7ff6fa90efa0c4c8a4696f26ae8f6241c4d5672fac434ee547579b08f8e5418590cf526e8aa46b7329e45c41c58680b348562b10de4cbd9d88b22e8e206bb53a54e51c62d4701d2f87f1e2c91f4c78bfd0e29ff05fbc5c2ffe252332c775745aa8b09345906452ef8eafdaf7aa63d9abdc6707454710c73faa131032ce6d760e3b545887cd63188cfccd629e8f17ba7265f67c6e9db46843da5873726563763c08c33a389aff7be2a73da702a56650e9f1e3ea48f7467075d51a6b4dcf943079eccfe67c2fefb16be5216263548029e5754e7c74164e38e4fe3f26d5fad42fc6dfce5618e17bcb978b752106a36436f5be59f960b334c4d6533ac9d0705e84e4c8c90eaffded330482e689dfb788ba3dbf3280de075227a6eab2423ba6331801e1c95913fa37b0d6614ac7e286de82002cfec99d212bcdb4916f82248d1724c0479091d3a95538f6f370f1c8a0d120cc2fa8037003d8555602bf434128b73c06210cda0b49b789d232cc5d25bd6f3028d0ab8d7cb4b4b2555ed819ae6a15c23a7398f72320b924007f16d7e814be30907c24ac5196d84c00adfa449adf3c53a94a8f64f184d42fdacc05492b3f7324f444d13860053dcf877fe2486932248c9e0cc54e4b119a995b00e73d61958fef582bcf52b9e316594e67929ef69d2c2cf36f4c0e6c31a9c740f8caafa31e10a36fda851d6d28ef2442930960497a33cf10c85b5312512325b41865441a8e93c89fe694f133b79e3eef37fc4dbff0fbaa56b699520da1bfae1dd39f0ba9dcffca01188903f46341c815aa54898b87a4e049c8ff28bcb9b69132fda3fc3d10268c480bb76ecb12b48b9808e8e67e42a9bca0c32a48f310c890f9cf61d5e1c09b08f0eb983c765e98acd139cdd5561b0ee4c0e8331a18112037ec39bb29df24ead90a809ea9d57fde46acc2ada50843d9e88575889770d1b407c3f290b353e757fc349bda8fb4add1041e0fff3810a0a3cdddb4e816d8d4682d4e275ae9f2dd1bc06905040a955bd8da336e211a0bdf1b8e1abc8457102d0ba3461bca211e0e47ae82f9ebbaac20a9ed91a96c3d0516844cac3304bdb85c94d1cb703a0c05afdb1db104b2a45a68c198face83a313aecf1da56fcd111123690a1410aa6fa2402ad11fa5331d784beaa49c4cfa74f68dfcb6a9cf6e91e5602ee9439adb5b3cefbe9a9e93c25febe17e8ce47db7846c9b950b55111a676ca855c90e8e82c8adf70cd76bd344085045486f8bbc119d8c24e89ceaca34ac36be0f6f1e1bf1b05c249d0f11cfb1d03b33eee4d94bcbdfa6e659bb109b1262532ab8d54a1dc46645e97496183d88f89b59271a0a8335d1ec1b136e1d4165e5c97c37b336ea5d14f57fd0dcae894254db8d86cd8c2630f944189f4633f1fc373b4e8fd9595a46193eba0fbbfa4f58d5fdf8790c51305065005a61f0e9026eed4f704084b996e2976c883b88818d6b74c2e61c1c41bdc8a34e3a3c792a7652fdb5f4f22ca9e20be548938e174974b28704378cb771b6af910cce6d2e406bb3af4f12033b9d56fcad8307215c812eeccbbad484618c4d0b14d560aedf62e9f6d4b10f0732a559b1d213005434f1ea025e2efae734f10acc42b999a1639e053551aa0fe356431ab7bb6a7beee9b573ce290f8876250962a57d380104d6c800e86e89e1d511d28d3808efcd62a1c6d809ed7507b640de32f432b8ef96255942867c1953fa10d97c5927a277141449a57ddc34521908fd04cfb32ff464a1c4d1935a660bc572f73750102e3ee1a9c6d2abc1b709952cabf6ff4e6d08a2953172d6d9a7a2004cfee1f3b44c6846968cc382238b10846e84a8def3381046193d699434493b136a439c97cb8059fa957e2e80e8598ecf358acb0c07c46411a8c3cdcbd2a40fead2d33be7cd9f447ce0183c166fcff90fa4d50993f1b40743dd8f85ec95185fa64fe1c65900c4a08e5fd4158e413d72a801f128fcc580d22e0994cefb23819804fb55ab7a6e82d47ab108c112bd9d94a48f934d9fbe49672298b91405b3993e61b9bfe4cdd26cf69ba37a8a60d45ff87eb98f8a01a49474d8b7b2e14f6685cad0c4cf60fb9239b5b70208ad5ad6c151c375ccfb09d55c8b140ede7e51a48a33c13724eeb51bd7bcf3767186a1de9e54e0aebec316f6f677e9f244e9350efc6feeef3a606d4527e1aecad2ca6b6222decc0ac034b3efcf6fc653d7e2b95b9fc2d3bb58e1bdc47318fce4928fce7fc1dff89f908495dbd41fa03e976a65bc36d968188fd0d44ac1c4200be82ca3c9db1d0c3c0333a0e817f14565f2771955e0107db94bb790f079ff8fd55afafaaf8b346bf80dba79a74b0129a8d6370344363faf41f40d1e45591ef9677e5745ff5b0e5f76a2053c773cfff2bb1ccc7061cfa0c041d68feb12c56ab3a3b795efc0881d9ffe06caf9a3430bc60e9d716f11d3672b1403416c14b4f8a9caa1b54f7e616d0fd1cf9bb3b52bdb1945074dfef4e6a4a8069084a674414b74c972aca7513cf068ca99da6bfd1cec93cb8769f52bc06366b32bf6cbf6c46919b0da4ed6ba16a2a0cd123ea31634ce07081d593684c61cefa577196c6656d374000945ceedbdb8dbc0b01894edc8d7cab1b635ea248b9742efd6e094b40ab5b97701433c1cc5dbf6041f8f2f41437469518ebef65b7bdb6a0b1e06e7ed405e97c229849aa476647f02521abad910c018cd4eff3f43da9eaebf849575fa0135a697d7571f6cc305652a1cf014d2b97ab7cd254a29fa0f35d122b289c2dbcba9e01af7332c405acf55954b6a81af2a19484339943b08103e6d81b46fdbce53c16baa142bc2ac948b692c3d0006ecf6d2f24e89acd8c1167668657d3a0a4689a69c221619fb9c898b244b442032ffdb63d42ded7850409faeba18af67bcc8e3b8801e55e83e45243f2ce64d2dab507b9d20dca219b55c74e767702e0dc0ecdbfbc00fa5683007d68992bc9080feb8e16ad2528e6afa59217eeff0bf75247caacc5e4c38680478897c360", 0x2000, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0x78, 0x0, 0x1, {0x0, 0x3, 0x0, {0x0, 0xffffffff, 0x177, 0x1a6, 0x7f, 0x7, 0x7, 0x3, 0x8, 0xc000, 0x2, 0x0, 0x0, 0x8, 0x6}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fsetxattr$security_capability(r3, &(0x7f00000001c0), &(0x7f0000000200)=@v3={0x3000000, [{0x10, 0x10000}, {0x7fff, 0x3}]}, 0x18, 0x2)
r5 = syz_open_dev$usbmon(&(0x7f0000000080), 0x4, 0x0)
dup3(r5, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETS(r6, 0x40045431, 0x0)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r7, 0x1, 0xea, 0x25dfdbfd, {{}, {0x0, 0x3}, {0x14}}}, 0x30}, 0x1, 0x0, 0x0, 0x4004018}, 0x0)
epoll_create(0x8)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x9, 0x0, 0x2, 0x7fff0000}]})
close_range(r9, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)

6.759966838s ago: executing program 5 (id=4418):
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x12)
ioctl$EVIOCSMASK(r2, 0x40104593, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000001d40)}, {0x0, 0x1, 0x0, &(0x7f0000002380), 0x0}, {0x0, 0x1, 0x0, &(0x7f0000003dc0), 0x0}], 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0xffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000540)={0x14, 0x17, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20048000}, 0x8094)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x20040001)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000300), 0x10)

6.670431844s ago: executing program 1 (id=4420):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}, @IPSET_ATTR_COMMENT={0xe, 0x1a, ':*$\']](*,\x00'}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r3)
sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
setsockopt$sock_int(r5, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
splice(r2, 0x0, r5, 0x0, 0xd9d7, 0x5)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x1, 0xc002e38, 0x7ff, 0x80, 0x10000, 0xa79, 0x0, 0x0, 0x100}}, 0xffffffed)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r6, 0x8982, &(0x7f0000000000)={0x8, 'netdevsim0\x00', {'veth0_vlan\x00'}, 0x1})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x31c, 0xa, 0x148, 0x31c, 0x60, 0x3ac, 0x2a8, 0x2a8, 0x3ac, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x31c, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x2, 0xffffffff, 0xfff}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0x5}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x49c)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

6.309055085s ago: executing program 3 (id=4421):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b00)={0x70, r1, 0x5, 0x8000000, 0x25dfdbfa, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3b, 0xe, {{{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x1000000, @default, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x6, 0x70, 0x7}}, @void, @void, @val={0x3c, 0x4, {0x1, 0x4, 0x3, 0x7}}, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14a0}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x800007f}]}, 0x70}}, 0x840)

6.114124518s ago: executing program 3 (id=4422):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x0, 0x7}]}, 0x8)
syz_emit_ethernet(0x22, &(0x7f0000001f80)=ANY=[@ANYBLOB="aa2a0b0cf88a7317d0aace34e0b90f000039f7e6"], 0x0)

5.74533059s ago: executing program 3 (id=4423):
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000000009000000300003801400020073"], 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x14, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="8e004e8d72af1220010100"], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x5000002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040804}, 0x20000000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60e0ffac00142c00fe8000000000000000000000000000bbfe8000000000000000000000000000bb"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.648585181s ago: executing program 0 (id=4424):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xce05562}]}]}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}}], {0x14}}, 0xa4}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000001c0)={'dummy0\x00', 0x8000})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r4, &(0x7f00000000c0), 0x0)
ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000080)={0xf0f044})
write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc)
r5 = socket$inet(0x2, 0x2, 0x0)
openat$uinput(0xffffff9c, &(0x7f00000000c0), 0x802, 0x0)
r6 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r6, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
syz_emit_ethernet(0x101, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xf3, 0x64, 0x0, 0x4, 0x2, 0x0, @rand_addr=0x64010104, @multicast2}, @echo={0x8, 0x0, 0x0, 0x3, 0x97b, "f800ec9ec22bf7c691b1a63d5c2d5df80089c7c6fff569f3d78e7480b4294c4d230882cd51d8285b427ae13a2fd5a9472281eed631be38732fc4b3c7cf2fa0f04e7804b24e29368a5004838fed5cecb479910855ce185fb66596c67661eab5d5d8d3889c61ab86569ef5e736066637a4ecd07c89446677f285999a640277e01f5b27f5667491096a7fe19b0fd88af9117dd54f4685d5cfc011ca3659648d6413aa19f63ca00084a7f2e477c4990a549ee92d1d03078011e6dcceccdacfec5e032c28c723df03b602287217a896f61f6676f997ec49e7c9"}}}}}, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r5, 0x0, 0x50, 0x0, &(0x7f0000000000)=0x600)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

5.579233618s ago: executing program 1 (id=4425):
socket$netlink(0x10, 0x3, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x100)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xb00, &(0x7f0000000140)={[0x0, 0xfffffff4]}, 0x8)

4.729889103s ago: executing program 0 (id=4426):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) (async)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) (async)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) (async)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) (async)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

4.729506097s ago: executing program 1 (id=4427):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0x40}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x2100, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

4.729039102s ago: executing program 4 (id=4428):
r0 = dup(0xffffffffffffffff)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000016c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000d71000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000179000/0x2000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000240))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000240)=@arm64={0x6, 0x8b, 0x0, '\x00', 0x359})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0x0, 0x10000})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0x3, &(0x7f0000000180)=ANY=[@ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x785})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
socket$netlink(0x10, 0x3, 0x5)

4.604600037s ago: executing program 5 (id=4429):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x80, 0xa6, 0x4}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x28}, 0x1, 0x1000000, 0x0, 0x11}, 0x0)

4.53778857s ago: executing program 0 (id=4430):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sndtimer(0xffffff9c, 0x0, 0x80601)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r2, 0x400454a4, &(0x7f0000000280))
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1})
unshare(0x22020600)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETSTEERINGEBPF(r7, 0x800454e0, &(0x7f0000000140)=r6)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r8, 0xc0046686, &(0x7f0000000180)={0x2, 0xa1, "f8b44c29c4e098e9f0edc973f77434e5a410ad765fb0de23b77b3cf90be2bf194b992b50c613eee504624a9d9449e66abb0b2c35227fb6b91d32e663beecee4a18f876ba4fcd7b0706940d115fecd1937c2efc4804f391b556ca94e75167bfc20424912f8929e89909fc36a220e12a6b956e1e3961eb994b162623f6e71803cd95eb07d65a17d2dbfeeb4de56ae19305c4fed3c19531ad8fb1646a4d690c7ca0b0"})
r9 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
pwrite64(r9, &(0x7f0000000040)="a6", 0x1, 0xa)
execveat(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
close_range(r0, r8, 0x0)

4.425789421s ago: executing program 1 (id=4431):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x20040010)
r2 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000000840)={0x10, 0x0, 0x25dfdc00, 0x1}, 0xc)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x7ffd, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0xa63abe0d00000000})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040080}, 0x40400d4)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x6f)
r6 = syz_open_dev$usbfs(&(0x7f0000000200), 0x76, 0x103901)
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, 0x0)
fsopen(0x0, 0x0)
r7 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x35b202, 0x90)
ioctl$USBDEVFS_DISCSIGNAL(r7, 0x8008550e, &(0x7f0000000140)={0x127b, &(0x7f0000000040)="3c030fa75b9f66181ad2b111fc4cd6a4a501b106aa5286a5b5191a70ecaa5b131db2cef4f6e7ce0683e0dfd532047ee7135eede2fe1fcca0"})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet(r0, &(0x7f0000001280)=[{{&(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000440)="1305c2e3a9934c9a124670f6a849cafa8f326f7664c9713049432d06d608bb89742ff58aecb5045ca1a0630a756549696a03badd5d375779b4d3878e05ee1cbd667af70bd6dd9f6479d837a2a925d23c4443d93bde1c5e8451480f14fed59adda54f98f7218c16d623e3c4b980309b3e82206fcd739228b1293f6339238c0fbb5e4319baf0d83fde96080c34df2767249916f09bc2c7a7221d45d3b9eabf363b2590aff3db8b5a0c6b24893f15d91b316308308d1d264afb0dc5dd0ee84488ca22f7a78a0e219e579f1733e9405dcf6c49d1e88c50aa59ac7a61a372a115a626f62437281b7dd2d7ab697a9160eabb4720", 0xf1}, {&(0x7f00000002c0)="a65b17c0b0e91db7b5d0ae9cc807f21175391b542ae1b92d64152e7be829166c90d8bfe95f58a50a70e3b29238a05007909aaa94158b3ed6aabcab5172e2f4c5054cab31298ce835ea7995c831347f2b60db843a11", 0x55}], 0x2, &(0x7f0000000540)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x2}}, @ip_retopts={{0x90, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x1c, 0xad, 0x1, 0x3, [{@rand_addr=0x64010102, 0x2}, {@private=0xa010100, 0x2c2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @cipso={0x86, 0x23, 0x1, [{0x5, 0xc, "66234d50dab82a31835e"}, {0x5, 0x2}, {0x1, 0xc, "7249ce2c1dae1b39b78a"}, {0x1, 0x3, 'O'}]}, @rr={0x7, 0x1f, 0xa5, [@empty, @loopback, @dev={0xac, 0x14, 0x14, 0x34}, @rand_addr=0x64010101, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @timestamp={0x44, 0x4, 0xa0, 0x0, 0x5}, @cipso={0x86, 0x1e, 0x3, [{0x6, 0x8, "5744bc1eceeb"}, {0x6, 0x5, "de1c06"}, {0x5, 0xb, "955915c1c8a3f672b7"}]}]}}}, @ip_ttl={{0x10, 0x0, 0x2, 0xdc}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x10}}, @ip_ttl={{0x10, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x5}}, @ip_ttl={{0x10, 0x0, 0x2, 0x1}}, @ip_ttl={{0x10, 0x0, 0x2, 0xffff15d7}}], 0x120}}, {{&(0x7f0000000680)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000000800)=[{&(0x7f00000006c0)="4c04f87ad3c43c8be233ef6c9c4f24261aa21edbbcbcc90bd6a4a6a42fb1e4a625bcb3bbd2c393540ab76af91037807135de5a6547a46d2e2f2c97e2ed87f238922cbb3b716802ab67268cb8d489b6d5a7b308e45d3bf0725f7af0d043ef22962d93e59edeb7773aaaf624f182dbcdfa8e56dbda48b475ba779372e2b1d25a3c1370aab36dabb53ec54d1ddf555fdad79aa74ab2506ceb2239de67b3a43ed73954a931c8", 0xa4}, {&(0x7f0000000780)="c9b89016dbcd34d9a4e0ad662d01a6980e77f563126086707e343a1acc6a837614197de6666b215071d35ac6f0a17f9d5db7aa36eed2584f5a72fc8aea485e91c5f28be4b05ba5f6fc0ca8a7dd7d29", 0x4f}], 0x2, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000080000df", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1414bb9000000000000000070000008640000000030208670e3ceecb690710f19e35688cc58989e3cbd4957191050afb62f7ec78757f8e021018c6236ef96aacb1602bedac660907089d5947737b3f443ce9f3ac1414bb00000002e00000020000005a7f000001fffffff800000000ffffff72e000000200000008000000000000000c7f0000010000046e0001940401000000180000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1e0101"], 0xc0}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a00)="72022153f607f83e99d7de6691e263a81f7d11e02da87b7f35281b58dad1c6ae6531d5648c25b590da460cb9d92e21acb5394b10360479f45acd442602a4c59812232272b2bf5d1851a6394c80cae943a5449ebbed08114ef620b41661fdf8fe11cb4b4e3b688cc062ab3842675991d9dd197eed29b95777c682658b00026996a073ba7e666c4577219fa9cecb600b539672f14f27e48bf49c175dd0fea69cb15a29a73b20667d22d074baee5a184810c161", 0xb2}, {&(0x7f0000000ac0)="7aa4039c60afa9279ed8390916a4383995ba43d0f199183c52daf7a01ac09511d0a7fcdde70723b355bc2f20cd989c3c11d230242d3492e1dc9c0a89d346d5208ad329ed85aee3acfd314b21a62991643cb022a6510efe1474ac09956e8b3afc5561f3a091c456db1071e9e38434c75e9ac041a2a42185048b31f19c1197de8980075520f13ba91321a29dec2839acd9fec2eebca19d481e42e1ea5e00d285fdc229085fd44a94bdf05739994a00de34c1d714dd9526fc263abb76ca92fa361459e359dc4b4177407ee1373f4f70cbefe3682e97fc022e839e8636dd38dcc566c446573e8b6ea05dd2f2e0489ef24eab37165e8bd323fbef241dc0b3f614", 0xfe}, {&(0x7f0000000bc0)="8f4af35f37d4a8faa1b85de687512fac8896534d927e391a5e9e8d5b7c69e5a23e64888d5c73b311b411ce23d722aaf1534073487a8c6ff4dc8a0f6b4d807d012a9cb324b4f58a972b023dc58962e95e35a7f5e651a6c5e9fa9f497c6195ef3c5476c83c971ca6651f151c206a20dddade763e1bfb05fc7e334c731663be411893bb3bb57fb73ed562acbea999baa4777fc09a56ad5ef7510f3bd5df570dd0351c8a19eee17c8397f554ed7f54c98cf600c3df3e3bdb77209976b6aa2b2d87", 0xbf}], 0x3, &(0x7f0000000dc0)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x11}}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x7fffffff}}, @ip_tos_int={{0x10, 0x0, 0x1, 0xfffffadd}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x7}}], 0x58}}, {{&(0x7f0000000e40)={0x2, 0x4e23, @private=0xa010102}, 0x10, &(0x7f0000001240)=[{&(0x7f0000000e80)="48f2e4b15e7ef28bffde85323f7d8007631f0aafda91183c480017c0ab3739a59256956399244248b43394992d84a851afcb3c6c480c95dfc180aee224c58fa22ed163a2a53b10beb45eedc1863559a9efc15c3e38a3e21d0f7214cd41a7c39473b6bb4b1be75c3107d98e38ee0d40a71c8158eb72d2b9fac69fadea760e1e361d9571c47bcd089d50cc592dc85a822d7645175a4843bb09ae8b05d4eb4c1c346524b51f9a22c993a33cb0603257993d690d08b3c4d508e523922be307ff606d45c54a04d7d3ada3", 0xc8}, {&(0x7f0000000f80)="bf678c30a1fab0fcdc9d65d3f8bfdd1db1086768187920965397efff4256c9e6ac439460f89ef720fe7244935b1044bcaa2c99962afd6428bd50a991951f347d945da9b3a25b032d993016bcc7eeab9d2ecbf922f78624b9605c39896a4b84d5f618b8086fc11c70834416a8d93d082014edf7119e5273aa7ba72383b5793836590e524c3fe33c0e5c90a509fda7d5058cb80d912393ac604443534a4548a7e39f2de8782c6d35b2976e21baa6679f348ee37d930385b47fd1c3613c00", 0xbd}, {&(0x7f0000001040)="94445765dcbc2a14b0aeffc6f0c07f5858731966eaad683c43fce771f5de2c5ce1a89b57a457b43d6ef82da36c45a34ef83a152dc357ca113a0fecaac74b6f16eb5607069653361d1b1d5007b9496ef77466d5732bc5f6c16aeeac73a6a1ac41189e8f43f67a4b283be310339d645a7fd361debf0978c45f825345b314b8d1749960a78a1b00b9c16ffbff044943734e8947fd79c7ea13eb9ee291a998a7da2aa2ad853d9a99f36a019ab594b2077c66d466d40289c784f899703b08d77ac8cb99ce3d15", 0xc4}, {&(0x7f0000001140)="c84e0fbe0e6bbff63320ca971b9431c7ee6dda823009dc2c08450a3914f5429d5c3bd65c9093455f678ed7678e0a8302984bbbb0696fd9fc3961128ccf43cfc120c7dd5841fe80be41e959d3f994ae20ccbaecbebe7b4fae41de8ecdc255ab09a674e7de048167f2fa9e886b30ca5a12005956555faa46d3db3d057abd4a45b0b5830dc8e67067f9598df9753e242bc5fa98e826ed5785a29cc0cfe903ea70dc5009adaab62131a6802c65bbc3a91a2f6bc35eaca3d7d914bbb22afb1c2917817723575b2bd7a7e4b47b98c015cfe04abd9843a9a23c8d0033b616779f7477e7ef8803b58a6875c48b330a169db7ba2f4701f09a", 0xf4}], 0x4}}], 0x4, 0x4)

4.425381039s ago: executing program 3 (id=4432):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x1, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
syz_usb_connect(0x1, 0x24, &(0x7f0000002280)={{0x12, 0x1, 0x200, 0x5, 0x92, 0x2, 0x8, 0x681, 0x5, 0x56c0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x3, 0x40, 0xf2, [{{0x9, 0x4, 0xfc, 0x8, 0x0, 0xa, 0xf4, 0x77, 0x5}}]}}]}}, &(0x7f0000003600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = socket$inet(0x2, 0x2, 0x0)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff})
ioctl$CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000040)={0x3, 0x80000000, 0x7f, 0x4, 0x60, 0x29, "00d875bc7e3638adcd30fa4a13c60416", 0x5, 0x80, 0x2, 0x42, 0x9e, 0x95, 0x7e})
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_bridge\x00', 0x10)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)

3.172136874s ago: executing program 5 (id=4433):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000d40)=ANY=[@ANYBLOB="6000000010000104a0518fd50000000000000000", @ANYRES32=0x0, @ANYBLOB="096b0200000000002c00128009000100626f6e64000000001c00028006001900ff0300000800090001000000080007000000000014003500626f6e6430"], 0x60}, 0x1, 0x0, 0x0, 0x20004040}, 0x4000054)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) (fail_nth: 6)

2.740784342s ago: executing program 3 (id=4434):
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1, 0xa}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup2(r1, r2)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32], 0x9)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0200e1eb737226344bef18a4a79a1dc9fac27aa2c7c5c3849ca1fd3afc217de3ea7634fde8374544f2326d0ddcf65d2f845934f2eb68", @ANYRESOCT=r0], 0x14)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x4, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom1\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x100, 0x1})
ioctl$F2FS_IOC_SEC_TRIM_FILE(r4, 0x4018f514, &(0x7f0000000040)={0xff, 0x1000, 0x2})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x68, {0x2, 0x0, @empty}})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1ffffffffffffde7, 0x0, 0x0, 0x1f000801}, 0x240000c0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000b40)="0f01c93e660fe7150fc75fd467f20f2aa6af6ce3963e36676436660f38827e210f013c66b80500000066b96f0000000f01d967673e653666660f3adf2ed0d9f3440f20c0663509000000440f22c0", 0x4e}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r8, 0x5452, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f00000001c0), 0x12)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

1.893810878s ago: executing program 5 (id=4435):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}, @IPSET_ATTR_COMMENT={0xe, 0x1a, ':*$\']](*,\x00'}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r3)
sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
setsockopt$sock_int(r5, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
splice(r2, 0x0, r5, 0x0, 0xd9d7, 0x5)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x1, 0xc002e38, 0x7ff, 0x80, 0x10000, 0xa79, 0x0, 0x0, 0x100}}, 0xffffffed)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r6, 0x8982, &(0x7f0000000000)={0x8, 'netdevsim0\x00', {'veth0_vlan\x00'}, 0x1})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x31c, 0xa, 0x148, 0x31c, 0x60, 0x3ac, 0x2a8, 0x2a8, 0x3ac, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x31c, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x2, 0xffffffff, 0xfff}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0x5}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x49c)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

1.801211243s ago: executing program 4 (id=4436):
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x12)
ioctl$EVIOCSMASK(r2, 0x40104593, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000001d40)}, {0x0, 0x1, 0x0, &(0x7f0000002380), 0x0}, {0x0, 0x1, 0x0, &(0x7f0000003dc0), 0x0}], 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0xffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000540)={0x14, 0x17, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20048000}, 0x8094)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x20040001)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000300), 0x10)

1.540535463s ago: executing program 0 (id=4437):
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x12)
ioctl$EVIOCSMASK(r2, 0x40104593, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000001d40)}, {0x0, 0x1, 0x0, &(0x7f0000002380), 0x0}, {0x0, 0x1, 0x0, &(0x7f0000003dc0), 0x0}], 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0xffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000540)={0x14, 0x17, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20048000}, 0x8094)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x20040001)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000300), 0x10)

1.21789857s ago: executing program 3 (id=4438):
r0 = dup(0xffffffffffffffff)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000016c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000d71000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000179000/0x2000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000240))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000240)=@arm64={0x6, 0x8b, 0x0, '\x00', 0x359})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0x0, 0x10000})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
migrate_pages(0x0, 0x3, 0x0, &(0x7f0000000300)=0xa)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0x3, &(0x7f0000000180)=ANY=[@ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x785})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
socket$netlink(0x10, 0x3, 0x5)

682.511083ms ago: executing program 1 (id=4439):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000c80)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x262)
r5 = openat$autofs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0xc018937a, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x400c806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x4004084, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x100, 0x300, 0x0, 0x0, 0x54}, 0x9c)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f0000000380)}, 0xd)
sendmsg$nl_xfrm(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001f0001002fbd7000fcdbdf25760101030000000000000000000000aa40784603f97e2c6af730790500000004d402003200fc00000000000000000000000000000100180001000100"], 0x48}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket(0x10, 0x803, 0x0)

680.427336ms ago: executing program 5 (id=4440):
syz_emit_ethernet(0x3a, &(0x7f00000004c0)={@local, @random="6cf6566994c6", @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2d, 0x28, 0x0, 0x0, 0xa3, 0x6, 0x0, @remote, @multicast1}, {{0x4e2a, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x2, 0x2, 0x801, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x6}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xfff}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)

0s ago: executing program 5 (id=4441):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x20000800)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000010c0)={0x94, r1, 0x5, 0x4, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x44, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac}, 0x1000000, @random=0x4, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @val={0x25, 0x3, {0x1, 0x3, 0x8}}, @void, @val={0x3c, 0x4, {0x1, 0x7, 0x3c, 0x2}}, @void, @void, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}, @NL80211_ATTR_FTM_RESPONDER={0x18, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x5, 0x3, "d9"}, @NL80211_FTM_RESP_ATTR_LCI={0x5, 0x2, 'c'}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_PROBE_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x94}}, 0x0)

kernel console output (not intermixed with test programs):

 __do_fast_syscall_32+0xb6/0x2b0
[  769.668903][T16797]  ? lockdep_hardirqs_on+0x9c/0x150
[  769.668941][T16797]  do_fast_syscall_32+0x34/0x80
[  769.668963][T16797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  769.668992][T16797] RIP: 0023:0xf70bd539
[  769.669013][T16797] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  769.669034][T16797] RSP: 002b:00000000f54ad55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  769.669059][T16797] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008561c
[  769.669076][T16797] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  769.669090][T16797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  769.669103][T16797] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  769.669117][T16797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  769.669151][T16797]  </TASK>
[  769.674186][ T5198] Dev loop5: unable to read RDB block 7
[  769.897701][    C0] vkms_vblank_simulate: vblank timer overrun
[  769.976369][T16797] ERROR: Out of memory at tomoyo_realpath_from_path.
[  770.040445][ T5977] usb 1-1: device descriptor read/8, error -71
[  770.198457][ T5198]  loop5: unable to read partition table
[  770.204401][ T5198] loop5: partition table beyond EOD, truncated
[  770.340283][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  770.526508][T16807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3644'.
[  770.536472][T16807] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  770.767384][ T5198] Dev loop5: unable to read RDB block 7
[  770.773018][ T5198]  loop5: unable to read partition table
[  770.785874][ T5198] loop5: partition table beyond EOD, truncated
[  771.819308][T16823] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3648'.
[  773.804409][ T5198] Dev loop5: unable to read RDB block 7
[  773.824803][ T5198]  loop5: unable to read partition table
[  773.914048][ T5198] loop5: partition table beyond EOD, truncated
[  777.455612][ T5198] Dev loop5: unable to read RDB block 7
[  777.462163][ T5198]  loop5: unable to read partition table
[  777.611496][ T5198] loop5: partition table beyond EOD, truncated
[  778.362965][T16879] input: syz0 as /devices/virtual/input/input26
[  778.600818][T16888] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  780.191298][T16899] fuse: Unknown parameter '0x000000000000000c'
[  780.911172][ T5951] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  780.961857][T16918] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  781.286742][ T5951] usb 6-1: Using ep0 maxpacket: 8
[  781.288671][ T5198] Dev loop5: unable to read RDB block 7
[  781.322193][ T5198]  loop5: unable to read partition table
[  781.354572][ T5198] loop5: partition table beyond EOD, truncated
[  781.364233][ T5951] usb 6-1: unable to get BOS descriptor or descriptor too short
[  781.449753][ T5951] usb 6-1: config 1 has an invalid descriptor of length 86, skipping remainder of the config
[  781.481016][ T5951] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  781.527917][ T5951] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  781.603812][ T5951] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  781.669122][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.718656][ T5951] usb 6-1: Product: syz
[  781.723231][ T5951] usb 6-1: Manufacturer: syz
[  781.753195][ T5951] usb 6-1: SerialNumber: syz
[  781.990980][T16906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  782.044990][T16906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  782.087537][ T5951] cdc_ncm 6-1:1.0: skipping garbage
[  782.242367][ T5951] cdc_ncm 6-1:1.0: skipping garbage
[  782.250447][ T5951] cdc_ncm 6-1:1.0: skipping garbage
[  782.258522][ T5951] cdc_ncm 6-1:1.0: skipping garbage
[  782.265387][ T5951] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found
[  782.272364][ T5951] cdc_ncm 6-1:1.0: bind() failure
[  782.288477][ T5951] usb 6-1: USB disconnect, device number 28
[  783.520285][ T5198] Dev loop5: unable to read RDB block 7
[  783.539992][ T5198]  loop5: unable to read partition table
[  783.632774][ T5198] loop5: partition table beyond EOD, truncated
[  783.675407][ T5834] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  783.875510][ T5834] usb 6-1: device descriptor read/64, error -71
[  784.143913][ T5834] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  784.285435][ T5834] usb 6-1: device descriptor read/64, error -71
[  784.454670][ T5834] usb usb6-port1: attempt power cycle
[  784.855410][ T5834] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  784.996974][ T5834] usb 6-1: device descriptor read/8, error -71
[  785.286422][ T5834] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  785.408236][ T5834] usb 6-1: device descriptor read/8, error -71
[  785.527456][ T5834] usb usb6-port1: unable to enumerate USB device
[  785.698682][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  787.371094][ T5198] Dev loop5: unable to read RDB block 7
[  787.402368][ T5198]  loop5: unable to read partition table
[  787.412762][ T5198] loop5: partition table beyond EOD, truncated
[  787.926251][T16970] fuse: Unknown parameter '0x000000000000000c'
[  788.397618][ T5198] Dev loop5: unable to read RDB block 7
[  788.425472][ T5198]  loop5: unable to read partition table
[  788.727359][ T5198] loop5: partition table beyond EOD, truncated
[  789.175661][ T5889] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  789.604507][ T5889] usb 6-1: New USB device found, idVendor=045b, idProduct=0212, bcdDevice=28.97
[  789.643297][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.732626][ T5889] usb 6-1: Product: syz
[  789.772930][ T5889] usb 6-1: Manufacturer: syz
[  789.798089][ T5889] usb 6-1: SerialNumber: syz
[  789.887892][ T5889] usb 6-1: config 0 descriptor??
[  789.964964][ T5889] upd78f0730 6-1:0.0: upd78f0730 converter detected
[  789.977487][ T5889] usb 6-1: upd78f0730 converter now attached to ttyUSB0
[  790.181197][ T5977] usb 6-1: USB disconnect, device number 33
[  790.227488][ T5977] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0
[  790.271963][ T5977] upd78f0730 6-1:0.0: device disconnected
[  791.091789][T16996] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  791.311471][ T5198] Dev loop5: unable to read RDB block 7
[  791.330595][ T5198]  loop5: unable to read partition table
[  791.336573][ T5198] loop5: partition table beyond EOD, truncated
[  791.414583][T17000] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  794.153674][ T5198] Dev loop5: unable to read RDB block 7
[  794.159709][ T5198]  loop5: unable to read partition table
[  794.217500][ T5198] loop5: partition table beyond EOD, truncated
[  797.593828][ T5198] Dev loop5: unable to read RDB block 7
[  797.625477][ T5198]  loop5: unable to read partition table
[  797.631348][ T5198] loop5: partition table beyond EOD, truncated
[  797.939522][T17038] fuse: Unknown parameter '0x000000000000000c'
[  798.666036][ T5198] Dev loop5: unable to read RDB block 7
[  798.683134][ T5198]  loop5: unable to read partition table
[  798.697206][ T5198] loop5: partition table beyond EOD, truncated
[  799.249059][T17071] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  802.683185][T17099] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  804.186807][ T5198] Dev loop5: unable to read RDB block 7
[  804.200962][ T5198]  loop5: unable to read partition table
[  804.257747][ T5198] loop5: partition table beyond EOD, truncated
[  804.289067][T17106] fuse: Unknown parameter 'fd0x000000000000000c'
[  806.165412][ T5836] Bluetooth: hci4: command 0x0406 tx timeout
[  806.825996][ T5198] Dev loop5: unable to read RDB block 7
[  806.832855][ T5198]  loop5: unable to read partition table
[  806.843752][ T5198] loop5: partition table beyond EOD, truncated
[  808.981678][ T5198] Dev loop5: unable to read RDB block 7
[  809.015501][ T5198]  loop5: unable to read partition table
[  809.025930][ T5198] loop5: partition table beyond EOD, truncated
[  810.331696][T17160] fuse: Unknown parameter 'fd0x000000000000000c'
[  810.439788][T17161] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  812.648853][T17189] FAULT_INJECTION: forcing a failure.
[  812.648853][T17189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.685471][T17189] CPU: 0 UID: 0 PID: 17189 Comm: syz.0.3729 Not tainted syzkaller #0 PREEMPT(full) 
[  812.685502][T17189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  812.685517][T17189] Call Trace:
[  812.685526][T17189]  <TASK>
[  812.685537][T17189]  dump_stack_lvl+0x189/0x250
[  812.685577][T17189]  ? __pfx____ratelimit+0x10/0x10
[  812.685610][T17189]  ? __pfx_dump_stack_lvl+0x10/0x10
[  812.685652][T17189]  ? __pfx__printk+0x10/0x10
[  812.685670][T17189]  ? __might_fault+0xb0/0x130
[  812.685702][T17189]  should_fail_ex+0x414/0x560
[  812.685732][T17189]  _copy_from_user+0x2d/0xb0
[  812.685754][T17189]  kstrtouint_from_user+0xc4/0x170
[  812.685773][T17189]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  812.685803][T17189]  proc_fail_nth_write+0x88/0x200
[  812.685824][T17189]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  812.685849][T17189]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  812.685870][T17189]  vfs_write+0x27e/0xb30
[  812.685900][T17189]  ? __pfx_vfs_write+0x10/0x10
[  812.685932][T17189]  ? __fget_files+0x2a/0x420
[  812.685951][T17189]  ? __fget_files+0x3a0/0x420
[  812.685965][T17189]  ? __fget_files+0x2a/0x420
[  812.685987][T17189]  ksys_write+0x145/0x250
[  812.686008][T17189]  ? exc_page_fault+0x82/0x100
[  812.686036][T17189]  ? __pfx_ksys_write+0x10/0x10
[  812.686061][T17189]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  812.686087][T17189]  ? lockdep_hardirqs_on+0x9c/0x150
[  812.686112][T17189]  __do_fast_syscall_32+0xb6/0x2b0
[  812.686128][T17189]  ? lockdep_hardirqs_on+0x9c/0x150
[  812.686154][T17189]  do_fast_syscall_32+0x34/0x80
[  812.686168][T17189]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  812.686188][T17189] RIP: 0023:0xf7fb7539
[  812.686203][T17189] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  812.686217][T17189] RSP: 002b:00000000f54a6590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  812.686233][T17189] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54a6620
[  812.686244][T17189] RDX: 0000000000000001 RSI: 00000000f7446ff4 RDI: 0000000000000000
[  812.686254][T17189] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  812.686263][T17189] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  812.686272][T17189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  812.686295][T17189]  </TASK>
[  813.775068][ T5198] Dev loop5: unable to read RDB block 7
[  813.781032][ T5198]  loop5: unable to read partition table
[  813.794924][ T5198] loop5: partition table beyond EOD, truncated
[  814.350102][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  814.360438][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  814.818162][T17205] fuse: Unknown parameter 'fd0x000000000000000c'
[  817.345636][ T5198] Dev loop5: unable to read RDB block 7
[  817.471094][ T5198]  loop5: unable to read partition table
[  817.495429][ T5198] loop5: partition table beyond EOD, truncated
[  818.152730][T17241] syz_tun: entered allmulticast mode
[  818.262755][T17241] dvmrp8: entered allmulticast mode
[  818.282452][T17239] syz_tun: left allmulticast mode
[  818.675364][T12492] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  818.875359][T12492] usb 4-1: device descriptor read/64, error -71
[  819.226309][T12492] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  819.319088][ T5198] Dev loop5: unable to read RDB block 7
[  819.354913][ T5198]  loop5: unable to read partition table
[  819.453053][ T5198] loop5: partition table beyond EOD, truncated
[  819.693812][T12492] usb 4-1: device descriptor read/64, error -71
[  819.825903][T12492] usb usb4-port1: attempt power cycle
[  820.225424][T12492] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  820.246262][T12492] usb 4-1: device descriptor read/8, error -71
[  820.497527][T12492] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  820.609618][T12492] usb 4-1: device descriptor read/8, error -71
[  820.735777][T12492] usb usb4-port1: unable to enumerate USB device
[  821.164852][ T5198] Dev loop5: unable to read RDB block 7
[  821.170598][ T5198]  loop5: unable to read partition table
[  821.176660][ T5198] loop5: partition table beyond EOD, truncated
[  822.351103][ T5198] Dev loop5: unable to read RDB block 7
[  822.357007][ T5198]  loop5: unable to read partition table
[  822.362949][ T5198] loop5: partition table beyond EOD, truncated
[  824.879061][T17308] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  825.573445][T17314] FAULT_INJECTION: forcing a failure.
[  825.573445][T17314] name failslab, interval 1, probability 0, space 0, times 0
[  825.606093][T17314] CPU: 0 UID: 0 PID: 17314 Comm: syz.0.3760 Not tainted syzkaller #0 PREEMPT(full) 
[  825.606125][T17314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  825.606139][T17314] Call Trace:
[  825.606148][T17314]  <TASK>
[  825.606156][T17314]  dump_stack_lvl+0x189/0x250
[  825.606194][T17314]  ? __pfx____ratelimit+0x10/0x10
[  825.606227][T17314]  ? __pfx_dump_stack_lvl+0x10/0x10
[  825.606258][T17314]  ? __pfx__printk+0x10/0x10
[  825.606284][T17314]  ? __pfx___might_resched+0x10/0x10
[  825.606309][T17314]  ? fs_reclaim_acquire+0x7d/0x100
[  825.606350][T17314]  should_fail_ex+0x414/0x560
[  825.606390][T17314]  should_failslab+0xa8/0x100
[  825.606415][T17314]  __kmalloc_cache_noprof+0x6f/0x6f0
[  825.606449][T17314]  ? nfnetlink_rcv+0xf97/0x2590
[  825.606491][T17314]  nfnetlink_rcv+0xf97/0x2590
[  825.606563][T17314]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  825.606651][T17314]  ? netlink_deliver_tap+0x2e/0x1b0
[  825.606697][T17314]  netlink_unicast+0x82f/0x9e0
[  825.606741][T17314]  ? __pfx_netlink_unicast+0x10/0x10
[  825.606777][T17314]  ? netlink_sendmsg+0x642/0xb30
[  825.606797][T17314]  ? skb_put+0x11b/0x210
[  825.606824][T17314]  netlink_sendmsg+0x805/0xb30
[  825.606865][T17314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  825.606892][T17314]  ? __import_iovec+0x5d4/0x7f0
[  825.606919][T17314]  ? aa_sock_msg_perm+0xf1/0x1d0
[  825.606954][T17314]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  825.606976][T17314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  825.607001][T17314]  __sock_sendmsg+0x21c/0x270
[  825.607036][T17314]  ____sys_sendmsg+0x505/0x830
[  825.607068][T17314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  825.607112][T17314]  ___sys_sendmsg+0x21f/0x2a0
[  825.607139][T17314]  ? __pfx____sys_sendmsg+0x10/0x10
[  825.607206][T17314]  ? __fget_files+0x2a/0x420
[  825.607227][T17314]  ? __fget_files+0x3a0/0x420
[  825.607260][T17314]  __sys_sendmsg+0x164/0x220
[  825.607288][T17314]  ? __pfx___sys_sendmsg+0x10/0x10
[  825.607323][T17314]  ? __pfx_ksys_write+0x10/0x10
[  825.607359][T17314]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  825.607397][T17314]  ? lockdep_hardirqs_on+0x9c/0x150
[  825.607433][T17314]  __do_fast_syscall_32+0xb6/0x2b0
[  825.607455][T17314]  ? lockdep_hardirqs_on+0x9c/0x150
[  825.607491][T17314]  do_fast_syscall_32+0x34/0x80
[  825.607512][T17314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  825.607539][T17314] RIP: 0023:0xf7fb7539
[  825.607558][T17314] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  825.607579][T17314] RSP: 002b:00000000f54a655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  825.607609][T17314] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  825.607624][T17314] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  825.607637][T17314] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  825.607650][T17314] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  825.607662][T17314] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  825.607697][T17314]  </TASK>
[  826.155372][ T5198] Dev loop5: unable to read RDB block 7
[  826.161055][ T5198]  loop5: unable to read partition table
[  826.167030][ T5198] loop5: partition table beyond EOD, truncated
[  826.665340][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  827.565431][ T5198] Dev loop5: unable to read RDB block 7
[  827.572820][ T5198]  loop5: unable to read partition table
[  827.600451][ T5198] loop5: partition table beyond EOD, truncated
[  829.303607][ T5198] Dev loop5: unable to read RDB block 7
[  829.310879][ T5198]  loop5: unable to read partition table
[  829.318641][ T5198] loop5: partition table beyond EOD, truncated
[  829.882715][ T5198] Dev loop5: unable to read RDB block 7
[  829.910246][ T5198]  loop5: unable to read partition table
[  829.941779][ T5198] loop5: partition table beyond EOD, truncated
[  830.937350][T17361] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  832.085404][ T5198] Dev loop5: unable to read RDB block 7
[  832.102126][ T5198]  loop5: unable to read partition table
[  832.139060][ T5198] loop5: partition table beyond EOD, truncated
[  833.760881][T17393] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  833.835321][T12492] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  834.367603][T12492] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA4, changing to 0x84
[  834.379506][T12492] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  834.390980][T12492] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  834.400425][T12492] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.464423][T12492] usb 1-1: config 0 descriptor??
[  834.704029][T17389] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3779'.
[  834.713483][T17402] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3779'.
[  835.139871][ T5198] Dev loop5: unable to read RDB block 7
[  835.151530][ T5198]  loop5: unable to read partition table
[  835.165513][ T5198] loop5: partition table beyond EOD, truncated
[  835.532839][T12492] ath6kl: Failed to submit usb control message: -110
[  835.790142][T12492] ath6kl: unable to send the bmi data to the device: -110
[  835.812495][T12492] ath6kl: Unable to send get target info: -110
[  835.843005][T12492] ath6kl: Failed to init ath6kl core: -110
[  835.870830][T12492] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -110
[  836.234726][T17389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  836.387075][T17389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  836.406782][T17389] bond0 (unregistering): Released all slaves
[  836.655028][ T5834] usb 1-1: USB disconnect, device number 55
[  837.710481][T17441] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  838.181145][ T5198] Dev loop5: unable to read RDB block 7
[  838.186927][ T5198]  loop5: unable to read partition table
[  838.213767][ T5198] loop5: partition table beyond EOD, truncated
[  842.054907][ T5836] Bluetooth: hci0: command 0x0406 tx timeout
[  842.096352][ T5198] Dev loop5: unable to read RDB block 7
[  842.114214][ T5198]  loop5: unable to read partition table
[  842.177811][ T5198] loop5: partition table beyond EOD, truncated
[  842.816199][T17480] fuse: Unknown parameter 'user_id00000000000000000000'
[  843.126459][ T5198] Dev loop5: unable to read RDB block 7
[  843.132135][ T5198]  loop5: unable to read partition table
[  843.197329][ T5198] loop5: partition table beyond EOD, truncated
[  844.123203][ T5198] Dev loop5: unable to read RDB block 7
[  844.128921][ T5198]  loop5: unable to read partition table
[  844.135667][ T5198] loop5: partition table beyond EOD, truncated
[  844.827032][T17503] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  848.428985][T17539] fuse: Unknown parameter 'user_id00000000000000000000'
[  849.135588][ T5198] Dev loop5: unable to read RDB block 7
[  849.145662][ T5198]  loop5: unable to read partition table
[  849.153271][ T5198] loop5: partition table beyond EOD, truncated
[  852.475569][T17583] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  853.955644][ T5198] Dev loop5: unable to read RDB block 7
[  853.971478][ T5198]  loop5: unable to read partition table
[  853.984233][ T5198] loop5: partition table beyond EOD, truncated
[  856.317237][T17618] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3831'.
[  856.704293][T17618] : entered promiscuous mode
[  857.834000][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3833'.
[  857.920814][T17630] : entered promiscuous mode
[  858.777326][T17641] fuse: Unknown parameter 'user_id00000000000000000000'
[  859.218114][ T5198] Dev loop5: unable to read RDB block 7
[  859.223796][ T5198]  loop5: unable to read partition table
[  859.243464][ T5198] loop5: partition table beyond EOD, truncated
[  859.807232][T17664] fuse: Bad value for 'fd'
[  859.813737][T17664] fuse: Bad value for 'fd'
[  860.971055][ T5198] Dev loop5: unable to read RDB block 7
[  860.985337][ T5198]  loop5: unable to read partition table
[  861.000521][ T5198] loop5: partition table beyond EOD, truncated
[  863.994681][ T5198] Dev loop5: unable to read RDB block 7
[  864.573017][ T5198]  loop5: unable to read partition table
[  864.586062][ T5198] loop5: partition table beyond EOD, truncated
[  865.786677][T17700] fuse: Unknown parameter 'user_id00000000000000000000'
[  867.445778][ T5198] Dev loop5: unable to read RDB block 7
[  867.478453][ T5198]  loop5: unable to read partition table
[  867.547081][ T5198] loop5: partition table beyond EOD, truncated
[  869.160961][T17731] bridge0: entered promiscuous mode
[  869.325490][ T5198] Dev loop5: unable to read RDB block 7
[  869.327527][T17731] bridge0: port 3(vlan2) entered blocking state
[  869.331464][ T5198]  loop5: unable to read partition table
[  869.387780][ T5198] loop5: partition table beyond EOD, truncated
[  869.440081][T17731] bridge0: port 3(vlan2) entered disabled state
[  869.458101][T17731] vlan2: entered allmulticast mode
[  869.476471][T17731] bridge0: entered allmulticast mode
[  869.491516][T17731] vlan2: left allmulticast mode
[  869.699948][T17731] bridge0: left allmulticast mode
[  869.711640][T17731] bridge0: left promiscuous mode
[  870.248231][ T5198] Dev loop5: unable to read RDB block 7
[  870.254613][ T5198]  loop5: unable to read partition table
[  870.263478][ T5198] loop5: partition table beyond EOD, truncated
[  871.190575][T17760] FAULT_INJECTION: forcing a failure.
[  871.190575][T17760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  871.246048][T17760] CPU: 0 UID: 0 PID: 17760 Comm: syz.4.3865 Not tainted syzkaller #0 PREEMPT(full) 
[  871.246079][T17760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  871.246093][T17760] Call Trace:
[  871.246101][T17760]  <TASK>
[  871.246110][T17760]  dump_stack_lvl+0x189/0x250
[  871.246149][T17760]  ? __pfx____ratelimit+0x10/0x10
[  871.246181][T17760]  ? __pfx_dump_stack_lvl+0x10/0x10
[  871.246212][T17760]  ? __pfx__printk+0x10/0x10
[  871.246235][T17760]  ? __might_fault+0xb0/0x130
[  871.246280][T17760]  should_fail_ex+0x414/0x560
[  871.246320][T17760]  _copy_from_user+0x2d/0xb0
[  871.246350][T17760]  get_compat_msghdr+0xad/0x4a0
[  871.246376][T17760]  ? __pfx_load_gs_index+0x10/0x10
[  871.246413][T17760]  ? __pfx_get_compat_msghdr+0x10/0x10
[  871.246453][T17760]  ___sys_sendmsg+0x193/0x2a0
[  871.246482][T17760]  ? __pfx____sys_sendmsg+0x10/0x10
[  871.246508][T17760]  ? finish_task_switch+0x18b/0x950
[  871.246577][T17760]  ? __fget_files+0x2a/0x420
[  871.246598][T17760]  ? __fget_files+0x3a0/0x420
[  871.246631][T17760]  __sys_sendmsg+0x164/0x220
[  871.246658][T17760]  ? __pfx___sys_sendmsg+0x10/0x10
[  871.246699][T17760]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  871.246736][T17760]  ? lockdep_hardirqs_on+0x9c/0x150
[  871.246766][T17760]  __do_fast_syscall_32+0xb6/0x2b0
[  871.246789][T17760]  do_fast_syscall_32+0x34/0x80
[  871.246805][T17760]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  871.246826][T17760] RIP: 0023:0xf70bd539
[  871.246848][T17760] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  871.246864][T17760] RSP: 002b:00000000f546b55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  871.246883][T17760] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000600
[  871.246895][T17760] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  871.246905][T17760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  871.246915][T17760] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  871.246925][T17760] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  871.246954][T17760]  </TASK>
[  874.410405][ T5198] Dev loop5: unable to read RDB block 7
[  874.416205][ T5198]  loop5: unable to read partition table
[  874.422111][ T5198] loop5: partition table beyond EOD, truncated
[  875.885619][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  875.894582][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  877.934495][ T5198] Dev loop5: unable to read RDB block 7
[  877.945276][ T5198]  loop5: unable to read partition table
[  878.346414][ T5198] loop5: partition table beyond EOD, truncated
[  881.616160][ T5198] Dev loop5: unable to read RDB block 7
[  881.621793][ T5198]  loop5: unable to read partition table
[  881.665849][ T5198] loop5: partition table beyond EOD, truncated
[  881.805760][T17900] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3901'.
[  882.017325][T17908] netlink: 'syz.5.3897': attribute type 10 has an invalid length.
[  882.058454][T17908] 8021q: adding VLAN 0 to HW filter on device batadv0
[  882.115071][T17908] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  882.338332][T17914] fuse: Unknown parameter 'user_id00000000000000000000'
[  883.052951][T17926] FAULT_INJECTION: forcing a failure.
[  883.052951][T17926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  883.095678][T17926] CPU: 1 UID: 0 PID: 17926 Comm: syz.3.3908 Not tainted syzkaller #0 PREEMPT(full) 
[  883.095711][T17926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  883.095725][T17926] Call Trace:
[  883.095734][T17926]  <TASK>
[  883.095743][T17926]  dump_stack_lvl+0x189/0x250
[  883.095780][T17926]  ? __pfx____ratelimit+0x10/0x10
[  883.095812][T17926]  ? __pfx_dump_stack_lvl+0x10/0x10
[  883.095858][T17926]  ? __pfx__printk+0x10/0x10
[  883.095896][T17926]  should_fail_ex+0x414/0x560
[  883.095936][T17926]  _copy_to_user+0x31/0xb0
[  883.095968][T17926]  simple_read_from_buffer+0xe1/0x170
[  883.096008][T17926]  proc_fail_nth_read+0x1b3/0x220
[  883.096041][T17926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  883.096074][T17926]  ? rw_verify_area+0x2a6/0x4d0
[  883.096236][T17926]  ? __lock_acquire+0xab9/0xd20
[  883.096264][T17926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  883.096295][T17926]  vfs_read+0x200/0xa30
[  883.096326][T17926]  ? fdget_pos+0x247/0x320
[  883.096353][T17926]  ? __pfx___mutex_lock+0x10/0x10
[  883.096388][T17926]  ? __pfx_vfs_read+0x10/0x10
[  883.096420][T17926]  ? __fget_files+0x2a/0x420
[  883.096445][T17926]  ? __fget_files+0x3a0/0x420
[  883.096465][T17926]  ? __fget_files+0x2a/0x420
[  883.096496][T17926]  ksys_read+0x145/0x250
[  883.096531][T17926]  ? __pfx_ksys_read+0x10/0x10
[  883.096565][T17926]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  883.096601][T17926]  ? lockdep_hardirqs_on+0x9c/0x150
[  883.096639][T17926]  __do_fast_syscall_32+0xb6/0x2b0
[  883.096660][T17926]  ? lockdep_hardirqs_on+0x9c/0x150
[  883.096696][T17926]  do_fast_syscall_32+0x34/0x80
[  883.096716][T17926]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  883.096742][T17926] RIP: 0023:0xf70ed539
[  883.096762][T17926] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  883.096781][T17926] RSP: 002b:00000000f54dd590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  883.096845][T17926] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54dd620
[  883.096862][T17926] RDX: 000000000000000f RSI: 00000000f7486ff4 RDI: 0000000000000000
[  883.096876][T17926] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  883.096890][T17926] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  883.096903][T17926] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  883.096938][T17926]  </TASK>
[  884.567543][ T5198] Dev loop5: unable to read RDB block 7
[  884.573358][ T5198]  loop5: unable to read partition table
[  884.585833][ T5198] loop5: partition table beyond EOD, truncated
[  886.912790][T17967] fuse: Bad value for 'fd'
[  886.944734][T17967] fuse: Bad value for 'fd'
[  887.062370][T17971] fuse: Unknown parameter 'user_id00000000000000000000'
[  887.735730][ T5198] Dev loop5: unable to read RDB block 7
[  887.741358][ T5198]  loop5: unable to read partition table
[  887.775473][ T5198] loop5: partition table beyond EOD, truncated
[  887.881029][T17980] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3923'.
[  888.746478][ T5198] Dev loop5: unable to read RDB block 7
[  888.752104][ T5198]  loop5: unable to read partition table
[  888.759673][ T5198] loop5: partition table beyond EOD, truncated
[  889.881371][T18001] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3926'.
[  892.725643][T18021] fuse: Unknown parameter 'user_id00000000000000000000'
[  892.842187][ T5198] Dev loop5: unable to read RDB block 7
[  892.848106][ T5198]  loop5: unable to read partition table
[  892.854028][ T5198] loop5: partition table beyond EOD, truncated
[  895.108338][ T5198] Dev loop5: unable to read RDB block 7
[  895.148079][ T5198]  loop5: unable to read partition table
[  895.158668][ T5198] loop5: partition table beyond EOD, truncated
[  895.633117][T18058] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  897.436318][T18073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3944'.
[  898.101333][T18083] fuse: Unknown parameter 'user_id00000000000000000000'
[  898.599946][ T5198] Dev loop5: unable to read RDB block 7
[  898.606929][ T5198]  loop5: unable to read partition table
[  898.612866][ T5198] loop5: partition table beyond EOD, truncated
[  898.841604][T18088] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3947'.
[  899.948059][ T5198] Dev loop5: unable to read RDB block 7
[  899.953701][ T5198]  loop5: unable to read partition table
[  899.960282][ T5198] loop5: partition table beyond EOD, truncated
[  900.912739][T18125] fuse: Unknown parameter 'user_id00000000000000000000'
[  902.050359][T18137] FAULT_INJECTION: forcing a failure.
[  902.050359][T18137] name failslab, interval 1, probability 0, space 0, times 0
[  902.099460][T18137] CPU: 1 UID: 0 PID: 18137 Comm: syz.5.3962 Not tainted syzkaller #0 PREEMPT(full) 
[  902.099499][T18137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  902.099513][T18137] Call Trace:
[  902.099523][T18137]  <TASK>
[  902.099533][T18137]  dump_stack_lvl+0x189/0x250
[  902.099572][T18137]  ? __pfx____ratelimit+0x10/0x10
[  902.099605][T18137]  ? __pfx_dump_stack_lvl+0x10/0x10
[  902.099636][T18137]  ? __pfx__printk+0x10/0x10
[  902.099668][T18137]  ? __pfx___might_resched+0x10/0x10
[  902.099700][T18137]  should_fail_ex+0x414/0x560
[  902.099743][T18137]  should_failslab+0xa8/0x100
[  902.099770][T18137]  __kmalloc_noprof+0xcb/0x7f0
[  902.099803][T18137]  ? ethnl_default_notify+0x1af/0xb70
[  902.099839][T18137]  ethnl_default_notify+0x1af/0xb70
[  902.099877][T18137]  ? __pfx_ethnl_default_notify+0x10/0x10
[  902.099917][T18137]  ? __pfx_ethnl_set_debug+0x10/0x10
[  902.099956][T18137]  ? mutex_is_locked+0x17/0x50
[  902.099982][T18137]  ? rtnl_is_locked+0x15/0x20
[  902.100014][T18137]  ethnl_default_set_doit+0x4f8/0x890
[  902.100054][T18137]  genl_family_rcv_msg_doit+0x215/0x300
[  902.100095][T18137]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  902.100143][T18137]  ? bpf_lsm_capable+0x9/0x20
[  902.100171][T18137]  ? security_capable+0x7e/0x2e0
[  902.100213][T18137]  genl_rcv_msg+0x60e/0x790
[  902.100250][T18137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  902.100280][T18137]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  902.100309][T18137]  ? __asan_memcpy+0x40/0x70
[  902.100340][T18137]  ? __pfx_ref_tracker_free+0x10/0x10
[  902.100373][T18137]  netlink_rcv_skb+0x208/0x470
[  902.100396][T18137]  ? __lock_acquire+0xab9/0xd20
[  902.100421][T18137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  902.100453][T18137]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  902.100507][T18137]  ? down_read+0x1ad/0x2e0
[  902.100536][T18137]  genl_rcv+0x28/0x40
[  902.100565][T18137]  netlink_unicast+0x82f/0x9e0
[  902.100611][T18137]  ? __pfx_netlink_unicast+0x10/0x10
[  902.100649][T18137]  ? netlink_sendmsg+0x642/0xb30
[  902.100671][T18137]  ? skb_put+0x11b/0x210
[  902.100700][T18137]  netlink_sendmsg+0x805/0xb30
[  902.100737][T18137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  902.100765][T18137]  ? __import_iovec+0x5d4/0x7f0
[  902.100793][T18137]  ? aa_sock_msg_perm+0xf1/0x1d0
[  902.100831][T18137]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  902.100854][T18137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  902.100881][T18137]  __sock_sendmsg+0x21c/0x270
[  902.100918][T18137]  ____sys_sendmsg+0x505/0x830
[  902.100952][T18137]  ? __pfx_____sys_sendmsg+0x10/0x10
[  902.100999][T18137]  ___sys_sendmsg+0x21f/0x2a0
[  902.101030][T18137]  ? __pfx____sys_sendmsg+0x10/0x10
[  902.101101][T18137]  ? __fget_files+0x2a/0x420
[  902.101123][T18137]  ? __fget_files+0x3a0/0x420
[  902.101159][T18137]  __sys_sendmsg+0x164/0x220
[  902.101189][T18137]  ? __pfx___sys_sendmsg+0x10/0x10
[  902.101227][T18137]  ? __pfx_ksys_write+0x10/0x10
[  902.101278][T18137]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  902.101317][T18137]  ? lockdep_hardirqs_on+0x9c/0x150
[  902.101354][T18137]  __do_fast_syscall_32+0xb6/0x2b0
[  902.101377][T18137]  ? lockdep_hardirqs_on+0x9c/0x150
[  902.101417][T18137]  do_fast_syscall_32+0x34/0x80
[  902.101439][T18137]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  902.101467][T18137] RIP: 0023:0xf7fa3539
[  902.101487][T18137] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  902.101514][T18137] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  902.101539][T18137] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800007c0
[  902.101556][T18137] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000000
[  902.101571][T18137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  902.101585][T18137] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  902.101599][T18137] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  902.101634][T18137]  </TASK>
[  902.488488][    C1] vkms_vblank_simulate: vblank timer overrun
[  902.948455][ T5198] Dev loop5: unable to read RDB block 7
[  902.954109][ T5198]  loop5: unable to read partition table
[  902.980579][ T5198] loop5: partition table beyond EOD, truncated
[  903.061216][T18143] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  903.676894][T18157] netlink: 'syz.0.3966': attribute type 10 has an invalid length.
[  903.709934][ T5198] Dev loop5: unable to read RDB block 7
[  903.715762][ T5198]  loop5: unable to read partition table
[  903.721714][ T5198] loop5: partition table beyond EOD, truncated
[  904.687455][T18168] fuse: Unknown parameter 'user_id00000000000000000000'
[  906.597169][ T5198] Dev loop5: unable to read RDB block 7
[  906.602841][ T5198]  loop5: unable to read partition table
[  906.615450][ T5198] loop5: partition table beyond EOD, truncated
[  907.251022][T18194] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  907.802186][ T5198] Dev loop5: unable to read RDB block 7
[  907.822953][ T5198]  loop5: unable to read partition table
[  907.905832][ T5198] loop5: partition table beyond EOD, truncated
[  908.307613][T18205] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3979'.
[  908.622788][T18210] fuse: Unknown parameter 'user_id00000000000000000000'
[  908.831415][T18212] bond1: entered promiscuous mode
[  908.848357][T18212] 8021q: adding VLAN 0 to HW filter on device bond1
[  909.121805][T18216] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  909.618073][ T5198] Dev loop5: unable to read RDB block 7
[  909.623903][ T5198]  loop5: unable to read partition table
[  909.651722][ T5198] loop5: partition table beyond EOD, truncated
[  911.966775][ T5198] Dev loop5: unable to read RDB block 7
[  912.055058][ T5198]  loop5: unable to read partition table
[  912.099579][ T5198] loop5: partition table beyond EOD, truncated
[  913.268883][T18267] syzkaller1: entered promiscuous mode
[  913.274540][T18267] syzkaller1: entered allmulticast mode
[  913.373482][T18265] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  913.441864][ T5198] Dev loop5: unable to read RDB block 7
[  913.447669][ T5198]  loop5: unable to read partition table
[  913.453631][ T5198] loop5: partition table beyond EOD, truncated
[  913.940210][ T5198] Dev loop5: unable to read RDB block 7
[  913.963018][ T5198]  loop5: unable to read partition table
[  914.017641][ T5198] loop5: partition table beyond EOD, truncated
[  915.816083][ T5198] Dev loop5: unable to read RDB block 7
[  915.821706][ T5198]  loop5: unable to read partition table
[  915.828185][ T5198] loop5: partition table beyond EOD, truncated
[  919.782085][ T5198] Dev loop5: unable to read RDB block 7
[  919.895305][ T5198]  loop5: unable to read partition table
[  919.905922][ T5198] loop5: partition table beyond EOD, truncated
[  920.444845][T18339] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4011'.
[  921.297965][T18351] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4014'.
[  922.124154][ T5198] Dev loop5: unable to read RDB block 7
[  922.251284][ T5198]  loop5: unable to read partition table
[  922.266908][ T5198] loop5: partition table beyond EOD, truncated
[  924.848199][ T5198] Dev loop5: unable to read RDB block 7
[  924.955304][ T5926] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  925.158513][ T5198]  loop5: unable to read partition table
[  925.176136][ T5198] loop5: partition table beyond EOD, truncated
[  925.184804][ T5926] usb 4-1: device descriptor read/64, error -71
[  925.696273][ T5889] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  925.745301][ T5926] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  925.905441][ T5926] usb 4-1: device descriptor read/64, error -71
[  925.935609][ T5889] usb 6-1: Using ep0 maxpacket: 16
[  925.942909][ T5889] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  925.955420][ T5889] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  925.973436][ T5889] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  926.008372][ T5889] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  926.018104][ T5926] usb usb4-port1: attempt power cycle
[  926.025070][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  926.051044][ T5889] usb 6-1: Product: syz
[  926.055747][ T5889] usb 6-1: Manufacturer: syz
[  926.060480][ T5889] usb 6-1: SerialNumber: syz
[  926.357701][ T5926] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  926.508419][ T5926] usb 4-1: device descriptor read/8, error -71
[  926.517743][ T5889] usb 6-1: 0:2 : does not exist
[  926.601057][T18401] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  926.795375][ T5926] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  926.943934][ T5926] usb 4-1: device descriptor read/8, error -71
[  927.098305][ T5926] usb usb4-port1: unable to enumerate USB device
[  927.754956][T18410] netlink: 'syz.3.4030': attribute type 4 has an invalid length.
[  927.785357][T18410] netlink: 3549 bytes leftover after parsing attributes in process `syz.3.4030'.
[  928.055377][ T5926] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  928.103157][ T5889] usb 6-1: USB disconnect, device number 34
[  928.227340][ T5926] usb 4-1: config 0 has an invalid descriptor of length 88, skipping remainder of the config
[  928.242391][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  928.255961][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 228, changing to 7
[  928.272020][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 58710, setting to 1024
[  928.287123][ T5926] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  928.301393][ T5926] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  928.312200][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.332433][ T5926] usb 4-1: config 0 descriptor??
[  928.601342][ T5926] usb 4-1: USB disconnect, device number 53
[  929.647088][ T5198] Dev loop5: unable to read RDB block 7
[  929.652706][ T5198]  loop5: unable to read partition table
[  929.699349][ T5198] loop5: partition table beyond EOD, truncated
[  931.378263][ T5198] Dev loop5: unable to read RDB block 7
[  931.383978][ T5198]  loop5: unable to read partition table
[  931.390304][ T5198] loop5: partition table beyond EOD, truncated
[  931.609621][T18457] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4039'.
[  932.484437][ T5198] Dev loop5: unable to read RDB block 7
[  932.527127][ T5198]  loop5: unable to read partition table
[  932.535731][ T5198] loop5: partition table beyond EOD, truncated
[  932.689672][T18471] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  936.128380][T18499] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  936.876018][ T5198] Dev loop5: unable to read RDB block 7
[  936.881702][ T5198]  loop5: unable to read partition table
[  936.890055][ T5198] loop5: partition table beyond EOD, truncated
[  937.209374][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  937.216042][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  938.566344][T18526] FAULT_INJECTION: forcing a failure.
[  938.566344][T18526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  938.595361][T18526] CPU: 0 UID: 0 PID: 18526 Comm: syz.1.4055 Not tainted syzkaller #0 PREEMPT(full) 
[  938.595394][T18526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  938.595410][T18526] Call Trace:
[  938.595420][T18526]  <TASK>
[  938.595431][T18526]  dump_stack_lvl+0x189/0x250
[  938.595471][T18526]  ? __pfx____ratelimit+0x10/0x10
[  938.595504][T18526]  ? __pfx_dump_stack_lvl+0x10/0x10
[  938.595536][T18526]  ? __pfx__printk+0x10/0x10
[  938.595573][T18526]  should_fail_ex+0x414/0x560
[  938.595613][T18526]  _copy_to_user+0x31/0xb0
[  938.595645][T18526]  simple_read_from_buffer+0xe1/0x170
[  938.595685][T18526]  proc_fail_nth_read+0x1b3/0x220
[  938.595718][T18526]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  938.595750][T18526]  ? rw_verify_area+0x2a6/0x4d0
[  938.595781][T18526]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  938.595812][T18526]  vfs_read+0x200/0xa30
[  938.595866][T18526]  ? __pfx_vfs_read+0x10/0x10
[  938.595898][T18526]  ? aa_sk_perm+0x81e/0x950
[  938.595934][T18526]  ? count_memcg_event_mm+0x21/0x260
[  938.595964][T18526]  ? __pfx_aa_sk_perm+0x10/0x10
[  938.596008][T18526]  ksys_read+0x145/0x250
[  938.596043][T18526]  ? __pfx_ksys_read+0x10/0x10
[  938.596079][T18526]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  938.596117][T18526]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.596164][T18526]  __do_fast_syscall_32+0xb6/0x2b0
[  938.596186][T18526]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.596225][T18526]  do_fast_syscall_32+0x34/0x80
[  938.596247][T18526]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  938.596275][T18526] RIP: 0023:0xf70fd539
[  938.596296][T18526] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  938.596317][T18526] RSP: 002b:00000000f54ed590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  938.596343][T18526] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54ed620
[  938.596360][T18526] RDX: 000000000000000f RSI: 00000000f7496ff4 RDI: 0000000000000000
[  938.596375][T18526] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  938.596390][T18526] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  938.596404][T18526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  938.596440][T18526]  </TASK>
[  938.826911][    C0] vkms_vblank_simulate: vblank timer overrun
[  938.857823][T18530] netlink: 'syz.0.4056': attribute type 1 has an invalid length.
[  938.875057][T18533] FAULT_INJECTION: forcing a failure.
[  938.875057][T18533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  938.971767][T18533] CPU: 1 UID: 0 PID: 18533 Comm: syz.5.4057 Not tainted syzkaller #0 PREEMPT(full) 
[  938.971801][T18533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  938.971815][T18533] Call Trace:
[  938.971825][T18533]  <TASK>
[  938.971836][T18533]  dump_stack_lvl+0x189/0x250
[  938.971874][T18533]  ? __pfx____ratelimit+0x10/0x10
[  938.971908][T18533]  ? __pfx_dump_stack_lvl+0x10/0x10
[  938.971940][T18533]  ? __pfx__printk+0x10/0x10
[  938.971965][T18533]  ? __might_fault+0xb0/0x130
[  938.972012][T18533]  should_fail_ex+0x414/0x560
[  938.972054][T18533]  _copy_from_user+0x2d/0xb0
[  938.972086][T18533]  ucma_set_option+0xc1/0xa60
[  938.972123][T18533]  ? __pfx_ucma_set_option+0x10/0x10
[  938.972169][T18533]  ? __lock_acquire+0xab9/0xd20
[  938.972206][T18533]  ? __might_fault+0xb0/0x130
[  938.972264][T18533]  ucma_write+0x249/0x2e0
[  938.972297][T18533]  ? __pfx_ucma_write+0x10/0x10
[  938.972325][T18533]  ? security_file_permission+0x75/0x290
[  938.972368][T18533]  ? rw_verify_area+0x255/0x4d0
[  938.972399][T18533]  ? __lock_acquire+0xab9/0xd20
[  938.972419][T18533]  ? __pfx_ucma_write+0x10/0x10
[  938.972450][T18533]  vfs_write+0x27e/0xb30
[  938.972493][T18533]  ? __pfx_vfs_write+0x10/0x10
[  938.972529][T18533]  ? __fget_files+0x2a/0x420
[  938.972556][T18533]  ? __fget_files+0x2a/0x420
[  938.972577][T18533]  ? __fget_files+0x3a0/0x420
[  938.972599][T18533]  ? __fget_files+0x2a/0x420
[  938.972632][T18533]  ksys_write+0x145/0x250
[  938.972664][T18533]  ? exc_page_fault+0x82/0x100
[  938.972700][T18533]  ? __pfx_ksys_write+0x10/0x10
[  938.972737][T18533]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  938.972775][T18533]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.972831][T18533]  __do_fast_syscall_32+0xb6/0x2b0
[  938.972853][T18533]  ? lockdep_hardirqs_on+0x9c/0x150
[  938.972891][T18533]  do_fast_syscall_32+0x34/0x80
[  938.972913][T18533]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  938.972941][T18533] RIP: 0023:0xf7fa3539
[  938.972961][T18533] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  938.972981][T18533] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  938.973004][T18533] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  938.973021][T18533] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  938.973034][T18533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  938.973047][T18533] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  938.973061][T18533] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  938.973095][T18533]  </TASK>
[  939.391004][T18531] netlink: 'syz.0.4056': attribute type 1 has an invalid length.
[  939.703631][ T5198] Dev loop5: unable to read RDB block 7
[  939.710384][ T5198]  loop5: unable to read partition table
[  939.716484][ T5198] loop5: partition table beyond EOD, truncated
[  940.202212][T18548] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  940.825326][ T5889] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  940.975262][ T5889] usb 1-1: Using ep0 maxpacket: 32
[  940.982599][ T5889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  941.005749][ T5889] usb 1-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=30.48
[  941.035392][ T5889] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.054352][ T5889] usb 1-1: Product: syz
[  941.059075][ T5889] usb 1-1: Manufacturer: syz
[  941.063801][ T5889] usb 1-1: SerialNumber: syz
[  941.088480][ T5889] usb 1-1: config 0 descriptor??
[  941.629453][T12492] usb 1-1: USB disconnect, device number 56
[  943.667022][ T5198] Dev loop5: unable to read RDB block 7
[  943.672674][ T5198]  loop5: unable to read partition table
[  943.684572][ T5198] loop5: partition table beyond EOD, truncated
[  943.780663][T12492] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  944.255444][T12492] usb 1-1: Using ep0 maxpacket: 32
[  944.454281][T18586] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4070'.
[  944.465315][ T5834] usb 6-1: new full-speed USB device number 35 using dummy_hcd
[  944.479436][T18577] netlink: 'syz.0.4069': attribute type 1 has an invalid length.
[  944.538850][T18577] 8021q: adding VLAN 0 to HW filter on device bond0
[  944.658831][ T5834] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  944.702236][ T5834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  944.798511][ T5834] usb 6-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  944.812058][ T5834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  944.843117][ T5834] usb 6-1: Product: syz
[  944.870465][ T5834] usb 6-1: Manufacturer: syz
[  944.887234][ T5834] usb 6-1: SerialNumber: syz
[  944.922947][ T5834] usb 6-1: config 0 descriptor??
[  944.932220][T18582] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  944.996024][T18593] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4071'.
[  945.088555][T18597] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  945.105655][ T5834] rc_core: IR keymap rc-streamzap not found
[  945.112231][ T5834] Registered IR keymap rc-empty
[  945.139458][ T5834] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  945.372596][ T5834] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input27
[  945.393245][ T5834] usb 6-1: USB disconnect, device number 35
[  946.795334][T12492] usb 1-1: unable to get BOS descriptor or descriptor too short
[  946.804064][T12492] usb 1-1: unable to read config index 0 descriptor/start: -71
[  946.825721][T12492] usb 1-1: can't read configurations, error -71
[  947.062844][ T5198] Dev loop5: unable to read RDB block 7
[  947.068547][ T5198]  loop5: unable to read partition table
[  947.077097][ T5198] loop5: partition table beyond EOD, truncated
[  947.185253][    T9] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  947.448694][    T9] usb 6-1: device descriptor read/64, error -71
[  947.728365][    T9] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  947.828107][T18629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4079'.
[  947.876818][T18629] loop2: detected capacity change from 0 to 7
[  947.893333][    T9] usb 6-1: device descriptor read/64, error -71
[  947.900367][T18629]  loop2:
[  947.904758][T18629] loop2: partition table partially beyond EOD, truncated
[  948.035644][    T9] usb usb6-port1: attempt power cycle
[  948.335451][ T5889] usb 4-1: new low-speed USB device number 54 using dummy_hcd
[  948.688566][ T5889] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  948.727123][    T9] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  948.741839][ T5889] usb 4-1: config 1 interface 0 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  948.765723][ T5889] usb 4-1: config 1 interface 0 has no altsetting 0
[  948.766193][    T9] usb 6-1: device descriptor read/8, error -71
[  949.125486][    T9] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  949.155957][    T9] usb 6-1: device descriptor read/8, error -71
[  949.286883][    T9] usb usb6-port1: unable to enumerate USB device
[  950.131770][ T5198] Dev loop5: unable to read RDB block 7
[  950.149947][ T5198]  loop5: unable to read partition table
[  950.206269][ T5198] loop5: partition table beyond EOD, truncated
[  950.255362][    T9] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  950.566587][    T9] usb 1-1: Using ep0 maxpacket: 8
[  950.596607][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[  950.636047][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  950.651787][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  950.680879][    T9] usb 1-1: Product: syz
[  950.718456][    T9] usb 1-1: Manufacturer: syz
[  950.728117][    T9] usb 1-1: SerialNumber: syz
[  950.744719][    T9] usb 1-1: config 0 descriptor??
[  950.760588][    T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  951.115062][ T5889] usb 4-1: New USB device found, idVendor=04d9, idProduct=a04a, bcdDevice= 0.40
[  951.130061][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  951.251774][ T5889] usb 4-1: can't set config #1, error -71
[  951.271894][ T5889] usb 4-1: USB disconnect, device number 54
[  953.144852][    T9] gspca_zc3xx: reg_w_i err -71
[  953.805338][    T9] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  953.812904][    T9] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  953.863440][    T9] usb 1-1: USB disconnect, device number 59
[  954.389389][ T5198] Dev loop5: unable to read RDB block 7
[  954.417813][ T5198]  loop5: unable to read partition table
[  954.425805][T18711] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4097'.
[  954.487686][T18704] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  954.516489][ T5198] loop5: partition table beyond EOD, truncated
[  954.725058][T18712] tipc: Started in network mode
[  954.748324][T18712] tipc: Node identity d6048c10188e, cluster identity 4711
[  954.786761][T18712] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  954.802171][T18708] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4097'.
[  955.180767][T18713] syzkaller0: entered promiscuous mode
[  955.198218][T18713] syzkaller0: entered allmulticast mode
[  955.210908][T18708] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4097'.
[  955.294011][T18706] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  955.376370][T18711] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  955.448188][T18708] bond1: entered promiscuous mode
[  955.461894][T18708] bond1: entered allmulticast mode
[  955.473784][T18708] 8021q: adding VLAN 0 to HW filter on device bond1
[  955.585636][T18705] tipc: Resetting bearer <eth:syzkaller0>
[  955.623132][T18705] tipc: Disabling bearer <eth:syzkaller0>
[  957.396263][ T5198] Dev loop5: unable to read RDB block 7
[  957.401888][ T5198]  loop5: unable to read partition table
[  957.413825][ T5198] loop5: partition table beyond EOD, truncated
[  959.519628][T18771] FAULT_INJECTION: forcing a failure.
[  959.519628][T18771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  959.535625][T18771] CPU: 0 UID: 0 PID: 18771 Comm: syz.3.4111 Not tainted syzkaller #0 PREEMPT(full) 
[  959.535658][T18771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  959.535673][T18771] Call Trace:
[  959.535682][T18771]  <TASK>
[  959.535693][T18771]  dump_stack_lvl+0x189/0x250
[  959.535729][T18771]  ? __pfx____ratelimit+0x10/0x10
[  959.535759][T18771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.535789][T18771]  ? __pfx__printk+0x10/0x10
[  959.535826][T18771]  should_fail_ex+0x414/0x560
[  959.535866][T18771]  _copy_to_user+0x31/0xb0
[  959.535899][T18771]  simple_read_from_buffer+0xe1/0x170
[  959.535939][T18771]  proc_fail_nth_read+0x1b3/0x220
[  959.535972][T18771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  959.536005][T18771]  ? rw_verify_area+0x2a6/0x4d0
[  959.536035][T18771]  ? __lock_acquire+0xab9/0xd20
[  959.536056][T18771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  959.536087][T18771]  vfs_read+0x200/0xa30
[  959.536117][T18771]  ? fdget_pos+0x247/0x320
[  959.536144][T18771]  ? __pfx___mutex_lock+0x10/0x10
[  959.536180][T18771]  ? __pfx_vfs_read+0x10/0x10
[  959.536213][T18771]  ? __fget_files+0x2a/0x420
[  959.536239][T18771]  ? __fget_files+0x3a0/0x420
[  959.536260][T18771]  ? __fget_files+0x2a/0x420
[  959.536292][T18771]  ksys_read+0x145/0x250
[  959.536324][T18771]  ? __pfx_ksys_read+0x10/0x10
[  959.536358][T18771]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  959.536395][T18771]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.536430][T18771]  __do_fast_syscall_32+0xb6/0x2b0
[  959.536453][T18771]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.536488][T18771]  do_fast_syscall_32+0x34/0x80
[  959.536519][T18771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  959.536547][T18771] RIP: 0023:0xf70ed539
[  959.536568][T18771] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  959.536589][T18771] RSP: 002b:00000000f54dd590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  959.536617][T18771] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54dd620
[  959.536633][T18771] RDX: 000000000000000f RSI: 00000000f7486ff4 RDI: 0000000000000000
[  959.536648][T18771] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  959.536662][T18771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  959.536676][T18771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  959.536710][T18771]  </TASK>
[  959.780501][    C0] vkms_vblank_simulate: vblank timer overrun
[  960.088356][ T5198] Dev loop5: unable to read RDB block 7
[  960.094046][ T5198]  loop5: unable to read partition table
[  960.100059][ T5198] loop5: partition table beyond EOD, truncated
[  961.085342][    T9] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  961.125359][T18787] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  961.285322][    T9] usb 1-1: device descriptor read/64, error -71
[  961.566805][    T9] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  961.705257][    T9] usb 1-1: device descriptor read/64, error -71
[  961.816079][    T9] usb usb1-port1: attempt power cycle
[  962.175697][    T9] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  962.215916][    T9] usb 1-1: device descriptor read/8, error -71
[  962.465585][    T9] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  962.490190][    T9] usb 1-1: device descriptor read/8, error -71
[  962.526896][T18801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  962.601705][T18801] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  962.621018][    T9] usb usb1-port1: unable to enumerate USB device
[  962.747121][ T5198] Dev loop5: unable to read RDB block 7
[  962.752846][ T5198]  loop5: unable to read partition table
[  962.766055][ T5198] loop5: partition table beyond EOD, truncated
[  962.785391][ T5834] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  962.801493][    C0] raw-gadget.1 gadget.3: ignoring, device is not running
[  963.083349][T18813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4119'.
[  966.396569][T18854] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  968.181395][ T5198] Dev loop5: unable to read RDB block 7
[  968.234677][ T5198]  loop5: unable to read partition table
[  968.244033][ T5198] loop5: partition table beyond EOD, truncated
[  968.589385][T18871] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  968.596296][T18871] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  969.825391][ T5926] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  970.143743][ T5926] usb 4-1: device descriptor read/64, error -71
[  970.385409][ T5926] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  970.535525][ T5926] usb 4-1: device descriptor read/64, error -71
[  970.678129][ T5926] usb usb4-port1: attempt power cycle
[  970.886757][ T5198] Dev loop5: unable to read RDB block 7
[  970.894428][ T5198]  loop5: unable to read partition table
[  970.900693][ T5198] loop5: partition table beyond EOD, truncated
[  970.975548][ T5951] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  971.055269][ T5926] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  971.096253][ T5926] usb 4-1: device descriptor read/8, error -71
[  971.136176][ T5951] usb 1-1: device descriptor read/64, error -71
[  971.397000][ T5926] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  971.411468][ T5198] Dev loop5: unable to read RDB block 7
[  971.417640][ T5951] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  971.426267][ T5198]  loop5: unable to read partition table
[  971.436320][ T5198] loop5: partition table beyond EOD, truncated
[  971.441822][ T5926] usb 4-1: device descriptor read/8, error -71
[  971.565344][ T5951] usb 1-1: device descriptor read/64, error -71
[  971.582243][ T5926] usb usb4-port1: unable to enumerate USB device
[  971.676478][ T5951] usb usb1-port1: attempt power cycle
[  971.960821][ T5198] Dev loop5: unable to read RDB block 7
[  971.975438][ T5198]  loop5: unable to read partition table
[  971.984572][ T5198] loop5: partition table beyond EOD, truncated
[  972.145334][ T5951] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  972.209954][ T5951] usb 1-1: device descriptor read/8, error -71
[  972.535528][ T5951] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  972.588133][ T5951] usb 1-1: device descriptor read/8, error -71
[  972.719908][ T5951] usb usb1-port1: unable to enumerate USB device
[  976.431746][ T5198] Dev loop5: unable to read RDB block 7
[  976.437657][ T5198]  loop5: unable to read partition table
[  976.448011][ T5198] loop5: partition table beyond EOD, truncated
[  977.579480][ T5198] Dev loop5: unable to read RDB block 7
[  977.587685][ T5198]  loop5: unable to read partition table
[  977.593820][ T5198] loop5: partition table beyond EOD, truncated
[  977.733381][T18966] bridge0: port 3(vlan2) entered blocking state
[  977.783926][T18966] bridge0: port 3(vlan2) entered disabled state
[  977.793705][T18966] vlan2: entered allmulticast mode
[  977.799193][T18966] bridge0: entered allmulticast mode
[  977.812100][T18966] vlan2: left allmulticast mode
[  977.817545][T18966] bridge0: left allmulticast mode
[  978.671795][ T5198] Dev loop5: unable to read RDB block 7
[  978.677623][ T5198]  loop5: unable to read partition table
[  978.686284][ T5198] loop5: partition table beyond EOD, truncated
[  979.393220][ T5198] Dev loop5: unable to read RDB block 7
[  979.433209][ T5198]  loop5: unable to read partition table
[  979.485686][ T5198] loop5: partition table beyond EOD, truncated
[  981.755921][T19018] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  983.531500][ T5198] Dev loop5: unable to read RDB block 7
[  983.537242][ T5198]  loop5: unable to read partition table
[  983.554751][ T5198] loop5: partition table beyond EOD, truncated
[  984.715020][ T5198] Dev loop5: unable to read RDB block 7
[  984.720913][ T5198]  loop5: unable to read partition table
[  984.727872][ T5198] loop5: partition table beyond EOD, truncated
[  986.517741][ T5198] Dev loop5: unable to read RDB block 7
[  986.523390][ T5198]  loop5: unable to read partition table
[  986.566707][ T5198] loop5: partition table beyond EOD, truncated
[  987.435350][ T5951] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  987.655270][ T5951] usb 6-1: device descriptor read/64, error -71
[  988.013345][T19094] netlink: 'syz.1.4186': attribute type 30 has an invalid length.
[  988.145266][ T5951] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  988.288672][ T5951] usb 6-1: device descriptor read/64, error -71
[  988.415927][ T5951] usb usb6-port1: attempt power cycle
[  988.756110][ T5951] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  988.843674][ T5951] usb 6-1: device descriptor read/8, error -71
[  989.165403][ T5951] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  989.296914][ T5951] usb 6-1: device descriptor read/8, error -71
[  989.426164][ T5951] usb usb6-port1: unable to enumerate USB device
[  990.345671][T19120] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  991.565425][ T5198] Dev loop5: unable to read RDB block 7
[  991.571105][ T5198]  loop5: unable to read partition table
[  991.655475][ T5198] loop5: partition table beyond EOD, truncated
[  992.455634][ T5198] Dev loop5: unable to read RDB block 7
[  992.468782][ T5198]  loop5: unable to read partition table
[  992.605439][ T5198] loop5: partition table beyond EOD, truncated
[  992.739644][T19150] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  994.925262][ T5889] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  995.134164][ T5889] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  995.215292][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  995.226896][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  995.236811][ T5889] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  995.254027][ T5889] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  995.263366][ T5889] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  995.276358][ T5889] usb 6-1: config 0 descriptor??
[  995.317857][ T5198] Dev loop5: unable to read RDB block 7
[  995.355242][ T5198]  loop5: unable to read partition table
[  995.361251][ T5198] loop5: partition table beyond EOD, truncated
[  996.926083][T19192] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4206'.
[  996.983981][T19192] netlink: 'syz.3.4206': attribute type 18 has an invalid length.
[  997.000977][T19193] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  997.134758][T19192] vxlan0: entered promiscuous mode
[  997.334968][ T1152] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  997.357489][T12955] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  997.371819][ T1152] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  997.691917][   T13] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  997.875305][ T5889] usbhid 6-1:0.0: can't add hid device: -71
[  997.882917][ T5889] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  997.913529][ T5889] usb 6-1: USB disconnect, device number 44
[  998.659366][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  998.665986][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  999.732430][ T5198] Dev loop5: unable to read RDB block 7
[  999.738711][ T5198]  loop5: unable to read partition table
[  999.793927][ T5198] loop5: partition table beyond EOD, truncated
[ 1000.135426][ T5951] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[ 1000.319514][ T5951] usb 1-1: Using ep0 maxpacket: 32
[ 1000.331706][ T5951] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1000.349091][ T5951] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1000.379603][ T5951] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1000.427444][ T5951] usb 1-1: config 1 has no interface number 0
[ 1000.536496][ T5951] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1000.676578][T19231] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4215'.
[ 1000.696279][ T5951] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1000.711129][T19231] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4215'.
[ 1000.725597][ T5951] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1000.766536][ T5951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.887707][ T5951] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[ 1001.054446][ T5951] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[ 1001.590369][ T5977] usb 1-1: USB disconnect, device number 68
[ 1001.602656][ T5977] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[ 1002.113713][ T5198] Dev loop5: unable to read RDB block 7
[ 1002.132057][ T5198]  loop5: unable to read partition table
[ 1002.144895][ T5198] loop5: partition table beyond EOD, truncated
[ 1002.641496][T19251] netlink: 'syz.0.4220': attribute type 30 has an invalid length.
[ 1002.652465][T19252] pim6reg0: tun_chr_ioctl cmd 2147767506
[ 1004.974377][ T5198] Dev loop5: unable to read RDB block 7
[ 1004.980441][ T5198]  loop5: unable to read partition table
[ 1004.986748][ T5198] loop5: partition table beyond EOD, truncated
[ 1005.480554][T19282] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1006.653424][   T30] kauditd_printk_skb: 98 callbacks suppressed
[ 1006.653449][   T30] audit: type=1326 audit(1763459233.798:2247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.794143][   T30] audit: type=1326 audit(1763459233.798:2248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.817145][   T30] audit: type=1326 audit(1763459233.798:2249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.844237][   T30] audit: type=1326 audit(1763459233.798:2250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.867134][   T30] audit: type=1326 audit(1763459233.798:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.896830][ T5198] Dev loop5: unable to read RDB block 7
[ 1006.915349][ T5198]  loop5: unable to read partition table
[ 1006.921362][ T5198] loop5: partition table beyond EOD, truncated
[ 1006.935492][   T30] audit: type=1326 audit(1763459233.798:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1006.967152][   T30] audit: type=1326 audit(1763459233.798:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1007.255697][   T30] audit: type=1326 audit(1763459233.798:2254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1007.315459][   T30] audit: type=1326 audit(1763459233.798:2255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1007.341951][   T30] audit: type=1326 audit(1763459233.798:2256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19292 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000
[ 1007.543072][T19302] pimreg: entered allmulticast mode
[ 1008.103666][T19306] netlink: 'syz.5.4232': attribute type 1 has an invalid length.
[ 1008.169715][T19306] netlink: 'syz.5.4232': attribute type 2 has an invalid length.
[ 1008.484481][ T5198] Dev loop5: unable to read RDB block 7
[ 1008.493515][ T5198]  loop5: unable to read partition table
[ 1008.524427][ T5198] loop5: partition table beyond EOD, truncated
[ 1009.621243][ T5198] Dev loop5: unable to read RDB block 7
[ 1009.635532][ T5198]  loop5: unable to read partition table
[ 1009.669640][ T5198] loop5: partition table beyond EOD, truncated
[ 1013.571692][ T5198] Dev loop5: unable to read RDB block 7
[ 1013.587691][ T5198]  loop5: unable to read partition table
[ 1013.605442][ T5198] loop5: partition table beyond EOD, truncated
[ 1014.426601][T19378] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1014.663351][ T5198] Dev loop5: unable to read RDB block 7
[ 1014.679817][ T5198]  loop5: unable to read partition table
[ 1014.715569][ T5198] loop5: partition table beyond EOD, truncated
[ 1015.488101][ T5198] Dev loop5: unable to read RDB block 7
[ 1015.600973][ T5198]  loop5: unable to read partition table
[ 1015.675079][ T5198] loop5: partition table beyond EOD, truncated
[ 1017.084638][T19404] fuse: Unknown parameter 'Ÿ‡«[H`O'
[ 1017.668217][ T5198] Dev loop5: unable to read RDB block 7
[ 1017.673911][ T5198]  loop5: unable to read partition table
[ 1017.680243][ T5198] loop5: partition table beyond EOD, truncated
[ 1018.742202][ T5198] Dev loop5: unable to read RDB block 7
[ 1018.747924][ T5198]  loop5: unable to read partition table
[ 1018.767669][ T5198] loop5: partition table beyond EOD, truncated
[ 1020.252191][T19446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4262'.
[ 1020.309954][T19446] pimreg3: entered allmulticast mode
[ 1020.338129][T19446] netlink: 'syz.1.4262': attribute type 17 has an invalid length.
[ 1020.391428][T19446] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1022.999861][T19469] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1024.194997][ T5198] Dev loop5: unable to read RDB block 7
[ 1024.201116][ T5198]  loop5: unable to read partition table
[ 1024.215708][ T5198] loop5: partition table beyond EOD, truncated
[ 1024.390117][T19483] netlink: 'syz.5.4267': attribute type 5 has an invalid length.
[ 1025.099916][ T5198] Dev loop5: unable to read RDB block 7
[ 1025.143649][ T5198]  loop5: unable to read partition table
[ 1025.182612][ T5198] loop5: partition table beyond EOD, truncated
[ 1027.253056][ T5198] Dev loop5: unable to read RDB block 7
[ 1027.280299][ T5198]  loop5: unable to read partition table
[ 1027.296950][ T5198] loop5: partition table beyond EOD, truncated
[ 1028.021610][T19529] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1032.399646][ T5198] Dev loop5: unable to read RDB block 7
[ 1032.410576][ T5198]  loop5: unable to read partition table
[ 1032.468733][ T5198] loop5: partition table beyond EOD, truncated
[ 1033.609538][T19579] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1035.743007][ T5198] Dev loop5: unable to read RDB block 7
[ 1035.761958][ T5198]  loop5: unable to read partition table
[ 1035.780564][ T5198] loop5: partition table beyond EOD, truncated
[ 1035.970845][T19598] netlink: 1028 bytes leftover after parsing attributes in process `syz.1.4292'.
[ 1035.992519][T19598] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[ 1036.004273][ T5845] Bluetooth: hci4: unexpected event 0x10 length: 11 > 1
[ 1036.007601][ T5845] Bluetooth: hci4: hardware error 0xff
[ 1036.020833][T19604] ip6tnl1: entered allmulticast mode
[ 1036.437227][T19619] mmap: syz.3.4296 (19619): VmData 37634048 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[ 1038.085319][ T5845] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1038.286502][T19644] netlink: 'syz.0.4302': attribute type 1 has an invalid length.
[ 1038.460019][T19649] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1038.471677][T19649] bond1: (slave vxcan3): Error -95 calling set_mac_address
[ 1038.638469][T19653] bond1: (slave bridge2): Enslaving as an active interface with a down link
[ 1038.718995][T19649] macvlan2: entered promiscuous mode
[ 1038.724473][T19649] macvlan2: entered allmulticast mode
[ 1038.770459][ T5198] Dev loop5: unable to read RDB block 7
[ 1038.778419][ T5198]  loop5: unable to read partition table
[ 1038.778614][T19649] bond1: entered promiscuous mode
[ 1038.784486][ T5198] loop5: partition table beyond EOD, truncated
[ 1038.805570][    T9] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1038.857080][T19649] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1038.869706][T19649] bond1: left promiscuous mode
[ 1038.975296][    T9] usb 6-1: Using ep0 maxpacket: 8
[ 1039.003529][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1039.014083][T19644] bond1: (slave gretap1): making interface the new active one
[ 1039.031753][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1039.053123][T19644] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1039.062441][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1039.099473][    T9] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1039.110837][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1039.138418][    T9] usb 6-1: Product: syz
[ 1039.143311][    T9] usb 6-1: Manufacturer: syz
[ 1039.162309][    T9] usb 6-1: SerialNumber: syz
[ 1039.192772][    T9] usb 6-1: config 0 descriptor??
[ 1039.233787][    T9] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found
[ 1039.287136][T19647] netlink: 'syz.1.4303': attribute type 4 has an invalid length.
[ 1039.305321][T19647] netlink: 'syz.1.4303': attribute type 4 has an invalid length.
[ 1039.373847][T19661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4305'.
[ 1039.432582][    T9] snd_usb_toneport 6-1:0.0: cannot get proper max packet size
[ 1039.442401][    T9] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1039.457887][    T9] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1039.562024][T19667] syz.1.4309 (19667): /proc/19666/oom_adj is deprecated, please use /proc/19666/oom_score_adj instead.
[ 1039.643947][T19654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1039.673653][T19654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1039.695692][    T9] usb 6-1: USB disconnect, device number 45
[ 1040.667051][T19691] loop8: detected capacity change from 0 to 79
[ 1040.766879][T19694] loop8: detected capacity change from 79 to 78
[ 1040.882469][ T5198] Dev loop5: unable to read RDB block 7
[ 1040.888498][ T5198]  loop5: unable to read partition table
[ 1040.895014][ T5198] loop5: partition table beyond EOD, truncated
[ 1041.730114][T19696] vivid-006: disconnect
[ 1041.736433][T19695] vivid-006: reconnect
[ 1043.372213][ T5198] Dev loop5: unable to read RDB block 7
[ 1043.409814][ T5198]  loop5: unable to read partition table
[ 1043.465505][ T5198] loop5: partition table beyond EOD, truncated
[ 1044.489820][ T5198] Dev loop5: unable to read RDB block 7
[ 1044.506978][ T5198]  loop5: unable to read partition table
[ 1044.513613][ T5198] loop5: partition table beyond EOD, truncated
[ 1044.668159][T19733] netlink: 'syz.5.4325': attribute type 1 has an invalid length.
[ 1044.786796][T19733] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1044.799274][T19733] bond1: (slave vxcan3): Error -95 calling set_mac_address
[ 1044.872484][T19736] bond1: (slave bridge1): Enslaving as an active interface with a down link
[ 1044.951389][T19733] bond1: (slave gretap1): making interface the new active one
[ 1044.964786][T19733] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1044.994156][T19733] macvlan2: entered promiscuous mode
[ 1045.013306][T19733] macvlan2: entered allmulticast mode
[ 1045.021018][T19733] bond1: entered promiscuous mode
[ 1045.027180][T19733] gretap1: entered promiscuous mode
[ 1045.033963][T19733] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1045.064357][T19733] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[ 1045.093924][T19733] bond1: left promiscuous mode
[ 1045.100091][T19733] gretap1: left promiscuous mode
[ 1045.202949][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1045.202971][   T30] audit: type=1326 audit(1763459272.418:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.234302][   T30] audit: type=1326 audit(1763459272.418:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.256480][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1045.262844][   T30] audit: type=1326 audit(1763459272.418:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.286039][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1045.296448][   T30] audit: type=1326 audit(1763459272.428:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.319461][   T30] audit: type=1326 audit(1763459272.428:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.344748][   T30] audit: type=1326 audit(1763459272.428:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.370541][   T30] audit: type=1326 audit(1763459272.428:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.423420][   T30] audit: type=1326 audit(1763459272.428:2289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.446779][   T30] audit: type=1326 audit(1763459272.428:2290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.469538][ T5926] usb 1-1: new full-speed USB device number 69 using dummy_hcd
[ 1045.481616][   T30] audit: type=1326 audit(1763459272.428:2291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19744 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7539 code=0x7ffc0000
[ 1045.504841][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1045.665702][ T5926] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1045.675993][ T5926] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.685097][ T5926] usb 1-1: Product: syz
[ 1045.687307][ T5926] usb 1-1: Manufacturer: syz
[ 1045.687332][ T5926] usb 1-1: SerialNumber: syz
[ 1045.699099][ T5926] usb 1-1: config 0 descriptor??
[ 1045.918437][ T5926] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1046.221990][ T5198] Dev loop5: unable to read RDB block 7
[ 1046.235568][ T5198]  loop5: unable to read partition table
[ 1046.241714][ T5198] loop5: partition table beyond EOD, truncated
[ 1046.540125][T19764] netlink: 'syz.5.4336': attribute type 5 has an invalid length.
[ 1047.132846][ T5198] Dev loop5: unable to read RDB block 7
[ 1047.154371][ T5198]  loop5: unable to read partition table
[ 1047.217750][ T5198] loop5: partition table beyond EOD, truncated
[ 1047.768663][ T5926] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1047.783422][ T5926] usb 1-1: USB disconnect, device number 69
[ 1048.825776][T19783] syzkaller0: entered promiscuous mode
[ 1048.842273][T19783] syzkaller0: entered allmulticast mode
[ 1049.032499][ T5198] Dev loop5: unable to read RDB block 7
[ 1049.042426][ T5198]  loop5: unable to read partition table
[ 1049.058483][ T5198] loop5: partition table beyond EOD, truncated
[ 1049.624875][T19793] FAULT_INJECTION: forcing a failure.
[ 1049.624875][T19793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1049.693891][T19793] CPU: 1 UID: 0 PID: 19793 Comm: syz.5.4343 Not tainted syzkaller #0 PREEMPT(full) 
[ 1049.693915][T19793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1049.693926][T19793] Call Trace:
[ 1049.693935][T19793]  <TASK>
[ 1049.693944][T19793]  dump_stack_lvl+0x189/0x250
[ 1049.693974][T19793]  ? __pfx____ratelimit+0x10/0x10
[ 1049.693999][T19793]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1049.694022][T19793]  ? __pfx__printk+0x10/0x10
[ 1049.694049][T19793]  should_fail_ex+0x414/0x560
[ 1049.694080][T19793]  _copy_to_user+0x31/0xb0
[ 1049.694104][T19793]  simple_read_from_buffer+0xe1/0x170
[ 1049.694134][T19793]  proc_fail_nth_read+0x1b3/0x220
[ 1049.694159][T19793]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1049.694183][T19793]  ? rw_verify_area+0x2a6/0x4d0
[ 1049.694206][T19793]  ? __lock_acquire+0xab9/0xd20
[ 1049.694222][T19793]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1049.694244][T19793]  vfs_read+0x200/0xa30
[ 1049.694267][T19793]  ? fdget_pos+0x247/0x320
[ 1049.694286][T19793]  ? __pfx___mutex_lock+0x10/0x10
[ 1049.694314][T19793]  ? __pfx_vfs_read+0x10/0x10
[ 1049.694338][T19793]  ? __fget_files+0x2a/0x420
[ 1049.694358][T19793]  ? __fget_files+0x3a0/0x420
[ 1049.694373][T19793]  ? __fget_files+0x2a/0x420
[ 1049.694396][T19793]  ksys_read+0x145/0x250
[ 1049.694422][T19793]  ? __pfx_ksys_read+0x10/0x10
[ 1049.694448][T19793]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1049.694475][T19793]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1049.694502][T19793]  __do_fast_syscall_32+0xb6/0x2b0
[ 1049.694519][T19793]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1049.694554][T19793]  do_fast_syscall_32+0x34/0x80
[ 1049.694570][T19793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1049.694590][T19793] RIP: 0023:0xf7fa3539
[ 1049.694606][T19793] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1049.694620][T19793] RSP: 002b:00000000f5496590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 1049.694643][T19793] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5496620
[ 1049.694655][T19793] RDX: 000000000000000f RSI: 00000000f7436ff4 RDI: 0000000000000000
[ 1049.694665][T19793] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1049.694675][T19793] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1049.694685][T19793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1049.694710][T19793]  </TASK>
[ 1049.931402][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1050.114234][ T5198] Dev loop5: unable to read RDB block 7
[ 1050.120082][ T5198]  loop5: unable to read partition table
[ 1050.126080][ T5198] loop5: partition table beyond EOD, truncated
[ 1050.510088][ T5198] Dev loop5: unable to read RDB block 7
[ 1050.521753][ T5198]  loop5: unable to read partition table
[ 1050.537964][ T5198] loop5: partition table beyond EOD, truncated
[ 1050.564046][T19806] FAULT_INJECTION: forcing a failure.
[ 1050.564046][T19806] name failslab, interval 1, probability 0, space 0, times 0
[ 1050.614643][T19806] CPU: 0 UID: 0 PID: 19806 Comm: syz.3.4346 Not tainted syzkaller #0 PREEMPT(full) 
[ 1050.614668][T19806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1050.614680][T19806] Call Trace:
[ 1050.614687][T19806]  <TASK>
[ 1050.614694][T19806]  dump_stack_lvl+0x189/0x250
[ 1050.614724][T19806]  ? __pfx____ratelimit+0x10/0x10
[ 1050.614748][T19806]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1050.614770][T19806]  ? __pfx__printk+0x10/0x10
[ 1050.614790][T19806]  ? __pfx___might_resched+0x10/0x10
[ 1050.614809][T19806]  ? fs_reclaim_acquire+0x7d/0x100
[ 1050.614841][T19806]  should_fail_ex+0x414/0x560
[ 1050.614873][T19806]  should_failslab+0xa8/0x100
[ 1050.614892][T19806]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 1050.614917][T19806]  ? tcf_block_get_ext+0x68d/0x17d0
[ 1050.614949][T19806]  tcf_block_get_ext+0x68d/0x17d0
[ 1050.614986][T19806]  clsact_init+0x23b/0x5a0
[ 1050.615003][T19806]  ? __pfx_clsact_init+0x10/0x10
[ 1050.615017][T19806]  qdisc_create+0x7ac/0xea0
[ 1050.615046][T19806]  tc_modify_qdisc+0x164f/0x2020
[ 1050.615079][T19806]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1050.615140][T19806]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1050.615166][T19806]  rtnetlink_rcv_msg+0x77c/0xb70
[ 1050.615204][T19806]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1050.615235][T19806]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1050.615266][T19806]  ? ref_tracker_free+0x63a/0x7d0
[ 1050.615288][T19806]  ? __asan_memcpy+0x40/0x70
[ 1050.615317][T19806]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1050.615341][T19806]  netlink_rcv_skb+0x208/0x470
[ 1050.615359][T19806]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1050.615387][T19806]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1050.615413][T19806]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1050.615435][T19806]  netlink_unicast+0x82f/0x9e0
[ 1050.615467][T19806]  ? __pfx_netlink_unicast+0x10/0x10
[ 1050.615492][T19806]  ? netlink_sendmsg+0x642/0xb30
[ 1050.615507][T19806]  ? skb_put+0x11b/0x210
[ 1050.615526][T19806]  netlink_sendmsg+0x805/0xb30
[ 1050.615551][T19806]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1050.615569][T19806]  ? __import_iovec+0x5d4/0x7f0
[ 1050.615595][T19806]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1050.615622][T19806]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1050.615638][T19806]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1050.615656][T19806]  __sock_sendmsg+0x21c/0x270
[ 1050.615681][T19806]  ____sys_sendmsg+0x505/0x830
[ 1050.615704][T19806]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1050.615734][T19806]  ___sys_sendmsg+0x21f/0x2a0
[ 1050.615754][T19806]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1050.615800][T19806]  ? __fget_files+0x2a/0x420
[ 1050.615815][T19806]  ? __fget_files+0x3a0/0x420
[ 1050.615839][T19806]  __sys_sendmsg+0x164/0x220
[ 1050.615858][T19806]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1050.615883][T19806]  ? __pfx_ksys_write+0x10/0x10
[ 1050.615909][T19806]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1050.615937][T19806]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1050.615963][T19806]  __do_fast_syscall_32+0xb6/0x2b0
[ 1050.615979][T19806]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1050.616006][T19806]  do_fast_syscall_32+0x34/0x80
[ 1050.616021][T19806]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1050.616042][T19806] RIP: 0023:0xf70ed539
[ 1050.616057][T19806] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1050.616072][T19806] RSP: 002b:00000000f54dd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1050.616090][T19806] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000300
[ 1050.616101][T19806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1050.616111][T19806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1050.616120][T19806] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1050.616130][T19806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1050.616154][T19806]  </TASK>
[ 1051.536513][T19816] FAULT_INJECTION: forcing a failure.
[ 1051.536513][T19816] name failslab, interval 1, probability 0, space 0, times 0
[ 1051.587726][T19816] CPU: 0 UID: 0 PID: 19816 Comm: syz.5.4351 Not tainted syzkaller #0 PREEMPT(full) 
[ 1051.587758][T19816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1051.587772][T19816] Call Trace:
[ 1051.587782][T19816]  <TASK>
[ 1051.587792][T19816]  dump_stack_lvl+0x189/0x250
[ 1051.587831][T19816]  ? __pfx____ratelimit+0x10/0x10
[ 1051.587864][T19816]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1051.587896][T19816]  ? __pfx__printk+0x10/0x10
[ 1051.587927][T19816]  ? __pfx___might_resched+0x10/0x10
[ 1051.587951][T19816]  ? fs_reclaim_acquire+0x7d/0x100
[ 1051.587995][T19816]  should_fail_ex+0x414/0x560
[ 1051.588036][T19816]  should_failslab+0xa8/0x100
[ 1051.588063][T19816]  __kmalloc_noprof+0xcb/0x7f0
[ 1051.588095][T19816]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1051.588127][T19816]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1051.588156][T19816]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1051.588197][T19816]  genl_family_rcv_msg_doit+0xb8/0x300
[ 1051.588235][T19816]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1051.588274][T19816]  ? apparmor_capable+0x137/0x1b0
[ 1051.588303][T19816]  ? bpf_lsm_capable+0x9/0x20
[ 1051.588331][T19816]  ? security_capable+0x7e/0x2e0
[ 1051.588369][T19816]  genl_rcv_msg+0x60e/0x790
[ 1051.588407][T19816]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1051.588451][T19816]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1051.588477][T19816]  ? __pfx_nl80211_join_ocb+0x10/0x10
[ 1051.588497][T19816]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1051.588525][T19816]  ? __asan_memcpy+0x40/0x70
[ 1051.588565][T19816]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1051.588598][T19816]  netlink_rcv_skb+0x208/0x470
[ 1051.588619][T19816]  ? __lock_acquire+0xab9/0xd20
[ 1051.588642][T19816]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1051.588673][T19816]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1051.588717][T19816]  ? down_read+0x1ad/0x2e0
[ 1051.588744][T19816]  genl_rcv+0x28/0x40
[ 1051.588770][T19816]  netlink_unicast+0x82f/0x9e0
[ 1051.588815][T19816]  ? __pfx_netlink_unicast+0x10/0x10
[ 1051.588851][T19816]  ? netlink_sendmsg+0x642/0xb30
[ 1051.588872][T19816]  ? skb_put+0x11b/0x210
[ 1051.588900][T19816]  netlink_sendmsg+0x805/0xb30
[ 1051.588935][T19816]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1051.588961][T19816]  ? __import_iovec+0x5d4/0x7f0
[ 1051.588988][T19816]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1051.589024][T19816]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1051.589047][T19816]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1051.589072][T19816]  __sock_sendmsg+0x21c/0x270
[ 1051.589107][T19816]  ____sys_sendmsg+0x505/0x830
[ 1051.589139][T19816]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1051.589183][T19816]  ___sys_sendmsg+0x21f/0x2a0
[ 1051.589211][T19816]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1051.589278][T19816]  ? __fget_files+0x2a/0x420
[ 1051.589300][T19816]  ? __fget_files+0x3a0/0x420
[ 1051.589333][T19816]  __sys_sendmsg+0x164/0x220
[ 1051.589360][T19816]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1051.589396][T19816]  ? __pfx_ksys_write+0x10/0x10
[ 1051.589433][T19816]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1051.589470][T19816]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1051.589509][T19816]  __do_fast_syscall_32+0xb6/0x2b0
[ 1051.589531][T19816]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1051.589575][T19816]  do_fast_syscall_32+0x34/0x80
[ 1051.589596][T19816]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1051.589625][T19816] RIP: 0023:0xf7fa3539
[ 1051.589645][T19816] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1051.589665][T19816] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1051.589690][T19816] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[ 1051.589707][T19816] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 0000000000000000
[ 1051.589720][T19816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1051.589734][T19816] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1051.589747][T19816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1051.589782][T19816]  </TASK>
[ 1052.223727][ T5198] Dev loop5: unable to read RDB block 7
[ 1052.255207][ T5198]  loop5: unable to read partition table
[ 1052.303476][T19819] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4353'.
[ 1052.426008][ T5198] loop5: partition table beyond EOD, truncated
[ 1053.357222][ T5198] Dev loop5: unable to read RDB block 7
[ 1053.375398][ T5198]  loop5: unable to read partition table
[ 1053.381366][ T5198] loop5: partition table beyond EOD, truncated
[ 1053.465275][T12486] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1053.677256][T12486] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1053.687985][T12486] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1053.711858][T12486] usb 4-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[ 1053.724849][T12486] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.773073][T12486] usb 4-1: config 0 descriptor??
[ 1053.985426][    T9] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1054.115397][    T9] usb 6-1: device descriptor read/64, error -71
[ 1054.266294][ T5198] Dev loop5: unable to read RDB block 7
[ 1054.280751][ T5198]  loop5: unable to read partition table
[ 1054.408600][T12486] lenovo 0003:17EF:60EE.0010: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.3-1/input0
[ 1054.415597][ T5198] loop5: partition table beyond EOD, 
[ 1054.435288][    T9] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[ 1054.457348][ T5198] truncated
[ 1054.641589][    T9] usb 6-1: device descriptor read/64, error -71
[ 1054.756403][    T9] usb usb6-port1: attempt power cycle
[ 1055.130736][    T9] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1055.176098][    T9] usb 6-1: device descriptor read/8, error -71
[ 1055.429872][T19851] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4359'.
[ 1055.480496][T19851] FAULT_INJECTION: forcing a failure.
[ 1055.480496][T19851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1055.523550][T19851] CPU: 0 UID: 0 PID: 19851 Comm: syz.1.4359 Not tainted syzkaller #0 PREEMPT(full) 
[ 1055.523582][T19851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1055.523597][T19851] Call Trace:
[ 1055.523607][T19851]  <TASK>
[ 1055.523616][T19851]  dump_stack_lvl+0x189/0x250
[ 1055.523654][T19851]  ? __pfx____ratelimit+0x10/0x10
[ 1055.523686][T19851]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1055.523718][T19851]  ? __pfx__printk+0x10/0x10
[ 1055.523755][T19851]  should_fail_ex+0x414/0x560
[ 1055.523796][T19851]  _copy_to_user+0x31/0xb0
[ 1055.523829][T19851]  simple_read_from_buffer+0xe1/0x170
[ 1055.523870][T19851]  proc_fail_nth_read+0x1b3/0x220
[ 1055.523903][T19851]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1055.523936][T19851]  ? rw_verify_area+0x2a6/0x4d0
[ 1055.523977][T19851]  ? __lock_acquire+0xab9/0xd20
[ 1055.523999][T19851]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1055.524030][T19851]  vfs_read+0x200/0xa30
[ 1055.524060][T19851]  ? fdget_pos+0x247/0x320
[ 1055.524087][T19851]  ? __pfx___mutex_lock+0x10/0x10
[ 1055.524124][T19851]  ? __pfx_vfs_read+0x10/0x10
[ 1055.524156][T19851]  ? __fget_files+0x2a/0x420
[ 1055.524183][T19851]  ? __fget_files+0x3a0/0x420
[ 1055.524203][T19851]  ? __fget_files+0x2a/0x420
[ 1055.524236][T19851]  ksys_read+0x145/0x250
[ 1055.524272][T19851]  ? __pfx_ksys_read+0x10/0x10
[ 1055.524307][T19851]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1055.524343][T19851]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1055.524381][T19851]  __do_fast_syscall_32+0xb6/0x2b0
[ 1055.524410][T19851]  do_fast_syscall_32+0x34/0x80
[ 1055.524432][T19851]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1055.524459][T19851] RIP: 0023:0xf70fd539
[ 1055.524478][T19851] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1055.524498][T19851] RSP: 002b:00000000f54ed590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 1055.524522][T19851] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f54ed620
[ 1055.524538][T19851] RDX: 000000000000000f RSI: 00000000f7496ff4 RDI: 0000000000000000
[ 1055.524552][T19851] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1055.524565][T19851] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1055.524579][T19851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1055.524612][T19851]  </TASK>
[ 1055.758352][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1055.838456][    T9] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1055.872045][    T9] usb 6-1: device descriptor read/8, error -71
[ 1055.986077][    T9] usb usb6-port1: unable to enumerate USB device
[ 1056.205668][ T5977] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[ 1056.405496][ T5977] usb 1-1: Using ep0 maxpacket: 8
[ 1056.418133][ T5977] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1056.424651][ T5977] usb 1-1: config 4 interface 0 has no altsetting 0
[ 1056.435558][ T5977] usb 1-1: string descriptor 0 read error: -22
[ 1056.435671][ T5977] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1056.435700][ T5977] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[ 1056.449286][ T5977] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1056.485035][ T5977] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1056.485740][ T5977] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1056.485813][ T5977] usb 1-1: media controller created
[ 1056.553922][ T5977] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1057.253421][ T5198] Dev loop5: unable to read RDB block 7
[ 1057.265346][ T5198]  loop5: unable to read partition table
[ 1057.275476][ T5198] loop5: partition table beyond EOD, truncated
[ 1057.705645][ T5977] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1057.776411][ T5977] usb 1-1: USB disconnect, device number 70
[ 1057.803581][ T5198] Dev loop5: unable to read RDB block 7
[ 1057.816704][ T5198]  loop5: unable to read partition table
[ 1057.830858][ T5198] loop5: partition table beyond EOD, truncated
[ 1059.519468][ T5198] Dev loop5: unable to read RDB block 7
[ 1059.526280][ T5198]  loop5: unable to read partition table
[ 1059.532219][ T5198] loop5: partition table beyond EOD, truncated
[ 1059.605599][T12486] lenovo 0003:17EF:60EE.0010: Fn-lock setting failed: -110
[ 1059.785285][T12486] lenovo 0003:17EF:60EE.0010: Sensitivity setting failed: -32
[ 1060.205672][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1060.212388][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.625494][ T5198] Dev loop5: unable to read RDB block 7
[ 1060.672746][ T5198]  loop5: unable to read partition table
[ 1060.725434][ T5198] loop5: partition table beyond EOD, truncated
[ 1061.300300][T19899] kernel profiling enabled (shift: 9)
[ 1061.599287][ T5198] Dev loop5: unable to read RDB block 7
[ 1061.605041][ T5198]  loop5: unable to read partition table
[ 1061.611774][ T5198] loop5: partition table beyond EOD, truncated
[ 1061.755543][T19913] fuse: Unknown parameter 'ÿ9'
[ 1061.805952][T19914] fuse: Unknown parameter 'ÿ9'
[ 1061.884659][T19918] netlink: 'syz.4.4376': attribute type 21 has an invalid length.
[ 1061.915298][T19918] netlink: 'syz.4.4376': attribute type 6 has an invalid length.
[ 1061.956173][T19918] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4376'.
[ 1062.048255][ T5198] Dev loop5: unable to read RDB block 7
[ 1062.054009][ T5198]  loop5: unable to read partition table
[ 1062.060554][ T5198] loop5: partition table beyond EOD, truncated
[ 1062.166220][T19924] netlink: 264 bytes leftover after parsing attributes in process `syz.1.4378'.
[ 1062.195316][T19924] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4378'.
[ 1062.484628][ T5198] Dev loop5: unable to read RDB block 7
[ 1062.494870][ T5198]  loop5: unable to read partition table
[ 1062.502706][ T5198] loop5: partition table beyond EOD, truncated
[ 1062.598361][T19927] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1062.645889][T19931] batman_adv: batadv0: Adding interface: dummy0
[ 1062.664878][T19931] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1062.691714][T19931] batman_adv: batadv0: Interface activated: dummy0
[ 1062.940494][T19814] Set syz1 is full, maxelem 65536 reached
[ 1063.022395][ T5198] Dev loop5: unable to read RDB block 7
[ 1063.030200][ T5198]  loop5: unable to read partition table
[ 1063.036304][ T5198] loop5: partition table beyond EOD, truncated
[ 1063.320791][ T5951] usb 4-1: USB disconnect, device number 60
[ 1063.525339][T12486] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 1063.693446][ T5198] Dev loop5: unable to read RDB block 7
[ 1063.730295][T12486] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1063.828221][T12486] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1063.910273][ T5198]  loop5: unable to read partition table
[ 1063.944998][ T5198] loop5: partition table beyond EOD, truncated
[ 1063.964055][T12486] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1063.979930][T12486] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1064.000505][T12486] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1064.053525][T12486] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1064.063974][T12486] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1064.075405][T12486] usb 1-1: Product: syz
[ 1064.083760][T12486] usb 1-1: Manufacturer: syz
[ 1064.247064][T12486] cdc_wdm 1-1:1.0: skipping garbage
[ 1064.254971][T12486] cdc_wdm 1-1:1.0: skipping garbage
[ 1064.323164][T12486] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1064.450881][T12486] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1064.975807][T12486] usb 1-1: USB disconnect, device number 71
[ 1065.074170][T19962] FAULT_INJECTION: forcing a failure.
[ 1065.074170][T19962] name failslab, interval 1, probability 0, space 0, times 0
[ 1065.089120][T19962] CPU: 1 UID: 0 PID: 19962 Comm: syz.3.4389 Not tainted syzkaller #0 PREEMPT(full) 
[ 1065.089162][T19962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1065.089177][T19962] Call Trace:
[ 1065.089186][T19962]  <TASK>
[ 1065.089197][T19962]  dump_stack_lvl+0x189/0x250
[ 1065.089235][T19962]  ? __pfx____ratelimit+0x10/0x10
[ 1065.089269][T19962]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1065.089302][T19962]  ? __pfx__printk+0x10/0x10
[ 1065.089342][T19962]  should_fail_ex+0x414/0x560
[ 1065.089382][T19962]  should_failslab+0xa8/0x100
[ 1065.089407][T19962]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 1065.089440][T19962]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[ 1065.089474][T19962]  ? sctp_add_bind_addr+0x8c/0x370
[ 1065.089514][T19962]  sctp_add_bind_addr+0x8c/0x370
[ 1065.089553][T19962]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1065.089591][T19962]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1065.089624][T19962]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1065.089656][T19962]  ? sctp_association_new+0x18b3/0x25f0
[ 1065.089683][T19962]  ? sctp_v6_is_any+0x64/0x80
[ 1065.089720][T19962]  ? sctp_copy_one_addr+0x93/0x360
[ 1065.089757][T19962]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1065.089798][T19962]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1065.089832][T19962]  sctp_connect_new_asoc+0x2e0/0x690
[ 1065.089861][T19962]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1065.089883][T19962]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1065.089918][T19962]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1065.089944][T19962]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1065.089977][T19962]  sctp_sendmsg+0x155c/0x2810
[ 1065.090013][T19962]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1065.090042][T19962]  ? aa_sk_perm+0x81e/0x950
[ 1065.090081][T19962]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1065.090119][T19962]  ? sock_rps_record_flow+0x19/0x410
[ 1065.090154][T19962]  ? inet_sendmsg+0x2f4/0x370
[ 1065.090182][T19962]  __sock_sendmsg+0x19c/0x270
[ 1065.090220][T19962]  __sys_sendto+0x3bd/0x520
[ 1065.090246][T19962]  ? __pfx___sys_sendto+0x10/0x10
[ 1065.090266][T19962]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1065.090320][T19962]  ? __fget_files+0x3a0/0x420
[ 1065.090357][T19962]  ? ksys_write+0x22a/0x250
[ 1065.090389][T19962]  ? exc_page_fault+0x82/0x100
[ 1065.090424][T19962]  ? __pfx_ksys_write+0x10/0x10
[ 1065.090464][T19962]  __ia32_sys_sendto+0xdd/0x100
[ 1065.090493][T19962]  __do_fast_syscall_32+0xb6/0x2b0
[ 1065.090517][T19962]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1065.090556][T19962]  do_fast_syscall_32+0x34/0x80
[ 1065.090578][T19962]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.090607][T19962] RIP: 0023:0xf70ed539
[ 1065.090627][T19962] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1065.090648][T19962] RSP: 002b:00000000f54dd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1065.090674][T19962] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1065.090691][T19962] RDX: 0000000000034000 RSI: 000000000400c0d4 RDI: 0000000080000140
[ 1065.090707][T19962] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 1065.090722][T19962] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1065.090737][T19962] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1065.090774][T19962]  </TASK>
[ 1066.257163][T19973] sctp: [Deprecated]: syz.4.4390 (pid 19973) Use of int in maxseg socket option.
[ 1066.257163][T19973] Use struct sctp_assoc_value instead
[ 1066.819555][ T5198] Dev loop5: unable to read RDB block 7
[ 1066.827622][ T5198]  loop5: unable to read partition table
[ 1066.934083][ T5198] loop5: partition table beyond EOD, truncated
[ 1067.495384][T19991] openvswitch: netlink: nsh attribute has 16 unknown bytes.
[ 1067.502970][T19991] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1068.077791][   T30] kauditd_printk_skb: 113 callbacks suppressed
[ 1068.077811][   T30] audit: type=1326 audit(1763459295.298:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19994 comm="syz.1.4399" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x0
[ 1068.195278][T12486] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[ 1068.351735][ T5198] Dev loop5: unable to read RDB block 7
[ 1068.358037][T12486] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[ 1068.465304][ T5198]  loop5: unable to read partition table
[ 1068.487103][ T5198] loop5: partition table beyond EOD, truncated
[ 1068.495270][T12486] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[ 1068.762383][T12486] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1068.843786][T12486] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1068.859776][T12486] usb 6-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[ 1068.869221][T12486] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.877764][T12486] usb 6-1: Product: syz
[ 1068.882155][T12486] usb 6-1: Manufacturer: syz
[ 1068.887558][T12486] usb 6-1: SerialNumber: syz
[ 1068.906321][T12486] usb 6-1: config 0 descriptor??
[ 1068.941527][T12486] iguanair 6-1:0.0: probe with driver iguanair failed with error -12
[ 1069.203589][    T9] usb 6-1: USB disconnect, device number 50
[ 1070.574427][ T5198] Dev loop5: unable to read RDB block 7
[ 1070.585409][ T5198]  loop5: unable to read partition table
[ 1070.603255][ T5198] loop5: partition table beyond EOD, truncated
[ 1071.897754][T20034] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1071.925295][T12486] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1072.325911][T12486] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1072.361546][T12486] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1072.405362][ T5951] usb 6-1: new low-speed USB device number 51 using dummy_hcd
[ 1072.497470][T12486] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1072.586101][T12486] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1072.606208][T12486] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1072.620820][ T5951] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1072.676971][ T5951] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[ 1072.677706][T12486] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1072.751147][ T5951] usb 6-1: config 0 has no interface number 0
[ 1072.757489][ T5951] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 1072.770023][ T5951] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1072.780137][ T5951] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1072.791043][ T5951] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1072.809509][T12486] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1072.829657][ T5951] usb 6-1: config 0 descriptor??
[ 1072.893132][T12486] usb 4-1: Product: syz
[ 1072.902091][T12486] usb 4-1: Manufacturer: syz
[ 1072.937332][ T5198] Dev loop5: unable to read RDB block 7
[ 1072.944163][T12486] cdc_wdm 4-1:1.0: skipping garbage
[ 1072.949794][ T5198]  loop5: unable to read partition table
[ 1072.956432][T12486] cdc_wdm 4-1:1.0: skipping garbage
[ 1072.962142][ T5198] loop5: partition table beyond EOD, truncated
[ 1072.970796][T12486] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1072.988430][T12486] cdc_wdm 4-1:1.0: Unknown control protocol
[ 1073.235394][T12486] usb 4-1: USB disconnect, device number 61
[ 1073.455265][ T5951] usb 6-1: USB disconnect, device number 51
[ 1073.957602][ T5198] Dev loop5: unable to read RDB block 7
[ 1073.964829][ T5198]  loop5: unable to read partition table
[ 1073.972200][ T5198] loop5: partition table beyond EOD, truncated
[ 1074.232785][T20049] batman_adv: batadv0: Adding interface: dummy0
[ 1074.239961][T20049] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1074.265555][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1074.275016][T20049] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[ 1074.814849][ T5198] Dev loop5: unable to read RDB block 7
[ 1074.821794][ T5198]  loop5: unable to read partition table
[ 1074.828600][ T5198] loop5: partition table beyond EOD, truncated
[ 1077.339748][ T5198] Dev loop5: unable to read RDB block 7
[ 1077.345781][ T5198]  loop5: unable to read partition table
[ 1077.352030][ T5198] loop5: partition table beyond EOD, truncated
[ 1079.037564][T20108] syz_tun: entered allmulticast mode
[ 1079.051979][T20104] syz_tun: left allmulticast mode
[ 1079.665332][T12486] usb 4-1: new low-speed USB device number 62 using dummy_hcd
[ 1079.814280][ T5198] Dev loop5: unable to read RDB block 7
[ 1079.827674][ T5198]  loop5: unable to read partition table
[ 1079.841985][ T5198] loop5: partition table beyond EOD, truncated
[ 1079.914650][T12486] usb 4-1: config 7 has an invalid interface number: 252 but max is 0
[ 1079.941443][T12486] usb 4-1: config 7 has no interface number 0
[ 1079.948296][T12486] usb 4-1: config 7 interface 252 has no altsetting 0
[ 1080.007635][T12486] usb 4-1: string descriptor 0 read error: -22
[ 1080.014297][T12486] usb 4-1: New USB device found, idVendor=0681, idProduct=0005, bcdDevice=56.c0
[ 1080.025803][T12486] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1080.328888][T12486] usb 4-1: USB disconnect, device number 62
[ 1080.839532][T20130] FAULT_INJECTION: forcing a failure.
[ 1080.839532][T20130] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.955368][T20130] CPU: 0 UID: 0 PID: 20130 Comm: syz.5.4433 Not tainted syzkaller #0 PREEMPT(full) 
[ 1080.955402][T20130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1080.955423][T20130] Call Trace:
[ 1080.955433][T20130]  <TASK>
[ 1080.955444][T20130]  dump_stack_lvl+0x189/0x250
[ 1080.955486][T20130]  ? __pfx____ratelimit+0x10/0x10
[ 1080.955519][T20130]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1080.955551][T20130]  ? __pfx__printk+0x10/0x10
[ 1080.955578][T20130]  ? __pfx___might_resched+0x10/0x10
[ 1080.955606][T20130]  ? fs_reclaim_acquire+0x7d/0x100
[ 1080.955647][T20130]  should_fail_ex+0x414/0x560
[ 1080.955689][T20130]  should_failslab+0xa8/0x100
[ 1080.955715][T20130]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 1080.955750][T20130]  ? rtnl_newlink+0xfb/0x1c80
[ 1080.955821][T20130]  ? kasan_save_track+0x4f/0x80
[ 1080.955859][T20130]  rtnl_newlink+0xfb/0x1c80
[ 1080.955893][T20130]  ? netlink_deliver_tap+0x19c/0x1b0
[ 1080.955914][T20130]  ? netlink_unicast+0x7fa/0x9e0
[ 1080.955944][T20130]  ? netlink_sendmsg+0x805/0xb30
[ 1080.955974][T20130]  ? __sock_sendmsg+0x21c/0x270
[ 1080.956003][T20130]  ? ____sys_sendmsg+0x52d/0x830
[ 1080.956025][T20130]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1080.956046][T20130]  ? __sys_sendmmsg+0x28e/0x430
[ 1080.956068][T20130]  ? __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1080.956093][T20130]  ? __do_fast_syscall_32+0xb6/0x2b0
[ 1080.956114][T20130]  ? do_fast_syscall_32+0x34/0x80
[ 1080.956133][T20130]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1080.956167][T20130]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1080.956229][T20130]  ? kasan_quarantine_put+0xdd/0x220
[ 1080.956262][T20130]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1080.956302][T20130]  ? nlmon_xmit+0xb0/0x100
[ 1080.956330][T20130]  ? kmem_cache_free+0x19b/0x690
[ 1080.956373][T20130]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1080.956400][T20130]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1080.956443][T20130]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1080.956467][T20130]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1080.956497][T20130]  ? __dev_queue_xmit+0x27b/0x3b50
[ 1080.956526][T20130]  ? __dev_queue_xmit+0x27b/0x3b50
[ 1080.956551][T20130]  ? __dev_queue_xmit+0x27b/0x3b50
[ 1080.956581][T20130]  ? __dev_queue_xmit+0x1d79/0x3b50
[ 1080.956606][T20130]  ? kasan_save_track+0x3e/0x80
[ 1080.956637][T20130]  ? __kasan_slab_alloc+0x6c/0x80
[ 1080.956675][T20130]  ? __lock_acquire+0xab9/0xd20
[ 1080.956727][T20130]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1080.956762][T20130]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1080.956808][T20130]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1080.956843][T20130]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1080.956876][T20130]  ? ref_tracker_free+0x63a/0x7d0
[ 1080.956899][T20130]  ? __asan_memcpy+0x40/0x70
[ 1080.956929][T20130]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1080.956968][T20130]  netlink_rcv_skb+0x208/0x470
[ 1080.956993][T20130]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1080.957030][T20130]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1080.957066][T20130]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1080.957098][T20130]  netlink_unicast+0x82f/0x9e0
[ 1080.957142][T20130]  ? __pfx_netlink_unicast+0x10/0x10
[ 1080.957179][T20130]  ? netlink_sendmsg+0x642/0xb30
[ 1080.957200][T20130]  ? skb_put+0x11b/0x210
[ 1080.957226][T20130]  netlink_sendmsg+0x805/0xb30
[ 1080.957261][T20130]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1080.957287][T20130]  ? __import_iovec+0x5d4/0x7f0
[ 1080.957320][T20130]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1080.957357][T20130]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1080.957380][T20130]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1080.957405][T20130]  __sock_sendmsg+0x21c/0x270
[ 1080.957440][T20130]  ____sys_sendmsg+0x52d/0x830
[ 1080.957472][T20130]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1080.957515][T20130]  ___sys_sendmsg+0x21f/0x2a0
[ 1080.957544][T20130]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1080.957571][T20130]  ? __lock_acquire+0xab9/0xd20
[ 1080.957629][T20130]  ? __fget_files+0x2a/0x420
[ 1080.957651][T20130]  ? __fget_files+0x3a0/0x420
[ 1080.957684][T20130]  __sys_sendmmsg+0x28e/0x430
[ 1080.957717][T20130]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1080.957740][T20130]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1080.957804][T20130]  ? ksys_write+0x22a/0x250
[ 1080.957836][T20130]  ? exc_page_fault+0x82/0x100
[ 1080.957869][T20130]  ? __pfx_ksys_write+0x10/0x10
[ 1080.957909][T20130]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1080.957938][T20130]  __do_fast_syscall_32+0xb6/0x2b0
[ 1080.957968][T20130]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1080.958006][T20130]  do_fast_syscall_32+0x34/0x80
[ 1080.958027][T20130]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1080.958056][T20130] RIP: 0023:0xf7fa3539
[ 1080.958078][T20130] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1080.958098][T20130] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1080.958123][T20130] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 1080.958140][T20130] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[ 1080.958153][T20130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1080.958166][T20130] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1080.958180][T20130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1080.958289][T20130]  </TASK>
[ 1080.967647][ T5198] Dev loop5: unable to read RDB block 7
[ 1081.525405][ T5198]  loop5: unable to read partition table
[ 1081.535601][ T5198] loop5: partition table beyond EOD, truncated
[ 1082.461156][ T5198] Dev loop5: unable to read RDB block 7
[ 1082.483799][ T5198]  loop5: unable to read partition table
[ 1082.508980][ T5198] loop5: partition table beyond EOD, truncated
[ 1084.099427][ T5198] Dev loop5: unable to read RDB block 7
[ 1084.106399][ T5198]  loop5: unable to read partition table
[ 1084.120428][ T5198] loop5: partition table beyond EOD, truncated
[ 1084.434433][T20160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4439'.
[ 1084.454970][T20160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4439'.
[ 1084.593980][    C0] ------------[ cut here ]------------
[ 1084.600438][    C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[ 1084.611687][    C0] WARNING: CPU: 0 PID: 13 at net/mac80211/rate.c:406 __rate_control_send_low+0x5e2/0x820
[ 1084.621881][    C0] Modules linked in:
[ 1084.625908][    C0] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1084.635574][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1084.648203][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[ 1084.655145][    C0] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[ 1084.663092][    C0] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 c0 89 89 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 2f a0 c5 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[ 1084.684887][    C0] RSP: 0018:ffffc900000075d8 EFLAGS: 00010246
[ 1084.691092][    C0] RAX: 80e0ff57ff255c00 RBX: 000000000000000c RCX: ffff88801caa8000
[ 1084.699589][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1084.708186][    C0] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1084.716801][    C0] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: ffff888030da13e8
[ 1084.727918][    C0] R13: 0000000000000000 R14: ffff888076050e80 R15: ffff888076053138
[ 1084.739015][    C0] FS:  0000000000000000(0000) GS:ffff88812613b000(0000) knlGS:0000000000000000
[ 1084.750979][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1084.758392][    C0] CR2: 0000000080054018 CR3: 000000000dd38000 CR4: 00000000003526f0
[ 1084.767883][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1084.776508][    C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1084.786507][    C0] Call Trace:
[ 1084.790005][    C0]  <IRQ>
[ 1084.793213][    C0]  rate_control_send_low+0x1a7/0x7b0
[ 1084.798974][    C0]  rate_control_get_rate+0x20b/0x5d0
[ 1084.804930][    C0]  ieee80211_beacon_get_finish+0x39a/0x6c0
[ 1084.811704][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[ 1084.818123][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1084.823561][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1084.829413][    C0]  ieee80211_beacon_get_ap+0x1868/0x1f30
[ 1084.835177][    C0]  ? __pfx_ieee80211_beacon_get_ap+0x10/0x10
[ 1084.841460][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1084.847397][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1084.853111][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1084.858903][    C0]  __ieee80211_beacon_get+0x118e/0x1880
[ 1084.864697][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1084.871301][    C0]  ieee80211_beacon_get_tim+0xb4/0x2b0
[ 1084.876956][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[ 1084.883133][    C0]  mac80211_hwsim_beacon_tx+0x3ce/0x860
[ 1084.888779][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[ 1084.896114][    C0]  __iterate_interfaces+0x2ab/0x590
[ 1084.901384][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1084.907770][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[ 1084.915809][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1084.922045][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 1084.929729][    C0]  mac80211_hwsim_beacon+0xbb/0x180
[ 1084.935278][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1084.941491][    C0]  __hrtimer_run_queues+0x52c/0xc60
[ 1084.946811][    C0]  ? ktime_get_update_offsets_now+0x67/0x3d0
[ 1084.953719][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1084.959662][    C0]  ? read_tsc+0x9/0x20
[ 1084.963973][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1084.970515][    C0]  hrtimer_run_softirq+0x187/0x2b0
[ 1084.975991][    C0]  handle_softirqs+0x286/0x870
[ 1084.981094][    C0]  ? do_softirq+0xec/0x180
[ 1084.986055][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1084.991602][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.000026][    C0]  do_softirq+0xec/0x180
[ 1085.004427][    C0]  </IRQ>
[ 1085.007718][    C0]  <TASK>
[ 1085.010987][    C0]  ? __pfx_do_softirq+0x10/0x10
[ 1085.016287][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[ 1085.023222][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[ 1085.030984][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[ 1085.037428][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1085.044904][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.055892][    C0]  cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.063976][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[ 1085.071770][    C0]  ? _ieee802_11_parse_elems_full+0x44aa/0x4550
[ 1085.079478][    C0]  ? cfg80211_inform_bss_data+0x1f0/0x3b40
[ 1085.086285][    C0]  cfg80211_inform_bss_data+0x203/0x3b40
[ 1085.092596][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[ 1085.099364][    C0]  ? __pfx__ieee802_11_parse_elems_full+0x10/0x10
[ 1085.106596][    C0]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[ 1085.114932][    C0]  ? ieee80211_bss_info_update+0x2df/0x9e0
[ 1085.122328][    C0]  ieee80211_bss_info_update+0x749/0x9e0
[ 1085.128676][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[ 1085.135968][    C0]  ? sta_info_get+0x4f/0x300
[ 1085.141038][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[ 1085.148475][    C0]  ieee80211_ibss_rx_queued_mgmt+0xa4e/0x2af0
[ 1085.156404][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[ 1085.162976][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[ 1085.169762][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1085.175072][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1085.180753][    C0]  ? kcov_remote_start+0x18e/0x7f0
[ 1085.188233][    C0]  ieee80211_iface_work+0x85f/0x12d0
[ 1085.194508][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[ 1085.200378][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1085.206632][    C0]  process_scheduled_works+0xae1/0x17b0
[ 1085.213035][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1085.219954][    C0]  worker_thread+0x8a0/0xda0
[ 1085.226454][    C0]  kthread+0x711/0x8a0
[ 1085.231712][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1085.239514][    C0]  ? __pfx_kthread+0x10/0x10
[ 1085.245477][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1085.252031][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1085.257785][    C0]  ? __pfx_kthread+0x10/0x10
[ 1085.265595][    C0]  ret_from_fork+0x4bc/0x870
[ 1085.271311][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1085.279148][    C0]  ? __switch_to_asm+0x39/0x70
[ 1085.285073][    C0]  ? __switch_to_asm+0x33/0x70
[ 1085.291360][    C0]  ? __pfx_kthread+0x10/0x10
[ 1085.296891][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1085.303711][    C0]  </TASK>
[ 1085.307879][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1085.316743][    C0] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1085.326800][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1085.339845][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[ 1085.347421][    C0] Call Trace:
[ 1085.351103][    C0]  <IRQ>
[ 1085.354232][    C0]  dump_stack_lvl+0x99/0x250
[ 1085.359737][    C0]  ? __asan_memcpy+0x40/0x70
[ 1085.365203][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1085.372652][    C0]  ? __pfx__printk+0x10/0x10
[ 1085.378723][    C0]  vpanic+0x237/0x6d0
[ 1085.383242][    C0]  ? __pfx_vpanic+0x10/0x10
[ 1085.387831][    C0]  panic+0xb9/0xc0
[ 1085.391618][    C0]  ? __pfx_panic+0x10/0x10
[ 1085.396310][    C0]  __warn+0x31b/0x4b0
[ 1085.400381][    C0]  ? __rate_control_send_low+0x5e2/0x820
[ 1085.406163][    C0]  ? __rate_control_send_low+0x5e2/0x820
[ 1085.412622][    C0]  report_bug+0x2be/0x4f0
[ 1085.417298][    C0]  ? __rate_control_send_low+0x5e2/0x820
[ 1085.423293][    C0]  ? __rate_control_send_low+0x5e2/0x820
[ 1085.429533][    C0]  ? __rate_control_send_low+0x5e4/0x820
[ 1085.435959][    C0]  handle_bug+0x84/0x160
[ 1085.442186][    C0]  exc_invalid_op+0x1a/0x50
[ 1085.447833][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 1085.453196][    C0] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[ 1085.463166][    C0] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 c0 89 89 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 2f a0 c5 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[ 1085.484497][    C0] RSP: 0018:ffffc900000075d8 EFLAGS: 00010246
[ 1085.494171][    C0] RAX: 80e0ff57ff255c00 RBX: 000000000000000c RCX: ffff88801caa8000
[ 1085.503051][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1085.511946][    C0] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1085.520505][    C0] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: ffff888030da13e8
[ 1085.529329][    C0] R13: 0000000000000000 R14: ffff888076050e80 R15: ffff888076053138
[ 1085.538968][    C0]  ? __rate_control_send_low+0x5e1/0x820
[ 1085.546119][    C0]  rate_control_send_low+0x1a7/0x7b0
[ 1085.552164][    C0]  rate_control_get_rate+0x20b/0x5d0
[ 1085.557681][    C0]  ieee80211_beacon_get_finish+0x39a/0x6c0
[ 1085.564245][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[ 1085.571973][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1085.578850][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1085.586696][    C0]  ieee80211_beacon_get_ap+0x1868/0x1f30
[ 1085.592932][    C0]  ? __pfx_ieee80211_beacon_get_ap+0x10/0x10
[ 1085.599062][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1085.605065][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1085.610769][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1085.616673][    C0]  __ieee80211_beacon_get+0x118e/0x1880
[ 1085.622733][    C0]  ? __ieee80211_beacon_get+0x36/0x1880
[ 1085.629578][    C0]  ieee80211_beacon_get_tim+0xb4/0x2b0
[ 1085.635886][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[ 1085.644385][    C0]  mac80211_hwsim_beacon_tx+0x3ce/0x860
[ 1085.650895][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[ 1085.658515][    C0]  __iterate_interfaces+0x2ab/0x590
[ 1085.664743][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1085.671730][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[ 1085.679581][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1085.685992][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 1085.694113][    C0]  mac80211_hwsim_beacon+0xbb/0x180
[ 1085.699907][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1085.706688][    C0]  __hrtimer_run_queues+0x52c/0xc60
[ 1085.712285][    C0]  ? ktime_get_update_offsets_now+0x67/0x3d0
[ 1085.719304][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1085.725745][    C0]  ? read_tsc+0x9/0x20
[ 1085.730027][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1085.736957][    C0]  hrtimer_run_softirq+0x187/0x2b0
[ 1085.743018][    C0]  handle_softirqs+0x286/0x870
[ 1085.749028][    C0]  ? do_softirq+0xec/0x180
[ 1085.755754][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1085.761720][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.770726][    C0]  do_softirq+0xec/0x180
[ 1085.775586][    C0]  </IRQ>
[ 1085.779133][    C0]  <TASK>
[ 1085.782747][    C0]  ? __pfx_do_softirq+0x10/0x10
[ 1085.788706][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[ 1085.796043][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[ 1085.802000][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[ 1085.808086][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1085.814820][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.821994][    C0]  cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[ 1085.828677][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[ 1085.836987][    C0]  ? _ieee802_11_parse_elems_full+0x44aa/0x4550
[ 1085.844014][    C0]  ? cfg80211_inform_bss_data+0x1f0/0x3b40
[ 1085.849975][    C0]  cfg80211_inform_bss_data+0x203/0x3b40
[ 1085.855678][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[ 1085.862036][    C0]  ? __pfx__ieee802_11_parse_elems_full+0x10/0x10
[ 1085.868632][    C0]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[ 1085.875177][    C0]  ? ieee80211_bss_info_update+0x2df/0x9e0
[ 1085.881566][    C0]  ieee80211_bss_info_update+0x749/0x9e0
[ 1085.887421][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[ 1085.893736][    C0]  ? sta_info_get+0x4f/0x300
[ 1085.898470][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[ 1085.904870][    C0]  ieee80211_ibss_rx_queued_mgmt+0xa4e/0x2af0
[ 1085.911190][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[ 1085.917668][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[ 1085.924325][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1085.929940][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1085.935215][    C0]  ? kcov_remote_start+0x18e/0x7f0
[ 1085.940919][    C0]  ieee80211_iface_work+0x85f/0x12d0
[ 1085.946527][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[ 1085.951810][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1085.957787][    C0]  process_scheduled_works+0xae1/0x17b0
[ 1085.963701][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1085.970052][    C0]  worker_thread+0x8a0/0xda0
[ 1085.975123][    C0]  kthread+0x711/0x8a0
[ 1085.979265][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1085.984430][    C0]  ? __pfx_kthread+0x10/0x10
[ 1085.990041][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1085.995385][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1086.001325][    C0]  ? __pfx_kthread+0x10/0x10
[ 1086.006146][    C0]  ret_from_fork+0x4bc/0x870
[ 1086.011147][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1086.016630][    C0]  ? __switch_to_asm+0x39/0x70
[ 1086.021725][    C0]  ? __switch_to_asm+0x33/0x70
[ 1086.026839][    C0]  ? __pfx_kthread+0x10/0x10
[ 1086.032188][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1086.037766][    C0]  </TASK>
[ 1086.041469][    C0] Kernel Offset: disabled
[ 1086.047268][    C0] Rebooting in 86400 seconds..