last executing test programs:

7.370674604s ago: executing program 1 (id=1877):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000002780)=[{{&(0x7f0000000300)=@nfc, 0x80, &(0x7f0000000000)=[{&(0x7f0000000380)=""/135, 0x87}, {&(0x7f0000000440)=""/93, 0x5d}], 0x2}, 0x7fff}, {{&(0x7f0000000540)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000100)}, {&(0x7f0000000d80)=""/218, 0xda}, {&(0x7f00000001c0)=""/30, 0x1e}, {&(0x7f0000000d00)=""/90, 0x5a}, {&(0x7f0000000740)=""/75, 0x4b}, {&(0x7f00000007c0)=""/78, 0x4e}, {&(0x7f0000000840)=""/111, 0x6f}], 0x7, &(0x7f0000000940)=""/251, 0xfb}, 0x3}, {{&(0x7f0000000a40)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000ac0)=""/84, 0x54}], 0x1, &(0x7f0000000b80)=""/52, 0x34}, 0x1}, {{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000f80), 0x0, &(0x7f0000001000)=""/106, 0x6a}, 0x10001}, {{&(0x7f0000001080)=@alg, 0x80, &(0x7f0000002680)=[{&(0x7f0000001100)=""/70, 0x46}, {&(0x7f0000000c40)=""/143, 0x8f}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/147, 0x93}, {&(0x7f0000002300)=""/253, 0xfd}, {&(0x7f0000002400)=""/180, 0xb4}, {&(0x7f00000024c0)=""/94, 0x5e}, {&(0x7f0000002540)=""/146, 0x92}, {&(0x7f0000002600)=""/69, 0x45}], 0x9, &(0x7f0000002740)=""/40, 0x28}, 0xfff}], 0x5, 0x40000003, 0x0)
readv(r1, 0x0, 0x0)
unshare(0x24040000)
unshare(0x2c020400)
r6 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000080)={'team0\x00', @broadcast})
mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x8, 0x1, 0xe, @vifc_lcl_ifindex, @broadcast}, 0x10)
ioctl$USBDEVFS_REAPURB(r6, 0x4008550c, 0x0)
fanotify_init(0x4000, 0x0)
unshare(0x2040400)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6000000002061b0000000000000000000000000005000400000000000900020073797a3100000000140007800500150020000000080012400000002e050005000200000005000100060000001100030068"], 0x60}}, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x2)
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)

5.744370937s ago: executing program 0 (id=1882):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x7c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r3, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_fw={{0x7}, {0x50, 0x2, [@TCA_FW_ACT={0x4c, 0x4, [@m_ctinfo={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x5, 0x3, 0x10000000, 0x5}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

5.65639922s ago: executing program 0 (id=1883):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a0000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

5.59787152s ago: executing program 0 (id=1884):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b00)={0x3c, r1, 0x5, 0x0, 0x25dfdbfa, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_PROBE_RESP={0x17, 0x91, "7b294779a9dcd5ab6dfe5b38e5dd2692e3cba9"}], @chandef_params, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x800007f}]}, 0x3c}}, 0x840)

5.569507497s ago: executing program 0 (id=1885):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb05, 0x18c6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x45}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0xfa, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000004c0)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="40234500000045040c6867d20d1ca9c16186cedffdc6376be35d9613adc65d85"], 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x1ff001}, {{0x0, 0x0, 0x0}, 0x10000001}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/202, 0xca}, {&(0x7f0000000900)=""/230, 0xe6}, {&(0x7f0000003e00)=""/4111, 0x100f}, {&(0x7f00000001c0)=""/229, 0xe5}], 0x4}, 0x8101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000b80)=""/223, 0xdf}, {&(0x7f0000001a00)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4087, 0xff7}, {&(0x7f0000000440)=""/117, 0x75}, {&(0x7f0000000500)=""/90, 0x5a}, {&(0x7f0000000a00)=""/166, 0xa6}], 0x6}, 0x4db}, {{0x0, 0x0, 0x0}, 0x8}], 0x8, 0x0, 0x0)

5.465097238s ago: executing program 1 (id=1886):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
read$snapshot(r1, 0x0, 0xffffffbf)

5.377052042s ago: executing program 1 (id=1888):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.rsvd.failcnt\x00', 0x2, 0x0)
r1 = creat(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x47)
ioctl$KVM_CAP_XEN_HVM(r1, 0x4068aea3, &(0x7f00000007c0)={0x26, 0x0, 0xa})
syz_usb_connect$uac1(0x0, 0xaa, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902980003010000000904000000010100000a2401000000020102132406040006030000000000000000000000000924030000010000ff0924050000f8431cfd0924030604030204001b24040402"], 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r3, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x6, 0x0, 0x7}]}, 0x10)
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESDEC], 0x0)
open_tree(r1, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x81000)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x3b, &(0x7f00000000c0)=ANY=[])
r6 = socket$nl_generic(0x10, 0x3, 0x10)
dup3(r2, r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, 0x0, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r8, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)

4.351683837s ago: executing program 2 (id=1891):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x2, 0x70bd25, 0x0, {}, [{0x34, 0x1, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f0000000040))

4.11551776s ago: executing program 2 (id=1894):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a0000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

3.949418838s ago: executing program 4 (id=1896):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {0x4}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x9, 0x7, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x0, 0x5, 0x8, 0x4, 0x10, 0x4], 0x3, [0x8b, 0x101, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x3, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) (fail_nth: 3)

3.866311037s ago: executing program 2 (id=1897):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) (async)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x4000000, 0x1, 0x0, 'queue0\x00'})
r1 = syz_open_dev$vcsa(&(0x7f0000002100), 0x4020000000021, 0x440081)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020) (async)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r4, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r4], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094) (async)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r4, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r4], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r6 = socket(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x74, 0x28, 0xd27, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xfffffffc, 0x8, 0x0, 0x8, 0x80, {0x4, 0x1, 0x0, 0x2, 0x61f, 0x10000}, {0x5, 0x1, 0x6b4a, 0x9, 0xa6, 0x10000}, 0x4, 0x80000001, 0xc6}}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x404c0c0)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@delchain={0x24, 0x11, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x10}, {0x0, 0x1}, {0x8}}}, 0x24}}, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002080), 0xc0000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0xffffffffffffff09, <r8=>r0}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r8, 0x40a85323, &(0x7f00000000c0)={{0x8, 0x28}, 'port1\x00', 0x8, 0x0, 0xff, 0x7fff, 0x3f, 0x3, 0x7000000, 0x0, 0x4, 0x9})
r9 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r9, 0x0, 0x0)
fchdir(r10) (async)
fchdir(r10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a) (async)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r13 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r13, 0xc0405602, &(0x7f0000000500)={0x9, 0x1, 0x2, "3bd9d3fe337649c318d3b5710fe89a0d9ec9b50e98bc2e00", 0x32315241})
sendmmsg$unix(r12, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(r12, &(0x7f00000bd000), 0x318, 0x0)

3.840481435s ago: executing program 1 (id=1898):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x30}}], 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x973, 0x1c080, 0x0, 0x44a})
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)={0x24, 0x0, 0x1, 0x70bd2f, 0xfffffffc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000008)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)
r3 = gettid()
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r5, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r5, &(0x7f0000001680)=""/4121, 0x1019, 0x10001, 0x0, 0x0)
tkill(r3, 0x11)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="05"], 0x0)
pselect6(0x40, &(0x7f0000000340)={0xa, 0xa3cd, 0x6, 0xffffffffffffeffd, 0x9, 0x5, 0x9, 0x2}, 0x0, 0x0, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000003640), 0x40401, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x840)
sendmsg$kcm(r0, 0x0, 0x20000818)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYBLOB, @ANYRES32=0x0, @ANYRES16=r0], 0x20)

3.366706604s ago: executing program 4 (id=1900):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a00000000000000000700", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

3.235396622s ago: executing program 2 (id=1901):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x23a, &(0x7f00000004c0)={0x0, 0x1c2a, 0x10100, 0x2, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r5, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x63, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0xfffffffffffffffd)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000150001c0"])
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000140)={0x2, 0x4e20, @local}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r10, 0xc058534f, &(0x7f0000000000)={{0xfa, 0xff}, 0x1, 0x5, 0x3, {0x3, 0x2d}, 0x2, 0x2})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f00000001c0)=[{{}, {0x3, 0x1, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}}], 0x20)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x11)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r12, 0x84, 0x82, &(0x7f0000000280)='\x00\'\x00\x00\x00\x00\x00\x00', 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r12, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback, 0x20006}], 0x1c)
write$tcp_mem(r11, &(0x7f0000000400)={0x6, 0x2d, 0x2, 0x3a, 0x0, 0x2c}, 0x48)

3.131439418s ago: executing program 4 (id=1902):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x830, 0x0, 0x2, 0x9}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r4}})
io_uring_enter(r1, 0x1733, 0x0, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
pipe(0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="94", 0x1)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x8f5, 0x100000000000000)
read$FUSE(0xffffffffffffffff, &(0x7f0000004440)={0x2020}, 0x2020)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r6 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

2.913387875s ago: executing program 0 (id=1903):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.rsvd.failcnt\x00', 0x2, 0x0)
r1 = creat(0x0, 0x47)
ioctl$KVM_CAP_XEN_HVM(r1, 0x4068aea3, &(0x7f00000007c0)={0x26, 0x0, 0xa})
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x194)
syz_usb_connect$uac1(0x0, 0xaa, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902980003010000000904000000010100000a2401000000020102132406040006030000000000000000000000000924030000010000ff0924050000f8431cfd0924030604030204001b24040402"], 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x6, 0x0, 0x7}]}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESDEC], 0x0)
open_tree(r1, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x81000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r7, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)

1.922042354s ago: executing program 4 (id=1904):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x2, 0x70bd25, 0x0, {}, [{0x34, 0x1, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f0000000040))

1.859691092s ago: executing program 2 (id=1905):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x40, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @private2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010101}, @GTPA_FAMILY={0x5, 0xd, 0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x40880)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
writev(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000140)='Q', 0x1}], 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
rt_sigaction(0x4, &(0x7f00000001c0)={&(0x7f0000000140)="44dfa3998999998f083087649e0d0036660f38df2b660fbab97500000000c3c4a37905d708f246ad66450f28e20f9218c401f5e84c5700", 0x50000003, 0x0, {[0x1]}}, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CAP_EXIT_HYPERCALL(r0, 0x4068aea3, &(0x7f0000000280)={0xc9, 0x0, 0xc})
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[], 0xac}, 0x1, 0x0, 0x0, 0xc894}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x24, 0x3, 0x6, 0x3, 0x0, 0x9e, 0x2, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x8000000000000035, 0x400fff, 0x14000000215b9037, 0x40180, 0x1, 0x11, 0x8000000000f2, 0x0, 0x3, 0x20000005, 0x5, 0xc6bd, 0x566, 0x45, 0x5, 0x7], 0x6006, 0x1c0293})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.685272374s ago: executing program 4 (id=1906):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{}, [@jmp={0x7, 0x0, 0xa, 0x0, 0x0, 0x1, 0xffffffffffffffff}]}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x9, @private2={0xfc, 0x2, '\x00', 0x6}, 0x7177}]}, &(0x7f0000000380)=0x10) (async, rerun: 32)
r1 = socket(0x2, 0x80805, 0x0) (rerun: 32)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) (async)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000000)={r3, 0x7}, &(0x7f0000000040)=0x8) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe3, 0xe3, 0x7, [@ptr={0x2, 0x0, 0x0, 0x2, 0x1}, @volatile={0x9, 0x0, 0x0, 0x9, 0x5}, @decl_tag={0x8, 0x0, 0x0, 0x11, 0x5, 0xa}, @enum64={0xe, 0x8, 0x0, 0x13, 0x1, 0xa, [{0x10, 0x3ff, 0x488e4bcc}, {0x7, 0x2, 0x4}, {0xa, 0x5, 0x7d3}, {0x5, 0x7fffffff, 0x2}, {0xe, 0x10}, {0x1, 0x1, 0xc}, {0xe, 0xd, 0x4}, {0xe, 0x3, 0x1}]}, @decl_tag={0x4, 0x0, 0x0, 0x11, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x5, 0x3}}, @datasec={0xd, 0x2, 0x0, 0xf, 0x3, [{0x3, 0xc2, 0x7}, {0x4, 0x7}], "4c4c91"}]}, {0x0, [0x5f, 0x30, 0x30, 0x61, 0x2e]}}, &(0x7f0000000040)=""/12, 0x103, 0xc, 0x1, 0x1}, 0x28)

1.550936018s ago: executing program 2 (id=1908):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.rsvd.failcnt\x00', 0x2, 0x0)
r1 = creat(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x47)
ioctl$KVM_CAP_XEN_HVM(r1, 0x4068aea3, &(0x7f00000007c0)={0x26, 0x0, 0xa})
syz_usb_connect$uac1(0x0, 0xaa, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902980003010000000904000000010100000a2401000000020102132406040006030000000000000000000000000924030000010000ff0924050000f8431cfd0924030604030204001b24040402"], 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r3, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x6, 0x0, 0x7}]}, 0x10)
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESDEC], 0x0)
open_tree(r1, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x81000)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x3b, &(0x7f00000000c0)=ANY=[])
r6 = socket$nl_generic(0x10, 0x3, 0x10)
dup3(r2, r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, 0x0, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r8, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)

1.371282594s ago: executing program 3 (id=1910):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @time=@time={0x9, 0x1}}], 0x38)
read$snapshot(r1, 0x0, 0xffffffbf)
pselect6(0x40, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x3f9, 0x49}, 0x0, &(0x7f00000000c0)={0x1f, 0x3, 0x2, 0x0, 0x0, 0x1000000, 0x0, 0x4}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

1.264506513s ago: executing program 3 (id=1911):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@file={0x1, './control\x00'}, 0x6e) (async)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './control\x00'}, 0x6e)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000a00)={0x0, <r2=>0x0}) (async)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={0x0, <r3=>0x0}, &(0x7f0000000a80)=0xc) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000ac0)={0x2020, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
statx(0xffffffffffffffff, &(0x7f0000002b00)='./control\x00', 0x800, 0x20, &(0x7f0000002b40)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0})
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
read$FUSE(r8, &(0x7f00000021c0)={0x2020, 0x0, <r9=>0x0, <r10=>0x0, <r11=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000000080)={0x50, 0x0, r9, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50) (async)
syz_fuse_handle_req(r8, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r8, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0xb0, 0x0, 0xfffffffffffffff9, [{{0x2, 0x1, 0x206, 0x6, 0x8, 0x30d6, {0x0, 0xe, 0x3, 0x9, 0xe5e, 0x7ff, 0xfffffffe, 0x9, 0xfffffffb, 0x1000, 0x9, r10, r11, 0x0, 0xb6fc}}, {0x3, 0x80000001, 0x5, 0x8, 'ext4\x00'}}]}, 0x0, 0x0, 0x0}) (async)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000002c40)=<r12=>0x0) (async)
read$FUSE(r1, &(0x7f0000002c80)={0x2020, 0x0, 0x0, <r13=>0x0, <r14=>0x0}, 0x2020) (async)
r15 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r15}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
read$FUSE(r15, &(0x7f00000021c0)={0x2020, 0x0, <r16=>0x0, <r17=>0x0, <r18=>0x0}, 0x2020)
write$FUSE_INIT(r15, &(0x7f0000000080)={0x50, 0x0, r16, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50) (async)
syz_fuse_handle_req(r15, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
sendmmsg$unix(r1, &(0x7f0000008800)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="01120ebf43aba57c9a751587aacd726869dbbab1c999d664319e4f91f9018645f4732dd398bbcffcd23e51cc2c8c52a212ea07627b1c232591104bf36122c185113c825fab4e15c3947d08ab3af539dff0d16e73744ca3b274", 0x59}], 0x1, &(0x7f00000001c0)=[@rights={{0x20, 0x1, 0x1, [r1, r1, r1, r0]}}], 0x20, 0x60008810}}, {{&(0x7f0000000200)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000300)="6f1d7b9445d69a3aa52853707c9e4194ceb8d13c37c63e7c45b3a616fa25aa41f48148c30bff34dedc6a41262a6f142cb3ed6d6557c3d9dec2caaf87474858e4076cc934ddd551fe4da50a920f93fe86db517f11462ad9e909fc4c1b2f427babb9b6190bf54208d5988ec52acca1f3e2c08a56bd", 0x74}, {&(0x7f0000000440)="477d805c9aed412c9705039f409dc16e4ea6ac9c71064a898ad21a87213835d0091ae5ad0a8ed4dfee00c9da2b7f5b6df468cf4c4be9e8491167ed81f1d585a2f567bbbfbce12e62c44890e0e576b04a8c9791d3cd82fbe6b617f2ec428f4ad912fc92a35ff3383cd3b1ededbcf7b90013f8c3131ceedfde5a4888bac6ddc829d2b7d636eb3dba7d8d28dea833e6ac2cb6bd9b0cfa47d7d7435f242677be0401739378df0246e6c91c", 0xa9}, {&(0x7f0000000600)="e3421aa695cb940b3e08b29eb679a1aba21fa565eec2d130c65228df9d8b1e21d6a00f9deeed45c65785d896edacea170e63c119be59cd4925f928c1dbadf2d3ef791df9fe742f95cb5e483b161ad8c5f87f5cc264fcf32a23488449f5ac05a017946b16ceaf64a6c4d04934731339e6b6fd6dd5c660da6efb510308592de06bcf4b94f02b580761bae41abf346c68fdaa6d57d2dfe619043779a21fe0f8afe7b0f2c0bac5225319164c3b3074d207d48c8bf24bc0a11f3ba13fea64c170c9bb8519f47c77628d8ba5e5382daf008485a88cf48c3f64c4ef9f6f91f1c862ab04d7ea03593a1dab3858adc3cbb90f888af648a940aa", 0xf5}, {&(0x7f0000000700)="013426c7a8b1d298731b7178db089f5d396b3b84b90b787c572ce47fb18e79adb80e2247ac7c4d9458a6c600461ed25c4ba364df74a45f6533c12b26ca1188a74025a44c060b287e5de5fefbbfe7ac3dc5c33abd8f937f2f0bb6b79a3fb11a458ff1098a3097629cd1f8b33a9ecf3e1a55935db1fce31a6af8da6e49d8995feced0d292d3bdfdd6ec38b4e6b236c6a6c7d8f508ae4abacf2b1fa257efa27a52391fc60c678ea8573f3ec762c6a6eab43d1d96c85e06a4f6d7e9d9b0737467eed075779d236787247724dfa41f16c3e9042ebc97437", 0xd5}, {&(0x7f0000000800)="f4bae9fd975c0f971979c5262e79dbb00504f9e8f40fb110d888b8a359b6e39cda5c8cf8c1f5dc6719860f87134aef6e01a79336d83b923658fd1adddf9b9d1528bef483746eacff5072a70f36a6f83574102df77774a1969b98ed7c903537147221d099b81c54bd990621f108534c934cdfeee1e4651d82ee18fce8ac2a31a03d61e6728f37c6af84ab8c5765e6886271265c4c66d3bc594e418fc003d14204bb765da2fc7000046c7e72fa3c1a05f10b07775c361e5fb671c6a316da26f7ecd184a50cc4f0b58f66a6502b38d77e9b6bcff323f329bc7082d93876e151b07df34faeda295e98cf8c56", 0xea}, {&(0x7f0000000500)}, {&(0x7f0000000900)="02e9b369b79cec43be508bece66f5e2845df23c0a1ccdb39e246f423a11747c73689ab14559ebec97c3438fa939677861d5cd6d9ce0d13e8897ba7989c089e938f9a17521b140ff3b455b7845a1b1e7bfaf4f253d7f77733764262dc4da856232f1c3a6ce501", 0x66}], 0x7, &(0x7f0000004d00)=[@rights={{0x18, 0x1, 0x1, [r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x28, 0x1, 0x1, [r1, r0, r0, r1, r1, r0]}}, @rights={{0x18, 0x1, 0x1, [r1, r0]}}, @cred={{0x1c, 0x1, 0x2, {r5, r6, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r13, r18}}}, @cred={{0x1c}}], 0xf0, 0x44000}}, {{&(0x7f0000008680)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000008740)=[{&(0x7f0000008700)="16", 0x1}], 0x1, &(0x7f0000008780)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r17, r14}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r6, r7}}}], 0x78, 0x814}}], 0x3, 0x44) (async)
r19 = socket(0xa, 0x803, 0x4000)
ioctl$sock_SIOCETHTOOL(r19, 0x8946, &(0x7f00000002c0)={'veth0_vlan\x00', &(0x7f0000000000)=@ethtool_cmd={0x26, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffc]}}) (async)
pipe(&(0x7f00000000c0))
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0) (async)
r20 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r20, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER_INTVL={0xc}, @IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x2e9}]}}}]}, 0x4c}}, 0x0)

1.183102984s ago: executing program 3 (id=1912):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a0000000000000000070000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

1.18233218s ago: executing program 3 (id=1913):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
io_setup(0x1, &(0x7f0000002500)=<r1=>0x0)
close(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000006300)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0xfeffffffffffffff, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3966, 0x1, 0x8000, 0x0, r6, r7, 0x3, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r7)
io_submit(r1, 0x1, &(0x7f0000002680)=[&(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x1000, r0, &(0x7f0000002540)='\r', 0x1}])

993.475008ms ago: executing program 3 (id=1914):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x830, 0x0, 0x2, 0x9}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r4}})
io_uring_enter(r1, 0x1733, 0x0, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
pipe(0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="94", 0x1)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x8f5, 0x100000000000000)
read$FUSE(0xffffffffffffffff, &(0x7f0000004440)={0x2020}, 0x2020)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r6 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

913.914898ms ago: executing program 3 (id=1915):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x23a, &(0x7f00000004c0)={0x0, 0x1c2a, 0x10100, 0x2, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r5, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x63, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0xfffffffffffffffd)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000150001c0"])
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000140)={0x2, 0x4e20, @local}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r10, 0xc058534f, &(0x7f0000000000)={{0xfa, 0xff}, 0x1, 0x5, 0x3, {0x3, 0x2d}, 0x2, 0x2})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f00000001c0)=[{{}, {0x3, 0x1, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}}], 0x20)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x11)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r12, 0x84, 0x82, &(0x7f0000000280)='\x00\'\x00\x00\x00\x00\x00\x00', 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r12, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback, 0x20006}], 0x1c)
write$tcp_mem(r11, &(0x7f0000000400)={0x6, 0x2d, 0x2, 0x3a, 0x0, 0x2c}, 0x48)

696.601452ms ago: executing program 4 (id=1916):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
r5 = eventfd(0x80000001)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_CALL(r4, 0x4008af21, &(0x7f0000000080)={0x2, r5})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000140)="440fbae516660f38820501000000f24283d1dfb9800000c00f3235002000000f30663e420f2085660f3882a1faffffff410f01cf0f013f66ba420066b88c0066ef660f2023", 0x45}], 0x1, 0x33, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

433.233888ms ago: executing program 1 (id=1917):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001e80)=@newtaction={0x48, 0x32, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1}}, {0xc}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

221.02395ms ago: executing program 0 (id=1918):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x40, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @private2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010101}, @GTPA_FAMILY={0x5, 0xd, 0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x40880)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
writev(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000140)='Q', 0x1}], 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
rt_sigaction(0x4, &(0x7f00000001c0)={&(0x7f0000000140)="44dfa3998999998f083087649e0d0036660f38df2b660fbab97500000000c3c4a37905d708f246ad66450f28e20f9218c401f5e84c5700", 0x50000003, 0x0, {[0x1]}}, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CAP_EXIT_HYPERCALL(r0, 0x4068aea3, &(0x7f0000000280)={0xc9, 0x0, 0xc})
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[], 0xac}, 0x1, 0x0, 0x0, 0xc894}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x24, 0x3, 0x6, 0x3, 0x0, 0x9e, 0x2, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x8000000000000035, 0x400fff, 0x14000000215b9037, 0x40180, 0x1, 0x11, 0x8000000000f2, 0x0, 0x3, 0x20000005, 0x5, 0xc6bd, 0x566, 0x45, 0x5, 0x7], 0x6006, 0x1c0293})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 1 (id=1919):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a00000000000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

kernel console output (not intermixed with test programs):

re name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.246084][T10305] Call Trace:
[  321.246091][T10305]  <TASK>
[  321.246099][T10305]  dump_stack_lvl+0x189/0x250
[  321.246123][T10305]  ? __pfx____ratelimit+0x10/0x10
[  321.246145][T10305]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.246160][T10305]  ? __pfx__printk+0x10/0x10
[  321.246174][T10305]  ? __might_fault+0xb0/0x130
[  321.246197][T10305]  should_fail_ex+0x414/0x560
[  321.246224][T10305]  _copy_from_user+0x2d/0xb0
[  321.246246][T10305]  kstrtouint_from_user+0xc4/0x170
[  321.246266][T10305]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  321.246297][T10305]  proc_fail_nth_write+0x88/0x200
[  321.246314][T10305]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  321.246345][T10305]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  321.246371][T10305]  vfs_write+0x27e/0xb30
[  321.246400][T10305]  ? __pfx_vfs_write+0x10/0x10
[  321.246421][T10305]  ? __fget_files+0x2a/0x420
[  321.246445][T10305]  ? __fget_files+0x3a0/0x420
[  321.246464][T10305]  ? __fget_files+0x2a/0x420
[  321.246494][T10305]  ksys_write+0x145/0x250
[  321.246515][T10305]  ? __pfx_ksys_write+0x10/0x10
[  321.246538][T10305]  ? do_syscall_64+0xbe/0xfa0
[  321.246567][T10305]  do_syscall_64+0xfa/0xfa0
[  321.246581][T10305]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.246599][T10305]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.246614][T10305]  ? clear_bhb_loop+0x60/0xb0
[  321.246636][T10305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.246653][T10305] RIP: 0033:0x7f1340b8da7f
[  321.246669][T10305] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  321.246684][T10305] RSP: 002b:00007f1341a76030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  321.246707][T10305] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1340b8da7f
[  321.246719][T10305] RDX: 0000000000000001 RSI: 00007f1341a760a0 RDI: 0000000000000004
[  321.246730][T10305] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  321.246742][T10305] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  321.246752][T10305] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  321.246784][T10305]  </TASK>
[  321.252416][  T981] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  321.515534][  T981] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  321.525456][  T981] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  321.634334][  T981] usb 1-1: Product: syz
[  321.700746][  T981] usb 1-1: Manufacturer: syz
[  321.766864][  T981] usb 1-1: SerialNumber: syz
[  321.854594][T10312] netlink: 288 bytes leftover after parsing attributes in process `syz.1.1521'.
[  321.879876][T10312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1521'.
[  321.900737][T10312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1521'.
[  321.913646][T10299] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  321.983564][  T981] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input20
[  322.120777][T10318] netlink: 'syz.1.1524': attribute type 12 has an invalid length.
[  322.132597][T10318] netlink: 'syz.1.1524': attribute type 29 has an invalid length.
[  322.141554][T10318] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1524'.
[  322.537669][  T981] usb 1-1: USB disconnect, device number 17
[  322.567687][  T981] appletouch 1-1:1.0: input: appletouch disconnected
[  323.982120][T10352] FAULT_INJECTION: forcing a failure.
[  323.982120][T10352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.012528][T10352] CPU: 1 UID: 0 PID: 10352 Comm: syz.0.1538 Not tainted syzkaller #0 PREEMPT(full) 
[  324.012551][T10352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  324.012561][T10352] Call Trace:
[  324.012567][T10352]  <TASK>
[  324.012575][T10352]  dump_stack_lvl+0x189/0x250
[  324.012597][T10352]  ? __pfx____ratelimit+0x10/0x10
[  324.012632][T10352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.012649][T10352]  ? __pfx__printk+0x10/0x10
[  324.012667][T10352]  ? __might_fault+0xb0/0x130
[  324.012695][T10352]  should_fail_ex+0x414/0x560
[  324.012723][T10352]  _copy_from_user+0x2d/0xb0
[  324.012743][T10352]  sctp_getsockopt_default_send_param+0xc1/0x6d0
[  324.012762][T10352]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.012777][T10352]  ? __pfx_sctp_getsockopt_default_send_param+0x10/0x10
[  324.012792][T10352]  ? __local_bh_enable_ip+0x12d/0x1c0
[  324.012822][T10352]  sctp_getsockopt+0x515/0xb60
[  324.012839][T10352]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  324.012869][T10352]  do_sock_getsockopt+0x372/0x450
[  324.012893][T10352]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  324.012913][T10352]  ? do_syscall_64+0xa0/0xfa0
[  324.012930][T10352]  ? __fget_files+0x2a/0x420
[  324.012947][T10352]  ? __fget_files+0x3a0/0x420
[  324.012965][T10352]  ? __fget_files+0x2a/0x420
[  324.012990][T10352]  __x64_sys_getsockopt+0x1a5/0x250
[  324.013010][T10352]  ? do_syscall_64+0xa0/0xfa0
[  324.013026][T10352]  ? do_syscall_64+0xa0/0xfa0
[  324.013045][T10352]  do_syscall_64+0xfa/0xfa0
[  324.013060][T10352]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.013075][T10352]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.013091][T10352]  ? clear_bhb_loop+0x60/0xb0
[  324.013110][T10352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.013124][T10352] RIP: 0033:0x7f161438efc9
[  324.013139][T10352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.013151][T10352] RSP: 002b:00007f16151f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  324.013169][T10352] RAX: ffffffffffffffda RBX: 00007f16145e5fa0 RCX: 00007f161438efc9
[  324.013181][T10352] RDX: 000000000000000a RSI: 0000000000000084 RDI: 0000000000000003
[  324.013193][T10352] RBP: 00007f16151f1090 R08: 0000200000000140 R09: 0000000000000000
[  324.013203][T10352] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  324.013211][T10352] R13: 00007f16145e6038 R14: 00007f16145e5fa0 R15: 00007f161470fa28
[  324.013238][T10352]  </TASK>
[  324.251529][    C1] vkms_vblank_simulate: vblank timer overrun
[  324.971115][T10385] FAULT_INJECTION: forcing a failure.
[  324.971115][T10385] name failslab, interval 1, probability 0, space 0, times 0
[  324.984022][T10385] CPU: 1 UID: 0 PID: 10385 Comm: syz.1.1551 Not tainted syzkaller #0 PREEMPT(full) 
[  324.984045][T10385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  324.984055][T10385] Call Trace:
[  324.984062][T10385]  <TASK>
[  324.984070][T10385]  dump_stack_lvl+0x189/0x250
[  324.984092][T10385]  ? __pfx____ratelimit+0x10/0x10
[  324.984117][T10385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.984134][T10385]  ? __pfx__printk+0x10/0x10
[  324.984156][T10385]  ? __pfx___might_resched+0x10/0x10
[  324.984182][T10385]  should_fail_ex+0x414/0x560
[  324.984211][T10385]  should_failslab+0xa8/0x100
[  324.984233][T10385]  __kmalloc_cache_noprof+0x6f/0x6f0
[  324.984251][T10385]  ? ip6_setup_cork+0x1d8/0x10e0
[  324.984275][T10385]  ip6_setup_cork+0x1d8/0x10e0
[  324.984292][T10385]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.984309][T10385]  ip6_append_data+0x237/0x380
[  324.984324][T10385]  ? __pfx_raw6_getfrag+0x10/0x10
[  324.984343][T10385]  rawv6_sendmsg+0x1286/0x1830
[  324.984372][T10385]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  324.984394][T10385]  ? aa_file_perm+0x13a/0x1550
[  324.984420][T10385]  ? __pfx_aa_sk_perm+0x10/0x10
[  324.984436][T10385]  ? sock_rps_record_flow+0x19/0x410
[  324.984455][T10385]  ? inet_sendmsg+0x2f4/0x370
[  324.984470][T10385]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  324.984488][T10385]  __sock_sendmsg+0x19c/0x270
[  324.984507][T10385]  sock_write_iter+0x279/0x360
[  324.984523][T10385]  ? __pfx_sock_write_iter+0x10/0x10
[  324.984545][T10385]  ? bpf_lsm_file_permission+0x9/0x20
[  324.984561][T10385]  ? security_file_permission+0x75/0x290
[  324.984586][T10385]  vfs_write+0x5c9/0xb30
[  324.984604][T10385]  ? __pfx_sock_write_iter+0x10/0x10
[  324.984619][T10385]  ? __pfx_vfs_write+0x10/0x10
[  324.984640][T10385]  ? __fget_files+0x2a/0x420
[  324.984662][T10385]  ksys_write+0x145/0x250
[  324.984678][T10385]  ? __pfx_ksys_write+0x10/0x10
[  324.984693][T10385]  ? do_syscall_64+0xbe/0xfa0
[  324.984709][T10385]  do_syscall_64+0xfa/0xfa0
[  324.984720][T10385]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.984733][T10385]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.984745][T10385]  ? clear_bhb_loop+0x60/0xb0
[  324.984761][T10385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.984773][T10385] RIP: 0033:0x7f1340b8efc9
[  324.984785][T10385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.984796][T10385] RSP: 002b:00007f1341a76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  324.984811][T10385] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8efc9
[  324.984820][T10385] RDX: 000000000000001c RSI: 0000200000000400 RDI: 0000000000000003
[  324.984828][T10385] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  324.984842][T10385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.984850][T10385] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  324.984872][T10385]  </TASK>
[  325.277131][    C1] vkms_vblank_simulate: vblank timer overrun
[  325.428564][T10392] 8021q: adding VLAN 0 to HW filter on device batadv1
[  325.438321][T10392] team0: Port device batadv1 added
[  325.534763][T10395] netlink: 'syz.0.1553': attribute type 12 has an invalid length.
[  325.542845][T10395] netlink: 'syz.0.1553': attribute type 29 has an invalid length.
[  325.568886][T10393] hub 9-0:1.0: USB hub found
[  325.575714][T10393] hub 9-0:1.0: 1 port detected
[  325.609849][T10395] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1553'.
[  325.763452][T10401] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1556'.
[  325.773714][T10401] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1556'.
[  325.845901][T10401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1556'.
[  326.363811][T10416] FAULT_INJECTION: forcing a failure.
[  326.363811][T10416] name failslab, interval 1, probability 0, space 0, times 0
[  326.380327][T10416] CPU: 0 UID: 0 PID: 10416 Comm: syz.4.1562 Not tainted syzkaller #0 PREEMPT(full) 
[  326.380353][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  326.380364][T10416] Call Trace:
[  326.380371][T10416]  <TASK>
[  326.380379][T10416]  dump_stack_lvl+0x189/0x250
[  326.380403][T10416]  ? __pfx____ratelimit+0x10/0x10
[  326.380429][T10416]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.380446][T10416]  ? __pfx__printk+0x10/0x10
[  326.380469][T10416]  ? __pfx___might_resched+0x10/0x10
[  326.380491][T10416]  ? fs_reclaim_acquire+0x7d/0x100
[  326.380515][T10416]  should_fail_ex+0x414/0x560
[  326.380544][T10416]  should_failslab+0xa8/0x100
[  326.380568][T10416]  kmem_cache_alloc_node_noprof+0x77/0x710
[  326.380587][T10416]  ? __alloc_skb+0x112/0x2d0
[  326.380609][T10416]  ? netlink_autobind+0xdb/0x300
[  326.380638][T10416]  __alloc_skb+0x112/0x2d0
[  326.380664][T10416]  netlink_sendmsg+0x5c6/0xb30
[  326.380704][T10416]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.380730][T10416]  ? aa_sock_msg_perm+0xf1/0x1d0
[  326.380752][T10416]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  326.380773][T10416]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.380797][T10416]  __sock_sendmsg+0x21c/0x270
[  326.380819][T10416]  ____sys_sendmsg+0x505/0x830
[  326.380842][T10416]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.380869][T10416]  ? import_iovec+0x74/0xa0
[  326.380894][T10416]  ___sys_sendmsg+0x21f/0x2a0
[  326.380914][T10416]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.380966][T10416]  ? __fget_files+0x2a/0x420
[  326.380986][T10416]  ? __fget_files+0x3a0/0x420
[  326.381016][T10416]  __x64_sys_sendmsg+0x19b/0x260
[  326.381036][T10416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  326.381063][T10416]  ? __pfx_ksys_write+0x10/0x10
[  326.381085][T10416]  ? do_syscall_64+0xbe/0xfa0
[  326.381107][T10416]  do_syscall_64+0xfa/0xfa0
[  326.381125][T10416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.381141][T10416]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  326.381159][T10416]  ? clear_bhb_loop+0x60/0xb0
[  326.381179][T10416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.381196][T10416] RIP: 0033:0x7f90be38efc9
[  326.381211][T10416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.381226][T10416] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.381245][T10416] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  326.381258][T10416] RDX: 0000000000000080 RSI: 0000200000000180 RDI: 0000000000000003
[  326.381269][T10416] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  326.381280][T10416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.381291][T10416] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  326.381321][T10416]  </TASK>
[  327.052650][T10425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.072838][T10425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.107728][T10423] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1563'.
[  328.354308][T10455] FAULT_INJECTION: forcing a failure.
[  328.354308][T10455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.384651][T10455] CPU: 1 UID: 0 PID: 10455 Comm: syz.1.1573 Not tainted syzkaller #0 PREEMPT(full) 
[  328.384677][T10455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  328.384686][T10455] Call Trace:
[  328.384693][T10455]  <TASK>
[  328.384701][T10455]  dump_stack_lvl+0x189/0x250
[  328.384722][T10455]  ? __pfx____ratelimit+0x10/0x10
[  328.384746][T10455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.384759][T10455]  ? __pfx__printk+0x10/0x10
[  328.384776][T10455]  ? __might_fault+0xb0/0x130
[  328.384804][T10455]  should_fail_ex+0x414/0x560
[  328.384830][T10455]  _copy_from_user+0x2d/0xb0
[  328.384851][T10455]  ___sys_sendmsg+0x158/0x2a0
[  328.384871][T10455]  ? __pfx____sys_sendmsg+0x10/0x10
[  328.384923][T10455]  ? __fget_files+0x2a/0x420
[  328.384943][T10455]  ? __fget_files+0x3a0/0x420
[  328.384973][T10455]  __sys_sendmmsg+0x227/0x430
[  328.384995][T10455]  ? __pfx___sys_sendmmsg+0x10/0x10
[  328.385022][T10455]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  328.385058][T10455]  ? ksys_write+0x22a/0x250
[  328.385078][T10455]  ? __pfx_ksys_write+0x10/0x10
[  328.385101][T10455]  __x64_sys_sendmmsg+0xa0/0xc0
[  328.385118][T10455]  do_syscall_64+0xfa/0xfa0
[  328.385133][T10455]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.385151][T10455]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.385165][T10455]  ? clear_bhb_loop+0x60/0xb0
[  328.385184][T10455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.385201][T10455] RIP: 0033:0x7f1340b8efc9
[  328.385217][T10455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.385231][T10455] RSP: 002b:00007f1341a76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  328.385250][T10455] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8efc9
[  328.385266][T10455] RDX: 0000000000000001 RSI: 00002000000017c0 RDI: 0000000000000003
[  328.385277][T10455] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  328.385288][T10455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.385298][T10455] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  328.385328][T10455]  </TASK>
[  328.602736][    C1] vkms_vblank_simulate: vblank timer overrun
[  328.706806][T10458] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1574'.
[  328.717019][T10458] openvswitch: netlink: Flow actions attr not present in new flow.
[  328.728990][T10458] netlink: 'syz.0.1574': attribute type 12 has an invalid length.
[  328.737418][T10458] netlink: 'syz.0.1574': attribute type 29 has an invalid length.
[  328.745611][T10458] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1574'.
[  329.171968][T10473] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  329.634388][T10485] vcan0: tx drop: invalid da for name 0x0000000000000015
[  330.060927][T10490] netlink: 'syz.4.1583': attribute type 8 has an invalid length.
[  330.174696][T10490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1583'.
[  330.302113][T10490] bond0: entered promiscuous mode
[  330.352977][T10490] bond_slave_0: entered promiscuous mode
[  330.370322][T10490] bond_slave_1: entered promiscuous mode
[  330.380347][T10490] bond0: left promiscuous mode
[  330.386356][T10490] bond_slave_0: left promiscuous mode
[  330.393050][T10490] bond_slave_1: left promiscuous mode
[  330.412150][T10497] FAULT_INJECTION: forcing a failure.
[  330.412150][T10497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.617303][T10497] CPU: 1 UID: 0 PID: 10497 Comm: syz.0.1584 Not tainted syzkaller #0 PREEMPT(full) 
[  330.617334][T10497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  330.617345][T10497] Call Trace:
[  330.617353][T10497]  <TASK>
[  330.617361][T10497]  dump_stack_lvl+0x189/0x250
[  330.617384][T10497]  ? __pfx____ratelimit+0x10/0x10
[  330.617408][T10497]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.617423][T10497]  ? __pfx__printk+0x10/0x10
[  330.617452][T10497]  should_fail_ex+0x414/0x560
[  330.617483][T10497]  _copy_from_user+0x2d/0xb0
[  330.617507][T10497]  __copy_msghdr+0x3c5/0x5b0
[  330.617528][T10497]  ___sys_sendmsg+0x1a5/0x2a0
[  330.617547][T10497]  ? __pfx____sys_sendmsg+0x10/0x10
[  330.617600][T10497]  ? __fget_files+0x2a/0x420
[  330.617619][T10497]  ? __fget_files+0x3a0/0x420
[  330.617649][T10497]  __x64_sys_sendmsg+0x19b/0x260
[  330.617669][T10497]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  330.617696][T10497]  ? __pfx_ksys_write+0x10/0x10
[  330.617718][T10497]  ? do_syscall_64+0xbe/0xfa0
[  330.617739][T10497]  do_syscall_64+0xfa/0xfa0
[  330.617755][T10497]  ? lockdep_hardirqs_on+0x9c/0x150
[  330.617772][T10497]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.617789][T10497]  ? clear_bhb_loop+0x60/0xb0
[  330.617810][T10497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.617826][T10497] RIP: 0033:0x7f161438efc9
[  330.617842][T10497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.617856][T10497] RSP: 002b:00007f16151f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.617876][T10497] RAX: ffffffffffffffda RBX: 00007f16145e5fa0 RCX: 00007f161438efc9
[  330.617888][T10497] RDX: 0000000004000040 RSI: 00002000000002c0 RDI: 0000000000000005
[  330.617900][T10497] RBP: 00007f16151f1090 R08: 0000000000000000 R09: 0000000000000000
[  330.617911][T10497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.617921][T10497] R13: 00007f16145e6038 R14: 00007f16145e5fa0 R15: 00007f161470fa28
[  330.617951][T10497]  </TASK>
[  330.822386][    C1] vkms_vblank_simulate: vblank timer overrun
[  331.495062][T10513] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  331.555569][T10517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.591639][T10517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.416356][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.431438][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.439987][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.459972][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.474759][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.503392][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.513709][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.521216][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.530543][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.538847][   T24] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  332.550284][   T24] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[  332.713430][ T5942] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  332.837718][T10543] netlink: 'syz.3.1600': attribute type 12 has an invalid length.
[  332.849182][T10543] netlink: 'syz.3.1600': attribute type 29 has an invalid length.
[  332.857946][T10543] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1600'.
[  332.883347][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  332.914954][ T5942] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  332.931706][ T5942] usb 2-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58
[  332.951222][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.974596][ T5942] usb 2-1: Product: syz
[  332.985078][ T5942] usb 2-1: Manufacturer: syz
[  332.991519][ T5942] usb 2-1: SerialNumber: syz
[  333.024620][ T5942] usb 2-1: config 0 descriptor??
[  333.062847][ T5942] gspca_main: sunplus-2.14.0 probing 08ca:2060
[  333.123495][T10549] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  333.239228][ T5942] gspca_sunplus: reg_r err -32
[  334.266041][T10574] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1608'.
[  334.333405][ T5942] sunplus 2-1:0.0: probe with driver sunplus failed with error -32
[  334.877586][T10579] fuse: Bad value for 'fd'
[  334.967493][T10579] IPv6: addrconf: prefix option has invalid lifetime
[  335.502142][   T24] usb 2-1: USB disconnect, device number 16
[  335.917265][T10597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.938889][T10597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.063326][ T5942] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  336.230392][ T5942] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  336.242569][ T5942] usb 1-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  336.278354][ T5942] usb 1-1: config 0 has no interface number 0
[  336.348552][ T5942] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  336.366778][ T5942] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.388707][ T5942] usb 1-1: Product: syz
[  336.396762][ T5942] usb 1-1: Manufacturer: syz
[  336.403325][ T5942] usb 1-1: SerialNumber: syz
[  336.416513][ T5942] usb 1-1: config 0 descriptor??
[  336.438823][ T5942] uvcvideo 1-1:0.64: probe with driver uvcvideo failed with error -22
[  336.764627][T10624] FAULT_INJECTION: forcing a failure.
[  336.764627][T10624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.830710][T10624] CPU: 1 UID: 0 PID: 10624 Comm: syz.2.1625 Not tainted syzkaller #0 PREEMPT(full) 
[  336.830736][T10624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  336.830743][T10624] Call Trace:
[  336.830748][T10624]  <TASK>
[  336.830753][T10624]  dump_stack_lvl+0x189/0x250
[  336.830769][T10624]  ? __pfx____ratelimit+0x10/0x10
[  336.830793][T10624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.830803][T10624]  ? __pfx__printk+0x10/0x10
[  336.830813][T10624]  ? __might_fault+0xb0/0x130
[  336.830829][T10624]  should_fail_ex+0x414/0x560
[  336.830847][T10624]  _copy_from_iter+0x1de/0x1790
[  336.830861][T10624]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  336.830878][T10624]  ? policy_nodemask+0x27c/0x720
[  336.830890][T10624]  ? __pfx__copy_from_iter+0x10/0x10
[  336.830904][T10624]  ? set_page_refcounted+0xa0/0x1e0
[  336.830915][T10624]  ? page_copy_sane+0x4e/0x280
[  336.830927][T10624]  copy_page_from_iter+0xdd/0x170
[  336.830941][T10624]  tun_get_user+0x1d7b/0x3e90
[  336.830957][T10624]  ? tun_get_user+0x6f6/0x3e90
[  336.830972][T10624]  ? aa_file_perm+0x44d/0x1550
[  336.830985][T10624]  ? __pfx_tun_get_user+0x10/0x10
[  336.830996][T10624]  ? _parse_integer_limit+0x1ae/0x1f0
[  336.831010][T10624]  ? __lock_acquire+0xab9/0xd20
[  336.831026][T10624]  ? ref_tracker_alloc+0x318/0x460
[  336.831035][T10624]  ? __lock_acquire+0xab9/0xd20
[  336.831047][T10624]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  336.831060][T10624]  ? tun_get+0x1c/0x2f0
[  336.831074][T10624]  ? tun_get+0x1c/0x2f0
[  336.831085][T10624]  ? tun_get+0x1c/0x2f0
[  336.831098][T10624]  tun_chr_write_iter+0x113/0x200
[  336.831111][T10624]  vfs_write+0x5c9/0xb30
[  336.831124][T10624]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  336.831136][T10624]  ? __pfx_vfs_write+0x10/0x10
[  336.831150][T10624]  ? __fget_files+0x2a/0x420
[  336.831167][T10624]  ksys_write+0x145/0x250
[  336.831178][T10624]  ? __pfx_ksys_write+0x10/0x10
[  336.831190][T10624]  ? do_syscall_64+0xbe/0xfa0
[  336.831201][T10624]  do_syscall_64+0xfa/0xfa0
[  336.831210][T10624]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.831220][T10624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.831229][T10624]  ? clear_bhb_loop+0x60/0xb0
[  336.831240][T10624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.831249][T10624] RIP: 0033:0x7f3e0018da7f
[  336.831260][T10624] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  336.831268][T10624] RSP: 002b:00007f3e01033000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  336.831280][T10624] RAX: ffffffffffffffda RBX: 00007f3e003e5fa0 RCX: 00007f3e0018da7f
[  336.831287][T10624] RDX: 000000000000005a RSI: 0000200000000000 RDI: 00000000000000c8
[  336.831293][T10624] RBP: 00007f3e01033090 R08: 0000000000000000 R09: 0000000000000000
[  336.831299][T10624] R10: 000000000000005a R11: 0000000000000293 R12: 0000000000000001
[  336.831305][T10624] R13: 00007f3e003e6038 R14: 00007f3e003e5fa0 R15: 00007f3e0050fa28
[  336.831320][T10624]  </TASK>
[  337.141762][T10626] fuse: Bad value for 'fd'
[  337.363336][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  337.514943][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.544098][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 128, changing to 11
[  337.578289][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 14129, setting to 64
[  337.651182][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  337.660678][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.691904][    T9] usb 4-1: Product: syz
[  337.699112][    T9] usb 4-1: Manufacturer: syz
[  337.711024][    T9] usb 4-1: SerialNumber: syz
[  338.517004][ T5942] usb 1-1: USB disconnect, device number 18
[  338.600995][T10650] netlink: 'syz.1.1633': attribute type 12 has an invalid length.
[  338.609436][T10650] netlink: 'syz.1.1633': attribute type 29 has an invalid length.
[  338.617500][T10650] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1633'.
[  338.760541][    T9] cdc_ncm 4-1:1.0: bind() failure
[  338.785227][    T9] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[  338.804964][    T9] usb 4-1: USB disconnect, device number 19
[  338.925700][T10657] FAULT_INJECTION: forcing a failure.
[  338.925700][T10657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.981951][T10657] CPU: 1 UID: 0 PID: 10657 Comm: syz.4.1637 Not tainted syzkaller #0 PREEMPT(full) 
[  338.981975][T10657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  338.981985][T10657] Call Trace:
[  338.981992][T10657]  <TASK>
[  338.982000][T10657]  dump_stack_lvl+0x189/0x250
[  338.982022][T10657]  ? __pfx____ratelimit+0x10/0x10
[  338.982046][T10657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.982062][T10657]  ? __pfx__printk+0x10/0x10
[  338.982089][T10657]  should_fail_ex+0x414/0x560
[  338.982130][T10657]  _copy_to_user+0x31/0xb0
[  338.982153][T10657]  simple_read_from_buffer+0xe1/0x170
[  338.982174][T10657]  proc_fail_nth_read+0x1b3/0x220
[  338.982199][T10657]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  338.982224][T10657]  ? rw_verify_area+0x2a6/0x4d0
[  338.982245][T10657]  ? __lock_acquire+0xab9/0xd20
[  338.982263][T10657]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  338.982288][T10657]  vfs_read+0x200/0xa30
[  338.982304][T10657]  ? fdget_pos+0x247/0x320
[  338.982327][T10657]  ? __pfx___mutex_lock+0x10/0x10
[  338.982345][T10657]  ? __pfx_vfs_read+0x10/0x10
[  338.982364][T10657]  ? __fget_files+0x2a/0x420
[  338.982392][T10657]  ? __fget_files+0x3a0/0x420
[  338.982410][T10657]  ? __fget_files+0x2a/0x420
[  338.982438][T10657]  ksys_read+0x145/0x250
[  338.982459][T10657]  ? __pfx_ksys_read+0x10/0x10
[  338.982478][T10657]  ? do_syscall_64+0xbe/0xfa0
[  338.982503][T10657]  do_syscall_64+0xfa/0xfa0
[  338.982518][T10657]  ? lockdep_hardirqs_on+0x9c/0x150
[  338.982535][T10657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.982549][T10657]  ? clear_bhb_loop+0x60/0xb0
[  338.982567][T10657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.982583][T10657] RIP: 0033:0x7f90be38d9dc
[  338.982598][T10657] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  338.982612][T10657] RSP: 002b:00007f90bf19a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  338.982630][T10657] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38d9dc
[  338.982642][T10657] RDX: 000000000000000f RSI: 00007f90bf19a0a0 RDI: 0000000000000004
[  338.982651][T10657] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  338.982661][T10657] R10: 00000000000080d4 R11: 0000000000000246 R12: 0000000000000001
[  338.982671][T10657] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  338.982699][T10657]  </TASK>
[  339.216319][  T981] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  339.313041][T10663] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1639'.
[  339.373296][  T981] usb 2-1: Using ep0 maxpacket: 16
[  339.415304][  T981] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.438005][  T981] usb 2-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  339.453315][  T981] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.475831][  T981] usb 2-1: config 0 descriptor??
[  339.556175][T10668] FAULT_INJECTION: forcing a failure.
[  339.556175][T10668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.606821][T10668] CPU: 1 UID: 0 PID: 10668 Comm: syz.0.1641 Not tainted syzkaller #0 PREEMPT(full) 
[  339.606847][T10668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  339.606857][T10668] Call Trace:
[  339.606864][T10668]  <TASK>
[  339.606872][T10668]  dump_stack_lvl+0x189/0x250
[  339.606895][T10668]  ? __pfx____ratelimit+0x10/0x10
[  339.606920][T10668]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.606935][T10668]  ? __pfx__printk+0x10/0x10
[  339.606951][T10668]  ? __might_fault+0xb0/0x130
[  339.606977][T10668]  should_fail_ex+0x414/0x560
[  339.607004][T10668]  _copy_from_user+0x2d/0xb0
[  339.607026][T10668]  sctp_setsockopt+0x19f/0x1200
[  339.607046][T10668]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  339.607070][T10668]  do_sock_setsockopt+0x17c/0x1b0
[  339.607095][T10668]  __x64_sys_setsockopt+0x13f/0x1b0
[  339.607123][T10668]  do_syscall_64+0xfa/0xfa0
[  339.607139][T10668]  ? lockdep_hardirqs_on+0x9c/0x150
[  339.607154][T10668]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.607169][T10668]  ? clear_bhb_loop+0x60/0xb0
[  339.607189][T10668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.607204][T10668] RIP: 0033:0x7f161438efc9
[  339.607218][T10668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.607232][T10668] RSP: 002b:00007f16151d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  339.607250][T10668] RAX: ffffffffffffffda RBX: 00007f16145e6090 RCX: 00007f161438efc9
[  339.607263][T10668] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000003
[  339.607273][T10668] RBP: 00007f16151d0090 R08: 0000000000000008 R09: 0000000000000000
[  339.607284][T10668] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  339.607294][T10668] R13: 00007f16145e6128 R14: 00007f16145e6090 R15: 00007f161470fa28
[  339.607320][T10668]  </TASK>
[  340.071874][T10654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.081327][T10654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.318188][  T981] usbhid 2-1:0.0: can't add hid device: -71
[  340.335151][  T981] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  340.356006][  T981] usb 2-1: USB disconnect, device number 17
[  340.630436][T10684] FAULT_INJECTION: forcing a failure.
[  340.630436][T10684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.651768][T10684] CPU: 1 UID: 0 PID: 10684 Comm: syz.2.1646 Not tainted syzkaller #0 PREEMPT(full) 
[  340.651791][T10684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  340.651800][T10684] Call Trace:
[  340.651807][T10684]  <TASK>
[  340.651814][T10684]  dump_stack_lvl+0x189/0x250
[  340.651837][T10684]  ? __pfx____ratelimit+0x10/0x10
[  340.651861][T10684]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.651878][T10684]  ? __pfx__printk+0x10/0x10
[  340.651895][T10684]  ? __might_fault+0xb0/0x130
[  340.651923][T10684]  should_fail_ex+0x414/0x560
[  340.651951][T10684]  _copy_from_user+0x2d/0xb0
[  340.651972][T10684]  ___sys_sendmsg+0x158/0x2a0
[  340.651992][T10684]  ? __pfx____sys_sendmsg+0x10/0x10
[  340.652040][T10684]  ? __fget_files+0x2a/0x420
[  340.652058][T10684]  ? __fget_files+0x3a0/0x420
[  340.652084][T10684]  __x64_sys_sendmsg+0x19b/0x260
[  340.652112][T10684]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  340.652134][T10684]  ? __pfx_ksys_write+0x10/0x10
[  340.652147][T10684]  ? do_syscall_64+0xbe/0xfa0
[  340.652158][T10684]  do_syscall_64+0xfa/0xfa0
[  340.652167][T10684]  ? lockdep_hardirqs_on+0x9c/0x150
[  340.652177][T10684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.652187][T10684]  ? clear_bhb_loop+0x60/0xb0
[  340.652198][T10684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.652207][T10684] RIP: 0033:0x7f3e0018efc9
[  340.652217][T10684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.652226][T10684] RSP: 002b:00007f3e01033038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  340.652237][T10684] RAX: ffffffffffffffda RBX: 00007f3e003e5fa0 RCX: 00007f3e0018efc9
[  340.652244][T10684] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 0000000000000005
[  340.652251][T10684] RBP: 00007f3e01033090 R08: 0000000000000000 R09: 0000000000000000
[  340.652257][T10684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.652262][T10684] R13: 00007f3e003e6038 R14: 00007f3e003e5fa0 R15: 00007f3e0050fa28
[  340.652278][T10684]  </TASK>
[  341.016219][T10690] FAULT_INJECTION: forcing a failure.
[  341.016219][T10690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.034030][T10690] CPU: 0 UID: 0 PID: 10690 Comm: syz.4.1649 Not tainted syzkaller #0 PREEMPT(full) 
[  341.034055][T10690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.034066][T10690] Call Trace:
[  341.034073][T10690]  <TASK>
[  341.034081][T10690]  dump_stack_lvl+0x189/0x250
[  341.034104][T10690]  ? __pfx____ratelimit+0x10/0x10
[  341.034130][T10690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.034148][T10690]  ? __pfx__printk+0x10/0x10
[  341.034165][T10690]  ? __might_fault+0xb0/0x130
[  341.034194][T10690]  should_fail_ex+0x414/0x560
[  341.034223][T10690]  _copy_from_user+0x2d/0xb0
[  341.034247][T10690]  ___sys_recvmsg+0x12e/0x510
[  341.034269][T10690]  ? __pfx____sys_recvmsg+0x10/0x10
[  341.034311][T10690]  ? __might_fault+0xb0/0x130
[  341.034337][T10690]  do_recvmmsg+0x307/0x770
[  341.034361][T10690]  ? __pfx_do_recvmmsg+0x10/0x10
[  341.034388][T10690]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  341.034423][T10690]  __x64_sys_recvmmsg+0x190/0x240
[  341.034444][T10690]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  341.034466][T10690]  ? do_syscall_64+0xbe/0xfa0
[  341.034487][T10690]  do_syscall_64+0xfa/0xfa0
[  341.034502][T10690]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.034519][T10690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.034536][T10690]  ? clear_bhb_loop+0x60/0xb0
[  341.034556][T10690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.034572][T10690] RIP: 0033:0x7f90be38efc9
[  341.034587][T10690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.034601][T10690] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  341.034620][T10690] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  341.034632][T10690] RDX: 04000000000000d4 RSI: 00002000000008c0 RDI: 0000000000000003
[  341.034644][T10690] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  341.034654][T10690] R10: 0000000000000102 R11: 0000000000000246 R12: 0000000000000001
[  341.034664][T10690] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  341.034691][T10690]  </TASK>
[  341.313341][   T24] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  341.393338][ T5942] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  341.553359][   T24] usb 4-1: Using ep0 maxpacket: 32
[  341.560877][   T24] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  341.569013][   T24] usb 4-1: config 0 has no interface number 0
[  341.580993][   T24] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  341.592381][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.601829][   T24] usb 4-1: Product: syz
[  341.609505][   T24] usb 4-1: Manufacturer: syz
[  341.614305][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  341.622214][ T5942] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  341.632356][ T5942] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  341.646985][ T5942] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  341.656846][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.665409][   T24] usb 4-1: SerialNumber: syz
[  341.702477][ T5942] usb 2-1: Product: ᕌ쓏䑆껨䋠㿚Ὃ튚鵱Ⓧ鮰搷㾹낋꽸쵎庽뭊᭴樦鎍珡箃昫殞ꁑ纙엞랳跗毒ЪꜮ錯셴虙⫰✁ꠌ䢯㡿탿塹湾ࠢ첕큤β욏㾚閘礛蔮䎅끼旯䇑䘫喉쉚땗炊ꥭ뵮ꝏ
[  341.726652][   T24] usb 4-1: config 0 descriptor??
[  341.734815][   T24] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  341.748311][   T24] usb 4-1: selecting invalid altsetting 1
[  341.755310][   T24] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  341.763566][ T5942] usb 2-1: Manufacturer: મ㒽驂闍污澱䜖뿉荒氉喑͌≦ˏ䙲ٍ氒㹓牶԰
[  341.775611][ T5942] usb 2-1: SerialNumber: ఌ
[  341.781527][   T24] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  341.801390][   T24] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  341.817770][   T24] usb 4-1: media controller created
[  341.842272][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  341.904080][T10702] FAULT_INJECTION: forcing a failure.
[  341.904080][T10702] name failslab, interval 1, probability 0, space 0, times 0
[  341.921023][T10702] CPU: 0 UID: 0 PID: 10702 Comm: syz.0.1653 Not tainted syzkaller #0 PREEMPT(full) 
[  341.921048][T10702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.921058][T10702] Call Trace:
[  341.921066][T10702]  <TASK>
[  341.921074][T10702]  dump_stack_lvl+0x189/0x250
[  341.921095][T10702]  ? __pfx____ratelimit+0x10/0x10
[  341.921117][T10702]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.921135][T10702]  ? __pfx__printk+0x10/0x10
[  341.921159][T10702]  ? __pfx___might_resched+0x10/0x10
[  341.921180][T10702]  ? fs_reclaim_acquire+0x7d/0x100
[  341.921204][T10702]  should_fail_ex+0x414/0x560
[  341.921225][T10702]  should_failslab+0xa8/0x100
[  341.921239][T10702]  __kmalloc_noprof+0xcb/0x7f0
[  341.921249][T10702]  ? tomoyo_encode+0x28b/0x550
[  341.921270][T10702]  tomoyo_encode+0x28b/0x550
[  341.921296][T10702]  tomoyo_realpath_from_path+0x58d/0x5d0
[  341.921327][T10702]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  341.921351][T10702]  tomoyo_path_number_perm+0x1e8/0x5a0
[  341.921368][T10702]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  341.921402][T10702]  ? __fget_files+0x2a/0x420
[  341.921425][T10702]  ? __fget_files+0x3a0/0x420
[  341.921443][T10702]  ? __fget_files+0x2a/0x420
[  341.921467][T10702]  security_file_ioctl+0xcb/0x2d0
[  341.921493][T10702]  __se_sys_ioctl+0x47/0x170
[  341.921508][T10702]  do_syscall_64+0xfa/0xfa0
[  341.921518][T10702]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.921528][T10702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.921537][T10702]  ? clear_bhb_loop+0x60/0xb0
[  341.921549][T10702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.921560][T10702] RIP: 0033:0x7f161438efc9
[  341.921576][T10702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.921590][T10702] RSP: 002b:00007f16151f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  341.921609][T10702] RAX: ffffffffffffffda RBX: 00007f16145e5fa0 RCX: 00007f161438efc9
[  341.921622][T10702] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000003
[  341.921633][T10702] RBP: 00007f16151f1090 R08: 0000000000000000 R09: 0000000000000000
[  341.921644][T10702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.921652][T10702] R13: 00007f16145e6038 R14: 00007f16145e5fa0 R15: 00007f161470fa28
[  341.921669][T10702]  </TASK>
[  341.921684][T10702] ERROR: Out of memory at tomoyo_realpath_from_path.
[  341.955606][   T24] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  342.171875][   T24] zl10353_read_register: readreg error (reg=127, ret==-71)
[  342.180003][   T24] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  342.235478][ T5942] cdc_ncm 2-1:1.0: bind() failure
[  342.248196][ T5942] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  342.256378][ T5942] cdc_ncm 2-1:1.1: bind() failure
[  342.284604][ T5942] usb 2-1: USB disconnect, device number 18
[  342.359803][   T24] usb 4-1: USB disconnect, device number 20
[  342.619443][T10713] FAULT_INJECTION: forcing a failure.
[  342.619443][T10713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.637141][T10713] CPU: 1 UID: 0 PID: 10713 Comm: syz.4.1657 Not tainted syzkaller #0 PREEMPT(full) 
[  342.637173][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  342.637183][T10713] Call Trace:
[  342.637191][T10713]  <TASK>
[  342.637199][T10713]  dump_stack_lvl+0x189/0x250
[  342.637222][T10713]  ? __pfx____ratelimit+0x10/0x10
[  342.637248][T10713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.637266][T10713]  ? __pfx__printk+0x10/0x10
[  342.637284][T10713]  ? __might_fault+0xb0/0x130
[  342.637312][T10713]  should_fail_ex+0x414/0x560
[  342.637342][T10713]  _copy_from_user+0x2d/0xb0
[  342.637365][T10713]  sctp_setsockopt+0x19f/0x1200
[  342.637386][T10713]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  342.637410][T10713]  do_sock_setsockopt+0x17c/0x1b0
[  342.637438][T10713]  __x64_sys_setsockopt+0x13f/0x1b0
[  342.637467][T10713]  do_syscall_64+0xfa/0xfa0
[  342.637483][T10713]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.637500][T10713]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.637516][T10713]  ? clear_bhb_loop+0x60/0xb0
[  342.637537][T10713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.637553][T10713] RIP: 0033:0x7f90be38efc9
[  342.637569][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.637583][T10713] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  342.637601][T10713] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  342.637614][T10713] RDX: 0000000000000085 RSI: 0000000000000084 RDI: 0000000000000003
[  342.637624][T10713] RBP: 00007f90bf19a090 R08: 0000000000000090 R09: 0000000000000000
[  342.637635][T10713] R10: 00002000000012c0 R11: 0000000000000246 R12: 0000000000000001
[  342.637646][T10713] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  342.637676][T10713]  </TASK>
[  342.849667][T10715] netlink: 'syz.3.1658': attribute type 12 has an invalid length.
[  342.857720][T10715] netlink: 'syz.3.1658': attribute type 29 has an invalid length.
[  342.866021][T10715] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1658'.
[  343.083326][ T5942] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  343.293468][ T5942] usb 1-1: Using ep0 maxpacket: 16
[  343.305979][ T5942] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  343.333433][ T5942] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  343.361703][ T5942] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  343.379900][ T5942] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.406218][ T5942] usb 1-1: Product: syz
[  343.407967][T10730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1665'.
[  343.429834][ T5942] usb 1-1: Manufacturer: syz
[  343.435190][ T5942] usb 1-1: SerialNumber: syz
[  343.458515][T10730] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.466519][T10730] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.733626][  T981] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  343.816801][T10743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.873293][  T981] usb 2-1: device descriptor read/64, error -71
[  343.909617][T10743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.945906][ T5942] usb 1-1: 0:2 : does not exist
[  343.950881][ T5942] usb 1-1: unit 97 not found!
[  344.048329][ T5942] usb 1-1: USB disconnect, device number 19
[  344.114484][  T981] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  344.127728][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  344.217508][T10733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.227131][T10733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.264192][T10754] FAULT_INJECTION: forcing a failure.
[  344.264192][T10754] name failslab, interval 1, probability 0, space 0, times 0
[  344.277022][  T981] usb 2-1: device descriptor read/64, error -71
[  344.289601][T10754] CPU: 0 UID: 0 PID: 10754 Comm: syz.3.1670 Not tainted syzkaller #0 PREEMPT(full) 
[  344.289628][T10754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  344.289638][T10754] Call Trace:
[  344.289646][T10754]  <TASK>
[  344.289654][T10754]  dump_stack_lvl+0x189/0x250
[  344.289678][T10754]  ? __pfx____ratelimit+0x10/0x10
[  344.289704][T10754]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.289722][T10754]  ? __pfx__printk+0x10/0x10
[  344.289746][T10754]  ? __pfx___might_resched+0x10/0x10
[  344.289768][T10754]  ? fs_reclaim_acquire+0x7d/0x100
[  344.289804][T10754]  should_fail_ex+0x414/0x560
[  344.289838][T10754]  should_failslab+0xa8/0x100
[  344.289863][T10754]  kmem_cache_alloc_node_noprof+0x77/0x710
[  344.289882][T10754]  ? __alloc_skb+0x112/0x2d0
[  344.289904][T10754]  ? __lock_acquire+0xab9/0xd20
[  344.289931][T10754]  __alloc_skb+0x112/0x2d0
[  344.289959][T10754]  __ip6_append_data+0x2c16/0x3f30
[  344.289979][T10754]  ? __lock_acquire+0xab9/0xd20
[  344.290022][T10754]  ? __pfx_raw6_getfrag+0x10/0x10
[  344.290065][T10754]  ? __pfx___ip6_append_data+0x10/0x10
[  344.290086][T10754]  ? __pfx_ip6_mtu+0x10/0x10
[  344.290114][T10754]  ip6_append_data+0x1c1/0x380
[  344.290138][T10754]  ? __pfx_raw6_getfrag+0x10/0x10
[  344.290162][T10754]  rawv6_sendmsg+0x1286/0x1830
[  344.290200][T10754]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  344.290248][T10754]  ? __pfx_aa_sk_perm+0x10/0x10
[  344.290270][T10754]  ? sock_rps_record_flow+0x19/0x410
[  344.290296][T10754]  ? inet_sendmsg+0x2f4/0x370
[  344.290316][T10754]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  344.290342][T10754]  __sock_sendmsg+0x19c/0x270
[  344.290367][T10754]  ____sys_sendmsg+0x505/0x830
[  344.290390][T10754]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.290417][T10754]  ? import_iovec+0x74/0xa0
[  344.290443][T10754]  ___sys_sendmsg+0x21f/0x2a0
[  344.290462][T10754]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.290514][T10754]  ? __fget_files+0x2a/0x420
[  344.290533][T10754]  ? __fget_files+0x3a0/0x420
[  344.290564][T10754]  __x64_sys_sendmsg+0x19b/0x260
[  344.290585][T10754]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.290612][T10754]  ? __pfx_ksys_write+0x10/0x10
[  344.290635][T10754]  ? do_syscall_64+0xbe/0xfa0
[  344.290656][T10754]  do_syscall_64+0xfa/0xfa0
[  344.290672][T10754]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.290689][T10754]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.290707][T10754]  ? clear_bhb_loop+0x60/0xb0
[  344.290727][T10754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.290744][T10754] RIP: 0033:0x7fbb8798efc9
[  344.290759][T10754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.290774][T10754] RSP: 002b:00007fbb88816038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.290798][T10754] RAX: ffffffffffffffda RBX: 00007fbb87be6090 RCX: 00007fbb8798efc9
[  344.290810][T10754] RDX: 0000000000044004 RSI: 00002000000000c0 RDI: 0000000000000003
[  344.290820][T10754] RBP: 00007fbb88816090 R08: 0000000000000000 R09: 0000000000000000
[  344.290831][T10754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.290842][T10754] R13: 00007fbb87be6128 R14: 00007fbb87be6090 R15: 00007fbb87d0fa28
[  344.290873][T10754]  </TASK>
[  344.731607][  T981] usb usb2-port1: attempt power cycle
[  344.789937][T10756] netlink: 'syz.3.1671': attribute type 12 has an invalid length.
[  344.814775][T10756] netlink: 'syz.3.1671': attribute type 29 has an invalid length.
[  344.822709][T10756] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1671'.
[  345.073435][  T981] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  345.094232][  T981] usb 2-1: device descriptor read/8, error -71
[  345.333396][  T981] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  345.366186][  T981] usb 2-1: device descriptor read/8, error -71
[  345.474410][  T981] usb usb2-port1: unable to enumerate USB device
[  346.034892][T10782] FAULT_INJECTION: forcing a failure.
[  346.034892][T10782] name failslab, interval 1, probability 0, space 0, times 0
[  346.063670][T10782] CPU: 1 UID: 0 PID: 10782 Comm: syz.3.1679 Not tainted syzkaller #0 PREEMPT(full) 
[  346.063695][T10782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  346.063705][T10782] Call Trace:
[  346.063717][T10782]  <TASK>
[  346.063724][T10782]  dump_stack_lvl+0x189/0x250
[  346.063746][T10782]  ? __pfx____ratelimit+0x10/0x10
[  346.063772][T10782]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.063789][T10782]  ? __pfx__printk+0x10/0x10
[  346.063813][T10782]  ? __pfx___might_resched+0x10/0x10
[  346.063834][T10782]  ? fs_reclaim_acquire+0x7d/0x100
[  346.063866][T10782]  should_fail_ex+0x414/0x560
[  346.063897][T10782]  should_failslab+0xa8/0x100
[  346.063920][T10782]  __kmalloc_noprof+0xcb/0x7f0
[  346.063937][T10782]  ? tomoyo_encode+0x28b/0x550
[  346.063962][T10782]  tomoyo_encode+0x28b/0x550
[  346.063987][T10782]  tomoyo_realpath_from_path+0x58d/0x5d0
[  346.064008][T10782]  ? tomoyo_domain+0xd9/0x130
[  346.064034][T10782]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  346.064058][T10782]  tomoyo_path_number_perm+0x1e8/0x5a0
[  346.064086][T10782]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  346.064146][T10782]  ? __fget_files+0x2a/0x420
[  346.064171][T10782]  ? __fget_files+0x3a0/0x420
[  346.064189][T10782]  ? __fget_files+0x2a/0x420
[  346.064212][T10782]  security_file_ioctl+0xcb/0x2d0
[  346.064238][T10782]  __se_sys_ioctl+0x47/0x170
[  346.064257][T10782]  do_syscall_64+0xfa/0xfa0
[  346.064273][T10782]  ? lockdep_hardirqs_on+0x9c/0x150
[  346.064290][T10782]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.064307][T10782]  ? clear_bhb_loop+0x60/0xb0
[  346.064328][T10782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.064344][T10782] RIP: 0033:0x7fbb8798efc9
[  346.064359][T10782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.064373][T10782] RSP: 002b:00007fbb88837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  346.064392][T10782] RAX: ffffffffffffffda RBX: 00007fbb87be5fa0 RCX: 00007fbb8798efc9
[  346.064405][T10782] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  346.064416][T10782] RBP: 00007fbb88837090 R08: 0000000000000000 R09: 0000000000000000
[  346.064426][T10782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.064437][T10782] R13: 00007fbb87be6038 R14: 00007fbb87be5fa0 R15: 00007fbb87d0fa28
[  346.064466][T10782]  </TASK>
[  346.064552][T10782] ERROR: Out of memory at tomoyo_realpath_from_path.
[  346.830403][T10801] netlink: 'syz.4.1686': attribute type 12 has an invalid length.
[  346.846592][T10801] netlink: 'syz.4.1686': attribute type 29 has an invalid length.
[  346.867852][T10801] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1686'.
[  346.914217][ T5908] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  347.063399][ T5908] usb 4-1: Using ep0 maxpacket: 16
[  347.078043][ T5908] usb 4-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  347.078342][T10813] FAULT_INJECTION: forcing a failure.
[  347.078342][T10813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.106878][ T5908] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  347.133025][ T5908] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  347.144382][T10813] CPU: 0 UID: 0 PID: 10813 Comm: syz.4.1690 Not tainted syzkaller #0 PREEMPT(full) 
[  347.144411][T10813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  347.144420][T10813] Call Trace:
[  347.144426][T10813]  <TASK>
[  347.144434][T10813]  dump_stack_lvl+0x189/0x250
[  347.144456][T10813]  ? __pfx____ratelimit+0x10/0x10
[  347.144479][T10813]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.144495][T10813]  ? __pfx__printk+0x10/0x10
[  347.144512][T10813]  ? __might_fault+0xb0/0x130
[  347.144541][T10813]  should_fail_ex+0x414/0x560
[  347.144569][T10813]  _copy_from_user+0x2d/0xb0
[  347.144592][T10813]  ___sys_sendmsg+0x158/0x2a0
[  347.144608][T10813]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.144654][T10813]  ? __fget_files+0x2a/0x420
[  347.144673][T10813]  ? __fget_files+0x3a0/0x420
[  347.144700][T10813]  __x64_sys_sendmsg+0x19b/0x260
[  347.144718][T10813]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  347.144743][T10813]  ? __pfx_ksys_write+0x10/0x10
[  347.144762][T10813]  ? do_syscall_64+0xbe/0xfa0
[  347.144781][T10813]  do_syscall_64+0xfa/0xfa0
[  347.144795][T10813]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.144819][T10813]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.144835][T10813]  ? clear_bhb_loop+0x60/0xb0
[  347.144855][T10813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.144872][T10813] RIP: 0033:0x7f90be38efc9
[  347.144888][T10813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.144903][T10813] RSP: 002b:00007f90bf179038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.144926][T10813] RAX: ffffffffffffffda RBX: 00007f90be5e6090 RCX: 00007f90be38efc9
[  347.144938][T10813] RDX: 0000000000000000 RSI: 00002000000015c0 RDI: 0000000000000003
[  347.144948][T10813] RBP: 00007f90bf179090 R08: 0000000000000000 R09: 0000000000000000
[  347.144959][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.144970][T10813] R13: 00007f90be5e6128 R14: 00007f90be5e6090 R15: 00007f90be70fa28
[  347.144998][T10813]  </TASK>
[  347.147215][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.258346][T10818] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1692'.
[  347.284408][ T5908] usb 4-1: Product: syz
[  347.380930][ T5908] usb 4-1: Manufacturer: syz
[  347.385629][ T5908] usb 4-1: SerialNumber: syz
[  347.496727][T10823] FAULT_INJECTION: forcing a failure.
[  347.496727][T10823] name failslab, interval 1, probability 0, space 0, times 0
[  347.520326][T10823] CPU: 1 UID: 0 PID: 10823 Comm: syz.0.1694 Not tainted syzkaller #0 PREEMPT(full) 
[  347.520350][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  347.520360][T10823] Call Trace:
[  347.520367][T10823]  <TASK>
[  347.520375][T10823]  dump_stack_lvl+0x189/0x250
[  347.520401][T10823]  ? __pfx____ratelimit+0x10/0x10
[  347.520428][T10823]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.520445][T10823]  ? __pfx__printk+0x10/0x10
[  347.520466][T10823]  ? __pfx___might_resched+0x10/0x10
[  347.520488][T10823]  ? fs_reclaim_acquire+0x7d/0x100
[  347.520511][T10823]  should_fail_ex+0x414/0x560
[  347.520539][T10823]  should_failslab+0xa8/0x100
[  347.520560][T10823]  kmem_cache_alloc_node_noprof+0x77/0x710
[  347.520578][T10823]  ? __alloc_skb+0x112/0x2d0
[  347.520597][T10823]  ? netlink_autobind+0xdb/0x300
[  347.520622][T10823]  __alloc_skb+0x112/0x2d0
[  347.520648][T10823]  netlink_sendmsg+0x5c6/0xb30
[  347.520677][T10823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.520700][T10823]  ? aa_sock_msg_perm+0xf1/0x1d0
[  347.520718][T10823]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  347.520736][T10823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.520758][T10823]  __sock_sendmsg+0x21c/0x270
[  347.520778][T10823]  ____sys_sendmsg+0x505/0x830
[  347.520810][T10823]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.520833][T10823]  ? import_iovec+0x74/0xa0
[  347.520856][T10823]  ___sys_sendmsg+0x21f/0x2a0
[  347.520874][T10823]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.520920][T10823]  ? __fget_files+0x2a/0x420
[  347.520939][T10823]  ? __fget_files+0x3a0/0x420
[  347.520968][T10823]  __x64_sys_sendmsg+0x19b/0x260
[  347.520988][T10823]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  347.521013][T10823]  ? __pfx_ksys_write+0x10/0x10
[  347.521035][T10823]  ? do_syscall_64+0xbe/0xfa0
[  347.521055][T10823]  do_syscall_64+0xfa/0xfa0
[  347.521073][T10823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.521088][T10823]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  347.521105][T10823]  ? clear_bhb_loop+0x60/0xb0
[  347.521123][T10823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.521139][T10823] RIP: 0033:0x7f161438efc9
[  347.521154][T10823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.521166][T10823] RSP: 002b:00007f16151f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.521184][T10823] RAX: ffffffffffffffda RBX: 00007f16145e5fa0 RCX: 00007f161438efc9
[  347.521196][T10823] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000006
[  347.521207][T10823] RBP: 00007f16151f1090 R08: 0000000000000000 R09: 0000000000000000
[  347.521217][T10823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.521227][T10823] R13: 00007f16145e6038 R14: 00007f16145e5fa0 R15: 00007f161470fa28
[  347.521254][T10823]  </TASK>
[  347.794391][    C1] vkms_vblank_simulate: vblank timer overrun
[  347.910579][T10828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.942304][T10828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.020929][ T5908] usb 4-1: 0:2 : does not exist
[  348.072612][ T5908] usb 4-1: unit 97 not found!
[  348.119885][ T5908] usb 4-1: USB disconnect, device number 21
[  348.146476][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  348.678902][T10850] fuse: Invalid rootmode
[  348.815096][T10854] bridge_slave_0: default FDB implementation only supports local addresses
[  349.045183][   T30] audit: type=1326 audit(1760939652.370:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10849 comm="syz.0.1703" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f161438efc9 code=0x0
[  350.191229][T10885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.206292][T10885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.967698][    T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  351.047144][T10918] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  351.234927][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.257302][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.332790][    T9] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  351.361717][T10919] IPv6: addrconf: prefix option has invalid lifetime
[  351.434953][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.520151][    T9] usb 4-1: config 0 descriptor??
[  351.718538][T10927] FAULT_INJECTION: forcing a failure.
[  351.718538][T10927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.733370][T10927] CPU: 1 UID: 0 PID: 10927 Comm: syz.2.1724 Not tainted syzkaller #0 PREEMPT(full) 
[  351.733395][T10927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  351.733405][T10927] Call Trace:
[  351.733412][T10927]  <TASK>
[  351.733420][T10927]  dump_stack_lvl+0x189/0x250
[  351.733444][T10927]  ? __pfx____ratelimit+0x10/0x10
[  351.733469][T10927]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.733487][T10927]  ? __pfx__printk+0x10/0x10
[  351.733517][T10927]  should_fail_ex+0x414/0x560
[  351.733547][T10927]  _copy_to_user+0x31/0xb0
[  351.733571][T10927]  simple_read_from_buffer+0xe1/0x170
[  351.733593][T10927]  proc_fail_nth_read+0x1b3/0x220
[  351.733618][T10927]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.733646][T10927]  ? rw_verify_area+0x2a6/0x4d0
[  351.733663][T10927]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.733689][T10927]  vfs_read+0x200/0xa30
[  351.733705][T10927]  ? __pfx_aa_sk_perm+0x10/0x10
[  351.733730][T10927]  ? __pfx_vfs_read+0x10/0x10
[  351.733749][T10927]  ? bpf_lsm_socket_bind+0x9/0x20
[  351.733773][T10927]  ? __sys_bind+0x2e9/0x3e0
[  351.733796][T10927]  ? __pfx___sys_bind+0x10/0x10
[  351.733824][T10927]  ksys_read+0x145/0x250
[  351.733845][T10927]  ? __pfx_ksys_read+0x10/0x10
[  351.733867][T10927]  ? do_syscall_64+0xbe/0xfa0
[  351.733887][T10927]  do_syscall_64+0xfa/0xfa0
[  351.733903][T10927]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.733920][T10927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.733937][T10927]  ? clear_bhb_loop+0x60/0xb0
[  351.733958][T10927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.733975][T10927] RIP: 0033:0x7f3e0018d9dc
[  351.733991][T10927] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  351.734006][T10927] RSP: 002b:00007f3e01033030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  351.734025][T10927] RAX: ffffffffffffffda RBX: 00007f3e003e5fa0 RCX: 00007f3e0018d9dc
[  351.734038][T10927] RDX: 000000000000000f RSI: 00007f3e010330a0 RDI: 0000000000000004
[  351.734049][T10927] RBP: 00007f3e01033090 R08: 0000000000000000 R09: 0000000000000000
[  351.734060][T10927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.734070][T10927] R13: 00007f3e003e6038 R14: 00007f3e003e5fa0 R15: 00007f3e0050fa28
[  351.734100][T10927]  </TASK>
[  351.967331][    C1] vkms_vblank_simulate: vblank timer overrun
[  352.298188][    T9] pyra 0003:1E7D:2CF6.0019: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  352.456447][T10911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  352.503544][T10911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  352.688530][T10941] FAULT_INJECTION: forcing a failure.
[  352.688530][T10941] name failslab, interval 1, probability 0, space 0, times 0
[  352.701297][T10941] CPU: 1 UID: 0 PID: 10941 Comm: syz.4.1727 Not tainted syzkaller #0 PREEMPT(full) 
[  352.701320][T10941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  352.701331][T10941] Call Trace:
[  352.701339][T10941]  <TASK>
[  352.701347][T10941]  dump_stack_lvl+0x189/0x250
[  352.701382][T10941]  ? __pfx____ratelimit+0x10/0x10
[  352.701408][T10941]  ? __pfx_dump_stack_lvl+0x10/0x10
[  352.701424][T10941]  ? __pfx__printk+0x10/0x10
[  352.701446][T10941]  ? __pfx___might_resched+0x10/0x10
[  352.701466][T10941]  ? fs_reclaim_acquire+0x7d/0x100
[  352.701492][T10941]  should_fail_ex+0x414/0x560
[  352.701515][T10941]  should_failslab+0xa8/0x100
[  352.701536][T10941]  __kmalloc_noprof+0xcb/0x7f0
[  352.701554][T10941]  ? tomoyo_encode+0x28b/0x550
[  352.701580][T10941]  tomoyo_encode+0x28b/0x550
[  352.701604][T10941]  tomoyo_realpath_from_path+0x58d/0x5d0
[  352.701620][T10941]  ? tomoyo_domain+0xd9/0x130
[  352.701634][T10941]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  352.701648][T10941]  tomoyo_path_number_perm+0x1e8/0x5a0
[  352.701663][T10941]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  352.701722][T10941]  ? __fget_files+0x2a/0x420
[  352.701747][T10941]  ? __fget_files+0x3a0/0x420
[  352.701763][T10941]  ? __fget_files+0x2a/0x420
[  352.701776][T10941]  security_file_ioctl+0xcb/0x2d0
[  352.701791][T10941]  __se_sys_ioctl+0x47/0x170
[  352.701802][T10941]  do_syscall_64+0xfa/0xfa0
[  352.701811][T10941]  ? lockdep_hardirqs_on+0x9c/0x150
[  352.701822][T10941]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.701838][T10941]  ? clear_bhb_loop+0x60/0xb0
[  352.701860][T10941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.701876][T10941] RIP: 0033:0x7f90be38efc9
[  352.701892][T10941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.701906][T10941] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  352.701919][T10941] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  352.701926][T10941] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  352.701931][T10941] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  352.701937][T10941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.701943][T10941] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  352.701959][T10941]  </TASK>
[  352.701978][T10941] ERROR: Out of memory at tomoyo_realpath_from_path.
[  352.732851][   T30] audit: type=1326 audit(1760939656.090:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10943 comm="syz.1.1729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1340b8efc9 code=0x0
[  352.798603][ T5908] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  353.065263][T10949] FAULT_INJECTION: forcing a failure.
[  353.065263][T10949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.079167][T10949] CPU: 1 UID: 0 PID: 10949 Comm: syz.4.1730 Not tainted syzkaller #0 PREEMPT(full) 
[  353.079190][T10949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  353.079208][T10949] Call Trace:
[  353.079215][T10949]  <TASK>
[  353.079223][T10949]  dump_stack_lvl+0x189/0x250
[  353.079246][T10949]  ? __pfx____ratelimit+0x10/0x10
[  353.079272][T10949]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.079289][T10949]  ? __pfx__printk+0x10/0x10
[  353.079318][T10949]  should_fail_ex+0x414/0x560
[  353.079347][T10949]  _copy_to_user+0x31/0xb0
[  353.079370][T10949]  simple_read_from_buffer+0xe1/0x170
[  353.079395][T10949]  proc_fail_nth_read+0x1b3/0x220
[  353.079423][T10949]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  353.079450][T10949]  ? rw_verify_area+0x2a6/0x4d0
[  353.079466][T10949]  ? __lock_acquire+0xab9/0xd20
[  353.079485][T10949]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  353.079511][T10949]  vfs_read+0x200/0xa30
[  353.079527][T10949]  ? fdget_pos+0x247/0x320
[  353.079550][T10949]  ? __pfx___mutex_lock+0x10/0x10
[  353.079569][T10949]  ? __pfx_vfs_read+0x10/0x10
[  353.079588][T10949]  ? __fget_files+0x2a/0x420
[  353.079611][T10949]  ? __fget_files+0x3a0/0x420
[  353.079630][T10949]  ? __fget_files+0x2a/0x420
[  353.079658][T10949]  ksys_read+0x145/0x250
[  353.079679][T10949]  ? __pfx_ksys_read+0x10/0x10
[  353.079700][T10949]  ? do_syscall_64+0xbe/0xfa0
[  353.079720][T10949]  do_syscall_64+0xfa/0xfa0
[  353.079736][T10949]  ? lockdep_hardirqs_on+0x9c/0x150
[  353.079753][T10949]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.079769][T10949]  ? clear_bhb_loop+0x60/0xb0
[  353.079789][T10949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.079806][T10949] RIP: 0033:0x7f90be38d9dc
[  353.079823][T10949] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  353.079837][T10949] RSP: 002b:00007f90bf19a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  353.079856][T10949] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38d9dc
[  353.079868][T10949] RDX: 000000000000000f RSI: 00007f90bf19a0a0 RDI: 0000000000000004
[  353.079879][T10949] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  353.079890][T10949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.079900][T10949] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  353.079930][T10949]  </TASK>
[  353.133560][ T5923] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  353.137422][    C1] vkms_vblank_simulate: vblank timer overrun
[  353.329362][    C1] vkms_vblank_simulate: vblank timer overrun
[  353.335351][    C1] hrtimer: interrupt took 252165887 ns
[  353.435392][    C1] vkms_vblank_simulate: vblank timer overrun
[  353.436060][ T5923] usb 2-1: Using ep0 maxpacket: 16
[  353.449341][ T5923] usb 2-1: config 5 has an invalid interface number: 168 but max is 0
[  353.455866][ T5908] usb 1-1: config index 0 descriptor too short (expected 2084, got 36)
[  353.459579][ T5923] usb 2-1: config 5 has no interface number 0
[  353.466580][ T5908] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.477725][ T5923] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  353.484821][ T5908] usb 1-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  353.496317][ T5923] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  353.504613][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.507941][ T5908] usb 1-1: config 0 descriptor??
[  353.524037][ T5923] usb 2-1: config 5 interface 168 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  353.541816][ T5923] usb 2-1: config 5 interface 168 has no altsetting 0
[  353.561506][ T5923] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  353.571180][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.579775][ T5923] usb 2-1: Product: syz
[  353.584538][ T5923] usb 2-1: Manufacturer: syz
[  353.589226][ T5923] usb 2-1: SerialNumber: syz
[  353.621497][T10947] raw-gadget.5 gadget.1: fail, usb_ep_enable returned -22
[  353.837639][ T5923] pn533_usb 2-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  353.876147][ T5923] usb 2-1: USB disconnect, device number 23
[  353.946658][ T5908] usbhid 1-1:0.0: can't add hid device: -71
[  353.967071][ T5908] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  353.997119][ T5908] usb 1-1: USB disconnect, device number 20
[  354.031612][    T9] pyra 0003:1E7D:2CF6.0019: couldn't init struct pyra_device
[  354.075501][    T9] pyra 0003:1E7D:2CF6.0019: couldn't install mouse
[  354.099105][    T9] pyra 0003:1E7D:2CF6.0019: probe with driver pyra failed with error -71
[  354.117595][    T9] usb 4-1: USB disconnect, device number 22
[  354.284268][T10970] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1736'.
[  354.334018][T10970] netem: unknown loss type 13
[  354.339619][T10970] netem: change failed
[  354.583339][    T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  354.733341][    T9] usb 4-1: Using ep0 maxpacket: 8
[  354.740328][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[  354.749429][    T9] usb 4-1: config 8 has an invalid interface number: 255 but max is 0
[  354.757741][ T5923] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  354.765791][    T9] usb 4-1: config 8 has no interface number 0
[  354.771968][    T9] usb 4-1: config 8 interface 255 has no altsetting 0
[  354.782351][    T9] usb 4-1: string descriptor 0 read error: -22
[  354.788963][    T9] usb 4-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice= 0.00
[  354.798150][    T9] usb 4-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[  354.923289][ T5923] usb 1-1: Using ep0 maxpacket: 16
[  354.931044][ T5923] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  354.941659][ T5923] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  354.953037][ T5923] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  354.962317][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.971025][ T5923] usb 1-1: Product: syz
[  354.975353][ T5923] usb 1-1: Manufacturer: syz
[  354.980233][ T5923] usb 1-1: SerialNumber: syz
[  355.237019][    T9] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.3-1, 00:00:00:00:00:00.
[  355.251785][T10980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  355.285852][    T9] usb 4-1: USB disconnect, device number 23
[  355.294144][T10980] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  355.400865][ T5923] usb 1-1: 0:2 : does not exist
[  355.413059][ T5923] usb 1-1: unit 97 not found!
[  355.458690][T10986] sg_write: process 1013 (syz.4.1741) changed security contexts after opening file descriptor, this is not allowed.
[  355.486271][ T5923] usb 1-1: USB disconnect, device number 21
[  355.517553][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  355.830839][T10994] FAULT_INJECTION: forcing a failure.
[  355.830839][T10994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.847897][T10994] CPU: 0 UID: 0 PID: 10994 Comm: syz.1.1745 Not tainted syzkaller #0 PREEMPT(full) 
[  355.847913][T10994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  355.847919][T10994] Call Trace:
[  355.847924][T10994]  <TASK>
[  355.847929][T10994]  dump_stack_lvl+0x189/0x250
[  355.847945][T10994]  ? __pfx____ratelimit+0x10/0x10
[  355.847960][T10994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.847970][T10994]  ? __pfx__printk+0x10/0x10
[  355.847980][T10994]  ? __might_fault+0xb0/0x130
[  355.847996][T10994]  should_fail_ex+0x414/0x560
[  355.848014][T10994]  _copy_from_user+0x2d/0xb0
[  355.848028][T10994]  sg_write+0x9b3/0xea0
[  355.848044][T10994]  ? __pfx_sg_write+0x10/0x10
[  355.848056][T10994]  ? __pfx_aa_file_perm+0x10/0x10
[  355.848083][T10994]  ? bpf_lsm_file_permission+0x9/0x20
[  355.848096][T10994]  ? security_file_permission+0x75/0x290
[  355.848111][T10994]  ? rw_verify_area+0x255/0x4d0
[  355.848120][T10994]  ? __lock_acquire+0xab9/0xd20
[  355.848131][T10994]  ? __pfx_sg_write+0x10/0x10
[  355.848142][T10994]  vfs_write+0x27e/0xb30
[  355.848157][T10994]  ? __pfx_vfs_write+0x10/0x10
[  355.848167][T10994]  ? __fget_files+0x2a/0x420
[  355.848180][T10994]  ? __fget_files+0x2a/0x420
[  355.848190][T10994]  ? __fget_files+0x3a0/0x420
[  355.848201][T10994]  ? __fget_files+0x2a/0x420
[  355.848216][T10994]  ksys_write+0x145/0x250
[  355.848227][T10994]  ? __pfx_ksys_write+0x10/0x10
[  355.848239][T10994]  ? do_syscall_64+0xbe/0xfa0
[  355.848250][T10994]  do_syscall_64+0xfa/0xfa0
[  355.848259][T10994]  ? lockdep_hardirqs_on+0x9c/0x150
[  355.848269][T10994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.848278][T10994]  ? clear_bhb_loop+0x60/0xb0
[  355.848290][T10994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.848299][T10994] RIP: 0033:0x7f1340b8efc9
[  355.848309][T10994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.848317][T10994] RSP: 002b:00007f1341a76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  355.848328][T10994] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8efc9
[  355.848336][T10994] RDX: 0000000000000038 RSI: 0000200000000140 RDI: 0000000000000004
[  355.848342][T10994] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  355.848347][T10994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.848353][T10994] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  355.848369][T10994]  </TASK>
[  357.128317][T11027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.148345][T11027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.647518][T11038] netlink: 'syz.1.1758': attribute type 4 has an invalid length.
[  358.705723][ T5908] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  358.885431][ T5908] usb 2-1: Using ep0 maxpacket: 16
[  358.905257][ T5908] usb 2-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  358.920463][ T5908] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  358.932585][ T5908] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  358.942565][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.953098][ T5908] usb 2-1: Product: syz
[  358.958825][ T5908] usb 2-1: Manufacturer: syz
[  358.965818][ T5908] usb 2-1: SerialNumber: syz
[  359.183006][T11050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  359.238688][T11050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.272046][ T5908] usb 2-1: 0:2 : does not exist
[  359.284318][ T5908] usb 2-1: unit 97 not found!
[  359.375875][ T5908] usb 2-1: USB disconnect, device number 24
[  359.402156][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  360.749971][T11089] FAULT_INJECTION: forcing a failure.
[  360.749971][T11089] name failslab, interval 1, probability 0, space 0, times 0
[  360.769676][T11089] CPU: 1 UID: 0 PID: 11089 Comm: syz.1.1772 Not tainted syzkaller #0 PREEMPT(full) 
[  360.769700][T11089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  360.769710][T11089] Call Trace:
[  360.769717][T11089]  <TASK>
[  360.769724][T11089]  dump_stack_lvl+0x189/0x250
[  360.769747][T11089]  ? __pfx____ratelimit+0x10/0x10
[  360.769773][T11089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  360.769791][T11089]  ? __pfx__printk+0x10/0x10
[  360.769814][T11089]  ? __pfx___might_resched+0x10/0x10
[  360.769836][T11089]  ? fs_reclaim_acquire+0x7d/0x100
[  360.769862][T11089]  should_fail_ex+0x414/0x560
[  360.769893][T11089]  should_failslab+0xa8/0x100
[  360.769916][T11089]  kmem_cache_alloc_node_noprof+0x77/0x710
[  360.769935][T11089]  ? __alloc_skb+0x112/0x2d0
[  360.769957][T11089]  ? netlink_autobind+0xdb/0x300
[  360.769985][T11089]  __alloc_skb+0x112/0x2d0
[  360.770011][T11089]  netlink_sendmsg+0x5c6/0xb30
[  360.770043][T11089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.770068][T11089]  ? aa_sock_msg_perm+0xf1/0x1d0
[  360.770090][T11089]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  360.770110][T11089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.770135][T11089]  __sock_sendmsg+0x21c/0x270
[  360.770159][T11089]  ____sys_sendmsg+0x505/0x830
[  360.770182][T11089]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.770208][T11089]  ? import_iovec+0x74/0xa0
[  360.770234][T11089]  ___sys_sendmsg+0x21f/0x2a0
[  360.770253][T11089]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.770313][T11089]  ? __fget_files+0x2a/0x420
[  360.770333][T11089]  ? __fget_files+0x3a0/0x420
[  360.770362][T11089]  __x64_sys_sendmsg+0x19b/0x260
[  360.770381][T11089]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  360.770407][T11089]  ? __pfx_ksys_write+0x10/0x10
[  360.770429][T11089]  ? do_syscall_64+0xbe/0xfa0
[  360.770450][T11089]  do_syscall_64+0xfa/0xfa0
[  360.770467][T11089]  ? lockdep_hardirqs_on+0x9c/0x150
[  360.770484][T11089]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.770501][T11089]  ? clear_bhb_loop+0x60/0xb0
[  360.770521][T11089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.770538][T11089] RIP: 0033:0x7f1340b8efc9
[  360.770553][T11089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.770568][T11089] RSP: 002b:00007f1341a76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.770587][T11089] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8efc9
[  360.770599][T11089] RDX: 0000000004000004 RSI: 0000200000000100 RDI: 0000000000000003
[  360.770611][T11089] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  360.770622][T11089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.770632][T11089] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  360.770662][T11089]  </TASK>
[  361.040823][    C1] vkms_vblank_simulate: vblank timer overrun
[  361.773090][T11106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  361.809877][T11106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  361.905678][T11109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  361.974373][T11109] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.516743][ T5908] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  362.673305][ T5923] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  362.753506][ T5908] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  362.765740][ T5908] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  362.779861][ T5908] usb 4-1: config 0 has no interface number 0
[  362.806702][ T5908] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  362.823234][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.831316][ T5908] usb 4-1: Product: syz
[  362.840188][ T5908] usb 4-1: Manufacturer: syz
[  362.851927][ T5908] usb 4-1: SerialNumber: syz
[  362.860587][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  362.887499][ T5908] usb 4-1: config 0 descriptor??
[  362.902932][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.914344][ T5923] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  362.917780][ T5908] uvcvideo 4-1:0.64: probe with driver uvcvideo failed with error -22
[  362.927531][ T5923] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  362.927560][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.930039][ T5923] usb 1-1: config 0 descriptor??
[  363.345070][T11127] netlink: 'syz.1.1785': attribute type 29 has an invalid length.
[  363.618221][ T5923] usbhid 1-1:0.0: can't add hid device: -71
[  363.642435][ T5923] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  363.705976][ T5923] usb 1-1: USB disconnect, device number 22
[  364.394331][   T30] audit: type=1326 audit(1760939667.760:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11152 comm="syz.0.1794" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f161438efc9 code=0x0
[  364.602146][T11161] FAULT_INJECTION: forcing a failure.
[  364.602146][T11161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.615923][T11161] CPU: 1 UID: 0 PID: 11161 Comm: syz.4.1797 Not tainted syzkaller #0 PREEMPT(full) 
[  364.615946][T11161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  364.615958][T11161] Call Trace:
[  364.615965][T11161]  <TASK>
[  364.615972][T11161]  dump_stack_lvl+0x189/0x250
[  364.615994][T11161]  ? __pfx____ratelimit+0x10/0x10
[  364.616019][T11161]  ? __pfx_dump_stack_lvl+0x10/0x10
[  364.616036][T11161]  ? __pfx__printk+0x10/0x10
[  364.616062][T11161]  should_fail_ex+0x414/0x560
[  364.616090][T11161]  _copy_to_user+0x31/0xb0
[  364.616111][T11161]  simple_read_from_buffer+0xe1/0x170
[  364.616134][T11161]  proc_fail_nth_read+0x1b3/0x220
[  364.616168][T11161]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  364.616195][T11161]  ? rw_verify_area+0x2a6/0x4d0
[  364.616210][T11161]  ? __lock_acquire+0xab9/0xd20
[  364.616227][T11161]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  364.616251][T11161]  vfs_read+0x200/0xa30
[  364.616266][T11161]  ? fdget_pos+0x247/0x320
[  364.616288][T11161]  ? __pfx___mutex_lock+0x10/0x10
[  364.616307][T11161]  ? __pfx_vfs_read+0x10/0x10
[  364.616326][T11161]  ? __fget_files+0x2a/0x420
[  364.616349][T11161]  ? __fget_files+0x3a0/0x420
[  364.616367][T11161]  ? __fget_files+0x2a/0x420
[  364.616395][T11161]  ksys_read+0x145/0x250
[  364.616416][T11161]  ? __pfx_ksys_read+0x10/0x10
[  364.616437][T11161]  ? do_syscall_64+0xbe/0xfa0
[  364.616457][T11161]  do_syscall_64+0xfa/0xfa0
[  364.616472][T11161]  ? lockdep_hardirqs_on+0x9c/0x150
[  364.616487][T11161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.616504][T11161]  ? clear_bhb_loop+0x60/0xb0
[  364.616521][T11161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.616542][T11161] RIP: 0033:0x7f90be38d9dc
[  364.616559][T11161] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  364.616571][T11161] RSP: 002b:00007f90bf19a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  364.616587][T11161] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38d9dc
[  364.616599][T11161] RDX: 000000000000000f RSI: 00007f90bf19a0a0 RDI: 0000000000000004
[  364.616609][T11161] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  364.616619][T11161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.616629][T11161] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  364.616656][T11161]  </TASK>
[  364.855878][    C1] vkms_vblank_simulate: vblank timer overrun
[  364.870400][ T5908] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  364.937204][ T5923] usb 4-1: USB disconnect, device number 24
[  365.023288][ T5908] usb 2-1: Using ep0 maxpacket: 16
[  365.030114][ T5908] usb 2-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  365.043691][ T5908] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  365.057667][ T5908] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  365.067011][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.075163][ T5908] usb 2-1: Product: syz
[  365.079503][ T5908] usb 2-1: Manufacturer: syz
[  365.084241][ T5908] usb 2-1: SerialNumber: syz
[  365.181416][T11166] vcan0: tx drop: invalid da for name 0x0000000000000015
[  365.315653][T11151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.329164][T11151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.373719][ T5908] usb 2-1: 0:2 : does not exist
[  365.392957][ T5908] usb 2-1: unit 97 not found!
[  365.430743][ T5908] usb 2-1: USB disconnect, device number 25
[  365.453329][ T5942] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  365.470458][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  365.634276][ T5942] usb 4-1: device descriptor read/64, error -71
[  365.883842][ T5942] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  366.033270][ T5942] usb 4-1: device descriptor read/64, error -71
[  366.156459][ T5942] usb usb4-port1: attempt power cycle
[  366.460276][T11197] openvswitch: netlink: Multiple metadata blocks provided
[  366.523332][ T5942] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  366.574023][ T5942] usb 4-1: device descriptor read/8, error -71
[  366.847361][ T5942] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  367.004446][ T5942] usb 4-1: device descriptor read/8, error -71
[  367.125410][ T5942] usb usb4-port1: unable to enumerate USB device
[  368.438165][T11225] FAULT_INJECTION: forcing a failure.
[  368.438165][T11225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.453745][T11225] CPU: 1 UID: 0 PID: 11225 Comm: syz.3.1818 Not tainted syzkaller #0 PREEMPT(full) 
[  368.453771][T11225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  368.453782][T11225] Call Trace:
[  368.453789][T11225]  <TASK>
[  368.453804][T11225]  dump_stack_lvl+0x189/0x250
[  368.453828][T11225]  ? __pfx____ratelimit+0x10/0x10
[  368.453853][T11225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.453871][T11225]  ? __pfx__printk+0x10/0x10
[  368.453889][T11225]  ? __might_fault+0xb0/0x130
[  368.453918][T11225]  should_fail_ex+0x414/0x560
[  368.453949][T11225]  _copy_from_user+0x2d/0xb0
[  368.453972][T11225]  ___sys_sendmsg+0x158/0x2a0
[  368.453993][T11225]  ? __pfx____sys_sendmsg+0x10/0x10
[  368.454043][T11225]  ? __fget_files+0x2a/0x420
[  368.454063][T11225]  ? __fget_files+0x3a0/0x420
[  368.454092][T11225]  __x64_sys_sendmsg+0x19b/0x260
[  368.454112][T11225]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  368.454138][T11225]  ? __pfx_ksys_write+0x10/0x10
[  368.454160][T11225]  ? do_syscall_64+0xbe/0xfa0
[  368.454181][T11225]  do_syscall_64+0xfa/0xfa0
[  368.454196][T11225]  ? lockdep_hardirqs_on+0x9c/0x150
[  368.454214][T11225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.454231][T11225]  ? clear_bhb_loop+0x60/0xb0
[  368.454251][T11225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.454267][T11225] RIP: 0033:0x7fbb8798efc9
[  368.454283][T11225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.454298][T11225] RSP: 002b:00007fbb88837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  368.454317][T11225] RAX: ffffffffffffffda RBX: 00007fbb87be5fa0 RCX: 00007fbb8798efc9
[  368.454329][T11225] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  368.454340][T11225] RBP: 00007fbb88837090 R08: 0000000000000000 R09: 0000000000000000
[  368.454350][T11225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.454361][T11225] R13: 00007fbb87be6038 R14: 00007fbb87be5fa0 R15: 00007fbb87d0fa28
[  368.454390][T11225]  </TASK>
[  369.373604][ T5942] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  369.618752][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  369.646850][ T5942] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  369.663605][ T5942] usb 2-1: config 0 has no interface number 0
[  369.691769][ T5942] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  369.713905][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.736164][ T5942] usb 2-1: Product: syz
[  369.753286][ T5942] usb 2-1: Manufacturer: syz
[  369.843357][ T5942] usb 2-1: SerialNumber: syz
[  369.862517][ T5942] usb 2-1: config 0 descriptor??
[  369.885612][ T5942] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  369.947693][ T5942] usb 2-1: selecting invalid altsetting 1
[  369.971336][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  369.997172][ T5942] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  370.008006][ T5942] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  370.016462][ T5942] usb 2-1: media controller created
[  370.032961][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  370.089660][ T5942] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  370.096997][ T5942] zl10353_read_register: readreg error (reg=127, ret==-71)
[  370.139910][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  370.336405][ T5942] usb 2-1: USB disconnect, device number 26
[  370.643446][T11254] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1828'.
[  371.364557][T11272] netlink: zone id is out of range
[  371.377552][T11272] netlink: zone id is out of range
[  371.389525][T11272] netlink: zone id is out of range
[  371.419292][T11272] netlink: zone id is out of range
[  371.428265][T11272] netlink: zone id is out of range
[  371.438024][T11272] netlink: zone id is out of range
[  371.462781][T11272] netlink: zone id is out of range
[  371.479999][T11272] netlink: zone id is out of range
[  371.486460][T11272] netlink: zone id is out of range
[  371.492035][T11272] netlink: zone id is out of range
[  371.523426][T11272] netlink: zone id is out of range
[  371.528809][T11272] netlink: zone id is out of range
[  371.535214][T11251] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.545809][T11272] netlink: zone id is out of range
[  371.551597][T11272] netlink: zone id is out of range
[  371.557325][T11272] netlink: zone id is out of range
[  372.015050][T11278] FAULT_INJECTION: forcing a failure.
[  372.015050][T11278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.123323][T11278] CPU: 0 UID: 0 PID: 11278 Comm: syz.1.1836 Not tainted syzkaller #0 PREEMPT(full) 
[  372.123350][T11278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  372.123364][T11278] Call Trace:
[  372.123371][T11278]  <TASK>
[  372.123379][T11278]  dump_stack_lvl+0x189/0x250
[  372.123412][T11278]  ? __pfx____ratelimit+0x10/0x10
[  372.123436][T11278]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.123453][T11278]  ? __pfx__printk+0x10/0x10
[  372.123482][T11278]  should_fail_ex+0x414/0x560
[  372.123512][T11278]  _copy_to_user+0x31/0xb0
[  372.123537][T11278]  simple_read_from_buffer+0xe1/0x170
[  372.123563][T11278]  proc_fail_nth_read+0x1b3/0x220
[  372.123592][T11278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.123619][T11278]  ? rw_verify_area+0x2a6/0x4d0
[  372.123635][T11278]  ? __lock_acquire+0xab9/0xd20
[  372.123654][T11278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.123679][T11278]  vfs_read+0x200/0xa30
[  372.123695][T11278]  ? fdget_pos+0x247/0x320
[  372.123723][T11278]  ? __pfx___mutex_lock+0x10/0x10
[  372.123742][T11278]  ? __pfx_vfs_read+0x10/0x10
[  372.123759][T11278]  ? __fget_files+0x2a/0x420
[  372.123783][T11278]  ? __fget_files+0x3a0/0x420
[  372.123799][T11278]  ? __fget_files+0x2a/0x420
[  372.123825][T11278]  ksys_read+0x145/0x250
[  372.123845][T11278]  ? __pfx_ksys_read+0x10/0x10
[  372.123867][T11278]  ? do_syscall_64+0xbe/0xfa0
[  372.123887][T11278]  do_syscall_64+0xfa/0xfa0
[  372.123903][T11278]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.123919][T11278]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.123936][T11278]  ? clear_bhb_loop+0x60/0xb0
[  372.123956][T11278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.123972][T11278] RIP: 0033:0x7f1340b8d9dc
[  372.123988][T11278] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  372.124002][T11278] RSP: 002b:00007f133ebf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.124021][T11278] RAX: ffffffffffffffda RBX: 00007f1340de6090 RCX: 00007f1340b8d9dc
[  372.124033][T11278] RDX: 000000000000000f RSI: 00007f133ebf60a0 RDI: 0000000000000005
[  372.124044][T11278] RBP: 00007f133ebf6090 R08: 0000000000000000 R09: 0000000000000000
[  372.124055][T11278] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  372.124065][T11278] R13: 00007f1340de6128 R14: 00007f1340de6090 R15: 00007f1340f0fa28
[  372.124095][T11278]  </TASK>
[  372.366455][    C0] vkms_vblank_simulate: vblank timer overrun
[  372.881770][T11289] FAULT_INJECTION: forcing a failure.
[  372.881770][T11289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.913387][T11289] CPU: 0 UID: 0 PID: 11289 Comm: syz.1.1841 Not tainted syzkaller #0 PREEMPT(full) 
[  372.913413][T11289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  372.913423][T11289] Call Trace:
[  372.913430][T11289]  <TASK>
[  372.913438][T11289]  dump_stack_lvl+0x189/0x250
[  372.913462][T11289]  ? __pfx____ratelimit+0x10/0x10
[  372.913487][T11289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.913504][T11289]  ? __pfx__printk+0x10/0x10
[  372.913534][T11289]  should_fail_ex+0x414/0x560
[  372.913564][T11289]  _copy_to_user+0x31/0xb0
[  372.913590][T11289]  simple_read_from_buffer+0xe1/0x170
[  372.913615][T11289]  proc_fail_nth_read+0x1b3/0x220
[  372.913643][T11289]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.913669][T11289]  ? rw_verify_area+0x2a6/0x4d0
[  372.913686][T11289]  ? __lock_acquire+0xab9/0xd20
[  372.913704][T11289]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.913730][T11289]  vfs_read+0x200/0xa30
[  372.913747][T11289]  ? fdget_pos+0x247/0x320
[  372.913771][T11289]  ? __pfx___mutex_lock+0x10/0x10
[  372.913790][T11289]  ? __pfx_vfs_read+0x10/0x10
[  372.913810][T11289]  ? __fget_files+0x2a/0x420
[  372.913833][T11289]  ? __fget_files+0x3a0/0x420
[  372.913852][T11289]  ? __fget_files+0x2a/0x420
[  372.913880][T11289]  ksys_read+0x145/0x250
[  372.913902][T11289]  ? __pfx_ksys_read+0x10/0x10
[  372.913923][T11289]  ? do_syscall_64+0xbe/0xfa0
[  372.913945][T11289]  do_syscall_64+0xfa/0xfa0
[  372.913961][T11289]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.913978][T11289]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.913994][T11289]  ? clear_bhb_loop+0x60/0xb0
[  372.914015][T11289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.914031][T11289] RIP: 0033:0x7f1340b8d9dc
[  372.914047][T11289] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  372.914062][T11289] RSP: 002b:00007f1341a76030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.914081][T11289] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8d9dc
[  372.914093][T11289] RDX: 000000000000000f RSI: 00007f1341a760a0 RDI: 0000000000000004
[  372.914103][T11289] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  372.914114][T11289] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001
[  372.914124][T11289] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  372.914160][T11289]  </TASK>
[  372.931175][T11292] FAULT_INJECTION: forcing a failure.
[  372.931175][T11292] name failslab, interval 1, probability 0, space 0, times 0
[  373.173420][T11292] CPU: 0 UID: 0 PID: 11292 Comm: syz.4.1837 Not tainted syzkaller #0 PREEMPT(full) 
[  373.173443][T11292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  373.173453][T11292] Call Trace:
[  373.173460][T11292]  <TASK>
[  373.173467][T11292]  dump_stack_lvl+0x189/0x250
[  373.173490][T11292]  ? __pfx____ratelimit+0x10/0x10
[  373.173513][T11292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.173528][T11292]  ? __pfx__printk+0x10/0x10
[  373.173547][T11292]  ? __pfx___might_resched+0x10/0x10
[  373.173566][T11292]  ? fs_reclaim_acquire+0x7d/0x100
[  373.173585][T11292]  should_fail_ex+0x414/0x560
[  373.173616][T11292]  should_failslab+0xa8/0x100
[  373.173639][T11292]  kmem_cache_alloc_node_noprof+0x77/0x710
[  373.173658][T11292]  ? __alloc_skb+0x112/0x2d0
[  373.173679][T11292]  ? netlink_autobind+0xdb/0x300
[  373.173708][T11292]  __alloc_skb+0x112/0x2d0
[  373.173732][T11292]  netlink_sendmsg+0x5c6/0xb30
[  373.173765][T11292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.173803][T11292]  ? aa_sock_msg_perm+0xf1/0x1d0
[  373.173824][T11292]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  373.173845][T11292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.173868][T11292]  __sock_sendmsg+0x21c/0x270
[  373.173893][T11292]  ____sys_sendmsg+0x505/0x830
[  373.173912][T11292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.173934][T11292]  ? import_iovec+0x74/0xa0
[  373.173958][T11292]  ___sys_sendmsg+0x21f/0x2a0
[  373.173976][T11292]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.174021][T11292]  ? __fget_files+0x2a/0x420
[  373.174039][T11292]  ? __fget_files+0x3a0/0x420
[  373.174063][T11292]  __x64_sys_sendmsg+0x19b/0x260
[  373.174082][T11292]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  373.174104][T11292]  ? __pfx_ksys_write+0x10/0x10
[  373.174124][T11292]  ? do_syscall_64+0xbe/0xfa0
[  373.174143][T11292]  do_syscall_64+0xfa/0xfa0
[  373.174155][T11292]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.174171][T11292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.174188][T11292]  ? clear_bhb_loop+0x60/0xb0
[  373.174210][T11292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.174226][T11292] RIP: 0033:0x7f90be38efc9
[  373.174242][T11292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.174255][T11292] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.174274][T11292] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  373.174284][T11292] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 0000000000000005
[  373.174293][T11292] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  373.174302][T11292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.174311][T11292] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  373.174335][T11292]  </TASK>
[  373.454647][    C0] vkms_vblank_simulate: vblank timer overrun
[  373.467671][ T5923] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  373.623044][T11298] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  373.683347][ T5923] usb 4-1: Using ep0 maxpacket: 8
[  373.699431][ T5923] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  373.709130][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.717463][ T5923] usb 4-1: Product: syz
[  373.721660][ T5923] usb 4-1: Manufacturer: syz
[  373.726266][ T5923] usb 4-1: SerialNumber: syz
[  373.743152][ T5923] usb 4-1: config 0 descriptor??
[  373.818372][T11301] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1844'.
[  373.989795][T11307] FAULT_INJECTION: forcing a failure.
[  373.989795][T11307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.076946][T11307] CPU: 1 UID: 0 PID: 11307 Comm: syz.4.1845 Not tainted syzkaller #0 PREEMPT(full) 
[  374.076971][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  374.076982][T11307] Call Trace:
[  374.076989][T11307]  <TASK>
[  374.076996][T11307]  dump_stack_lvl+0x189/0x250
[  374.077020][T11307]  ? __pfx____ratelimit+0x10/0x10
[  374.077045][T11307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.077062][T11307]  ? __pfx__printk+0x10/0x10
[  374.077079][T11307]  ? __might_fault+0xb0/0x130
[  374.077108][T11307]  should_fail_ex+0x414/0x560
[  374.077138][T11307]  _copy_from_user+0x2d/0xb0
[  374.077162][T11307]  scsi_ioctl+0x489/0x1fb0
[  374.077192][T11307]  ? __pfx_scsi_ioctl+0x10/0x10
[  374.077246][T11307]  ? __pfx___might_resched+0x10/0x10
[  374.077267][T11307]  ? lockdep_hardirqs_on+0x9c/0x150
[  374.077300][T11307]  ? scsi_block_when_processing_errors+0x390/0x470
[  374.077332][T11307]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  374.077358][T11307]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  374.077403][T11307]  sg_ioctl+0x1886/0x2230
[  374.077432][T11307]  ? __pfx_sg_ioctl+0x10/0x10
[  374.077454][T11307]  ? __fget_files+0x2a/0x420
[  374.077478][T11307]  ? __fget_files+0x3a0/0x420
[  374.077496][T11307]  ? __fget_files+0x2a/0x420
[  374.077519][T11307]  ? bpf_lsm_file_ioctl+0x9/0x20
[  374.077542][T11307]  ? __pfx_sg_ioctl+0x10/0x10
[  374.077560][T11307]  __se_sys_ioctl+0xfc/0x170
[  374.077579][T11307]  do_syscall_64+0xfa/0xfa0
[  374.077595][T11307]  ? lockdep_hardirqs_on+0x9c/0x150
[  374.077612][T11307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.077628][T11307]  ? clear_bhb_loop+0x60/0xb0
[  374.077649][T11307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.077666][T11307] RIP: 0033:0x7f90be38efc9
[  374.077681][T11307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.077695][T11307] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  374.077714][T11307] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  374.077727][T11307] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000003
[  374.077738][T11307] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  374.077749][T11307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.077759][T11307] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  374.077788][T11307]  </TASK>
[  374.463327][ T5942] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  374.627159][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  374.637274][ T5942] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  374.664261][ T5942] usb 2-1: config 0 has no interface number 0
[  374.692904][ T5942] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  374.711824][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.720823][ T5942] usb 2-1: Product: syz
[  374.728056][ T5942] usb 2-1: Manufacturer: syz
[  374.789833][ T5942] usb 2-1: SerialNumber: syz
[  374.815617][ T5942] usb 2-1: config 0 descriptor??
[  374.843566][ T5942] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  374.884518][ T5942] usb 2-1: selecting invalid altsetting 1
[  374.899195][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  374.918520][ T5942] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  374.949710][ T5942] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  374.969782][ T5942] usb 2-1: media controller created
[  375.005990][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  375.039673][ T5923] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  375.093981][ T5942] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  375.109091][ T5923] gspca_sunplus: reg_w_riv err -71
[  375.123763][ T5923] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  375.155518][ T5923] usb 4-1: USB disconnect, device number 29
[  375.319792][ T5942] zl10353_read_register: readreg error (reg=127, ret==-71)
[  375.344783][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  375.465090][ T5942] usb 2-1: USB disconnect, device number 27
[  376.315504][T11336] FAULT_INJECTION: forcing a failure.
[  376.315504][T11336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.341026][T11337] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1855'.
[  376.353318][T11336] CPU: 0 UID: 0 PID: 11336 Comm: syz.1.1854 Not tainted syzkaller #0 PREEMPT(full) 
[  376.353345][T11336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  376.353355][T11336] Call Trace:
[  376.353362][T11336]  <TASK>
[  376.353370][T11336]  dump_stack_lvl+0x189/0x250
[  376.353393][T11336]  ? __pfx____ratelimit+0x10/0x10
[  376.353424][T11336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.353442][T11336]  ? __pfx__printk+0x10/0x10
[  376.353460][T11336]  ? __might_fault+0xb0/0x130
[  376.353491][T11336]  should_fail_ex+0x414/0x560
[  376.353522][T11336]  _copy_to_iter+0x404/0x1790
[  376.353558][T11336]  ? __pfx__copy_to_iter+0x10/0x10
[  376.353595][T11336]  seq_read_iter+0xbf5/0xe20
[  376.353633][T11336]  seq_read+0x369/0x480
[  376.353658][T11336]  ? __pfx_seq_read+0x10/0x10
[  376.353673][T11336]  ? __pfx___mutex_trylock_common+0x10/0x10
[  376.353711][T11336]  ? __pfx_seq_read+0x10/0x10
[  376.353723][T11336]  proc_reg_read+0x1e9/0x2e0
[  376.353741][T11336]  ? __pfx_proc_reg_read+0x10/0x10
[  376.353761][T11336]  vfs_read+0x200/0xa30
[  376.353778][T11336]  ? fdget_pos+0x247/0x320
[  376.353809][T11336]  ? __pfx___mutex_lock+0x10/0x10
[  376.353829][T11336]  ? __pfx_vfs_read+0x10/0x10
[  376.353848][T11336]  ? __fget_files+0x2a/0x420
[  376.353872][T11336]  ? __fget_files+0x3a0/0x420
[  376.353891][T11336]  ? __fget_files+0x2a/0x420
[  376.353920][T11336]  ksys_read+0x145/0x250
[  376.353940][T11336]  ? __pfx_ksys_read+0x10/0x10
[  376.353962][T11336]  ? do_syscall_64+0xbe/0xfa0
[  376.353983][T11336]  do_syscall_64+0xfa/0xfa0
[  376.353999][T11336]  ? lockdep_hardirqs_on+0x9c/0x150
[  376.354016][T11336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.354033][T11336]  ? clear_bhb_loop+0x60/0xb0
[  376.354053][T11336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.354069][T11336] RIP: 0033:0x7f1340b8efc9
[  376.354086][T11336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.354100][T11336] RSP: 002b:00007f1341a76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  376.354119][T11336] RAX: ffffffffffffffda RBX: 00007f1340de5fa0 RCX: 00007f1340b8efc9
[  376.354131][T11336] RDX: 0000000000002020 RSI: 0000200000004f00 RDI: 0000000000000004
[  376.354142][T11336] RBP: 00007f1341a76090 R08: 0000000000000000 R09: 0000000000000000
[  376.354153][T11336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.354163][T11336] R13: 00007f1340de6038 R14: 00007f1340de5fa0 R15: 00007f1340f0fa28
[  376.354195][T11336]  </TASK>
[  376.608607][    C0] vkms_vblank_simulate: vblank timer overrun
[  377.112409][T11341] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  377.129563][T11341] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  377.180468][T11341] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  377.209845][T11341] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  377.229157][T11341] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  377.245346][T11341] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  377.265148][T11341] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  377.272267][T11341] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  377.301647][T11341] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  377.321052][T11341] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  377.583303][ T5942] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  377.743534][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  377.751047][ T5942] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  377.783815][ T5942] usb 2-1: config 0 has no interface number 0
[  377.820258][ T5942] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  377.842603][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.861093][ T5942] usb 2-1: Product: syz
[  377.871329][ T5942] usb 2-1: Manufacturer: syz
[  377.883097][ T5942] usb 2-1: SerialNumber: syz
[  377.918050][ T5942] usb 2-1: config 0 descriptor??
[  377.944369][ T5942] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  377.953310][ T5942] usb 2-1: selecting invalid altsetting 1
[  377.959169][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  377.980545][ T5942] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  377.995237][ T5942] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  378.003670][ T5942] usb 2-1: media controller created
[  378.032783][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  378.172212][ T5942] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  378.200857][ T5942] zl10353_read_register: readreg error (reg=127, ret==-71)
[  378.211509][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  378.280563][ T5942] usb 2-1: USB disconnect, device number 28
[  378.857940][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.871948][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.036156][ T5942] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  379.083359][ T5923] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  379.173881][ T5848] Bluetooth: hci0: command 0x0406 tx timeout
[  379.253364][ T5848] Bluetooth: hci2: command 0x0406 tx timeout
[  379.253404][ T5923] usb 2-1: Using ep0 maxpacket: 16
[  379.255334][ T5923] usb 2-1: config 3 has an invalid interface number: 156 but max is 0
[  379.259670][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  379.264964][ T5923] usb 2-1: config 3 has no interface number 0
[  379.277759][ T5942] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  379.293431][ T5942] usb 1-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  379.303715][ T5908] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  379.311304][ T5942] usb 1-1: config 0 has no interface number 0
[  379.320731][ T5942] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  379.330922][ T5942] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.339134][   T53] Bluetooth: hci4: command 0x0406 tx timeout
[  379.346165][ T5848] Bluetooth: hci3: command 0x0406 tx timeout
[  379.352787][ T5942] usb 1-1: Product: syz
[  379.357073][ T5942] usb 1-1: Manufacturer: syz
[  379.361734][ T5942] usb 1-1: SerialNumber: syz
[  379.370224][ T5942] usb 1-1: config 0 descriptor??
[  379.379198][ T5923] usb 2-1: config 3 interface 156 has no altsetting 0
[  379.387876][ T5942] uvcvideo 1-1:0.64: probe with driver uvcvideo failed with error -22
[  379.405855][ T5923] usb 2-1: New USB device found, idVendor=05e3, idProduct=0502, bcdDevice=f1.d8
[  379.415268][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.430108][ T5923] usb 2-1: Product: syz
[  379.440346][ T5923] usb 2-1: Manufacturer: syz
[  379.448651][ T5923] usb 2-1: SerialNumber: syz
[  379.463249][ T5908] usb 4-1: Using ep0 maxpacket: 16
[  379.472759][ T5908] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  379.483045][ T5908] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  379.496025][ T5908] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  379.505425][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.513875][ T5908] usb 4-1: Product: syz
[  379.518538][ T5908] usb 4-1: Manufacturer: syz
[  379.523969][ T5908] usb 4-1: SerialNumber: syz
[  379.791044][T11385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.808370][T11385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.827204][ T5923] gl620a 2-1:3.156: probe with driver gl620a failed with error -22
[  379.852640][ T5923] usb 2-1: USB disconnect, device number 29
[  381.027653][T11404] usb usb8: usbfs: process 11404 (syz.4.1875) did not claim interface 0 before use
[  381.052054][T11404] netlink: 'syz.4.1875': attribute type 3 has an invalid length.
[  381.060755][T11404] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1875'.
[  381.263520][   T53] Bluetooth: hci0: command 0x0406 tx timeout
[  381.333431][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  381.339697][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  381.413459][ T5848] Bluetooth: hci4: command 0x0406 tx timeout
[  381.419621][ T5848] Bluetooth: hci3: command 0x0406 tx timeout
[  382.010872][    T9] usb 1-1: USB disconnect, device number 23
[  382.290212][ T5908] usb 4-1: 0:2 : does not exist
[  382.295329][ T5908] usb 4-1: unit 0 not found!
[  382.318725][ T5908] usb 4-1: USB disconnect, device number 30
[  382.341205][T11315] udevd[11315]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  382.581567][T11420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.590867][T11420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.607241][T11420] program syz.4.1880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.757623][T11426] netlink: 592 bytes leftover after parsing attributes in process `syz.0.1883'.
[  382.843295][ T5908] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  383.016653][ T5908] usb 4-1: Using ep0 maxpacket: 16
[  383.026698][ T5908] usb 4-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  383.054460][ T5923] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  383.064370][ T5908] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  383.080984][ T5908] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  383.090634][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.098976][ T5908] usb 4-1: Product: syz
[  383.103719][ T5908] usb 4-1: Manufacturer: syz
[  383.108489][ T5908] usb 4-1: SerialNumber: syz
[  383.223606][    T9] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  383.245815][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  383.290555][ T5923] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  383.327453][ T5923] usb 1-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[  383.343940][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.368352][ T5923] usb 1-1: config 0 descriptor??
[  383.383383][T11430] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  383.432588][T11443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.442921][    T9] usb 2-1: Using ep0 maxpacket: 16
[  383.471932][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  383.509080][T11443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.527188][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  383.556822][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  383.583504][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.591919][    T9] usb 2-1: Product: syz
[  383.595376][ T5908] usb 4-1: 0:2 : does not exist
[  383.606143][    T9] usb 2-1: Manufacturer: syz
[  383.624665][    T9] usb 2-1: SerialNumber: syz
[  383.636201][ T5908] usb 4-1: unit 97 not found!
[  383.854992][ T5908] usb 4-1: USB disconnect, device number 31
[  383.865432][T11436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.889338][T11436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.903919][    T9] usb 2-1: 0:2 : does not exist
[  383.909108][    T9] usb 2-1: unit 0 not found!
[  383.931486][    T9] usb 2-1: USB disconnect, device number 30
[  383.949571][ T5923] hid (null): report_id 57294 is invalid
[  383.972603][ T5923] asus 0003:0B05:18C6.001A: collection stack underflow
[  383.989992][ T5923] asus 0003:0B05:18C6.001A: item 0 1 0 12 parsing failed
[  384.011946][ T5923] asus 0003:0B05:18C6.001A: Asus hid parse failed: -22
[  384.031338][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  384.034130][ T5923] asus 0003:0B05:18C6.001A: probe with driver asus failed with error -22
[  384.101725][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  384.240657][T11450] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1892'.
[  384.383879][T11454] netlink: 592 bytes leftover after parsing attributes in process `syz.2.1894'.
[  384.463031][T11458] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  384.472325][T11458] syzkaller0: entered promiscuous mode
[  384.480381][ T5908] usb 1-1: USB disconnect, device number 24
[  384.497823][T11458] syzkaller0: entered allmulticast mode
[  384.591316][T11461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1897'.
[  384.597539][T11462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1897'.
[  384.632535][T11458] FAULT_INJECTION: forcing a failure.
[  384.632535][T11458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.663286][T11458] CPU: 1 UID: 0 PID: 11458 Comm: syz.4.1896 Not tainted syzkaller #0 PREEMPT(full) 
[  384.663312][T11458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  384.663323][T11458] Call Trace:
[  384.663330][T11458]  <TASK>
[  384.663337][T11458]  dump_stack_lvl+0x189/0x250
[  384.663362][T11458]  ? __pfx____ratelimit+0x10/0x10
[  384.663388][T11458]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.663410][T11458]  ? __pfx__printk+0x10/0x10
[  384.663428][T11458]  ? __might_fault+0xb0/0x130
[  384.663452][T11458]  should_fail_ex+0x414/0x560
[  384.663479][T11458]  _copy_from_user+0x2d/0xb0
[  384.663502][T11458]  sock_do_ioctl+0x182/0x300
[  384.663525][T11458]  ? __pfx_sock_do_ioctl+0x10/0x10
[  384.663561][T11458]  sock_ioctl+0x576/0x790
[  384.663582][T11458]  ? __pfx_sock_ioctl+0x10/0x10
[  384.663605][T11458]  ? __fget_files+0x3a0/0x420
[  384.663624][T11458]  ? __fget_files+0x2a/0x420
[  384.663647][T11458]  ? bpf_lsm_file_ioctl+0x9/0x20
[  384.663671][T11458]  ? __pfx_sock_ioctl+0x10/0x10
[  384.663689][T11458]  __se_sys_ioctl+0xfc/0x170
[  384.663709][T11458]  do_syscall_64+0xfa/0xfa0
[  384.663726][T11458]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.663743][T11458]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.663760][T11458]  ? clear_bhb_loop+0x60/0xb0
[  384.663781][T11458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.663797][T11458] RIP: 0033:0x7f90be38efc9
[  384.663814][T11458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.663828][T11458] RSP: 002b:00007f90bf19a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.663847][T11458] RAX: ffffffffffffffda RBX: 00007f90be5e5fa0 RCX: 00007f90be38efc9
[  384.663860][T11458] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000005
[  384.663871][T11458] RBP: 00007f90bf19a090 R08: 0000000000000000 R09: 0000000000000000
[  384.663881][T11458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.663891][T11458] R13: 00007f90be5e6038 R14: 00007f90be5e5fa0 R15: 00007f90be70fa28
[  384.663921][T11458]  </TASK>
[  384.897771][T11457] tipc: Resetting bearer <eth:syzkaller0>
[  384.931240][T11457] tipc: Disabling bearer <eth:syzkaller0>
[  385.433290][ T5908] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  385.563259][ T5908] usb 2-1: device descriptor read/64, error -71
[  386.013307][ T5908] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  386.393322][ T5908] usb 2-1: device descriptor read/64, error -71
[  386.503690][ T5908] usb usb2-port1: attempt power cycle
[  386.613311][ T5942] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  386.750693][T11498] netlink: 592 bytes leftover after parsing attributes in process `syz.3.1907'.
[  386.809898][ T5942] usb 1-1: Using ep0 maxpacket: 16
[  386.847705][ T5942] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  386.876917][ T5942] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  386.893503][ T5908] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  386.907938][ T5942] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  386.931120][ T5942] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.939537][ T5942] usb 1-1: Product: syz
[  386.953607][ T5908] usb 2-1: device descriptor read/8, error -71
[  386.961463][ T5942] usb 1-1: Manufacturer: syz
[  386.967194][ T5942] usb 1-1: SerialNumber: syz
[  387.205847][ T5908] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  387.233910][ T5908] usb 2-1: device descriptor read/8, error -71
[  387.241414][T11489] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  387.252760][T11489] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  387.269788][ T5942] usb 1-1: 0:2 : does not exist
[  387.274957][ T5942] usb 1-1: unit 97 not found!
[  387.294486][ T5942] usb 1-1: USB disconnect, device number 25
[  387.319570][T11315] udevd[11315]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  387.346090][ T5908] usb usb2-port1: unable to enumerate USB device
[  388.113951][T11530] netlink: 'syz.1.1917': attribute type 3 has an invalid length.
[  388.455760][   T31] INFO: task kworker/0:3:5856 blocked for more than 143 seconds.
[  388.469324][T11534] netlink: 592 bytes leftover after parsing attributes in process `syz.1.1919'.
[  388.481293][   T31]       Not tainted syzkaller #0
[  388.503363][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  388.639840][   T31] task:kworker/0:3     state:D stack:21496 pid:5856  tgid:5856  ppid:2      task_flags:0x4208060 flags:0x00080000
[  388.671936][   T31] Workqueue: usb_hub_wq hub_event
[  388.677405][   T31] Call Trace:
[  388.680771][   T31]  <TASK>
[  388.687422][   T31]  __schedule+0x1798/0x4cc0
[  388.692074][   T31]  ? __pfx___schedule+0x10/0x10
[  388.697540][   T31]  ? schedule+0x91/0x360
[  388.701889][   T31]  schedule+0x165/0x360
[  388.718300][   T31]  schedule_timeout+0x9a/0x270
[  388.723144][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  388.731323][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  388.740014][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.745747][   T31]  ? wait_for_completion+0x267/0x5d0
[  388.751064][   T31]  wait_for_completion+0x2bf/0x5d0
[  388.773259][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  388.783087][   T31]  i2c_del_adapter+0x581/0x6e0
[  388.795015][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  388.803887][   T31]  ? dvb_usbv2_exit+0x85a/0x9e0
[  388.808788][   T31]  dvb_usbv2_probe+0x4ae/0x41a0
[  388.820220][   T31]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[  388.827073][   T31]  ? __pm_runtime_set_status+0x785/0xa50
[  388.832763][   T31]  usb_probe_interface+0x668/0xc30
[  388.848266][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  388.854614][   T31]  really_probe+0x26d/0x9e0
[  388.859238][   T31]  __driver_probe_device+0x18c/0x2f0
[  388.865980][   T31]  driver_probe_device+0x4f/0x430
[  388.871398][   T31]  __device_attach_driver+0x2ce/0x530
[  388.881750][   T31]  bus_for_each_drv+0x251/0x2e0
[  388.887250][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  388.894029][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  388.899535][   T31]  __device_attach+0x2b8/0x400
[  388.905024][   T31]  ? __pfx___device_attach+0x10/0x10
[  388.910444][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  388.916487][   T31]  bus_probe_device+0x185/0x260
[  388.922080][   T31]  device_add+0x7b6/0xb50
[  388.927406][   T31]  usb_set_configuration+0x1a87/0x20e0
[  388.933005][   T31]  usb_generic_driver_probe+0x8d/0x150
[  388.940726][   T31]  usb_probe_device+0x1c4/0x390
[  388.946963][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  388.952447][   T31]  really_probe+0x26d/0x9e0
[  388.959337][   T31]  __driver_probe_device+0x18c/0x2f0
[  388.965864][   T31]  driver_probe_device+0x4f/0x430
[  388.971010][   T31]  __device_attach_driver+0x2ce/0x530
[  388.981170][   T31]  bus_for_each_drv+0x251/0x2e0
[  388.991520][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  389.003344][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  389.008881][   T31]  __device_attach+0x2b8/0x400
[  389.023986][   T31]  ? __pfx___device_attach+0x10/0x10
[  389.029563][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  389.054232][   T31]  bus_probe_device+0x185/0x260
[  389.059279][   T31]  device_add+0x7b6/0xb50
[  389.073243][   T31]  usb_new_device+0xa39/0x16f0
[  389.078100][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  389.095785][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.101145][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.114547][   T31]  hub_event+0x2958/0x4a20
[  389.119043][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  389.124659][   T31]  ? __pfx_hub_event+0x10/0x10
[  389.129458][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  389.135302][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.140972][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  389.147002][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  389.152855][   T31]  process_scheduled_works+0xae1/0x17b0
[  389.158942][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.166718][   T31]  worker_thread+0x8a0/0xda0
[  389.172087][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.181006][   T31]  ? __kthread_parkme+0x7b/0x200
[  389.186272][   T31]  kthread+0x711/0x8a0
[  389.190461][   T31]  ? __pfx_worker_thread+0x10/0x10
[  389.195682][   T31]  ? __pfx_kthread+0x10/0x10
[  389.200463][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.205895][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.211342][   T31]  ? __pfx_kthread+0x10/0x10
[  389.216023][   T31]  ret_from_fork+0x4bc/0x870
[  389.220777][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  389.226148][   T31]  ? __switch_to_asm+0x39/0x70
[  389.230933][   T31]  ? __switch_to_asm+0x33/0x70
[  389.235924][   T31]  ? __pfx_kthread+0x10/0x10
[  389.240540][   T31]  ret_from_fork_asm+0x1a/0x30
[  389.245649][   T31]  </TASK>
[  389.254639][   T31] 
[  389.254639][   T31] Showing all locks held in the system:
[  389.262444][   T31] 2 locks held by kworker/u8:0/12:
[  389.268146][   T31]  #0: ffff88801df32948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.289033][   T31]  #1: ffff8880b8724048 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  389.300289][   T31] 1 lock held by khungtaskd/31:
[  389.305508][   T31]  #0: ffffffff8e13d2e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  389.315839][   T31] 2 locks held by getty/5591:
[  389.320636][   T31]  #0: ffff88814e2ec0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  389.330757][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  389.341249][   T31] 5 locks held by kworker/0:3/5856:
[  389.346658][   T31]  #0: ffff888020683548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.358245][   T31]  #1: ffffc900043dfba0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.370423][   T31]  #2: ffff888145b10198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[  389.379718][   T31]  #3: ffff888028360198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  389.389389][   T31]  #4: ffff888027200160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  389.398972][   T31] 1 lock held by syz.4.1916/11531:
[  389.404623][   T31]  #0: ffffffff8e142c40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  389.415318][   T31] 1 lock held by syz.0.1918/11535:
[  389.420443][   T31]  #0: ffffffff8e142c40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  389.430597][   T31] 
[  389.432939][   T31] =============================================
[  389.432939][   T31] 
[  389.442419][   T31] NMI backtrace for cpu 0
[  389.442439][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  389.442458][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  389.442468][   T31] Call Trace:
[  389.442475][   T31]  <TASK>
[  389.442483][   T31]  dump_stack_lvl+0x189/0x250
[  389.442510][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.442529][   T31]  ? __pfx__printk+0x10/0x10
[  389.442558][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  389.442583][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  389.442607][   T31]  ? __pfx__printk+0x10/0x10
[  389.442628][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  389.442666][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  389.442692][   T31]  watchdog+0xf60/0xfa0
[  389.442717][   T31]  ? watchdog+0x1e2/0xfa0
[  389.442743][   T31]  kthread+0x711/0x8a0
[  389.442763][   T31]  ? __pfx_watchdog+0x10/0x10
[  389.442782][   T31]  ? __pfx_kthread+0x10/0x10
[  389.442801][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.442824][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.442839][   T31]  ? __pfx_kthread+0x10/0x10
[  389.442857][   T31]  ret_from_fork+0x4bc/0x870
[  389.442881][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  389.442908][   T31]  ? __switch_to_asm+0x39/0x70
[  389.442926][   T31]  ? __switch_to_asm+0x33/0x70
[  389.442942][   T31]  ? __pfx_kthread+0x10/0x10
[  389.442960][   T31]  ret_from_fork_asm+0x1a/0x30
[  389.442995][   T31]  </TASK>
[  389.443002][   T31] Sending NMI from CPU 0 to CPUs 1:
[  389.590277][    C1] NMI backtrace for cpu 1
[  389.590295][    C1] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  389.590312][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  389.590323][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  389.590347][    C1] RIP: 0010:__kasan_check_byte+0x0/0x40
[  389.590367][    C1] Code: 44 24 48 a8 01 0f 84 da fe ff ff 48 ff c8 49 89 c4 e9 cf fe ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <0f> 1f 40 d6 41 56 53 48 89 f3 49 89 fe e8 2e 15 00 00 84 c0 75 16
[  389.590379][    C1] RSP: 0018:ffffc90000a086b0 EFLAGS: 00000202
[  389.590392][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 6167ffebdfdc7100
[  389.590402][    C1] RDX: 0000000000000000 RSI: ffffffff8173cd42 RDI: ffffffff8e13d2e0
[  389.590413][    C1] RBP: ffffffff8173cd25 R08: 0000000000000000 R09: 0000000000000000
[  389.590423][    C1] R10: ffffc90000a08878 R11: ffffffff81ac6cb0 R12: 0000000000000002
[  389.590433][    C1] R13: ffffffff8e13d2e0 R14: 0000000000000000 R15: 0000000000000000
[  389.590443][    C1] FS:  0000000000000000(0000) GS:ffff888125e0d000(0000) knlGS:0000000000000000
[  389.590455][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  389.590466][    C1] CR2: 000000000000000b CR3: 0000000077a14000 CR4: 00000000003526f0
[  389.590479][    C1] Call Trace:
[  389.590485][    C1]  <IRQ>
[  389.590491][    C1]  lock_acquire+0x8d/0x360
[  389.590513][    C1]  ? unwind_next_frame+0xa5/0x2390
[  389.590536][    C1]  ? handle_softirqs+0x286/0x870
[  389.590555][    C1]  ? unwind_next_frame+0xa5/0x2390
[  389.590574][    C1]  unwind_next_frame+0xc2/0x2390
[  389.590592][    C1]  ? unwind_next_frame+0xa5/0x2390
[  389.590613][    C1]  ? unwind_next_frame+0xa5/0x2390
[  389.590632][    C1]  ? rcu_core+0xcab/0x1770
[  389.590653][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  389.590669][    C1]  arch_stack_walk+0x11c/0x150
[  389.590692][    C1]  ? handle_softirqs+0x286/0x870
[  389.590712][    C1]  stack_trace_save+0x9c/0xe0
[  389.590726][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  389.590739][    C1]  ? __lock_acquire+0xab9/0xd20
[  389.590761][    C1]  kasan_save_track+0x3e/0x80
[  389.590776][    C1]  ? kasan_save_track+0x3e/0x80
[  389.590789][    C1]  ? __kasan_save_free_info+0x46/0x50
[  389.590808][    C1]  ? __kasan_slab_free+0x5c/0x80
[  389.590823][    C1]  ? kfree+0x19a/0x6d0
[  389.590835][    C1]  ? slab_free_after_rcu_debug+0x60/0x2a0
[  389.590962][    C1]  ? rcu_core+0xcab/0x1770
[  389.590979][    C1]  ? handle_softirqs+0x286/0x870
[  389.591025][    C1]  __kasan_save_free_info+0x46/0x50
[  389.591048][    C1]  __kasan_slab_free+0x5c/0x80
[  389.591065][    C1]  ? slab_free_after_rcu_debug+0x60/0x2a0
[  389.591084][    C1]  kfree+0x19a/0x6d0
[  389.591101][    C1]  ? rcu_core+0xc37/0x1770
[  389.591119][    C1]  slab_free_after_rcu_debug+0x60/0x2a0
[  389.591139][    C1]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[  389.591157][    C1]  ? rcu_core+0xc37/0x1770
[  389.591175][    C1]  rcu_core+0xcab/0x1770
[  389.591203][    C1]  ? __pfx_rcu_core+0x10/0x10
[  389.591225][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  389.591242][    C1]  ? sched_clock_cpu+0x74/0x430
[  389.591268][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.591290][    C1]  ? sched_balance_domains+0x121/0x9e0
[  389.591311][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  389.591330][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  389.591351][    C1]  ? try_to_wake_up+0x7f5/0x12b0
[  389.591372][    C1]  handle_softirqs+0x286/0x870
[  389.591394][    C1]  ? do_softirq+0xec/0x180
[  389.591416][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  389.591446][    C1]  ? nsim_dev_trap_report_work+0x7c7/0xb80
[  389.591466][    C1]  do_softirq+0xec/0x180
[  389.591484][    C1]  </IRQ>
[  389.591490][    C1]  <TASK>
[  389.591496][    C1]  ? __pfx_do_softirq+0x10/0x10
[  389.591514][    C1]  ? devlink_trap_report+0x216/0x6a0
[  389.591541][    C1]  ? lockdep_softirqs_on+0x13b/0x1c0
[  389.591562][    C1]  __local_bh_enable_ip+0x17d/0x1c0
[  389.591581][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  389.591600][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  389.591617][    C1]  ? nsim_dev_trap_report_work+0x7c7/0xb80
[  389.591636][    C1]  nsim_dev_trap_report_work+0x7c7/0xb80
[  389.591664][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  389.591686][    C1]  process_scheduled_works+0xae1/0x17b0
[  389.591721][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.591749][    C1]  worker_thread+0x8a0/0xda0
[  389.591782][    C1]  kthread+0x711/0x8a0
[  389.591801][    C1]  ? __pfx_worker_thread+0x10/0x10
[  389.591821][    C1]  ? __pfx_kthread+0x10/0x10
[  389.591864][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.591884][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.591898][    C1]  ? __pfx_kthread+0x10/0x10
[  389.591913][    C1]  ret_from_fork+0x4bc/0x870
[  389.591934][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  389.591956][    C1]  ? __switch_to_asm+0x39/0x70
[  389.591975][    C1]  ? __switch_to_asm+0x33/0x70
[  389.591990][    C1]  ? __pfx_kthread+0x10/0x10
[  389.592006][    C1]  ret_from_fork_asm+0x1a/0x30
[  389.592035][    C1]  </TASK>
[  389.601158][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  389.601181][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  389.601201][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  389.601212][   T31] Call Trace:
[  389.601220][   T31]  <TASK>
[  389.601228][   T31]  dump_stack_lvl+0x99/0x250
[  389.601254][   T31]  ? __asan_memcpy+0x40/0x70
[  389.601273][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.601290][   T31]  ? __pfx__printk+0x10/0x10
[  389.601319][   T31]  vpanic+0x237/0x6d0
[  389.601341][   T31]  ? __pfx_vpanic+0x10/0x10
[  389.601364][   T31]  ? preempt_schedule_common+0x83/0xd0
[  389.601388][   T31]  panic+0xb9/0xc0
[  389.601409][   T31]  ? __pfx_panic+0x10/0x10
[  389.601432][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  389.601460][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  389.601484][   T31]  watchdog+0xf9f/0xfa0
[  389.601510][   T31]  ? watchdog+0x1e2/0xfa0
[  389.601535][   T31]  kthread+0x711/0x8a0
[  389.601556][   T31]  ? __pfx_watchdog+0x10/0x10
[  389.601584][   T31]  ? __pfx_kthread+0x10/0x10
[  389.601603][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.601626][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.601641][   T31]  ? __pfx_kthread+0x10/0x10
[  389.601659][   T31]  ret_from_fork+0x4bc/0x870
[  389.601684][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  389.601711][   T31]  ? __switch_to_asm+0x39/0x70
[  389.601729][   T31]  ? __switch_to_asm+0x33/0x70
[  389.601747][   T31]  ? __pfx_kthread+0x10/0x10
[  389.601765][   T31]  ret_from_fork_asm+0x1a/0x30
[  389.601798][   T31]  </TASK>
[  390.229194][   T31] Kernel Offset: disabled
[  390.233643][   T31] Rebooting in 86400 seconds..