last executing test programs:

10.898617933s ago: executing program 2 (id=999):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c41f4040110f0010020000e8ff010902120001000000000904"], 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f0000000180)={0x8, 'nr0\x00', {'bridge0\x00'}, 0x3})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="52010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="e1", @ANYRESOCT], 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r1, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x2fff, 0xfffffffffffffd93, &(0x7f0000000240)='\x00~'})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4e728800dc718d41}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x30, r2, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x7d}, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x1, 0x53}}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x20008010)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
r4 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r4, 0x110, 0x4, &(0x7f00000000c0), 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$l2tp6(0xa, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_usb_connect$cdc_ecm(0x5, 0x5a, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/216, 0xd8}], 0x1})
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc087, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xfffd, 0x0, 0x1, {0x22, 0xb}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x7, 0x85, 0x3}}}}}]}}]}}, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x4004550e, 0x0)

10.649888492s ago: executing program 0 (id=1002):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000140)={0x1, 0x0, [{0x40000001, 0xfffff4b4, 0x2, 0x2, 0x3, 0x80000001, 0x9}]})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x100, r5, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2}])
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYRES32=r3, @ANYRES32=r6], 0x30}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x81, 0x3}, 0x10)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r9, &(0x7f0000000080), 0x5005)
ptrace(0x10, r9)
ptrace$cont(0x20, r9, 0x1000000fffffffe, 0xfffffffffffffffe)
bind$tipc(r0, 0x0, 0x0)

10.038819445s ago: executing program 0 (id=1005):
r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee20009058217", @ANYBLOB="f53f"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x1ce02, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000440)={'syzkaller1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f59004"])
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000280)={<r7=>0x0, 0x9b, "02ada069c0452a8f4a3de7abb43f0d08ccf17327298ca47c679085890109c5d9f64f4f6cf035e46154ac5587cca4d537d274cbd1a1264862f70363589c8404842bedff67d768b88f12641be3cfb86943c230bb9a8fe56ceeaddd097ae350e88cb14b04a3fcb822c8dde71596504281b2d05dcf72cf03b9038fba297c8f75460b5e31b4ac0226c1fa9674bf534eced90288927bdcb323584c9870cb"}, &(0x7f0000000100)=0xa3)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r6, 0x84, 0x71, &(0x7f0000000380)={r7}, &(0x7f00000003c0)=0x8)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000b80))

8.224699786s ago: executing program 0 (id=1008):
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x5, 0x2, 0xfffff010}, {0x28, 0x7, 0x0, 0xa56e}, {0x6, 0x0, 0x0, 0xa1a}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000004180)={"b76e82ac", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "2fc7977386a7a0236a9cc1f0", "cf6cce2296b3f853e224c4e0"]})
r4 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000900)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x258a, 0x36, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f0000000280)={0x2c, &(0x7f0000000040)={0x40, 0x6, 0x15, {0x15, 0x8, "217090948f3a5191fd0aef67e0036a0f6e028e"}}, &(0x7f0000000080)={0x0, 0x3, 0x7d, @string={0x7d, 0x3, "5e87e0304d90b958a89bafa822be88d230c2aa76c9acfc3a6b1d6f0f61ae127bc3ca8c63e62028895abe0ebd18016b3dd39922545b1b1cc3797f8018a567dade6016acbba1cb2183f27ecfb24a2eaa9103334653a65ca113db24489ef14b1bd13ce6cafc11a525a12df5a5cde705348402a7293f6492c42efd4e51"}}, &(0x7f0000000140)={0x0, 0xf, 0x34, {0x5, 0xf, 0x34, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "3db3aec0e198d115feb932543126d6d8"}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "4d2368a3465e3ecc530160c477b1c5d6"}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x9, 0x7, 0xc}]}}, &(0x7f00000001c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0xf4, 0x3, 0x5, 0x7, "2f26cc38", "148f2cc4"}}, &(0x7f0000000200)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x3, 0x0, 0x9e, 0xff, 0x1, 0x3}}}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x7bca, &(0x7f0000000080)={0x0, 0xfffffffe, 0x0, 0x10800000, 0xbc})
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_EXPBUF(r5, 0xc0405610, &(0x7f0000000040)={0xe})

7.8700032s ago: executing program 1 (id=1009):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000005f40)=[{{&(0x7f0000000d00)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x34000, &(0x7f0000003400)=ANY=[@ANYBLOB="20000000000000000000000007000000440cd1700000000700000e0f940401001400000000000000000600000200000002000000000000001100000000000000000000000100000009000000000000001400000000000000eaffffff0100000006000000000000001400000000000000000000000200000006"], 0x80}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000004)

7.742185103s ago: executing program 2 (id=1010):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
userfaultfd(0x80801)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)

7.673847671s ago: executing program 1 (id=1011):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r1, 0x2c9ab000)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3c, &(0x7f0000311ffc)=0x9, 0x4)
setsockopt$inet6_buf(r2, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r2, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ec3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dfff01a9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea093680ffffff802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e2cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97107339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd500"/1453, 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x3, @mcast2}, 0x1c)
sendto$inet6(r2, &(0x7f0000001380)="f26f01dee642b0491c8f905a4e6910b785d5a4ad508bf8ba13307092fb923bebcc12f52d8f084291e519cd1ee4e39ac22206da3e6dbc3d59b54db781f51fa7e4f31329f930b6f90d648c576822df0f95e2c1b9d225c7d79e24850ae3410257ca5cf9c56d59196e2e8c4b62009fb425683284e163747b28f01790afe36f206b4d2dd95006dba1a466f7b2ea72bd147fd9b01c6a73d63514dcf86ea5a1fd7cc9ab0fdce4d6529369b6ef20daa08f66cd52d46f824ae8d1f3bd4a4effed8fb291c6737d67221677551aa531e2eda3b6b84a7c7af18e964b6dcd7d39b1246d6a575913d48b18b03de48e0b2ae6a455461328b979dd2051eacd6963f30fb1bc9575f5a5e7d6e9f8c4131130ab1702139ce0167fa4e232562ca02b6550e4451d41d0fb563b67a83448466155c03170d9b5746bd0d2d6c349b3f28dc266a5d08fc9d7fd816e3c6422edc059ea902f4029b4b3c2f117dfe5c2daf5e8357b1003ca9d85b589174bb49d8a8b1b06ff8cc17eb0d41be3e7bcd9d660d5953b1c00ad963f185e9ec1b9de53a17590680fdff44d946092d1ac857baf24bc00b291fc9b00cb35dae98eff33476c0d1578f060aa995400f183927f6185341ae220b3f1b1ac3c1a6c307355dd11f96ca67b879ae7fd62af75005fb7ba5080c30987c99bbdb18170e398a1c071f6728043342d8c41454abb1d7d8e223236c3709382dca89f8b5bb01672bb594bc09de72934fc392df68fd23d927bac15dda81b03f7b78cdcf82ec5ec4c2c5bd68508fb3026019027424486bdb1d5fb150ac9fb3970fbe3c6612fcb15b531eda9561c608cae4dfb754d45af6bc4dd1bde0b04bf03d0e8c7117930bfa532f3f6c52773231178c6d65e6ddb550a8a2dc49c4096459e4b77918853ba9ba12dd8154ce119f2bbae093ae59131013b657900279a91fb2bde2090d513f47953a5faa6b531a931208c0afa1e7a1061189ca26025fb1f0b329b82d3a1adf01f5deb49ffd97bf363a72d83b39065d1a44cf112d6c95939e983372b6b090768b0dd4e5065935bf5e7bbbb723b59d1315b21ff031496a70a4e79b1d9ce89be0ff6cbfa616474c6a07960b35c7d370559ae8486f405411db45a317834eac8e0875545baf99ec38c33c3c034d9a42f93b07942673dbaf222f2d5796ad826fd92999e99913dedac52ee57066456a0380d7558848e92523f942485c47fbeffb70ac33a55529bc613a31f15f0afe7ebdbad5a473f4914254df2c89e89615c0cf49f3dd7ab46f2d5f8e487f79a5e7de76b3dc7256b73049b5effd4a6b42253dacaaf682f83a9a1de23145beae5bb0e61ba89c6b66a6b85e069902791669c9c0dc4bc00c6ea2fe757feb0863a123127435252820b0245a722d53a51889ec32e314ad07e30430eabf0296bceca5292161fb89e68fa818ad4cc15b717f59a4cb80d3c24070c44afff375c03b520c669118468debf007a5d7ac3eaa9e0829a13a40e297320c6dff7dbd2173b895bd6b9121be72b90fc56a471b4ef43503c4a8ad09656b1039311e327afb064a33509a6f61a6c484db71b28b46f246fc382dae30cf52b94bd8cca40e8de13dc7b4dbac1b9ebf547dd00cdd1ffb0a3bcbe220ca73bc4e3097346936ba5ebab55edf9c58bf2844e3826fb89814207e0c2e0c167964244499a09dddb9d60adf27a606055021dc9270f5fd4f460c580e927d35ebace821fdaea496ce85e624a07dcb3390a2d72fb7ba0110a5117f3839794f5258689c2b0960cee2339da5af304ef2c0d37a8fe14c27bd2b995bd0fd28bba66f9a97223ec33ad18bca07c308afebee83882a446d7874d851fa8e61025337c0fe7bb483cb33258fd1cecc35c533fdd0c87b01dc63574fb186db8f1cda52b50240d9202241c234fdb6d4ba70a050fe52b0bf7bdc62967870c249315f8bd57bbb21ce6e37580d87b3f18b17d8c2935c4e82335366044fb85434212bf4629fbc737adc6efab82cc7c9d", 0x57e, 0x1, &(0x7f0000000400)={0xa, 0x4e23, 0x9, @remote, 0x5}, 0x1c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000100)={0x2020, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000002200)={0x50, 0x0, r5, {0x7, 0x27, 0x0, 0xffffffffa14b4014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e96775fb661190a}}, 0x50)
read$FUSE(r4, &(0x7f0000002900)={0x2020, 0x0, 0x0, <r7=>0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000009040)="c9b6cf40d6a9928c6a8c0fdaba1e7bbd4ee597917b02ec4e8ff3bec8d7d8c08f8813039f40175e54e3d66ec19388ed788cf69c0c5b560f0401f1adb4b1f5198fe0bd7627cb9dc384db5b44495ba6094046fb2c8c7d0af7d67dbc3f5ef4aef8ec6bb01c52b6a10d4f9473987d0809b6a84f2ff8aae19a082abcb68b41c291add3ca2204a38c59e28c7c910aaa5a075676e541b6bb91de3854d2f97d3f80dc56c0705e74624a947f2c21ff936c6ba827742a24fd6d9e10b470ceb73a23fc57f5fa27cf073f2d0235e6fa4d1c29f9d0b6509c890ce0e7c3a2a4dd8b6336f02b9d7cc4c8e37f5f5a57f63aeec3228bd15b6d041eab97bccb14ee1ca6fbf7f7ed2e4dd0a32d41cc41c1031424b94621edcea1bddd40f3ad905202dfba3b912efd3468d2ad42b8a01bcb13b288afdc00b7e5857425d7919651160ec15447a26758f20653e69559f0892efc8f0715d8d79f52a44c79aba8ac58dc726ed721eeab3480eaacc2655d4b8831c9aff049c32709ab7adfb24ae767d45468dc0e42bc34b3568ce95e850eaabbf3a1be4d0f9b3e8781a2a9dc06374fe496a755b48abce67fd56de43816d64e883d9db51489ab8a81d1af3a180b6772d2bdac6313d3c183239d4c0bbbe76173f011f144ba71ac8043107f6533b3ef2f44924039b8587485749647315eb7bfe1e412e94f8cdaa937480fdd23769a69e14ea82d741484c99dd1ddd1edfb4faa51431f15531b61e59d68f9d189b27d0bf925970ac66fc35dbe1e430893cc60b28ca6d8e34931bf02154aee6f1fc58d0c0d8e48eaf8079ded67fdd9f19ebfa85d1ab6ec7f54e1963be353b34a6cb7fa35ddb60a9fc6bd1c6f11bf981b5a1bba81513fe447ff7eb2db0d27f1cfd04353e05f37d6c1bd6eb8219ce799338de3518bfec529373e4acfd644212be283856be064bac0f4926c02c0915816615f1f04d1d5136872029afee663f0bf1b6811c594e1465fba59f5727e5a826e3c60576bc2087f21521ffc90dcca39cbec7c0466c8fb7b1bcea7cffb333d2d16daa269d63f4911d10ed24462b37cdceb7c88e819489e1939e5e3cdcc5a858d09803c98d9e5fd617bc92c0880f072c54608f6ea69edba05b4edcd8d3f5e3c926220a191f2aa0d2f0c9158e298bc2e756ee091a0ac48752e4bb56fac67b02eb2c7b3380244ed66648482d8bc2a29bfc26ade0f4a5665282ea408254fd88e2812a184ee9af9c7769fba1ec380043d5cdf6056f89b0e6812a441c3013b0fe0d8418fc47c13fbf4fc2b4a89496d4ab9d9826d0e586574e8dd15d4eb8b86ed372e37287fc818df5b6993b650fba844d960e3fd62db0bc7b12ab286d6492388a91ae4da6bdece6e101c13100eaba3b9998706fd4defaa3ed2965ce7fe6062b8c58f20c6b44b01121184ee1dda1cb66b3ababecfc0b7a9a12624e0b826c35d0149335149cfb49fbe68d1dbb7eef96d7956dc573d449847ff4bb7ba0ededd00c904130f1252c3dd4bdcdeccf6f8a83e3abfa14d12c753558022efa0704549b0571e31c4bc9f3e485f8d2d88189b4149569ef83e8feb2ad26c263b0f91f8975c86c8fa9c9457da5ef4a8a94844f824873576f722e32b376ba5f3ed0ea9818d86ddc35ba0e7f322594d9a0fea878af5c03d242bc7b0af89091f088245154391e75ab1b6b2730ccd01c28e9ec99428cc22c2d08ae2829537c34ebd1273327d0d18175698f9fe587e968d19f00ff98555fcfe95d00cb3abae32afcd48f3d4cd7c63c45581203a8a3040363d98bf9426493039fce7bb03493ab6e176cb45e2af461e77fc93d1202fe0bc7b77398c52bbc1c1436439f26cb2e17933a0ae309611e46bebd4d84a939d9b040a08cad90c2eda6ddc933edffc8e562aa64658f99a9ec8a47278edb828b5312a95ca34c0af428aac64d3fa1c4045885891fda7666dfb680da4dc2c02becb8303b76987b6d9be01174df88e41a48a42444caeae5e36118564e57209594285bc2915b222f99f016326430c38c9807994cfa1c3c85aa0f6375c716cd7f27be9b2cef6866d07c8ed00bc101a74219182562467ebbd43d2ba78a4b0eae22c67702f318bc55ccd92f5fd11557335f94ff6f38cfe9fbe31d3fac064dcd7d660d02fbeaa26acf8927c1e3bc71d9ed8ef2e93f0a42813526daa1fad36676734103bcc621a114b098295de578bf8d7df9034fb3ba86ea529bf639cde496b5e48145e4a814f894fb3bf3f41b49d0572dad5988348dad7a064b2d76d9092336cb404934790683b2b3576d3b75534df2c36bc78e05ed250b9aaede772a08bf5972444ecf4e447c062d95e556768e264813369465713834f6e239695b6bfca1b6108a09368688e212b7ba556df50c02486bf1b2196da3d4c0553923fe9b1bb4474d0f569bec1f35dce4be0f5e2408efa69aa66dda6bb1ef43295fe005f4a86840bb608796ce14bcc1134013bf741ad1aa70cc6579edbd42478d3054e1f7bdbd5b1131ded725041270e8a46bcc8bbfe89089f87105939deb2a9f10dd60d059679d4514bfbfc94b333c7dde79576426f07f24ab6a57290b0d723bf3bffa2f66fe191d0dee8b292c8c15eb42245b899ddde3c6afbbf0d7c301dd142878dbca579f387931460c8c37e186f60f8d9209dc98f1a27b84ecefd71de077017261ad6cc3072fe57ec589cd9498946fda8a834e3f02e8a91f7ce6e18e76f936f6f39d354b63dccc706e25b1d8b1a4830c46f249b5e5a40042fea920ed57a2415431f83c238113ee7d152c16f0780c502d5c995168e3f91113af11752f10434b8dc5ef0e46a276c683261aa73877ce96ebd0176977e124c5b93bbb02ef97a6f6a13c15c261f23014f4b13c8f18746727206b245bee70d7b94968141f104f0682a3df4242c6a60fa1b70c227306520b1b9fbd6c916b0edf5e2ce5220fc9ef10ab0a10e1bf259e91eb127d5a31b7633f15130fdb44ce2178a20d5dc3f91688090881c061d75b4b59c3b2b7eb7a3dd1564bfa6c883c217cb76c2a7516dec926add0a1886570531c32b6284b1e80fbde88905f67ea5cea41003325327000a7f7249a99986f19f423843e8dc791df8679a2ed2b024d7d8c79112644a4fbd32bef0cd1f9d55025708135ed34cbf52ce3a0af0f8cd985362ef6fceb6c72f241128b16dad7575558badb3847e051f38d7b5ca638a1f454054659d90b2c046e4f9e2ab127f257ccc92f887b3e0c4fb49d159741fc649638180addf3f23e5265015f6dad9b25cb86d8a33b802e55258749ec050d15d0d7d821f9615c7d8c12ce11c63fb1eb118455c4e2167f66e4eaf9dec0dd2f345a7e2bb369a66b0755003a9c89449393f71acd98afdf6347792251d669ff3c64c50d705a67e543cad95655d6a4cce233acdac5ffc96681772be3c04a1b36f5273815af65ef87c7ad0d51462bf337c2389a8eded875f75eeebe5e5efc26933948e623364d0dbad3402f659a93acaaa21bc8f559dca605aa6732d0eced5a21ee8a6403b1f91722fcbada24a3031d6aa221612a36584d5edc6ba0f64096e9b6eae1555a95945b937457c4c74371f474939d3c3f299f691316497951c646f142adbd6ee49182aec388ce2ca560a1f4b7d8a63e5cd25ba91ebc61175a6955895bcddae7bf1cefccac5c93dd669ab65a2f508adbcfd62ec46027efa396b9f69984d6adcb38fdddb616ec38929fedd97677c3d06060309db5a9cb5fc8919f4310f06bb40f1b76bc197798acbf8d3162257071e034174047006796fac6fbc95c28afd881e1197c20fea8b4be5c5de39a292bd1ff3819d4d4f48162ea1a57930d8f324ce54875d3ad09eea95c4c825765842f9bbb1957fa8188578e86081adfc87502e69c8841218b596d71c4ec49afa60408028012d974051559d924f5f8a59ee195fb01994b8710994d8201ae10f6e88e0e418489c47499b7efd2021f56a6c9fba761beaf79acb6087a496afe7524f2260e14a792cf1a1203d4b0cd8a11d2544293b7657fc393014295fa28e409ab8be0a02695223d17d7caf4f44cf5d0f416130067f28f3fc51c88ad7b53e401e658214abcc8f597f22d662144f878573d0370c874287698784b6ba9abf9b22da2eeb0ce8b817f85e429e799a5edd246d72d77228652b80c4949a85cd5131d851d9f9bda9afa0646de5e477e0fa999562cb46758502c7d63dd3e8b6f88c7ea44f41c4212d633f0160e738c6d36128e9e58c154b08460c899a26276dc1257dc5de18495573693674e40faf1dad49db8ac83baecf92f3aa5c23f639cdcf6e6864c14a8d6a3de95906813fd17f83c406ffd1d2d7bc75737b7b00172448b2ff167b9fa43649db32ab4094652cbb2e18c3bdb527f24049878bb44b82135009f9af22d24ffbee4b5289fa61bd0502f019b2f24a08542db818bffb7c1637b4f4cb9043952f88aa69d9431b8df2e3f9ef6e4a5ba58e79acf082bbd871aa0f0feef71ade8f921bb597ea28548f4116a281ab3542b732c4a8e9973409c75a0c6443d83547d0d314cc7bd62128e3b0db9c03c78b9d78ba714627866230414947523a6a239873f932c2b28c09cbdf182e856bf41598998150cbdd6d54f76c227fb1519f5afb0008e31d6a0b87818d0a2ca0dd6e953a5ba1a347dd927acd36f3fa3a68920eb9c36bce6cef857447aa733e4ffb7014e194993eb1399270b64151ddbb15478c2b762a14d1782608fb24199d9d311281c47726f565b3a3b7be584afb03d87cdc5eb8156772694ab422f59cd7b1e359583a7cc0695b9f64e6416c6b52de230afbc160d2e9384501b40645189434d416c0fbb034e9ffc654d0dee7ee7a878f9e559daac7ee5af769aeac7a92e85b1bc7983803d3bb572befe76184a46b76450feccffa753cc6123cba0686440a5ba81236458831031a4ba4c91d7aab3bb2514208a902face1c12b7dfe25318ab5ca2c1ef9769aa06ba0539f6904f95d3c8440617efc7858d3984f566b3390b9b1a0f2ec3c86dd77a0b82958c4b15278ffaf10e47e613545f4cf67ef7e8b31a6bda35022871840ae1536fb65bb11b932936db7a15642359bb6b157893d19e7918b11d3d3072b78c761c1784afa2214c865fc2aed860dcc17b69cfe9189bcd0767a84cb306a59966e5f96514a7d7182e6aa7204bbd1a84092ba645f86b68813debd5a2290acc93388e5eacc17db51d69604733ea9160a0e77ec5317194654313a9a8a0535c0bc49d0837e2821df92e8ee2f154cbea6b87ffc207aab4ea491e8aa75b90f70136d84ea2f5dfd138371dbdf8fe273956cb7411db6df48ebf56105da42b219b9dad387ca7be9ecd90508c62279a53bc9f7e2a845f9da42d8e85d2653854737948ce228b2d76d1b9fe2e0e456fdff24575939b82a3f6e1a4be6ffcf1c493c17dabbfa0859a87d259ae3931fb6da544589b9b6bb7cc93e078813ac94918942bf113aee5742498d86a70fff31d2a69507739317a9aa9e0289f053dad4eec63cd58e833027f0859fb4ab74e8fc742d03b5b6dca1168d3d47fd95b514a567e6518342d52b3c3bb6438b5aeacb95ff9001d2f5480f6a80a0685b5bda2ceba06925ab5ae0986954c3169e92fedaf3f1681247cb114202c0f728296a51396063fc64aad05662bf05a626b90f656b47069ca668bb96208c287e8f793d77d4fb1f1cc14e73406005e11a2c1c46ca7448be534c97738487527d79e284d7a0ae275bd4361ecf4a352e6dc8b8c8c8e132a3edb7d645f4943445f523fb28bbf857218a117f1288afec49f9def9aabc2381b38a315d5c927aeb96fa1ad3eb13b0151dd570f6734f004467171d2cdd609d1d09d115c9b42e1da3472ada98d3e1da90a8f373a98133fa708f5a62c75b5eb1b643c48de72143ffc8761ccffd7f3336b69faa277d364cdf2d4f2bc428bda8b76e4748d5ae02d9850ac6f2ed0ddcb874c25d210163d4da10c0d6cc5218a3558deee5519c94032158bca02fe1c1b8184fdf417e863352b224b7b06267486296ebd4100ad5f1108c78a7056979f5ad6f97794a0460bf371584d9b962034aa7449f4e6b0f925b7a648d4ed7f2442135629b0baee3385882682fde57e5eb9204647a898c566120e4b577ba215ed863f76d5ad9ed19a6b7465952292e7543110eac3dc436a16c85047f3ff10a00c917d5902d296c063c4b173775f2b612e407bce02c8647877abcc07b21b89a60e16ff5c5cdc3708f285d6e411036661e97f628c6c2bef7a6e297f0ea7db2aaceb87d13425e80c28cf095b1dd4e08122e89f58862c6466d79fe7d06e0038a9a1869cba0d1554bffc08b94bf3dc7ec4d108073a4dcb7a6a503b608e777f1ca6b64deec19072052cdab8e7222966170bd35cfa66d3d013c537e723bfa2f634b34edba64ee27ab814bf66c5943e5b7b4d2cbad0550982b2d68ea0633a48f24ef5a59da6e9671717afed4253db66afce693ab08e2b4343d9efd1705802393ba22af5f0e04fc559ddafd78bb1c013b2826cfd77591736cd8a1e079c00f72dc89ee419cf4cc5e867138e35372bb0854df45d2142ce56ea01465d7cf42d3beabbed8602ff568df5d8e53d22bbd897c0aa050165319ba28d6f861a128556e420275562b8a19c0a2112df4490925f52090c6c7ac79b8533936d4020af3ea5d383cc8e4f23cf275194887d42bde7061bc17246a91b735472c4dee6f2d159a4fb2cce10f0727a964658f6d60aa18bd474ce1e88114ce3c2a3acabd74175b82afc6126ed79d8d333ed993e3a0d67afba888c94cb266f906681d9595f2ca21946f32d8f07eb7cfc979cdd56a885e6a5deb1dc54ffbbbac728db4145056cc9b78386f1f17ad16856cc10b04038f0d835a5842584b6a9516a770abd839ade5d379db9889d22d9049dd13010ad612a64128f724f7a6435054e79c10edc4ec4875beed2f8593b7382645625809bbc3591027d53bde8a16be5bb209cd49e71aaa435c923ef3c4d1aefec7111773b0d58b47efabc7a43b93cb7eab287cefe554a5b59e2a746081d0d875919df356504008374ef184be2f7ef7e644bf5535dedf5b969b30dcedcfbecb83173b0cea015efe45630880c303472daf1dc22b384e65078cb0ae21baa4834fcd4b4f7c995b700117e1448d041a71062772bba19fea512ad4e802988c43e6cad0b4b74962e195b355b653acfab53d9f38337e46758c0f8c147335530f8fbb508a889b84d4672e025b0d9adec09fd4e2d62bda0e0c40570d8fcf5487a59380584f7b85a8576985a4423cbdb1503ea4f93d4f3dbb2c384efcac84dd8649e6f09d2ac37e1d8268c3c07db365581c7c3752410909968598b8ea5ea05b68e6013965cc60be6f6b24e493655f5ddd572a84a924803a7df025914f4b57527841928d30c03b09aeee28c8b81860968f53a663f4f56b004e07cc380f5b0b0dad43869faeed5f240ce389a0fb0920073b8d3de611e54d4011f55ba28743a3b51af6293ed1376fcfe3592c877e2d81d14ee882410cf8207476409b5673eb65297155e91cbe089c8c043964063f9b469419bce6e59e0017e0f527d20eab5d9579208df9cc65389ca8fdb3d62618395bb0274b8094799cb4c36632488e79950ac3bd3d982d521614f56df1bd16c1f928481dd4580a796eb7892b3e4a33b748b16f96b1def674c2b70d0315b486a94a979292d635a2ad1fa877927de9355f38a612747fb982bccf12040d9a14a63c34b6f2b3b450a6401d4d0c96a9090ab80d30f7e7af84bade864791455402cbd278427c5a1e84e2e2286c4bf773da614e6705802c130ade8a3a67b309f9db1558372046ec276a34fb50f72c7df40e33f447ab5f0af05eece4e8f654b3c2dad6ea76ef6b694699f4ad8c6fdcbfd8bdc23d0c580631d0c95ac6ae9613dad680939db2ecf9e7a0d4d0f2f2b7f1c1d308cfaccacc2381e97bb278a53b14daf686c0541e56264c33d5176b830ac7d13c28edb2d8e77d7acbced061c4ec315cb1a259966ad997c7c7beae44d4d1b6955842d7fbba0bb0c461bb22db3e15f0fc1cd3fd997dac5e6a4bff6e2eb8310d828f15309b2c8feaa21281963d35ab2d5c099beb806cd384d304449c58d89910105df11225fb893e984734a8e5cba2e553f03ebd5ce4cae24826547df81db3f2bd7d930f785755c8b6311f221da59679ce50479adef1cc5dac984a5d2f9343fe4892b2b5640892892cfd50d0015c1f568792d8919943a578b62585081175237444d9542a2241c967bcfbc3dab4e8961ecad89165eaada2d759e844be5021aed42b971e9ffea8c08a3d6e4073ce4226b4e54b83f3d8ccd207a0cfcf9da7b5e55d1a26a90e03f7c3611c6562b65edb42fe110dc3970b44aa36660d1cdbc882495271f80816350b945aedb0d46ca6d160d5f0096e8263325e257dbb574932e32f1b28ce2b7f5b3ee6ccec64085496bb513ec168b53d79e6ecb72622a70b22e1f9116fa48815709b2080b27b31a6b26dde0701cd74c31b4e33a702f051ae07ad54ce23ae33e6060e5451a4171cc930af2ab70862044c5a0ff9e8aeebd3cc41c62d38e7b79596d3851430dd661b071c319751985d48eeea2afb463d7d9390ed4e68a60f90ad80aeca4b8d283ae0538e590668c857a526a264be238641eeb5f321248d829539efccf03dcefa54c6def8b7d4a8cdf6bc76d71eefaca1a7a33bd4b56e94b8e38f784b742bdd080faca4769e1aa91ff50d9374f3632cb7b66a0042beb802c6cedff0a3634aec072f57d38a6ea61439029ba5d921f57bfbc281d75f5ec322b8f8c90b4d3f65d00ef97dcffe7e07fa01af8e7f8da15532f0c18b73d7a183327aea46680651645782f4f318c00f2355c301fe2e805a22f8586119768b8424735f5495607d170f0818be232cec1d9e40daf79bcd63a26cbead93753b7171bcad462da2af68e9ea9c0b207200f1fcf3793283931603a719e745120273efb541a7af896f6eea7359939d7226896c8023cc963e4e0a7579bc83a37cb8d871324bb3e66b671d8df83d645495740c5b99aaf2edda3018e1895dda6744b1e6623cb62d4b80ac208f69a81caa0277a497e41bf637817518cbe0fcd2028d07be199a126f82641f2fd54e6b20287b912ee8d8dd72db5824ca9e464a94d45beda7f52932d1bb57a28a4e99ac32ea4c3650197613a87e4cec91d82f37069fde871575d3cb2220aaad9277511271a86377da5f2a9f94303e7151acb087ca549fd0cb9b1961954ddb28333a24b510b92cddc057ec5a147ccdd708a2db3c8cb3600756100b38b71f0676f6fc5a7f5912b5e81bf6d2b07e15fb5b1c96459110ceb22ba4f2fb0e531dcaa913a13437cc6276c8b4e1bdbc5365144c7abd2e2a6c93ef102e26b14e576ada244408d9db50aab045f9879bf95425eaa7b11d77e0dc503851c5c278c282aa736103adf5ca2b30724bde27f98e4e7a947f964b7abfe58a3da354e3008a2b86d50223d3077e151ce2e086172002eab7279ac1948361e172073184401d5650181547f1bacc1534f9ab2ad66fd9d200d867de79a92e465dda8d781b15881acc9bfdc53815f3fc3f064c830db3908cdb173e3e1295ea7dca280273ca99073d5663003f14c4f7ac9ef9bc735b2a413daaa7d97101553f90a0d33b043d1f2b0f131d35c9244808bb4b76213ff5c418053a569d760498518d701aae39cfbd7a052b586c53617dfaad1415c1cafbb41640d1650be9297dd42c803d8bfd443916310bb80a74c991cc26331ab70c0c4bc4f2295f069787f6759878e42ffbc76b34493f71d88a109b0813ebfcd24953b2b5f1f5164d9974bab7ed1f4d42f62b8379912dd7e9f35a19951e4d57b0c70fe516cd2059c4ef879d9f9b1191d5bb51b852d3e9462e4528b9c1f7c676e6039d1deb00442a482e297b08a67c79bb818d0316072d8174885de3413ae0505232100f217e424e0106811902d60ecc0e0aaca7c5f00f4f365e1360f10aa645b9215c93668a08be97cacd6b0f9c80ead76478846d12e8f24a53bfab01628afd199b2db332d38d5009d7a1437f0f5b2a0d36b5c98f3a35e5043ffd55bac325d3927888fa5d0e3569d9be002205b501b3e68d661515bb9eac9d4f234e22e4e5bd0b4c4530933aadd99f132794ce48e9a3220d2c17748c012fc5fd93d265cebb3edc3be29a1ba26f2adcf510663c28d29e28774c4ec1190fbfbf614aa8e2745f8605f7d7e94fdd06322454a08833f1a22c77deedb1337e380a8e18f85168e045d1e7cf32fda1a709d3eddf62909a9e580ed8abd605e07dbab79b5bcc2f4533e6fec589b976816471b1f11ac3c89336c52e03b72520995d05275024e9988727f2e1ac9421ccaaa0b736e9f7f296c2d27cbd774d7179f9c6921df68985998034862c15adc452666deb40c0c40cedf16f4d187524a0a5cdff6f7b2531eda54fbe15a7ad1aea46466a51642326c5d7d374fb38475d119027a3714598fe7307de94bece2741b7a742b053682dae9452eed3b820b1386b604fa647e392b35b205019cf1ad317d1441cbee2aea5ca95e56fd5e959689bf96c9f470acb8e4e630b13403e9459242b629fa28e1ba8e8df1ed572b1db735a20ee1a5b8500b6edf66cbe671c5938741ab2b36ccd4e92160f6df9e1d465cdaf3a7746e128e26e0e7a7aa4869b2a482c6e9bf7e58408411016740c547129e4f11d2317af3c5bb55b2468e6d08e75e5039c3bfdc9b6da06e7c27933a8c9d8ad0e4c74a093e6d57c02b1b49e995962c1046b5c8a3df0ea4c20049e300cbe41bd92a0ea5993ef6fd92ea74e28e1cfaf4a8533c224104d6081b64ae08b4e7a23a259b2b03655b987c23687c6e279bab469a3e0881a30620910566982945f8f86229fd614ca2bb2adcbdd49a5c579c0d1bbdefb9e33cd0641bb43f6ca3fab33dc4188e1508e4293e6de932040b895a97bc1f196467ad4a0d4899e6078c014f42521cf39411e2e4f1b5adc26f1f3bb2fcd27b89ac418c8251423de82c4b5980a4e66649b9f3ec48c833c35f8653ca510a0a1b0495619a60bf5d77e64a6938714c3a1946b3fa5079533698bb8f8f85bea8711ccda5cf01de150b055d3586a890d0654d2b4cfba25c434e2ff492b69798aa197dffbfe2bba77d4b4eea35c42e698221e971a4bca34e59c46084f49c2170b83db6719324ecb55e07a9cf74a84ee0fc3567fa5cd2f3937ad956b4ed2187e2026b7d4166d50fd9c937fb4dd5aa96f2731f1db1dda4eac4e589295ffe9b72a7b9533f6e23c82b57c8361c8cb3b15128235f65c84b99d93383b7398e936884542d0e73bdf37cadfb6c70da47af3c5a3cde0d8e381cdf9ec1a39d2fc963f0d8ee31b76d9668c0171967cb9ef2f15d5bbdbd1058328da7a60bbc7d77efed2de74a2ed5637a8a84e1163325dd22b584b15fe894c9b1ce89d24619a344a8987f6d21b7de7ccf6fad223134e1c389a8e6baa375dd142baf4a8852e984eb6c281cf86e2457a7f85782c7764564af26d331d3ddf4850d24742ef449cd5e32f5957d2ee10e05e7d3312215e4d36ac5c8c4bae3340f074f88a20e18b270b3baf05de1b0363f4c6f2ab9386d6034e8567e4828ad256cd250448c70147c318a621697be402c1e8365d2798084f968a8897242ff6756c2937e4d13", 0x2000, &(0x7f0000006b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002700)={0x90, 0x0, 0x0, {0x6, 0x3, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3000000, 0x100, 0x4000, 0x0, r6}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000002180)='./file0/file0\x00', 0x40)
syz_fuse_handle_req(r4, &(0x7f0000004940)="9630161a5b9d0224ffbfe13a02b1879f4692e3f2901af098850ccf9f773fa990aba220517cb287d8ceaf90bf40236c14ced6b8233429c5dad591e6cf05ed584bd6f8db7cc97731b88de58959d6022d59a2d3ab8e121e53f165367bf7d340e4485e35fc3a5757447b2820df0417f4f45944f65f2e2a24538638b33fe0ff47b70eee991b11006a8fa9f8067436f65c73e51fd2c94d26e6a2c2a4ede58baa3c65ded1547fe674e81ed6bc515d41a5ddf531d59f6b81f9accd2892fa693ee5caf7c9f849571d59784e17a23b97cdbb01f9b370f70ddda76387e9151f1822bd0c07232ec4fbb5636c857235d8bedb71c86538801e27c6989814c70ce6a29b08520804ea95895bd393485db7c934b842f2f5bd8bae10c51ee3f880265e161cf154b282a258486dcea810741ff1ad101a59ebfc56d246c45fd6e72bab63eaf900820b197d219bb41b25dea1a128afa6852d81b83b03239e4fff21bff672775be83bfd63fad9bd5a821c7154a3a83014e94e5828e7b07dada1e2ef6cbd80bff8a9f13fd10589046349eb4a7d0365c6a48359e3bdd349ad370e06054862f3d8a26fb423fde46a774a4b452f40a83db2e194d0d3d2bad9b3beea5356f78264ba84ac450bfa626bdabc822babe47aac5d78cbde47d72c531c02c6ed5c2ac1f5674ddebe2600727ea9c76c1d9019e7b2a2c59f69629fb92a2b8cd27b2f7c49a25515f582044d0678f48b7c0f5f5b118b76fc4ca9932b6adbd0c0dd3abc13ea96b9b6f578879bd543c6c47783e7caf8ddfc8a3ead0dee12684b8b762f954362e36f699bab2448001519677df4393d23b10866a1c0d9d2a10940cdb4d5bf969f157fe4ad39c217e8521e7f3b5224207fd8ad790c6fda43f6decb4d7472b4f6617248a85493de04ca0701f95f28bbbd1b4e40001c16050ea7bead398d0ec5200ee935cc92dca5b9b6aec676ae40be922eec4caea59d0dc6d190f88a689f3694772435852178183108b6140a162fcf7e186168d179a09e50f0c29a05e0d6b2e498b98d5dbf83ec367147641c6c56965530352c5ea952a345d33bcbd0ae0fe03507cc3d4c01054734f439109f74f151ebcea6e4fbf3eab3daed71faee384a38f2557ac95cc644738b74c1f92a392b525e4e826474b7ee2cf793e2216d27fe6cfde911ffb99745d03cb30d1daef7fba2ca1b21bee13100e4a46628dcb1ff91bc4523c54d10b9aac5c4682b651360fc337760d4cec1d6a2f74dc6f9183d6334d24a7f95f49ecebef17d9b3e4b99f684e7d4e70e836202408f35d611cb61d04754672106474182272f832f4373c85e6bb06749be90bbfa1395e0bcda4c1576cfffb405a54734e9a201089f8eea7aa7d9f3d93da8391ed47aa1ffe28564b6ed069b8cffd75911c3b872a4d9f426e3f02b54b5495f5e11b6a241bf7f1e7e7223729ef94809d79c12cd4f88af4a851716dd508873b9add21cd4d7020ea8f8fbf3cae8d34f882a9040ffe41645c72e7c19e32eb29fb2f3953b0e1c9fdf91c4bf1795561354b5cf4332ddee9f753daa8e8bb81853af8bd69e23fae58966de9af0292777eb6c7136b463364deb1d5bb359c15feccdd09ac19aba4dd530a038ec424e1d0f1e0d198ac33a5e3ecc918cbd8fc04bfecb277b20334bdbad03e6e6cac1c98bc74ab857781e0e2688904bf0784855098477182a6de9015cfad18d7010279e1e02507cc9a33df5bc2b7d32da5987689af07f8cb21f53a3c4e5f7e66bdb5eed5cd0554c85508eb1b27e6b07e47fc3dea8c4b7da3fd77528c9c71962862eb3f1b64c639e7f2bf0ee5c5cf76d46952db3e104cde595b77d3920932018a8d5eeb64d72c7ada83ecf4b3506dfb922b30e2ac2490034b85aa431df4fd5d8dfcc0e53cbc7c76c2d0fb21828448de644ad3115aeea874980147895d623c1db410e589d6bed1f1fedd8d7a36a2ed9c3777e0fe17a134591506c2a9e17113b5d1749eba3fa5241489af787de2dd84af19962256ea17b5ea0718e41b16756d2aeb3fae48e2c48e8dd2635b8791c1760110495c1bc6c56e26b7739aa1ef2caefb828a178da124fa83c663a2793c72062fdf3847123d19563244b8b7ae0ec0af1764a17bdbb3be470148150ee12954280363105d1e2d530b764cfe852ce41e7557dd2454f0a330fe5be22805a9d574df75cd64f8c1fa21d95212e3a2603833d18d2ba5c0bfdb29609722ccaa11f3a2933af02237cc7aa27af6fe6c71249ec34e9641dd9a014c64f49d88eca1d5ca38328caffc2bd3aa7811126cb3ec65559e8c4ac65b7d1a3b4a73390211c2645e45fd20c61592435edf460d8cdc0f4ac7a6d3c82bb7272daca4e63cebce1ad29832e57028b9463ced2adf1f43b2f3396faccb8dbb6597abac5b5cf136fb4c11fa006cc0f5841859da680f874b3c558b25ea57e3fabf4bfe93457c354a22b9de16cdde84a6c8163d8c6df2042fe00f57469f7c19be936d28e33efa37dae0ec5d81eb89c7d33dad808ba070ceb34b59ccabf99286700f2cf5daa1fe90fdceef67856d23345f51b9b598eaa280f2b0c82b69729da676dfdedaa22f29a5ec56c30e22f0070f32c41c4a5ed3123bc92806d6604320f9e8a6010d897007335c07479c5c8583ccde3e0b849d97d2a88b004f2e724bde6aff8b3b473860a209052bb2d22b151560a41926ab2a7818cc8489e5647d905777ae14f0f71a7b5a109179c0b2ab35a265f35ca9d3423cb831b2860138c79580636cf9ae72f96991a1f04ee485bda88b3fc89e76f28a54cff5027e74a984261e10d1db1dff08ac5a0e64c8b68c3e03869f5bdbad639fc7ae913c1cccab4f2a83a009357255d2a0828ba3a86de224db4e95afe0ea4740a9190150bf0c02c2ff0674f7818680450a2e43321ec2eb8e21faa2cfdc2af3bb38d8a6048870de943458b5be76ef5ada936e78f4a529f49d7fa26cdebde21bf408516e5e93f4c1ced2077ba0be9fd008a5d46a50d819303a9856941a35c43e5094f65431e1343bbad1dd50e1333ebeb59bf3b4d090aa24a341b19bcfe85d356901c2c4fcb78bfb060ca2310664c8f1d49b1f4b992eabd91710cb5799d5e17ba98572587d02ae5f85f9cbf4438d5de63846ca412e645bdb710a22206f98cd48fb0a7c0e55dca44a1439e3418b35a8a23cfd8dd206c4e2d2ef7146e426741e6cde4eb9e6da64137e3311dba24682f94a1885f48a6f56ef64de249abc695f626f70a1cfc64ea6d1cd9ef05909fb378c96a2adaa5ffcacd0f6032fb00c091fdb50e85491697f87a9f8d5e605f5521bcabe49276e12c8ce5687ac72c90f7dd4b46bc8dc979e58f40c7094198950f04be6d54afe303c5f4af176bd48a9eaa95e3f1b80797497b5aa94b529cd1ed693472b9ed05f25e4131148c9a8de063ca2aae8d7a9582cf67598cc139730e8387b9ec2ff5492a7bf1bbfb5beeb1d0be4f522bf27d4f6c6e873a0050c2c380aa3fdaae36afba0c8de6fc49efad509b6aa324f01fb8e1aff55416d82ce174f6511bb9ae005b9ad03812a18bedf5f29aa875ab1d0d32a55ca025bec39606346e8f4f9276b38e8286f4b609b26bea3d577defee0664b86c0b7b700708fb6fa6e9807a607c25bc91243b005232c8f661a202198622a06eb6292acde7146551c214091d7170ee3fd4252f6322603e80c6c7551c10f7f6a85e7c8aa2f9569a5a22022d234f02a870c4b584b36c6e6214bd2af3931ea93377e63ff80eb5b4dc465b3cd917c3fde8425aecca6b6888622d7247feea2ce3ad6c7a9053a7c93ffdd0df193b4b39205c36b17c1119baf9d599349adc6e66dbab707b5f1065300817490f298bca38502b7cdb95117b08cd03f9472dc24d9c1e9440fe1f50abf940049dcb25a97dd610db78771dfcff5eb82360fd8eb34fa08c049077c61f038b603b4dc016aa0fc23b3a56e49a16330f7c540712e9e82dada9304ce6a80ec5e0efaaca87fc9bb5c5cd6ae925111d61b6c5c00b11c9f07907350cd664510a99cb97d40c9596bbb574104670469449971b15435c663057705f583ed32b7292d5a45a446f9d80ecbe4ca4987e07a6237f10efa47ca4cdc8c21a76fab38dc1196f218848521a4dc9a60ce7135d518b3fc2dbc4150f425cfc6b14780b6d8b7183c2e60716c08dd19c1fa6d7c840e35cbddf8c31b9c4fc6f1019967fdce9002b62a05a81021632caaae02dd32f5b537e2404144873ecd3aed320ae2a08321325106c24531fa0cb3596f6c0560c9a325d6181c086da927d2ef0d42c648a71fa4684568b20f2976f80156d3bd0824ebbf2b8dbffe74fed1d7e65fc3ab4b889c352215033603e1888bc29c3dce458eb58738e0a0fd09dfa65f19fc0a6e4854b981a653439e2a7340263e4a9270890a6a69c64ab24b98dc6a63e0c66d38243ebcde7ba085ab21b77caf680e9e713e6c15a20299c87104582c71b70dac4b05d058a82172a880c5e4a662448283f40328cd7c8c26ca1e97faaf41c6750c9ac56ca877c5827d64016d8234b796edb03b8e092bad5a6232488dc88e3eead179d7f26bd6dfeb635268cdbc72993601b3ef0a19e85dece0fbc96c041255ec889604b169b4c8ddab9f08fcf28acc5971d966c631edd9179f5868192e7ca1fc2da6dc3872a86052ac0bd56b9abb97a29f4889b3cee0b603e4f61b926314cef7b48e740fdaecc57e9e317305f16a8489e4c6531941fd5cd2a1d365a86454a0ac6e17124570aa81e874a146d681f0f6f76d1825dfc69951ac4ed5d43a4c2b6b284362c99076dc69ff00c60064ddd504dcfa10ed82786e31aca85aeb92e61b3242e92185fcd6968e6098c31dbcc7f63d036a82e9a8217a8e3cdef48187013569e505e4b1697dde1618e0376f61440b0d2dc610f1d9c5ed013743c199d7d087bbcd9c61ad7e35325907a016794265d74a23a52b01b87cde0ed0fa5d9a330a88fecadd616f17d63b8f40056570fb00e0bcc6aaf9dbe9da1da0f699fce00d22b2518da0f2904f8d4a2a077810b470e6484e9c69aa2aea6e3e765915b7a825329bcd210a8d1719b6750acbac05278ebf0db2c1c4f7842947cd3d06c315603030deac8f6c8549845ba3041f27d3dd726bbdb40ca1cee0b57b46b2ade0d25a7eb970fe49bdb5bf35742eeeba5e4dff4b324d823ee54b97a55fa25a19ed75b4d24cc424d88835a989c79a7334d2ac3c641ea8a760013eb03b840f772f5d9292c40be1f24771a2d7a329c7cdc1db0967d1ad3f800c558eef1bd33428c8647903c9c534d16a65ea4fbea8318d96d26579167748964a3ecaddb31047cc1188a46ea5b41cd4e66ebafb6a609e40a761b03240a55f1b82bed09a2c945262496e9d60203cd755b951606674519fa02e6aab5a6231da493f4ddc70997b3aa49c39c09e7cff2523100631ac86b13e29d9bb8e855497cbd1cee4f98731020451ebc775612b9114ea4b67d9a8edee109ad895dc1252cb0d281e68d35b8b7234ba93679fecfbef0db9e1b38df7536deb996eb9c64df52a51138d9237697e163a32c3b069d0626ff13536cd595b62821510e85b607bb64cd15e19aeeb5efb87147d15184854a0b8cf550587237420d615f7fbd0a47924b502d96f5f9782ae4c8b640ca7bf33b40d0857c37f2f1f65e84d33299e64ede19eda11cb8b537cb81ce9ee25e1ce085f21b98b7f7bb4c7a4499ea854d49651369bf1204f6958531cd4eedb1fabf33743860f341167604a080aba7b4280ce0eb42b39f51bca533a2c5162c6f3e004733af9fda7e590eb5ab5dbd43244b2b302f4543948d83b17fa1964b01f143755c18fed9686af3054115d7c815467514860721c4ddb954543b3730b9f0724c585d935051c8ac910f922e8c5ac3c32a42c00d3342d9a139bde685581d434bf2661fb7080f7822e1aa9511fe32105ded8e7e89f7022c30a2e5182932fcf2bd40dbb90bc84f960caaef87fba9e8b2394f8e5bab05e7cdc06d467d8ff7798c3e8de2b133295b34c87150edcf6dd2b45c25a96fa66018f474d1f06d46f083257209f53473aa5c3a29a0124dd3452902eb0d22e322707d9199cbe2be04ba3c0cdf5f7776a6d289e3891e2410b8ce492b0b61913c4e473060b99a0567c1d4c2372efbb8497c3e90ca45b060a01e26deef9a959591afa738037d6a06e9e7afd97e5baf91158c701292fb78326725ab7a56770d4799666df0919458fda70a5bfdedab2f4b168ad4961f72cf5abb80502bbbd61c02fe81b1f5e4bc8a58192ae137a4875f34298f008673da05538652993bbbde04dabb6934c62c6771791ea5324450ccd443a1389a46a6e3ad3c74f70a3ca97b1a0201e5bb9bd07c9ae0a73f1ff592e9b24e5e199ce086e8f84cbcb36db10f78dbf1c104d93b930dece7e8cf3310fff062c2b095a5736b614a66a796674292aa2811b09940bf3ed518560105448cfb536f936ceeae66ceea0b0325cc661abbcaeaa709c1f7ff1fd883974ef480848af58655cc7c1fcdad97ab8bfbc645a7f5d1144a97636adfac82fae72b22ecc4c14eb6761b84ca40f0fa39b7812e80995fcca514a57f4b82168991fe643474992c513641bbd1c76031a80a5c9e27b503b115b71036593e74e8db1803fc81967d9af9d76335ae208b743eca400476e7245befb28f636ed39513f78c84f51c9e9b2cfe5360f2ba439d311f6cb28ff56e478ac6e05b4bc2fc77fffa37e874a4b0fbaef5d4779551378448618c2c0e3499e3b8bd2b725c925c7682bfa6dfd215d1b1fd02defba9ca13515e75b881f8e701436dec7ee14ca798d1a40e466290da925affd386e11c79e8d7cce8c49f51abeef7c54ae2cb3e71d67c263b3188921c45f25849ad9bdb321c2cc891287066bcc635e1af9ff5fc2c9414417e8818d2ec4a6b19ffc649bd41bfa4094c9548bb714ceeafcf7099988c025cd9bbddf7bb3b6a8d79bf431bbb77092e0c35ada2b6327e9fa48ee2738f0202271acbad721e72eaed31adce018c75e908b9983cb92223608618308f6912dde62309de45b427b35066800a81c81bd48166918b2af3aaa196f5123945edc760aad431891d13bdeaf35bf2ba11f6e51f591ceacf54f269c5d06bd2cbf7d3f947471b40d3baa657ef6b3e6a17f155025c18d05187132c326b508c9001dc9964dd903fb9cfeed7262b2c521042301f19e6ee3eb4514bba5a9a163bd51ad587c7d814b85366c86bde70a080e0789840e5db525c641f87ed3c00cd556a333b6f9fb46eb03ab47811409accc52544724f8ba2a000758be52faf3a2edd16411076e2fd01fe7a21a2964efffd47421f62dc8847f2d146e4be02c42156265763674dddb37729068fccfc9737b708952ae3afefaecfafbfc557a9396419dfbe46f76664f654958bb48067db0ee721d4cfa6abeddd1dd71e4296c6e2a84db032251f2648665798ef228a8e281e3ac346497b00bf8ec1dc7d3be6bb3b72eda571aaca484f239341f702d2507300436a65a92e2d8119d2bb5a0b14be1d3e13c62d1da755c3d6f22bc7dd0c0949d0067c8be362cf54a87ac25f25827dcd9472b618f09d7be2165eed38ec3ac05f0a96c531aa926bd9ff5c5d1ae093d69f7754593e0bebf5d34151d41c0bff59020db1ca58482ee43ab206cc25f33671f842dd3ab2a325bef72374440fbbee750941942eb09c232defcad4cee63ec0f4423df7c39124eba14e5fc3190c776d511e0a14ae6f05fe427ffadf3fba2f0033b85e6c98b83420e0db84c2112e48de299583cf33df848fb4a7249b5ee220fd3bd927fd97f045693f37f039f693fb3951024c36c7707641da9e529463ce9dc540c0a6bede5129bd0a03c1b6dba72bae052e25601f5240ab57bd392b4dda33bbf474d4865b9af412410a673cdc9a9fc03b726da494d0aee6c22a453c83b7f2d0b6aae0c519b6d1d12930fe7dac4b7c394068c0f065712ae7829b3b3248bc8cdea4852f766890287d8bb2201a9d31d586eac60bb5be703060ee52eb12a25c2f3831c5529a42cc34e293c2cbf1bf9c14ca5d9c2594ee7de2c33fa5e56229965a7648101f7d6a488524eb0504832834afaa9f65e2bed83c2a65d07ca0bc28399465a952ec5f7ee2ab749ef7eeaa19f4324041ce852492dc2a84ac827b85389c13778d63c360e674effb72b2a922157f84b64c3ad66e40b75222f2862ac17fda52fdfe7358728e2bd7c31e8e157b9bf39b9a5c7877af530935d8adb9d37176a1fed4e76948051f654aa60f4e12ceb7025a9b97035bf55b2b419fff1e273f5b1e3065a2e4c01ed7baf0d52f2981de2ca54180f8d5e4a30c6331d190b8f1dafae8323875b25665610f3c7337a62e7c2a4b8fdd52a4c899db11bf55fea485dc75a84594a328dad1e3dc188524c44416da7f68398102cccf25252e04363b3d8d51e51f9297f20fdcaddf1b5ea55503d39a15d11ad553a6e5ae14dbf1fdea61629e08c7864a17b93bfce3271f3912cd75d83338ee67b704b7b7c7118fae51fdbbd00d2aa33983abbfd63602e87bd0f6c095f48b8880cef7f21183981deb3d877709544079f889329a0065a2f370514a44cdf747a31c088706e2932a1a43186d5535caf4cf52bae50f67882915b3317ce49fbe7f28696a397be4a3f5ff4e34e971b0d7009575be01f3e6a09480d7f0571dd256588267ee1a888e4efbcb7481bee5adc96a82409f94c3f435203cd5526ecd82259638679a1375b8a2bb943170d17c575e068451262b2434cf23015f66e161771468800711cd6ea292c3dbaf6a00c7cdcc501fe361c7e686f7f7583434b9e9d9cd1e5ffa58e2744dd8c69df9e1884c8f26f375a004c90e75d79166a41e05fe93738fb24c55cd77ac2c441571242570d1086b6ab4ba514684eca9a5527942bd57e5d788405e189a3cb9f9418d60321f57ef6ad498a04b613a97a78322efc0afabb8ffe0dedb470af62acb7370110d727d625cf1f6096706e98d07c81132c3874a670b359dd7de77ec910cd6972fb7b481b2360c8c2dcb1ff0d49f67b1f756fff0358e4cd04b2d41aa39c2860701b1d7f7255456f6bf61a8b366121a598afc5ad94963c7fab84ee8cd2a0ecdf5a8c3e56e81f97da1afa032da0248cbe2433f887eb1f99d88ad1c864f766f232086a53c80a7790b65c72fa5289267f20431492c6c0f4c48f4c805d449b8c88711250fb3d10b06931250bd44848a4cfe44275eb2971f04461a689ea420352c8f0b29fb7aa7d80732db2627b054c4b269d9b53bffef3941ed6c808a776cb2f0dfe18f0694a276776f7a4f3ac57957179f979133cc34290a40273f85fa761688a56d84525eb8733f49f7971744eefd4a04863d86e5a6b651c4a8fac01fcdfa1db6190fed9494750b44b84997b4adee7a87a68df04ca80c3bb7db841fdca288f18aa4396e5f5431ae87d602e52da64d2c33d851467fce3fc8705e7ec6443cdd815533c6df3124cd18b681e0c7b570f73fc2ff728c62a3eda963e8db2b84d6d00196ffccb4f0607e466e1c89a00227e3f7461377a47893d82ae1fa7f4fbef3245ddb73c317f6f6d7918de7888cfa0a69f59eda80f391d967446d2e25c575e7401e7d6f16a3b5109da3556c458dd37443368cf6ed8b728e10590e44a895c942179f61d3da7d09cc3f58254f3467106e630b24149a78df62c1d672c75dc4889e40f510801fddc3f3289fab44f04efbd1077c2cc37283e5d247268b9fc40fc4703213bc28abad57ee1220057ef940440c769f6f305ccc45796cfd4ba3d0e3d46da72f08e8d9ad483c13e0d35727e55a74490b147a65e81a1853118c621d0cbc5872c19c44e5c3c3e12b30bf7ac684afd144a59388f64e2a992f02b68e6058b4477dcdd6f2b6260e15dafa3591b4fa1b597537b38e55cca526eecb16ba8acb4b3bea6afe48c54f9b9de72e20a05b280325053eb666701df03f599f8c46367059241837eb469d656112d3e5e61cce57a0772f0b01c1af9f22660a3b2c0289ccdc4ae36756139c290b19081bbed6734dbd5caa09a4931d07e91819884ded5508b0c937ea1d4a234d49eb6855e8c284a14913ea3e3938dfd174e3f86eb914e3946e30fe978856beec2abdd97a01b2c6746389229cec7264ab9d912fff8c860871acf7fd5680fe37f06fbcf1db779bde965c2b8547c79a1ca6e17147530713dd215c70fcee7999ccc3a18e579d09237a61fbb9a37647dacbcb697932efd8b93ae652aaeffabfa2758be39fa574bbff251406a2c2057464e203cf1b5091d6b9b1919da44bffdcedfcb520d7d475a119a0b87298681e424f8e441edb66588c9e679f64e0a65b717d46a242be5810206c0dece15063db365dd300094fbc37cdc147532e7079c60acd769fffa1ac7998b5a38bf4c0412a7bceb714bce443e9153e263240e2ba867d68ab13fdc1aaa670d67a4f131abed5c59d3db527b130d6830d88fa88893268ae4fdc94e112874ddbffa1b708b2668a8e75e1307b3a16e8bea94890b77a29846fc7ef6d77dde9544fc0ed19df0f03216a1b771752309263a3d45f66359c2195c8e677df9a0a10f298f761d8f364ed29b2eb1cb195e9b4e33ccd333fd22dcc5f9ff38822b97b9a386ed2f97ff2c9495e2b1b6fbb054f9cf0178ce3f982add1cbed4d122a40e3fb24e8fe9f0c05e6af607a41d617cd74e961d8bf265c11e459056228125226490b25d252231671a88639e368cc703b71c10e9e80c5c2335e1e3acded84e115e34af2c882bc63ada3a82d54609a1cc5ed6cc3332381eec7df2a3f73401d53b2a312648a71662957462071eced869c53576036eca646d3742c51a91c62039fc8fa9616f352652972b89433295deefefaec4eb35064cc7d01ec19bd9e2a9eed4a8356d4bf32f706ed6184ce188dced98590653742a4c99de317fa206c8e68c102bb857a252876a8791fdb5bcda7b7ebc39278c9067c8cd009f1fb757f71d7476e6f63b596034296c8f5c9b9d1039e25b4e97b26be7743a577ef1fca5d620cde77f62b148cf6223f2507f599650af4f49b87360337c620fc7c02d528f9460577a62511f28553212116b45aa1e02ef37ccc5939e3de0d3975c060a345dc59f4af0fe0e67c0dc495cb64f564929fb0f054fd667420ac7a135907f8a3841b5115bbf39a630dddd4dbf3872ffd6c8e02843c2e19fb9f03f111cb0afea192ef328fc85aab6881a3fa922824d8078707f0630cee853164d83ba69399ec7f9e019ffdee9fa765e769f4f0c03d4316948b563f5bd18e6d6b12e56538e8a7e70136c3a0cc9b3037d50dbcf3dcb7a2edbfbeaa448f7233910987ae22ff31ab888aabaa3b99fe4adf54c9a73395826f7c8aeb61a153818557225fde94fa11f1793981c17015029e3dcbe7ab9123b57b118ae5d4795e0f0959cfe8ec5c57dc479dbd7fdcea8efeac7acefb999f13606a2b881415f79b605a084ec0b892f34fe313fa946851adf86691a7b6d88c2b3f0abfce604b14f9ffabd1fe09f0be187836c051e0b1da3137f98a5d1e4c861940b7581dc6f168e32fddfc3bcc0331ecd8e1346094a154ab863a3fcef226088373903785fbbba2cb391cb9060268bcc6874212d5748bd278f03877fae7949e5337421ad3ff9bbcc3db0c6b990aeae2b79f688289d4a9a9f2ffe4f2f8", 0x2000, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={0x90, 0x0, 0x100000000077e1, {0x6, 0x3, 0x80000001, 0x5, 0x5, 0x4, {0x4000002, 0x104000000000002, 0x8800000000000000, 0x0, 0xfffffffffffffc00, 0x2, 0x4, 0x9, 0x3, 0x4000, 0x0, r7, r8, 0x1, 0x3}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
pivot_root(&(0x7f0000002140)='./file0\x00', &(0x7f00000021c0)='./file0/file0\x00')
r9 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
socket(0x2, 0x80805, 0x0)
r10 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r10, 0xc018643a, &(0x7f0000000240)={0x40000000, 0x1, 0xa})

7.481382954s ago: executing program 2 (id=1013):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

7.428220036s ago: executing program 4 (id=1014):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000040)={0x2, 0x0, [{0x80000001, 0x8, 0x6, 0x1, 0x7, 0x4, 0x9}, {0xd, 0x8001, 0x5, 0xfffffffb, 0xbc, 0xbf, 0xffff}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) (async)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) (async)
ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94}) (async)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x4e22, 0x0, @local, 0x5}}, 0x0, 0x0, 0x47, 0x0, "7ed3fdb051d450a1c3f037f4d26048786098530884e40117248a823d811ddbd8176043ded2ec6ce65092e2d9050cd778ff1d750d284d9090a05d977bb0f48a1762f12c260d0e3a752cc1f6593ac571d5"}, 0xd8) (async)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

7.189833025s ago: executing program 4 (id=1015):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000140)={0x1, 0x0, [{0x40000001, 0xfffff4b4, 0x2, 0x2, 0x3, 0x80000001, 0x9}]})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x100, r5, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2}])
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYRES32=r3, @ANYRES32=r6], 0x30}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x81, 0x3}, 0x10)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r9, &(0x7f0000000080), 0x5005)
ptrace(0x10, r9)
ptrace$cont(0x20, r9, 0x1000000fffffffe, 0xfffffffffffffffe)
bind$tipc(r0, 0x0, 0x0)

6.721000754s ago: executing program 1 (id=1016):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000001340)={{0x0, 0x4, 0x2, 0x5, 'syz0\x00'}, 0x3, 0x0, 0x8, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
r1 = getpid()
r2 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
prlimit64(r1, 0x9, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x0, 0x2)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x0, 0x0, [0x1, 0x7, 0x0, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]})
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_io_uring_setup(0x1370, &(0x7f00000000c0)={0x0, 0x49fa, 0x10, 0x0, 0x4e}, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x14, 0x2004, @fd_index=0x5, 0x2, &(0x7f0000000a40)=[{&(0x7f0000000240)=""/42, 0x2a}, {&(0x7f0000000440)=""/211, 0xd3}, {&(0x7f0000000540)=""/180, 0xb4}, {&(0x7f0000000380)=""/120, 0x78}, {&(0x7f0000000600)=""/116, 0x74}, {&(0x7f0000000680)=""/92, 0x5c}, {&(0x7f0000000b00)=""/208, 0xd0}, {&(0x7f00000002c0)=""/25, 0x19}, {&(0x7f0000000800)=""/201, 0xc9}, {&(0x7f0000000700)=""/118, 0x76}], 0xa, 0x3, 0x1})
io_uring_enter(r8, 0x400047f6, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f0000000040)={0x9, {0xa15c, 0x404, 0x7, 0xffffffff}})
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4)
syz_io_uring_setup(0x1f84, &(0x7f0000000080)={0x0, 0xa00b, 0x80, 0x0, 0x325}, &(0x7f00000001c0), &(0x7f0000000200))

6.325108775s ago: executing program 4 (id=1017):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)

6.13770386s ago: executing program 4 (id=1018):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x2, @mcast2, 0x80000000}, 0xfffffffffffffe9f)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x3)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x3, 0x6}}]}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {0xf, 0xa}, {0xffe0, 0xa}, {0xfff3, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x84002, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x7a, 0xdd, 0x15, 0x20, 0x545, 0x8080, 0x301, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa1, 0xc3, 0x85}}]}}]}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

5.576217184s ago: executing program 1 (id=1019):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000015c0)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0xa, 0xa}}, [@TCA_RATE={0x6, 0x5, {0xff, 0x5}}, @filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x850, 0xa, 0x0, 0x1, [@TCA_POLICE_RESULT={0x8, 0x5, 0x80}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1e0, 0x54, 0x0, 0x3, 0x47e, 0x9, 0x3, 0x8, 0x10, 0x7, 0x0, 0x0, 0x7, 0x40, 0xb083, 0x7, 0x3, 0xd0000000, 0x15, 0x1, 0x5, 0xe0000000, 0xe, 0x2e82, 0x2, 0x9, 0x1, 0x2, 0x6, 0x3, 0x2, 0x5, 0x7fff, 0x6, 0x8, 0x718, 0x2, 0x2, 0x6, 0xc3, 0x100, 0xfffffffe, 0x5, 0x6, 0xc, 0x2049b29, 0x6, 0x5, 0xbd, 0x7, 0x5197, 0xfff, 0x6, 0x7, 0x4, 0x88f, 0xffff, 0x8, 0x3ff, 0x7fff, 0x401, 0x4, 0x13, 0x7, 0x8, 0x10, 0xb0d1, 0x7ff, 0x4, 0x80, 0x8, 0x3, 0x1, 0x6454, 0x3, 0xffff, 0x3, 0x4, 0x80000000, 0x9, 0xe, 0x9, 0x10001, 0x40, 0x1, 0x4, 0x6, 0x7, 0x1149, 0x0, 0x3, 0x6, 0x3, 0x7, 0xea2f, 0x7, 0x2fbcbcdf, 0x2, 0x6, 0x9, 0x1, 0x3, 0xffffffff, 0x1, 0x4, 0xb18, 0x1, 0x800, 0x6, 0x9, 0xffffffff, 0xcaf, 0x3ff, 0x7, 0x11, 0x100, 0x2, 0x1, 0x7f, 0xbe, 0xc171, 0xfffffff7, 0x8, 0x0, 0x4a102091, 0xfffff9a7, 0x4, 0x8, 0x1, 0x9, 0x3, 0x91c, 0x329c, 0x3, 0x8, 0x7ff, 0x7, 0x9, 0xd6f, 0x7fffffff, 0x400, 0xef, 0x5, 0x41, 0x1, 0x5, 0x4, 0x9, 0x7, 0x5, 0x2, 0x903, 0xfffffffb, 0x1, 0x6, 0x9, 0x80000001, 0x10, 0x63c, 0xea, 0xe659, 0x10001, 0x101, 0x1, 0xffffffff, 0x1, 0x56, 0xf87, 0x5, 0x6, 0x1, 0x8, 0x5, 0x0, 0x3, 0x5904, 0xffffffda, 0x1, 0x80000000, 0x1, 0x4, 0x9, 0xb48, 0xfffffffa, 0x1ff, 0xc, 0x2, 0x6, 0x88, 0x2, 0x7, 0x5, 0x7, 0x7ff, 0x9, 0x8000, 0x600, 0x0, 0xac, 0xff, 0x6c1794d3, 0x0, 0xc, 0x10001, 0x0, 0x882a, 0x8, 0xe, 0x0, 0x7, 0x1, 0x9, 0x4, 0x431f763e, 0x1, 0x2, 0x80, 0x2, 0x4, 0x80000000, 0x5, 0x3, 0x7a2, 0x82c, 0x6a, 0x5, 0x1, 0xf, 0x52000000, 0x3, 0x7db, 0x2, 0x3, 0xffff, 0xfff, 0xfffffffd, 0x6, 0xffffff81, 0x5, 0x9, 0x2, 0x616b8048, 0x8, 0xfffffff2, 0x0, 0x4, 0xfffffffb, 0x9, 0x0, 0x7, 0x7c418a57, 0x73, 0xffff, 0x3, 0x0, 0x2a4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xa, 0x7, 0x7, 0x7, 0x5, {0x15, 0x2, 0x200, 0x9, 0x7, 0x2}, {0x8, 0x1, 0x7fff, 0x5465, 0x4, 0x5a}, 0x3, 0x8001, 0x81}}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0xe4, 0x1ff, 0x5, 0x8, 0x0, 0x6, 0x0, 0x7, 0x0, 0x8, 0xb3, 0x4, 0x7, 0x2, 0x8, 0x8, 0x3, 0x100, 0x4, 0xd5500, 0xca, 0x331, 0x8, 0x0, 0x7, 0xb091, 0x0, 0x7fff, 0x5, 0x0, 0xe00, 0x11, 0x1000, 0x2, 0xe, 0x4, 0x8, 0x7fff, 0x6, 0x1000, 0x7fffffff, 0x81, 0x9, 0x7, 0x3, 0x4, 0x8, 0x8, 0x1, 0x5bd, 0x3, 0x6, 0x1, 0x7, 0x2, 0x5, 0x3, 0x2, 0x2, 0x3, 0x4, 0x4, 0x33e774c4, 0x40000000, 0x0, 0x0, 0xcb5, 0x12, 0x3, 0x10000, 0x80000000, 0x0, 0x2, 0x9, 0x9, 0x3, 0xfffffffb, 0x4, 0x7, 0x5, 0x6, 0xffffffff, 0x1, 0x9, 0x81, 0x7b58, 0x9, 0x2, 0x1, 0x81, 0xfffffffe, 0xa, 0x0, 0xffffffff, 0x0, 0x9, 0x8b, 0x9, 0x4, 0x7bf, 0x5, 0x5, 0x3, 0x80, 0x9, 0x7fffffff, 0x2, 0x6, 0x4, 0x800, 0xa9a, 0x1, 0x1, 0x79ce, 0x3ff, 0x7ff, 0xffff, 0x1, 0x400, 0x1ff, 0x0, 0x0, 0x7, 0x9, 0x0, 0x8, 0xad, 0x7, 0x1ff, 0x9, 0x808, 0x5, 0x1, 0x8, 0x3, 0x1ff, 0x4, 0xb, 0x8, 0x7, 0x9, 0x6, 0x80, 0x2, 0xd0000000, 0x5, 0x6, 0x7, 0x6, 0x1, 0x4, 0x3, 0x9, 0x6, 0x5, 0x8, 0x80000001, 0x1ff16624, 0x6, 0x0, 0x1, 0x8, 0x3, 0x5, 0xdd3e, 0x3, 0x401, 0x9, 0x9, 0xff, 0x9, 0x609624be, 0x3, 0xa, 0xfffffffe, 0x7ff, 0x42d8, 0x200, 0x2, 0x200, 0x100, 0x5, 0x9, 0xd1f, 0x6, 0x5, 0x9, 0x8000, 0x8000, 0xffffffff, 0x7, 0x3, 0x1, 0x2, 0x200, 0x1, 0x55, 0x2de, 0xc2bb, 0x3, 0x5, 0x4, 0xe, 0x3ff, 0x4, 0x8, 0x105, 0xa0a6, 0xa, 0x8000, 0xffff, 0x8, 0x8, 0x9, 0x2, 0x8, 0x6, 0x858c, 0xb247, 0x6, 0x10000, 0x0, 0x4, 0x2, 0xf96, 0x2, 0x9, 0xd, 0x9, 0x1, 0xffffffff, 0x200, 0x3, 0x1, 0x3, 0x8, 0x4, 0xba44, 0x3, 0xe, 0x17, 0x73, 0x1, 0x7, 0xd, 0x9b, 0x8, 0x53e6, 0x80000001, 0x2, 0xffffffff, 0x6, 0x7, 0x1c, 0x5]}]}]}}]}, 0x88c}}, 0x20040000)

5.405433306s ago: executing program 1 (id=1020):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x2, @mcast2, 0x80000000}, 0xfffffffffffffe9f)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x3)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x3, 0x6}}]}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {0xf, 0xa}, {0xffe0, 0xa}, {0xfff3, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x84002, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x7a, 0xdd, 0x15, 0x20, 0x545, 0x8080, 0x301, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa1, 0xc3, 0x85}}]}}]}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32, @ANYBLOB="bd1b5c"], 0x3c}}, 0x0)

4.790619593s ago: executing program 0 (id=1024):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)

4.617704336s ago: executing program 3 (id=1025):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x378, 0x30, 0xc96f2b0dc02612b1, 0x71bd23, 0x25dfdbff, {}, [{0x364, 0x1, [@m_ife={0x90, 0xb, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x8, 0x8, 0x1ff, 0x5}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}]}, @TCA_IFE_DMAC={0xa, 0x3, @multicast}]}, {0x31, 0x6, "ea24464decc1b2772ce0e9d802b5374a8d6638c9f5d62d73097ad328a4154dd4046c261a61dc99ee70038b3509"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0x178, 0x14, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x7fff, 0x2, 0x2, 0x1000, 0x8}, 0x52}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x80000001, 0x8, 0x1, 0xa}, 0x33}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x10080, 0xffffffffffffffff, 0x48fa, 0x2}, 0x11}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x3e5, 0x4, 0x3, 0x1}, 0x21}}]}, {0xdc, 0x6, "576458eea52fd27eec92e713a172e757e1f62fe8475fa8817d9bd39d398251801f64d9b8e312b47b111ff094a2f452e1fd749b169123625c664a63e06baa8402c6b5fe34fbffaf329e5589fe1d00f704d8d13b0100000081ec7a1e9e21427be570631961812505684e260d3f73821a372961e6acf9f73f3ab3a6d19010c501877fc1473ff3fe388a502702c7e7d4eb99cd479f52bef8df8dc2e73616bf1f272164af3952f1d1f1a693618bda8d6320e42a8e0697af247b91c7095e95e872d047372485c0891ec2ffea40a743cf98ee0d99976d2bc45fc322"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_bpf={0xc4, 0x9, 0x0, 0x0, {{0x8}, {0x98, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS={0x1c, 0x4, [{0x2, 0x9, 0x1, 0x3}, {0xf, 0x40, 0x2, 0x1}, {0x6, 0x1, 0x3, 0x1}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xffff06a5, 0x8, 0x5, 0x8, 0x100}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3, 0x4, 0x3, 0x87f3, 0x4}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2, 0x9, 0x6, 0x3, 0x7fb}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x8, 0x6, 0x5, 0x5, 0x69e}}, @TCA_ACT_BPF_FD={0x8}]}, {0x5, 0x6, '~'}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_skbmod={0x94, 0xd, 0x0, 0x0, {{0xb}, {0x68, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @local}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}, @TCA_SKBMOD_DMAC={0xa}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x6, 0x9, 0x5, 0x800, 0x8}, 0x7}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x80}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}, @TCA_SKBMOD_SMAC={0xa}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x378}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

4.487842017s ago: executing program 3 (id=1026):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})

4.434178485s ago: executing program 2 (id=1027):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000040), 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000540)={{0x12, 0x1, 0x250, 0x5, 0x65, 0x71, 0x20, 0xdba, 0x5000, 0x4859, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x7, 0x70, 0x40, [{{0x9, 0x4, 0xef, 0x0, 0x0, 0x16, 0xf, 0x44, 0x4}}]}}]}}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sendmsg(r1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000000c0)=0x2)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r3 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r4=>0x0})
r5 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000080)={0x11, 0x800, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa40000000000008"], 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106a0529000000000000010902"], 0x0)
r7 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x400000014, 0x15a862)
writev(r7, &(0x7f0000001400)=[{&(0x7f0000001280)='UZ', 0x2}], 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0)
r8 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000540)="bc3009bb66682c9d4233b0cc644f5fdae5b9d17f7ada03bc77aea173022c18232e1fb162caf50d08fda40c6e9c515c4a2c7245660296c0460cbff563b781695432f5a83f5ab8979bf6fd1c17aaa22ada927f1feb5074053514edf5734d63b2b58edc5b848d6fa38f7956549438addc5e72bb0cdbce326b0b3f673b0174949173", 0x80, 0xfffffffffffffffe)
r9 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r8, r9, r8}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r10 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)

4.267092835s ago: executing program 3 (id=1028):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x2, {[@global=@item_012={0x1, 0x1, 0x7, '2'}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f00000004c0)={0x0, 0x14, 0xd, "5e6424818327b2369deca65eb2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00M'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$video(&(0x7f0000000040), 0x7, 0x80000)
ioctl$VIDIOC_ENUMINPUT(r1, 0xc050561a, &(0x7f0000000080)={0x3, "06000000000000002ec229e361f43a16d680ec57dcceaa2e5ad4b4154200", 0x2, 0x10, 0x0, 0x0, 0x14e0c5a6c6325ff5, 0x2})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

3.636610129s ago: executing program 0 (id=1029):
socket(0x22, 0x2, 0x24)
syz_io_uring_setup(0x4e5b, &(0x7f0000000600)={0x0, 0x0, 0x10100, 0x3, 0x3}, &(0x7f0000000100), &(0x7f0000000000))
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000080)={0x0, 0x4, 0x20, 0x3}, &(0x7f0000000840)=0x18)
syz_io_uring_setup(0x5e2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f0000000180), &(0x7f0000000140))
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x10, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)
sendmsg$kcm(r1, &(0x7f0000001900)={0x0, 0xffffffea, 0x0}, 0x20040005)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, 0x0)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
read$FUSE(r6, &(0x7f0000002900)={0x2020}, 0x2020)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
io_uring_enter(0xffffffffffffffff, 0x627, 0x4c1, 0x43, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x6c}}, 0x24000000)

2.711678055s ago: executing program 4 (id=1030):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = userfaultfd(0x801)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x5)

2.648296429s ago: executing program 4 (id=1031):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x2, @mcast2, 0x80000000}, 0xfffffffffffffe9f)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x3)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x3, 0x6}}]}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {0xf, 0xa}, {0xffe0, 0xa}, {0xfff3, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x84002, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x7a, 0xdd, 0x15, 0x20, 0x545, 0x8080, 0x301, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa1, 0xc3, 0x85}}]}}]}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

1.650325523s ago: executing program 1 (id=1032):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x68, &(0x7f0000000800)={0x68, 0x4b, 0x20}, 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0xfffe, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x7}, 0x0)
r3 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000004c0)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
r4 = openat$audio(0xffffffffffffff9c, 0x0, 0x402, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000080)=0x2)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
socket$nl_route(0x10, 0x3, 0x0)

1.282053578s ago: executing program 2 (id=1033):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.044855491s ago: executing program 3 (id=1034):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='auxv\x00')
pread64(r0, &(0x7f0000000000)=""/17, 0x11, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)

969.576848ms ago: executing program 2 (id=1035):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_NEWSET={0x2c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x3d7e}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x94}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = syz_open_dev$video(&(0x7f00000004c0), 0x6, 0x8a002)
ioctl$VIDIOC_G_FMT(r3, 0xc0d05605, &(0x7f0000000380)={0xd, @sdr={0x47425247, 0x8}})
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x78, 0x7, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_META_SREG={0x8}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x6}]}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r4)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x3, @local, 'geneve0\x00'}}, 0x1e)
ioctl$PPPIOCCONNECT(0xffffffffffffffff, 0x4004743a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
socket$unix(0x1, 0x2, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r8, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x52)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$inet(r10, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="7b5236a8bd74f532375cd3a0d0fe9448915d7c6785038e4162e43223cc2248f46aab096c7965b72f5ecdf769", 0x2c}], 0x1}, 0x44000)
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r11, 0xc0a85320, &(0x7f0000000340)={{0x80, 0xfe}, 'port0\x00', 0x24, 0x60005, 0x1, 0x0, 0x8, 0x0, 0xfffffffc, 0x0, 0x1, 0xe})
recvmsg(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

959.925762ms ago: executing program 3 (id=1036):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x1}})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) (fail_nth: 6)

491.101µs ago: executing program 3 (id=1037):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x378, 0x30, 0xc96f2b0dc02612b1, 0x71bd23, 0x25dfdbff, {}, [{0x364, 0x1, [@m_ife={0x90, 0xb, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x8, 0x8, 0x1ff, 0x5}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}]}, @TCA_IFE_DMAC={0xa, 0x3, @multicast}]}, {0x31, 0x6, "ea24464decc1b2772ce0e9d802b5374a8d6638c9f5d62d73097ad328a4154dd4046c261a61dc99ee70038b3509"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0x178, 0x14, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x7fff, 0x2, 0x2, 0x1000, 0x8}, 0x52}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x80000001, 0x8, 0x1, 0xa}, 0x33}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x10080, 0xffffffffffffffff, 0x48fa, 0x2}, 0x11}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x3e5, 0x4, 0x3, 0x1}, 0x21}}]}, {0xdc, 0x6, "576458eea52fd27eec92e713a172e757e1f62fe8475fa8817d9bd39d398251801f64d9b8e312b47b111ff094a2f452e1fd749b169123625c664a63e06baa8402c6b5fe34fbffaf329e5589fe1d00f704d8d13b0100000081ec7a1e9e21427be570631961812505684e260d3f73821a372961e6acf9f73f3ab3a6d19010c501877fc1473ff3fe388a502702c7e7d4eb99cd479f52bef8df8dc2e73616bf1f272164af3952f1d1f1a693618bda8d6320e42a8e0697af247b91c7095e95e872d047372485c0891ec2ffea40a743cf98ee0d99976d2bc45fc322"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_bpf={0xc4, 0x9, 0x0, 0x0, {{0x8}, {0x98, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0xf000, 0x4, 0x7f, 0x81}, {0x2, 0x9, 0x1, 0x3}, {0xf, 0x40, 0x2, 0x1}, {0x6, 0x1, 0x3, 0x1}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xffff06a5, 0x8, 0x5, 0x8, 0x100}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3, 0x4, 0x3, 0x87f3, 0x4}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2, 0x9, 0x6, 0x3, 0x7fb}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x8, 0x6, 0x5, 0x5, 0x69e}}, @TCA_ACT_BPF_FD={0x8}]}, {0x5, 0x6, '~'}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_skbmod={0x94, 0xd, 0x0, 0x0, {{0xb}, {0x68, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @local}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}, @TCA_SKBMOD_DMAC={0xa}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x6, 0x9, 0x5, 0x800, 0x8}, 0x7}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x80}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}, @TCA_SKBMOD_SMAC={0xa}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x378}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

0s ago: executing program 0 (id=1038):
syz_open_dev$vim2m(&(0x7f00000007c0), 0x3, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x10a900, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = syz_open_dev$loop(0x0, 0x8, 0x2180)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1eace2d0fb0a010000000000000000030001000000008000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0x400004]}})
sendmsg(r3, 0x0, 0x50)
ioctl$MEDIA_IOC_ENUM_ENTITIES(0xffffffffffffffff, 0xc1007c01, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0xd)
r6 = socket(0x11, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8918, &(0x7f0000000480)={'veth1_macvtap\x00', {0x2, 0x0, @empty=0xcf050000}})
fcntl$getflags(r3, 0x408)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xc048aec8, &(0x7f0000000700)={0x6, 0x0, @ioapic={0x4, 0xb, 0x100, 0x3, 0x0, [{0x1, 0x6, 0x5, '\x00', 0x81}, {0x7, 0x45, 0x1, '\x00', 0x7f}, {0x4, 0x5, 0x2, '\x00', 0x1}, {0xc6, 0x4, 0x3, '\x00', 0xf5}, {0x4, 0x0, 0xd, '\x00', 0x7}, {0x3, 0x5, 0x3e, '\x00', 0xa}, {0x81, 0x7, 0x5, '\x00', 0x9}, {0x1, 0xe, 0x6}, {0x6, 0x9, 0xf}, {0x6, 0x9, 0x2, '\x00', 0x5}, {0x4, 0x10, 0xc, '\x00', 0x4}, {0x1, 0x4, 0x0, '\x00', 0x3}, {0x4, 0x0, 0xde, '\x00', 0x80}, {0x2, 0x16, 0x40, '\x00', 0x9}, {0x80, 0x9, 0x6, '\x00', 0x49}, {0x2, 0x5, 0xa, '\x00', 0x4}, {0x60, 0x3, 0x5, '\x00', 0xb}, {0x16, 0x1, 0x9, '\x00', 0xfe}, {0x1, 0x3, 0x5}, {0x9, 0x0, 0x3, '\x00', 0x7}, {0x92, 0x4, 0xff, '\x00', 0x2}, {0x9, 0x10, 0x4, '\x00', 0x7}, {0x6, 0x9, 0x1}, {0x9, 0x0, 0x7, '\x00', 0xe}]}})

kernel console output (not intermixed with test programs):

02154 phy1 wpan1: encryption failed: -22
[  194.209404][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  194.219348][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  194.258146][   T24] usb 1-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  194.296748][ T7734] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  194.345895][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.378109][   T24] usb 1-1: Product: syz
[  194.383649][   T24] usb 1-1: Manufacturer: syz
[  194.391603][   T24] usb 1-1: SerialNumber: syz
[  194.403952][   T24] usb 1-1: config 0 descriptor??
[  194.442116][ T7729] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  194.450955][   T24] ati_remote 1-1:0.0: ati_remote_probe: Unexpected endpoint_out
[  194.653333][ T7729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.662943][ T7729] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.682505][ T7729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.701792][ T7729] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.151875][ T5924] usb 1-1: USB disconnect, device number 33
[  195.233925][   T24] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  195.418582][   T24] usb 5-1: config 0 has no interfaces?
[  195.424414][   T43] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  195.456673][   T24] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  195.486356][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.499437][   T24] usb 5-1: Product: syz
[  195.503657][   T24] usb 5-1: Manufacturer: syz
[  195.508380][   T24] usb 5-1: SerialNumber: syz
[  195.518779][   T24] usb 5-1: config 0 descriptor??
[  195.593820][   T43] usb 3-1: Using ep0 maxpacket: 8
[  195.614349][   T43] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  195.718152][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.746290][   T43] usb 3-1: Product: syz
[  195.750489][   T43] usb 3-1: Manufacturer: syz
[  195.756839][ T5924] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  195.772600][   T43] usb 3-1: SerialNumber: syz
[  195.794712][   T43] usb 3-1: config 0 descriptor??
[  195.823625][   T43] gspca_main: sq930x-2.14.0 probing 2770:930c
[  195.849385][ T7749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.864232][ T7749] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.940640][ T5924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.957794][ T5924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.969147][ T5924] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  195.988242][ T5924] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  196.003157][ T5924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.059344][ T5924] usb 2-1: config 0 descriptor??
[  196.124868][ T5910] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  196.346931][ T5910] usb 1-1: config 0 has an invalid interface number: 95 but max is 0
[  196.370993][ T5910] usb 1-1: config 0 has no interface number 0
[  196.384132][   T43] gspca_sq930x: reg_r 001f failed -110
[  196.389984][   T43] sq930x 3-1:0.0: probe with driver sq930x failed with error -110
[  196.507184][ T5924] kye 0003:0458:5011.0006: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  196.522290][ T5910] usb 1-1: config 0 interface 95 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8
[  196.547765][ T5924] kye 0003:0458:5011.0006: unknown main item tag 0x0
[  196.578433][ T5924] kye 0003:0458:5011.0006: unknown main item tag 0x0
[  196.604074][ T5924] kye 0003:0458:5011.0006: unknown main item tag 0x0
[  196.611312][ T5910] usb 1-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46
[  196.621086][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.630582][ T5924] kye 0003:0458:5011.0006: unknown main item tag 0x0
[  196.638910][ T5910] usb 1-1: Product: syz
[  196.643657][ T5910] usb 1-1: Manufacturer: syz
[  196.648706][ T5924] kye 0003:0458:5011.0006: unknown main item tag 0x0
[  196.655835][ T5910] usb 1-1: SerialNumber: syz
[  196.674742][ T5924] kye 0003:0458:5011.0006: hidraw0: USB HID vff.fe Device [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  196.698712][ T5910] usb 1-1: config 0 descriptor??
[  196.720406][ T7751] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  196.736986][ T5924] kye 0003:0458:5011.0006: tablet-enabling feature report not found
[  196.745793][ T5924] kye 0003:0458:5011.0006: tablet enabling failed
[  197.043389][ T7751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.053258][ T7751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.237708][ T5910] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  197.245221][ T5910] usb 1-1: MIDIStreaming interface descriptor not found
[  197.259600][ T5837] usb 2-1: USB disconnect, device number 44
[  197.370385][ T5910] usb 1-1: USB disconnect, device number 34
[  197.440927][ T6010] udevd[6010]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.95/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  197.724419][ T7774] netlink: 84 bytes leftover after parsing attributes in process `syz.1.573'.
[  197.860490][ T5837] usb 5-1: USB disconnect, device number 32
[  198.157836][ T7789] trusted_key: syz.0.580 sent an empty control message without MSG_MORE.
[  198.213252][ T7795] program syz.0.580 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  198.508068][ T7805] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.733869][ T5837] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  198.884135][ T5837] usb 5-1: Using ep0 maxpacket: 8
[  198.889285][   T10] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  198.899241][ T5837] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  198.908609][ T5837] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[  198.917171][ T5837] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  198.937851][ T5837] usb 5-1: config 0 has no interface number 0
[  198.949967][ T5837] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  198.974437][ T5837] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  199.003866][ T5924] usb 3-1: USB disconnect, device number 30
[  199.012778][ T5837] usb 5-1: config 0 interface 255 has no altsetting 0
[  199.034062][ T5837] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  199.053454][ T5837] usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  199.067309][   T10] usb 2-1: Using ep0 maxpacket: 32
[  199.091408][   T10] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  199.109628][ T5837] usb 5-1: Product: syz
[  199.123231][   T10] usb 2-1: config 0 has no interface number 0
[  199.134705][ T5837] usb 5-1: config 0 descriptor??
[  199.140097][   T10] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  199.166669][   T10] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x1 has invalid maxpacket 1622, setting to 1024
[  199.194673][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.588'.
[  199.213798][   T10] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  199.238541][   T10] usb 2-1: config 0 interface 85 has no altsetting 0
[  199.253669][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  199.263946][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.290004][   T10] usb 2-1: Product: syz
[  199.300119][   T10] usb 2-1: Manufacturer: syz
[  199.308051][   T10] usb 2-1: SerialNumber: syz
[  199.325672][   T10] usb 2-1: config 0 descriptor??
[  199.370742][ T5837] usb 5-1: USB disconnect, device number 33
[  199.561150][   T10] appletouch 2-1:0.85: Failed to read mode from device.
[  199.578744][   T10] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  199.646340][   T10] usb 2-1: USB disconnect, device number 45
[  200.342343][   T10] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  200.628903][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.655562][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  200.673832][ T5924] usb 2-1: new low-speed USB device number 46 using dummy_hcd
[  200.706494][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  200.738264][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.776843][   T10] usb 5-1: config 0 descriptor??
[  200.806545][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  200.858585][ T5924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  200.869986][ T5924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.003980][ T5924] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  201.023358][ T5924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.037959][ T5924] usb 2-1: config 0 descriptor??
[  201.463452][ T5924] glorious 0003:258A:0036.0007: item fetching failed at offset 0/2
[  201.472846][ T5924] glorious 0003:258A:0036.0007: probe with driver glorious failed with error -22
[  202.973888][   T43] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  203.025728][ T5924] usb 5-1: USB disconnect, device number 34
[  203.057672][   T30] audit: type=1326 audit(1753924969.693:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11a98e9a9 code=0x7ffc0000
[  203.147953][   T43] usb 3-1: config 0 has an invalid descriptor of length 213, skipping remainder of the config
[  203.184963][   T43] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  203.205731][   T30] audit: type=1326 audit(1753924969.703:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11a98e9a9 code=0x7ffc0000
[  203.232664][   T30] audit: type=1326 audit(1753924969.703:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc11a98e9a9 code=0x7ffc0000
[  203.260605][   T43] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  203.270697][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.288399][   T43] usb 3-1: Product: syz
[  203.292848][   T43] usb 3-1: Manufacturer: syz
[  203.301534][   T43] usb 3-1: SerialNumber: syz
[  203.311264][   T43] usb 3-1: config 0 descriptor??
[  203.322845][   T30] audit: type=1326 audit(1753924969.703:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc11a98e9e3 code=0x7ffc0000
[  203.350803][   T30] audit: type=1326 audit(1753924969.703:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc11a98e9e3 code=0x7ffc0000
[  203.388458][   T30] audit: type=1326 audit(1753924969.703:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11a98e9a9 code=0x7ffc0000
[  203.414603][   T30] audit: type=1326 audit(1753924969.703:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.3.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11a98e9a9 code=0x7ffc0000
[  203.898435][ T7839] syz.1.598 (7839): drop_caches: 2
[  203.952672][ T7880] netlink: 84 bytes leftover after parsing attributes in process `syz.4.612'.
[  204.144892][ T5924] usb 2-1: USB disconnect, device number 46
[  205.344183][ T5988] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  205.565383][ T5988] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.582278][ T5988] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  205.651427][ T5988] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  205.709757][ T5988] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.786598][ T5988] usb 1-1: config 0 descriptor??
[  205.826708][ T5988] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  206.156191][ T7918] batadv_slave_1: entered promiscuous mode
[  206.179401][ T7918] batadv_slave_1: left promiscuous mode
[  206.218728][ T5837] usb 3-1: USB disconnect, device number 31
[  206.496071][ T7925] delete_channel: no stack
[  206.709380][ T5988] usb 2-1: new low-speed USB device number 47 using dummy_hcd
[  206.876403][ T7938] binder_alloc: 7937: pid 7937 spamming oneway? 1 buffers allocated for a total size of 4096
[  206.895291][ T5988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  206.920416][ T7938] binder_alloc: 7937: pid 7937 spamming oneway? 2 buffers allocated for a total size of 5120
[  206.923997][ T5988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.958593][ T7938] binder: BINDER_SET_CONTEXT_MGR already set
[  206.958694][ T5988] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  207.031446][ T7938] binder: 7937:7938 ioctl 4018620d 2000000000c0 returned -16
[  207.076720][ T5988] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.095892][ T7945] program syz.2.632 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  207.293851][ T5988] usb 2-1: config 0 descriptor??
[  207.436387][ T5837] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  207.614566][ T5837] usb 3-1: Using ep0 maxpacket: 16
[  207.663842][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.706563][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.717097][ T5837] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  207.731029][ T5837] usb 3-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[  207.735974][ T5988] glorious 0003:258A:0036.0008: item fetching failed at offset 0/2
[  207.752609][ T5988] glorious 0003:258A:0036.0008: probe with driver glorious failed with error -22
[  207.778174][ T5837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.792787][  T976] usb 1-1: USB disconnect, device number 35
[  207.827199][ T5837] usb 3-1: config 0 descriptor??
[  208.332887][ T7962] loop2: detected capacity change from 0 to 7
[  208.448553][ T7962] Dev loop2: unable to read RDB block 7
[  208.458198][ T7962]  loop2: AHDI p1 p2 p3
[  208.491642][ T7962] loop2: partition table partially beyond EOD, truncated
[  208.553159][ T7962] loop2: p1 start 1601398130 is beyond EOD, truncated
[  208.560688][ T7962] loop2: p2 start 1702059890 is beyond EOD, truncated
[  208.665897][ T5837] usbhid 3-1:0.0: can't add hid device: -71
[  208.701241][ T5988] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  208.728167][ T5837] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  208.770086][ T7967] netlink: 'syz.4.642': attribute type 11 has an invalid length.
[  208.797916][ T5837] usb 3-1: USB disconnect, device number 32
[  208.864282][ T5988] usb 1-1: Using ep0 maxpacket: 8
[  208.887189][ T5988] usb 1-1: config 2 interface 0 has no altsetting 0
[  208.938262][ T7968] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  208.944805][ T7968] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  208.959122][ T5988] usb 1-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  208.988429][ T7968] vhci_hcd vhci_hcd.0: Device attached
[  209.003249][ T5988] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.016573][ T7973] program syz.4.643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.037204][ T5988] usb 1-1: Product: syz
[  209.056341][ T5988] usb 1-1: Manufacturer: syz
[  209.067821][ T5988] usb 1-1: SerialNumber: syz
[  209.122710][ T7970] vhci_hcd: connection closed
[  209.123144][   T49] vhci_hcd: stop threads
[  209.133556][   T49] vhci_hcd: release socket
[  209.140402][   T49] vhci_hcd: disconnect device
[  209.380635][ T7927] syz.1.626 (7927): drop_caches: 2
[  209.386458][ T7963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.396123][ T7963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.431862][ T5988] usb 1-1: USB disconnect, device number 36
[  209.493934][   T43] usb 2-1: USB disconnect, device number 47
[  209.553587][ T7980] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  209.815776][ T7989] process 'syz.1.649' launched './file0' with NULL argv: empty string added
[  209.953816][   T43] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  210.106618][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  210.166965][   T43] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  210.214821][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.263174][   T43] usb 3-1: config 0 descriptor??
[  210.301681][ T8000] netlink: 16 bytes leftover after parsing attributes in process `syz.0.654'.
[  210.308400][   T43] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  210.675803][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x6
[  210.684596][ T8014] binder: 8001:8014 ioctl c0306201 200000000700 returned -22
[  210.692248][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.070092][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.151500][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.159715][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.167249][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.191787][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.312596][  T976] usb 1-1: new low-speed USB device number 37 using dummy_hcd
[  211.354087][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.365387][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.388174][ T5988] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  211.417690][ T5988] hid-generic 00A0:0006:0003.0009: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  211.566149][ T8020] fido_id[8020]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  211.612467][  T976] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  211.654250][  T976] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.686845][  T976] usb 1-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  211.722750][  T976] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.800233][  T976] usb 1-1: config 0 descriptor??
[  212.289230][  T976] glorious 0003:258A:0036.000A: item fetching failed at offset 0/2
[  212.338743][  T976] glorious 0003:258A:0036.000A: probe with driver glorious failed with error -22
[  212.712974][ T8013] syz.0.657 (8013): drop_caches: 2
[  212.735998][   T10] usb 3-1: USB disconnect, device number 33
[  213.522282][ T8049] netlink: 20 bytes leftover after parsing attributes in process `syz.4.663'.
[  213.546791][ T8050] netlink: 'syz.3.664': attribute type 12 has an invalid length.
[  214.124030][ T8059] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  214.130579][ T8059] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  214.193976][ T8059] vhci_hcd vhci_hcd.0: Device attached
[  214.262702][   T10] usb 1-1: USB disconnect, device number 37
[  214.310363][ T8061] vhci_hcd: connection closed
[  214.310905][ T1036] vhci_hcd: stop threads
[  214.322655][ T1036] vhci_hcd: release socket
[  214.329768][ T1036] vhci_hcd: disconnect device
[  214.374106][ T5988] vhci_hcd: vhci_device speed not set
[  214.583878][   T10] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[  214.960710][   T10] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  214.976198][   T10] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  215.016938][   T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  215.036236][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  215.254377][   T10] usb 1-1: SerialNumber: syz
[  215.277097][   T10] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  215.297742][   T10] usb-storage 1-1:1.0: USB Mass Storage device detected
[  215.312717][   T10] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  215.322983][   T10] scsi host1: usb-storage 1-1:1.0
[  215.373819][   T43] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  215.546295][   T43] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  215.570337][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.623664][   T43] usb 2-1: config 0 descriptor??
[  215.650571][   T43] cp210x 2-1:0.0: cp210x converter detected
[  215.849838][   T43] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -121
[  215.859106][   T43] cp210x 2-1:0.0: querying part number failed
[  215.874957][   T43] usb 2-1: cp210x converter now attached to ttyUSB0
[  215.884507][ T8082] netlink: 'syz.0.668': attribute type 10 has an invalid length.
[  215.892244][ T8082] netlink: 40 bytes leftover after parsing attributes in process `syz.0.668'.
[  215.919404][ T8082] team0: Port device geneve0 added
[  215.927708][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.941044][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.951404][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.961188][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.614121][   T10] usb 1-1: USB disconnect, device number 38
[  216.762435][ T8091] netlink: 36 bytes leftover after parsing attributes in process `syz.1.670'.
[  216.889381][ T8098] FAULT_INJECTION: forcing a failure.
[  216.889381][ T8098] name failslab, interval 1, probability 0, space 0, times 0
[  216.902983][ T8098] CPU: 1 UID: 0 PID: 8098 Comm: syz.4.678 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  216.903009][ T8098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.903019][ T8098] Call Trace:
[  216.903027][ T8098]  <TASK>
[  216.903035][ T8098]  dump_stack_lvl+0x189/0x250
[  216.903058][ T8098]  ? __pfx____ratelimit+0x10/0x10
[  216.903079][ T8098]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.903097][ T8098]  ? __pfx__printk+0x10/0x10
[  216.903123][ T8098]  ? __pfx___might_resched+0x10/0x10
[  216.903143][ T8098]  ? fs_reclaim_acquire+0x7d/0x100
[  216.903166][ T8098]  should_fail_ex+0x414/0x560
[  216.903195][ T8098]  should_failslab+0xa8/0x100
[  216.903213][ T8098]  kmem_cache_alloc_noprof+0x73/0x3c0
[  216.903235][ T8098]  ? security_inode_alloc+0x39/0x330
[  216.903262][ T8098]  security_inode_alloc+0x39/0x330
[  216.903285][ T8098]  inode_init_always_gfp+0x9ed/0xdc0
[  216.903323][ T8098]  alloc_inode+0x82/0x1b0
[  216.903347][ T8098]  alloc_anon_inode+0x1f/0x360
[  216.903368][ T8098]  ? anon_inode_make_secure_inode+0x73/0x180
[  216.903390][ T8098]  anon_inode_make_secure_inode+0x7b/0x180
[  216.903412][ T8098]  ? __pfx_anon_inode_make_secure_inode+0x10/0x10
[  216.903434][ T8098]  ? _raw_spin_unlock+0x28/0x50
[  216.903454][ T8098]  ? alloc_fd+0x64c/0x6c0
[  216.903481][ T8098]  __anon_inode_getfile+0xce/0x200
[  216.903504][ T8098]  new_userfaultfd+0x207/0x380
[  216.903530][ T8098]  __x64_sys_userfaultfd+0x81/0xa0
[  216.903551][ T8098]  do_syscall_64+0xfa/0x3b0
[  216.903572][ T8098]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.903593][ T8098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.903610][ T8098]  ? clear_bhb_loop+0x60/0xb0
[  216.903630][ T8098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.903645][ T8098] RIP: 0033:0x7ff35dd8e9a9
[  216.903660][ T8098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.903673][ T8098] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143
[  216.903695][ T8098] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  216.903706][ T8098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000080801
[  216.903716][ T8098] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  216.903726][ T8098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.903735][ T8098] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  216.903760][ T8098]  </TASK>
[  217.255956][ T8104] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  217.362631][ T8082] syz.0.668 (8082) used greatest stack depth: 19832 bytes left
[  217.505675][   T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  217.665519][   T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  217.690252][   T10] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  217.715030][   T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  217.724693][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.733246][ T8113] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  217.739778][ T8113] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  217.755379][ T8104] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  217.767955][ T8113] vhci_hcd vhci_hcd.0: Device attached
[  217.918352][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  218.003908][   T43] usb 33-1: new low-speed USB device number 4 using vhci_hcd
[  218.072413][   T10] usb 2-1: USB disconnect, device number 48
[  218.096896][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  218.110505][   T10] cp210x 2-1:0.0: device disconnected
[  218.294222][ T8115] vhci_hcd: connection reset by peer
[  218.313128][   T36] vhci_hcd: stop threads
[  218.317481][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  218.353228][   T36] vhci_hcd: release socket
[  218.370421][   T36] vhci_hcd: disconnect device
[  219.008516][ T8137] loop5: detected capacity change from 0 to 4775
[  219.174323][ T6188] Buffer I/O error on dev loop5, logical block 596, async page read
[  219.177834][ T8137] binder: 8131:8137 ioctl aea2 8 returned -22
[  219.190605][   T10] usb 5-1: USB disconnect, device number 35
[  220.208513][ T8146] 8021q: VLANs not supported on vxcan0
[  220.305071][ T8150] program syz.1.696 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.086280][ T5988] usb 5-1: new low-speed USB device number 36 using dummy_hcd
[  221.546261][ T5988] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  221.569432][ T5988] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.658791][ T5988] usb 5-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  221.719379][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.747775][ T5988] usb 5-1: config 0 descriptor??
[  222.640737][ T5988] glorious 0003:258A:0036.000B: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.4-1/input0
[  222.910185][ T8169] syz.4.701 (8169): drop_caches: 2
[  223.223668][   T43] vhci_hcd: vhci_device speed not set
[  223.245068][ T8205] FAULT_INJECTION: forcing a failure.
[  223.245068][ T8205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.389027][ T8205] CPU: 0 UID: 0 PID: 8205 Comm: syz.2.712 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  223.389053][ T8205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.389064][ T8205] Call Trace:
[  223.389071][ T8205]  <TASK>
[  223.389079][ T8205]  dump_stack_lvl+0x189/0x250
[  223.389101][ T8205]  ? __pfx____ratelimit+0x10/0x10
[  223.389123][ T8205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.389140][ T8205]  ? __pfx__printk+0x10/0x10
[  223.389172][ T8205]  should_fail_ex+0x414/0x560
[  223.389201][ T8205]  _copy_to_user+0x31/0xb0
[  223.389225][ T8205]  simple_read_from_buffer+0xe1/0x170
[  223.389252][ T8205]  proc_fail_nth_read+0x1b3/0x220
[  223.389275][ T8205]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.389298][ T8205]  ? rw_verify_area+0x258/0x650
[  223.389317][ T8205]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.389338][ T8205]  vfs_read+0x1fd/0x980
[  223.389366][ T8205]  ? __pfx_vfs_read+0x10/0x10
[  223.389384][ T8205]  ? __wake_up_common_lock+0x190/0x1f0
[  223.389407][ T8205]  ? nfnetlink_unbind+0x8e/0x160
[  223.389424][ T8205]  ? __pfx_nfnetlink_unbind+0x10/0x10
[  223.389445][ T8205]  ? netlink_setsockopt+0x6e9/0x770
[  223.389467][ T8205]  ? __pfx_aa_sk_perm+0x10/0x10
[  223.389497][ T8205]  ksys_read+0x145/0x250
[  223.389520][ T8205]  ? __pfx_ksys_read+0x10/0x10
[  223.389546][ T8205]  ? do_syscall_64+0xbe/0x3b0
[  223.389571][ T8205]  do_syscall_64+0xfa/0x3b0
[  223.389591][ T8205]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.389612][ T8205]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.389627][ T8205]  ? clear_bhb_loop+0x60/0xb0
[  223.389645][ T8205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.389670][ T8205] RIP: 0033:0x7f50b798d3bc
[  223.389685][ T8205] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  223.389698][ T8205] RSP: 002b:00007f50b881e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  223.389717][ T8205] RAX: ffffffffffffffda RBX: 00007f50b7bb5fa0 RCX: 00007f50b798d3bc
[  223.389730][ T8205] RDX: 000000000000000f RSI: 00007f50b881e0a0 RDI: 0000000000000004
[  223.389741][ T8205] RBP: 00007f50b881e090 R08: 0000000000000000 R09: 0000000000000000
[  223.389754][ T8205] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.389765][ T8205] R13: 0000000000000000 R14: 00007f50b7bb5fa0 R15: 00007f50b7cdfa28
[  223.389790][ T8205]  </TASK>
[  224.023277][ T5988] usb 5-1: USB disconnect, device number 36
[  224.278047][ T8214] FAULT_INJECTION: forcing a failure.
[  224.278047][ T8214] name failslab, interval 1, probability 0, space 0, times 0
[  224.290896][ T8214] CPU: 0 UID: 0 PID: 8214 Comm: syz.4.715 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  224.290923][ T8214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.290933][ T8214] Call Trace:
[  224.290941][ T8214]  <TASK>
[  224.290948][ T8214]  dump_stack_lvl+0x189/0x250
[  224.290971][ T8214]  ? __pfx____ratelimit+0x10/0x10
[  224.290993][ T8214]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.291009][ T8214]  ? __pfx__printk+0x10/0x10
[  224.291034][ T8214]  ? __pfx___might_resched+0x10/0x10
[  224.291056][ T8214]  ? fs_reclaim_acquire+0x7d/0x100
[  224.291077][ T8214]  should_fail_ex+0x414/0x560
[  224.291106][ T8214]  should_failslab+0xa8/0x100
[  224.291124][ T8214]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  224.291147][ T8214]  ? __alloc_skb+0x112/0x2d0
[  224.291173][ T8214]  __alloc_skb+0x112/0x2d0
[  224.291199][ T8214]  netlink_ack+0x146/0xa50
[  224.291218][ T8214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  224.291239][ T8214]  ? ref_tracker_free+0x63a/0x7d0
[  224.291256][ T8214]  ? __asan_memcpy+0x40/0x70
[  224.291276][ T8214]  ? __pfx_ref_tracker_free+0x10/0x10
[  224.291291][ T8214]  ? __skb_clone+0x63/0x7a0
[  224.291318][ T8214]  netlink_rcv_skb+0x28c/0x470
[  224.291347][ T8214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  224.291371][ T8214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  224.291405][ T8214]  ? netlink_deliver_tap+0x2e/0x1b0
[  224.291435][ T8214]  netlink_unicast+0x82c/0x9e0
[  224.291462][ T8214]  ? __pfx_netlink_unicast+0x10/0x10
[  224.291485][ T8214]  ? netlink_sendmsg+0x642/0xb30
[  224.291505][ T8214]  ? skb_put+0x11b/0x210
[  224.291524][ T8214]  netlink_sendmsg+0x805/0xb30
[  224.291556][ T8214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.291581][ T8214]  ? aa_sock_msg_perm+0x94/0x160
[  224.291604][ T8214]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  224.291628][ T8214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.291651][ T8214]  __sock_sendmsg+0x21c/0x270
[  224.291675][ T8214]  ____sys_sendmsg+0x52d/0x830
[  224.291699][ T8214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.291725][ T8214]  ? import_iovec+0x74/0xa0
[  224.291750][ T8214]  ___sys_sendmsg+0x21f/0x2a0
[  224.291770][ T8214]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.291823][ T8214]  ? __fget_files+0x2a/0x420
[  224.291839][ T8214]  ? __fget_files+0x3a0/0x420
[  224.291865][ T8214]  __sys_sendmmsg+0x227/0x430
[  224.291886][ T8214]  ? __pfx___sys_sendmmsg+0x10/0x10
[  224.291907][ T8214]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  224.291955][ T8214]  ? ksys_write+0x22a/0x250
[  224.291978][ T8214]  ? __pfx_ksys_write+0x10/0x10
[  224.291997][ T8214]  ? rcu_is_watching+0x15/0xb0
[  224.292026][ T8214]  __x64_sys_sendmmsg+0xa0/0xc0
[  224.292046][ T8214]  do_syscall_64+0xfa/0x3b0
[  224.292067][ T8214]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.292087][ T8214]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.292102][ T8214]  ? clear_bhb_loop+0x60/0xb0
[  224.292122][ T8214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.292137][ T8214] RIP: 0033:0x7ff35dd8e9a9
[  224.292152][ T8214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.292165][ T8214] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  224.292182][ T8214] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  224.292194][ T8214] RDX: 0000000004924b68 RSI: 0000200000000140 RDI: 0000000000000005
[  224.292205][ T8214] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  224.292215][ T8214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.292224][ T8214] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  224.292249][ T8214]  </TASK>
[  224.849400][ T8216] FAULT_INJECTION: forcing a failure.
[  224.849400][ T8216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.862814][ T8216] CPU: 0 UID: 0 PID: 8216 Comm: syz.4.717 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  224.862831][ T8216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.862838][ T8216] Call Trace:
[  224.862844][ T8216]  <TASK>
[  224.862849][ T8216]  dump_stack_lvl+0x189/0x250
[  224.862863][ T8216]  ? __pfx____ratelimit+0x10/0x10
[  224.862878][ T8216]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.862888][ T8216]  ? __pfx__printk+0x10/0x10
[  224.862900][ T8216]  ? __might_fault+0xb0/0x130
[  224.862920][ T8216]  should_fail_ex+0x414/0x560
[  224.862938][ T8216]  _copy_from_iter+0x1db/0x16f0
[  224.862953][ T8216]  ? rcu_is_watching+0x15/0xb0
[  224.862969][ T8216]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  224.862984][ T8216]  ? __pfx__copy_from_iter+0x10/0x10
[  224.862997][ T8216]  ? __build_skb_around+0x257/0x3e0
[  224.863013][ T8216]  ? netlink_sendmsg+0x642/0xb30
[  224.863027][ T8216]  ? skb_put+0x11b/0x210
[  224.863038][ T8216]  netlink_sendmsg+0x6b2/0xb30
[  224.863056][ T8216]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.863072][ T8216]  ? aa_sock_msg_perm+0x94/0x160
[  224.863086][ T8216]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  224.863097][ T8216]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.863112][ T8216]  __sock_sendmsg+0x21c/0x270
[  224.863126][ T8216]  ____sys_sendmsg+0x505/0x830
[  224.863139][ T8216]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.863154][ T8216]  ? import_iovec+0x74/0xa0
[  224.863169][ T8216]  ___sys_sendmsg+0x21f/0x2a0
[  224.863180][ T8216]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.863208][ T8216]  ? __fget_files+0x2a/0x420
[  224.863217][ T8216]  ? __fget_files+0x3a0/0x420
[  224.863231][ T8216]  __x64_sys_sendmsg+0x19b/0x260
[  224.863269][ T8216]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  224.863284][ T8216]  ? __pfx_ksys_write+0x10/0x10
[  224.863296][ T8216]  ? rcu_is_watching+0x15/0xb0
[  224.863313][ T8216]  ? do_syscall_64+0xbe/0x3b0
[  224.863329][ T8216]  do_syscall_64+0xfa/0x3b0
[  224.863342][ T8216]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.863356][ T8216]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.863365][ T8216]  ? clear_bhb_loop+0x60/0xb0
[  224.863376][ T8216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.863386][ T8216] RIP: 0033:0x7ff35dd8e9a9
[  224.863395][ T8216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.863403][ T8216] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.863415][ T8216] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  224.863422][ T8216] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  224.863429][ T8216] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  224.863434][ T8216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.863440][ T8216] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  224.863455][ T8216]  </TASK>
[  225.300039][ T8225] FAULT_INJECTION: forcing a failure.
[  225.300039][ T8225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.313217][ T8225] CPU: 0 UID: 0 PID: 8225 Comm: syz.4.721 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  225.313233][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  225.313240][ T8225] Call Trace:
[  225.313245][ T8225]  <TASK>
[  225.313249][ T8225]  dump_stack_lvl+0x189/0x250
[  225.313265][ T8225]  ? __pfx____ratelimit+0x10/0x10
[  225.313279][ T8225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.313289][ T8225]  ? __pfx__printk+0x10/0x10
[  225.313307][ T8225]  should_fail_ex+0x414/0x560
[  225.313326][ T8225]  _copy_to_user+0x31/0xb0
[  225.313341][ T8225]  simple_read_from_buffer+0xe1/0x170
[  225.313358][ T8225]  proc_fail_nth_read+0x1b3/0x220
[  225.313372][ T8225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.313385][ T8225]  ? rw_verify_area+0x258/0x650
[  225.313398][ T8225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.313410][ T8225]  vfs_read+0x1fd/0x980
[  225.313427][ T8225]  ? __pfx_vfs_read+0x10/0x10
[  225.313438][ T8225]  ? netlink_realloc_groups+0x22b/0x340
[  225.313451][ T8225]  ? netlink_setsockopt+0x61f/0x770
[  225.313465][ T8225]  ? __pfx_aa_sk_perm+0x10/0x10
[  225.313482][ T8225]  ksys_read+0x145/0x250
[  225.313497][ T8225]  ? __pfx_ksys_read+0x10/0x10
[  225.313512][ T8225]  ? do_syscall_64+0xbe/0x3b0
[  225.313528][ T8225]  do_syscall_64+0xfa/0x3b0
[  225.313541][ T8225]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.313554][ T8225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.313572][ T8225]  ? clear_bhb_loop+0x60/0xb0
[  225.313584][ T8225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.313593][ T8225] RIP: 0033:0x7ff35dd8d3bc
[  225.313602][ T8225] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  225.313611][ T8225] RSP: 002b:00007ff35ec04030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  225.313625][ T8225] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8d3bc
[  225.313635][ T8225] RDX: 000000000000000f RSI: 00007ff35ec040a0 RDI: 0000000000000004
[  225.313645][ T8225] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  225.313655][ T8225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.313664][ T8225] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  225.313693][ T8225]  </TASK>
[  225.806450][ T8235] tipc: Started in network mode
[  225.811439][ T8235] tipc: Node identity 3e884fd19198, cluster identity 4711
[  225.812589][ T8197] delete_channel: no stack
[  225.822869][ T8235] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  225.832244][ T8235] syzkaller0: entered promiscuous mode
[  225.842423][ T8235] syzkaller0: entered allmulticast mode
[  226.083863][ T5988] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  226.235574][ T5988] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.627026][ T5988] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.659141][ T5988] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  226.679187][ T5988] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.700072][ T5988] usb 3-1: config 0 descriptor??
[  226.810212][ T8256] netlink: 'syz.4.733': attribute type 8 has an invalid length.
[  226.909557][ T8260] FAULT_INJECTION: forcing a failure.
[  226.909557][ T8260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.926130][ T8260] CPU: 0 UID: 0 PID: 8260 Comm: syz.1.734 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  226.926156][ T8260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.926166][ T8260] Call Trace:
[  226.926173][ T8260]  <TASK>
[  226.926180][ T8260]  dump_stack_lvl+0x189/0x250
[  226.926203][ T8260]  ? __pfx____ratelimit+0x10/0x10
[  226.926226][ T8260]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.926244][ T8260]  ? __pfx__printk+0x10/0x10
[  226.926264][ T8260]  ? __might_fault+0xb0/0x130
[  226.926296][ T8260]  should_fail_ex+0x414/0x560
[  226.926348][ T8260]  _copy_from_user+0x2d/0xb0
[  226.926370][ T8260]  ___sys_sendmsg+0x158/0x2a0
[  226.926390][ T8260]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.926451][ T8260]  ? __fget_files+0x2a/0x420
[  226.926467][ T8260]  ? __fget_files+0x3a0/0x420
[  226.926493][ T8260]  __x64_sys_sendmsg+0x19b/0x260
[  226.926513][ T8260]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  226.926541][ T8260]  ? __pfx_ksys_write+0x10/0x10
[  226.926560][ T8260]  ? rcu_is_watching+0x15/0xb0
[  226.926588][ T8260]  ? do_syscall_64+0xbe/0x3b0
[  226.926614][ T8260]  do_syscall_64+0xfa/0x3b0
[  226.926633][ T8260]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.926654][ T8260]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.926671][ T8260]  ? clear_bhb_loop+0x60/0xb0
[  226.926691][ T8260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.926706][ T8260] RIP: 0033:0x7f63c4d8e9a9
[  226.926721][ T8260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.926735][ T8260] RSP: 002b:00007f63c5b2c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.926755][ T8260] RAX: ffffffffffffffda RBX: 00007f63c4fb5fa0 RCX: 00007f63c4d8e9a9
[  226.926767][ T8260] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  226.926778][ T8260] RBP: 00007f63c5b2c090 R08: 0000000000000000 R09: 0000000000000000
[  226.926789][ T8260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.926799][ T8260] R13: 0000000000000000 R14: 00007f63c4fb5fa0 R15: 00007f63c50dfa28
[  226.926826][ T8260]  </TASK>
[  226.988199][   T43] tipc: Node number set to 2937081809
[  227.144273][   T10] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  227.193925][ T5988] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  227.304339][   T10] usb 5-1: Using ep0 maxpacket: 32
[  227.314386][   T10] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  227.327228][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.336480][   T10] usb 5-1: Product: syz
[  227.340752][   T10] usb 5-1: Manufacturer: syz
[  227.349085][   T10] usb 5-1: SerialNumber: syz
[  227.357484][   T10] usb 5-1: config 0 descriptor??
[  227.357915][ T5988] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device
[  227.370420][ T5988] pyra 0003:1E7D:2CF6.000C: couldn't install mouse
[  227.384195][   T10] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  227.397961][ T5988] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -32
[  227.424216][  T976] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  227.583991][  T976] usb 2-1: Using ep0 maxpacket: 32
[  227.590568][  T976] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  227.599217][  T976] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  227.608746][  T976] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  227.617921][  T976] usb 2-1: config 1 has no interface number 0
[  227.624988][  T976] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  227.635985][  T976] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 10229, setting to 1024
[  227.648320][  T976] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  227.661358][  T976] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  227.670447][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.704497][ T8262] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  227.721135][  T976] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  227.922872][ T8262] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  227.932950][  T976] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  228.232547][ T5988] usb 2-1: USB disconnect, device number 49
[  228.242775][ T5988] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  228.468860][ T8281] tipc: Resetting bearer <eth:syzkaller0>
[  228.830231][   T10] gspca_ov534_9: reg_r err -71
[  229.294041][   T10] gspca_ov534_9: Unknown sensor 0000
[  229.296952][   T10] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22
[  229.326165][   T10] usb 5-1: USB disconnect, device number 37
[  229.426207][ T5988] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  229.569858][ T8296] FAULT_INJECTION: forcing a failure.
[  229.569858][ T8296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.593477][ T8296] CPU: 0 UID: 0 PID: 8296 Comm: syz.4.746 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  229.593503][ T8296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  229.593513][ T8296] Call Trace:
[  229.593521][ T8296]  <TASK>
[  229.593533][ T8296]  dump_stack_lvl+0x189/0x250
[  229.593556][ T8296]  ? __pfx____ratelimit+0x10/0x10
[  229.593579][ T8296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.593597][ T8296]  ? __pfx__printk+0x10/0x10
[  229.593628][ T8296]  should_fail_ex+0x414/0x560
[  229.593656][ T8296]  _copy_from_user+0x2d/0xb0
[  229.593678][ T8296]  alg_setkey+0xb8/0x190
[  229.593701][ T8296]  alg_setsockopt+0x3da/0x4a0
[  229.593722][ T8296]  ? __pfx_alg_setsockopt+0x10/0x10
[  229.593744][ T8296]  do_sock_setsockopt+0x179/0x1b0
[  229.593767][ T8296]  __x64_sys_setsockopt+0x13f/0x1b0
[  229.593790][ T8296]  do_syscall_64+0xfa/0x3b0
[  229.593811][ T8296]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.593833][ T8296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.593850][ T8296]  ? clear_bhb_loop+0x60/0xb0
[  229.593871][ T8296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.593887][ T8296] RIP: 0033:0x7ff35dd8e9a9
[  229.593903][ T8296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.593917][ T8296] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  229.593936][ T8296] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  229.593949][ T8296] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003
[  229.593960][ T8296] RBP: 00007ff35ec04090 R08: 0000000000000011 R09: 0000000000000000
[  229.593970][ T8296] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  229.593982][ T8296] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  229.594010][ T8296]  </TASK>
[  229.813855][ T5988] usb 1-1: config 0 has no interfaces?
[  229.947683][ T5924] usb 3-1: USB disconnect, device number 34
[  230.016066][ T5988] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  230.034422][ T8274] tipc: Resetting bearer <eth:syzkaller0>
[  230.060680][ T5988] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.077799][ T5988] usb 1-1: Product: syz
[  230.087535][ T8298] FAULT_INJECTION: forcing a failure.
[  230.087535][ T8298] name failslab, interval 1, probability 0, space 0, times 0
[  230.111957][ T5988] usb 1-1: Manufacturer: syz
[  230.112630][ T8274] tipc: Disabling bearer <eth:syzkaller0>
[  230.126560][ T5988] usb 1-1: SerialNumber: syz
[  230.166386][ T5988] usb 1-1: config 0 descriptor??
[  230.173203][ T8298] CPU: 1 UID: 0 PID: 8298 Comm: syz.4.748 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  230.173227][ T8298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  230.173238][ T8298] Call Trace:
[  230.173245][ T8298]  <TASK>
[  230.173252][ T8298]  dump_stack_lvl+0x189/0x250
[  230.173276][ T8298]  ? __pfx____ratelimit+0x10/0x10
[  230.173299][ T8298]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.173324][ T8298]  ? __pfx__printk+0x10/0x10
[  230.173350][ T8298]  ? __pfx___might_resched+0x10/0x10
[  230.173372][ T8298]  ? fs_reclaim_acquire+0x7d/0x100
[  230.173395][ T8298]  should_fail_ex+0x414/0x560
[  230.173424][ T8298]  should_failslab+0xa8/0x100
[  230.173442][ T8298]  __kmalloc_noprof+0xcb/0x4f0
[  230.173462][ T8298]  ? kfree+0x4d/0x440
[  230.173480][ T8298]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  230.173507][ T8298]  tomoyo_realpath_from_path+0xe3/0x5d0
[  230.173543][ T8298]  tomoyo_check_open_permission+0x1c1/0x3b0
[  230.173562][ T8298]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  230.173584][ T8298]  ? tomoyo_check_open_permission+0x16a/0x3b0
[  230.173603][ T8298]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  230.173620][ T8298]  ? scm_recv_unix+0x204/0x360
[  230.173675][ T8298]  ? mnt_get_write_access+0x68/0x2a0
[  230.173698][ T8298]  ? tomoyo_file_open+0x165/0x220
[  230.173723][ T8298]  security_file_open+0xb1/0x270
[  230.173742][ T8298]  do_dentry_open+0x35e/0x1970
[  230.173774][ T8298]  vfs_open+0x3b/0x340
[  230.173794][ T8298]  dentry_open+0x61/0xa0
[  230.173811][ T8298]  pidfs_alloc_file+0x186/0x270
[  230.173834][ T8298]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  230.173865][ T8298]  pidfd_prepare+0x104/0x180
[  230.173883][ T8298]  scm_recv_unix+0x204/0x360
[  230.173900][ T8298]  ? trace_kmalloc+0x1f/0xd0
[  230.173921][ T8298]  ? __pfx_scm_recv_unix+0x10/0x10
[  230.173948][ T8298]  ? scm_fp_dup+0x259/0x3c0
[  230.173970][ T8298]  __unix_dgram_recvmsg+0x9ec/0xd60
[  230.174003][ T8298]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  230.174024][ T8298]  ? __pfx_aa_sk_perm+0x10/0x10
[  230.174046][ T8298]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  230.174058][ T8298]  ? unix_dgram_recvmsg+0xb1/0xd0
[  230.174076][ T8298]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  230.174096][ T8298]  sock_recvmsg+0x22c/0x270
[  230.174119][ T8298]  ____sys_recvmsg+0x1c9/0x460
[  230.174147][ T8298]  ? __pfx_____sys_recvmsg+0x10/0x10
[  230.174182][ T8298]  ? import_iovec+0x74/0xa0
[  230.174206][ T8298]  ___sys_recvmsg+0x1b5/0x510
[  230.174229][ T8298]  ? __pfx____sys_recvmsg+0x10/0x10
[  230.174272][ T8298]  ? __fget_files+0x3a0/0x420
[  230.174296][ T8298]  __x64_sys_recvmsg+0x198/0x260
[  230.174324][ T8298]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  230.174349][ T8298]  ? __pfx_ksys_write+0x10/0x10
[  230.174367][ T8298]  ? rcu_is_watching+0x15/0xb0
[  230.174392][ T8298]  ? do_syscall_64+0xbe/0x3b0
[  230.174413][ T8298]  do_syscall_64+0xfa/0x3b0
[  230.174429][ T8298]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.174446][ T8298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.174461][ T8298]  ? clear_bhb_loop+0x60/0xb0
[  230.174480][ T8298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.174495][ T8298] RIP: 0033:0x7ff35dd8e9a9
[  230.174510][ T8298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.174522][ T8298] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  230.174541][ T8298] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  230.174553][ T8298] RDX: 0000000000002142 RSI: 00002000000001c0 RDI: 0000000000000004
[  230.174564][ T8298] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  230.174573][ T8298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.174582][ T8298] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  230.174610][ T8298]  </TASK>
[  230.247045][ T8302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.250312][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.273251][ T8302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.279024][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.570540][    C1] hrtimer: interrupt took 395910332 ns
[  230.599433][ T8292] fuse: Bad value for 'fd'
[  230.606628][   T10] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  230.647687][ T8298] ERROR: Out of memory at tomoyo_realpath_from_path.
[  230.670620][    C1] vkms_vblank_simulate: vblank timer overrun
[  230.711372][ T8292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.721596][ T8292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.849044][   T10] usb 2-1: Using ep0 maxpacket: 16
[  230.907220][   T10] usb 2-1: device descriptor read/all, error -71
[  231.183802][ T5837] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  231.343934][ T5837] usb 5-1: Using ep0 maxpacket: 8
[  231.352614][ T5837] usb 5-1: config 37 has an invalid interface number: 13 but max is 0
[  231.389333][ T5837] usb 5-1: config 37 has no interface number 0
[  231.431598][ T5837] usb 5-1: config 37 interface 13 has no altsetting 0
[  231.487990][ T5837] usb 5-1: New USB device found, idVendor=0421, idProduct=0420, bcdDevice=e4.c4
[  231.530356][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.538931][ T8323] netlink: 12 bytes leftover after parsing attributes in process `syz.3.754'.
[  231.587390][ T5837] usb 5-1: Product: syz
[  231.616342][ T5837] usb 5-1: Manufacturer: syz
[  231.637201][ T5837] usb 5-1: SerialNumber: syz
[  232.400324][ T5924] usb 1-1: USB disconnect, device number 39
[  232.610795][   T30] audit: type=1326 audit(1753924999.313:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e198e9a9 code=0x7ffc0000
[  232.695208][   T30] audit: type=1326 audit(1753924999.313:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e198e9a9 code=0x7ffc0000
[  232.779389][   T30] audit: type=1326 audit(1753924999.313:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f44e198d310 code=0x7ffc0000
[  233.046124][   T30] audit: type=1326 audit(1753924999.313:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f44e198d45f code=0x7ffc0000
[  233.144385][   T10] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  233.232149][   T30] audit: type=1326 audit(1753924999.313:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f44e198e9a9 code=0x7ffc0000
[  233.293430][   T30] audit: type=1326 audit(1753924999.313:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f44e198e9e3 code=0x7ffc0000
[  233.320300][   T30] audit: type=1326 audit(1753924999.313:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f44e198e9e3 code=0x7ffc0000
[  233.342843][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.369324][   T30] audit: type=1326 audit(1753924999.313:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f44e198d3bc code=0x7ffc0000
[  233.391326][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.402826][   T30] audit: type=1326 audit(1753924999.313:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f44e198d45f code=0x7ffc0000
[  233.424854][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.438623][   T30] audit: type=1326 audit(1753924999.313:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8326 comm="syz.0.756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f44e198d60a code=0x7ffc0000
[  233.821605][ T5837] usb 5-1: bad CDC descriptors
[  233.922167][ T5837] usb 5-1: USB disconnect, device number 38
[  233.936212][   T10] usb 2-1: config 0 has no interfaces?
[  233.958893][   T10] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  234.050972][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.123460][   T10] usb 2-1: Product: syz
[  234.142108][   T10] usb 2-1: Manufacturer: syz
[  234.163588][   T10] usb 2-1: SerialNumber: syz
[  234.198133][   T10] usb 2-1: config 0 descriptor??
[  234.337279][ T8355] netlink: 'syz.0.763': attribute type 10 has an invalid length.
[  234.497019][ T8355] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  234.620577][ T8356] wg1: entered promiscuous mode
[  234.625633][ T8356] wg1: entered allmulticast mode
[  234.837667][ T8363] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  235.073487][ T8355] syz.0.763 (8355) used greatest stack depth: 19528 bytes left
[  235.527833][ T8365] netlink: 'syz.2.766': attribute type 12 has an invalid length.
[  235.798795][ T8369] program syz.2.767 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  236.078261][ T5988] usb 2-1: USB disconnect, device number 52
[  236.202153][ T8374] fuse: Unknown parameter 'ÿ0x0000000000000006'
[  236.404679][ T5924] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  236.533954][ T5924] usb 1-1: device descriptor read/64, error -71
[  236.657951][ T5988] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  236.668467][ T5988] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  236.824344][ T5924] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  236.964492][ T5924] usb 1-1: device descriptor read/64, error -71
[  237.154381][ T5924] usb usb1-port1: attempt power cycle
[  237.552761][ T8399] netlink: 1296 bytes leftover after parsing attributes in process `syz.3.776'.
[  237.863903][ T5924] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  237.883898][ T5910] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  237.894912][ T5924] usb 1-1: device descriptor read/8, error -71
[  238.045820][ T5910] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  238.054355][ T5910] usb 3-1: config 0 has no interface number 0
[  238.063860][ T5910] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  238.073646][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.111085][ T5910] usb 3-1: Product: syz
[  238.133102][ T5910] usb 3-1: Manufacturer: syz
[  238.137970][ T5924] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  238.156676][ T5910] usb 3-1: SerialNumber: syz
[  238.174421][ T5924] usb 1-1: device descriptor read/8, error -71
[  238.201234][ T5910] usb 3-1: config 0 descriptor??
[  238.228649][ T5910] hub 3-1:0.132: bad descriptor, ignoring hub
[  238.235463][ T5910] hub 3-1:0.132: probe with driver hub failed with error -5
[  238.265983][ T5910] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input12
[  238.277823][ T8409] program syz.4.779 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.308810][ T5924] usb usb1-port1: unable to enumerate USB device
[  238.537761][ T5924] usb 3-1: USB disconnect, device number 35
[  238.764002][ T5988] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  238.915846][ T5988] usb 5-1: Using ep0 maxpacket: 8
[  238.924146][ T5988] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  238.932856][ T5988] usb 5-1: config 0 has an invalid interface number: 21 but max is 0
[  238.958142][ T5988] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  238.969730][ T5988] usb 5-1: config 0 has no interface number 0
[  238.979276][ T5988] usb 5-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  238.996310][ T5988] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  239.006082][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  239.015405][ T5988] usb 5-1: Product: syz
[  239.189062][ T5988] usb 5-1: config 0 descriptor??
[  239.206345][ T8420] FAULT_INJECTION: forcing a failure.
[  239.206345][ T8420] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  239.277227][ T8420] CPU: 1 UID: 0 PID: 8420 Comm: syz.0.783 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  239.277253][ T8420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  239.277264][ T8420] Call Trace:
[  239.277272][ T8420]  <TASK>
[  239.277280][ T8420]  dump_stack_lvl+0x189/0x250
[  239.277303][ T8420]  ? __pfx____ratelimit+0x10/0x10
[  239.277326][ T8420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.277344][ T8420]  ? __pfx__printk+0x10/0x10
[  239.277366][ T8420]  ? fs_reclaim_acquire+0x7d/0x100
[  239.277394][ T8420]  should_fail_ex+0x414/0x560
[  239.277423][ T8420]  prepare_alloc_pages+0x213/0x610
[  239.277448][ T8420]  __alloc_frozen_pages_noprof+0x123/0x370
[  239.277471][ T8420]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  239.277494][ T8420]  ? __lock_acquire+0xab9/0xd20
[  239.277526][ T8420]  alloc_pages_mpol+0x232/0x4a0
[  239.277555][ T8420]  alloc_pages_noprof+0xa9/0x190
[  239.277580][ T8420]  pte_alloc_one+0x21/0x170
[  239.277600][ T8420]  __pte_alloc+0x25/0x1a0
[  239.277622][ T8420]  __handle_mm_fault+0x4b8a/0x5620
[  239.277663][ T8420]  ? __pfx___handle_mm_fault+0x10/0x10
[  239.277706][ T8420]  ? find_vma+0xe7/0x160
[  239.277726][ T8420]  ? __pfx_find_vma+0x10/0x10
[  239.277752][ T8420]  handle_mm_fault+0x40a/0x8e0
[  239.277783][ T8420]  do_user_addr_fault+0x764/0x1390
[  239.277820][ T8420]  exc_page_fault+0x76/0xf0
[  239.277845][ T8420]  asm_exc_page_fault+0x26/0x30
[  239.277861][ T8420] RIP: 0010:rep_movs_alternative+0xf/0x90
[  239.277879][ T8420] Code: c4 10 e9 14 0b 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[  239.277894][ T8420] RSP: 0018:ffffc900047c7ad8 EFLAGS: 00050202
[  239.277919][ T8420] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004
[  239.277930][ T8420] RDX: 0000000000000001 RSI: 0000200000000180 RDI: ffffc900047c7b80
[  239.277941][ T8420] RBP: ffffc900047c7e10 R08: 0000000000000003 R09: 0000000000000004
[  239.277952][ T8420] R10: dffffc0000000000 R11: fffff520008f8f70 R12: dffffc0000000001
[  239.277965][ T8420] R13: ffffc900047c7b80 R14: ffffc900047c7b80 R15: 0000200000000180
[  239.277996][ T8420]  _copy_from_user+0x7a/0xb0
[  239.278049][ T8420]  do_ipv6_setsockopt+0x23e/0x2eb0
[  239.278081][ T8420]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  239.278102][ T8420]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  239.278135][ T8420]  ? vfs_write+0x8d8/0xa90
[  239.278160][ T8420]  ? __pfx___might_resched+0x10/0x10
[  239.278191][ T8420]  ? __lock_acquire+0xab9/0xd20
[  239.278217][ T8420]  ? aa_sk_perm+0x81e/0x950
[  239.278242][ T8420]  ? __pfx_aa_sk_perm+0x10/0x10
[  239.278270][ T8420]  ? __fget_files+0x2a/0x420
[  239.278291][ T8420]  ipv6_setsockopt+0x59/0x170
[  239.278311][ T8420]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  239.278336][ T8420]  do_sock_setsockopt+0x179/0x1b0
[  239.278358][ T8420]  __x64_sys_setsockopt+0x13f/0x1b0
[  239.278381][ T8420]  do_syscall_64+0xfa/0x3b0
[  239.278401][ T8420]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.278422][ T8420]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.278438][ T8420]  ? clear_bhb_loop+0x60/0xb0
[  239.278459][ T8420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.278475][ T8420] RIP: 0033:0x7f44e198e9a9
[  239.278489][ T8420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.278502][ T8420] RSP: 002b:00007f44e2784038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  239.278518][ T8420] RAX: ffffffffffffffda RBX: 00007f44e1bb5fa0 RCX: 00007f44e198e9a9
[  239.278530][ T8420] RDX: 000000000000002e RSI: 0000000000000029 RDI: 0000000000000003
[  239.278540][ T8420] RBP: 00007f44e2784090 R08: 0000000000000108 R09: 0000000000000000
[  239.278550][ T8420] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  239.278560][ T8420] R13: 0000000000000000 R14: 00007f44e1bb5fa0 R15: 00007f44e1cdfa28
[  239.278589][ T8420]  </TASK>
[  239.675642][ T8418] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  239.723620][ T5837] usb 5-1: USB disconnect, device number 39
[  240.617728][ T8441] loop2: detected capacity change from 0 to 7
[  240.636246][ T8441] Dev loop2: unable to read RDB block 7
[  240.642024][ T8441]  loop2: unable to read partition table
[  240.668015][ T8441] loop2: partition table beyond EOD, truncated
[  240.675231][ T8441] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  240.848993][ T8451] program syz.0.790 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.316487][ T5988] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  241.404013][ T5924] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[  241.519206][ T5988] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  241.530409][ T5988] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  241.580937][ T8475] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  241.600874][ T5988] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  241.609870][ T5988] usb 1-1: config 1 has no interface number 0
[  241.621677][ T5988] usb 1-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  241.634472][ T5988] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  241.647965][ T5924] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  241.659089][ T5924] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  241.692727][ T5988] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  241.708660][ T5924] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  241.775641][ T5988] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.785715][ T5988] usb 1-1: Product: syz
[  241.789895][ T5988] usb 1-1: Manufacturer: syz
[  241.803903][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.813912][ T5988] usb 1-1: SerialNumber: syz
[  242.037576][ T5924] usb 3-1: GET_CAPABILITIES returned 0
[  242.043471][ T5924] usbtmc 3-1:16.0: can't read capabilities
[  242.263273][ T5924] usb 3-1: USB disconnect, device number 36
[  242.269522][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  242.269539][   T30] audit: type=1400 audit(1753925008.973:262): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8458 comm="syz.0.794"
[  242.276385][   T10] usb 1-1: USB disconnect, device number 44
[  243.267817][   T24] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  243.572017][   T24] usb 2-1: config 0 has no interfaces?
[  243.593973][   T24] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  243.603228][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.643751][   T24] usb 2-1: Product: syz
[  243.708177][   T24] usb 2-1: Manufacturer: syz
[  243.732755][   T24] usb 2-1: SerialNumber: syz
[  243.778854][   T24] usb 2-1: config 0 descriptor??
[  244.184055][   T10] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  244.325836][ T8500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.335912][ T8500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.430647][   T10] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[  244.440190][   T10] usb 1-1: config 0 has no interface number 0
[  244.451195][   T10] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  244.496870][   T10] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  244.543453][   T10] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  244.554869][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.694026][ T8540] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  244.700592][ T8540] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  244.714085][   T10] usb 1-1: Product: syz
[  244.745897][   T10] usb 1-1: Manufacturer: syz
[  244.759509][   T10] usb 1-1: SerialNumber: syz
[  244.789741][   T10] usb 1-1: config 0 descriptor??
[  244.812017][ T8540] vhci_hcd vhci_hcd.0: Device attached
[  244.823983][ T8524] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  244.858761][   T10] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  244.925750][ T8541] vhci_hcd: connection closed
[  244.929116][   T59] vhci_hcd: stop threads
[  244.949851][   T10] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  244.992504][   T59] vhci_hcd: release socket
[  245.016375][   T59] vhci_hcd: disconnect device
[  245.230758][ T8555] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  245.315245][   T10] usb 1-1: USB disconnect, device number 45
[  245.404347][   T10] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  245.458572][   T10] cyberjack 1-1:0.69: device disconnected
[  246.143982][ T5910] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  246.357590][ T5910] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  246.371093][ T5910] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.458292][ T5910] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  246.487519][ T5910] usb 1-1: config 1 has no interface number 0
[  246.528669][ T5837] usb 2-1: USB disconnect, device number 53
[  246.540893][ T5910] usb 1-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  246.609158][ T5910] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  246.730912][ T5910] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  246.802785][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.865284][ T5910] usb 1-1: Product: syz
[  246.870775][ T5910] usb 1-1: Manufacturer: syz
[  246.877756][ T5910] usb 1-1: SerialNumber: syz
[  247.083795][ T5837] usb 3-1: new low-speed USB device number 38 using dummy_hcd
[  247.233184][ T8592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.818'.
[  247.250510][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  247.275632][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.303163][ T5837] usb 3-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  247.310329][ T5910] usb 1-1: USB disconnect, device number 46
[  247.318649][   T30] audit: type=1400 audit(1753925014.003:263): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8565 comm="syz.0.813"
[  247.320798][ T5837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.467490][ T5837] usb 3-1: config 0 descriptor??
[  247.589705][ T8599] loop2: detected capacity change from 0 to 7
[  247.611328][ T8599] Dev loop2: unable to read RDB block 7
[  247.651187][ T8599]  loop2: unable to read partition table
[  247.651457][ T8599] loop2: partition table beyond EOD, truncated
[  247.651496][ T8599] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  247.728259][ T8602] syzkaller1: entered promiscuous mode
[  247.728281][ T8602] syzkaller1: entered allmulticast mode
[  247.972537][ T5837] glorious 0003:258A:0036.000E: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.2-1/input0
[  248.191123][ T8581] syz.2.814 (8581): drop_caches: 2
[  248.262411][ T8623] netlink: 12 bytes leftover after parsing attributes in process `syz.3.827'.
[  248.271480][   T30] audit: type=1326 audit(1753925014.943:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  248.375556][   T30] audit: type=1326 audit(1753925014.943:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  248.439820][   T30] audit: type=1326 audit(1753925014.953:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  248.659894][   T30] audit: type=1326 audit(1753925014.953:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63c4d8e9e3 code=0x7ffc0000
[  248.861682][ T8635] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  248.963837][   T30] audit: type=1326 audit(1753925014.953:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63c4d8e9e3 code=0x7ffc0000
[  249.047686][   T30] audit: type=1326 audit(1753925014.953:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8620 comm="syz.1.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  249.812207][ T8652] netlink: 'syz.0.834': attribute type 30 has an invalid length.
[  249.834144][ T8652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.834'.
[  249.846709][ T5925] usb 3-1: USB disconnect, device number 38
[  249.886636][ T8652] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  250.443917][ T5925] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  250.634093][ T5837] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  250.643585][ T5925] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  250.661122][ T5925] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  250.673116][ T5925] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  250.683636][ T5925] usb 3-1: config 1 has no interface number 0
[  250.692806][ T5925] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  250.706738][ T5925] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  250.740620][ T5925] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  250.751142][ T5925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.761162][ T5925] usb 3-1: Product: syz
[  250.765356][ T5925] usb 3-1: Manufacturer: syz
[  250.770045][ T5925] usb 3-1: SerialNumber: syz
[  250.814002][ T5837] usb 1-1: Using ep0 maxpacket: 32
[  250.892995][ T5837] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  250.901415][ T5837] usb 1-1: config 0 has no interface number 0
[  250.912581][ T5837] usb 1-1: config 0 interface 12 has no altsetting 0
[  250.935013][ T5837] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  250.953794][ T5837] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.973419][ T5837] usb 1-1: Product: syz
[  251.029036][ T5837] usb 1-1: Manufacturer: syz
[  251.033676][ T5837] usb 1-1: SerialNumber: syz
[  251.047230][ T5837] usb 1-1: config 0 descriptor??
[  251.114048][ T5903] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  251.188142][ T5925] usb 3-1: USB disconnect, device number 39
[  251.422689][ T5903] usb 5-1: config 0 has no interfaces?
[  251.567728][ T5903] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  251.580852][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.594079][ T5903] usb 5-1: Product: syz
[  251.598264][ T5903] usb 5-1: Manufacturer: syz
[  251.608598][ T5903] usb 5-1: SerialNumber: syz
[  251.620302][ T5903] usb 5-1: config 0 descriptor??
[  251.669782][ T5837] f81534 1-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71
[  251.681303][ T5837] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  251.869951][ T8678] netlink: 12 bytes leftover after parsing attributes in process `syz.1.843'.
[  251.882260][ T8678] input: syz0 as /devices/virtual/input/input13
[  251.909380][ T5837] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  252.010076][ T8682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.020168][ T8682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.069804][ T5837] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  252.136228][ T5837] usb 1-1: USB disconnect, device number 47
[  252.549987][ T5903] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  252.683815][ T5903] usb 3-1: device descriptor read/64, error -71
[  252.885326][ T8695] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  252.963789][ T5903] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  253.103770][ T5903] usb 3-1: device descriptor read/64, error -71
[  253.226871][ T5903] usb usb3-port1: attempt power cycle
[  253.605129][ T5903] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  253.625109][ T5903] usb 3-1: device descriptor read/8, error -71
[  253.747501][ T8703] kvm: pic: non byte write
[  253.754059][   T10] usb 2-1: new low-speed USB device number 54 using dummy_hcd
[  253.863959][ T5903] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  253.887293][ T5903] usb 3-1: device descriptor read/8, error -71
[  253.909018][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  253.920626][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.966036][   T10] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  254.003308][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.011885][ T5903] usb usb3-port1: unable to enumerate USB device
[  254.038415][   T10] usb 2-1: config 0 descriptor??
[  254.391127][ T5903] usb 5-1: USB disconnect, device number 40
[  254.571004][   T10] glorious 0003:258A:0036.000F: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.1-1/input0
[  254.849343][ T8699] syz.1.849 (8699): drop_caches: 2
[  255.576652][ T8739] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  255.599755][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.606096][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.863752][ T5924] usb 3-1: new full-speed USB device number 44 using dummy_hcd
[  255.883802][ T5910] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  256.028486][ T5924] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  256.053487][ T5910] usb 1-1: Using ep0 maxpacket: 8
[  256.076223][ T5910] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  256.089522][ T5924] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  256.130044][ T5910] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  256.143167][ T5924] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  256.152439][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  256.163972][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.173616][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  256.188307][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  256.202013][ T5910] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  256.218548][ T5910] usb 1-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  256.234219][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.243303][ T5910] usb 1-1: Product: syz
[  256.272865][ T5910] usb 1-1: Manufacturer: syz
[  256.300549][ T5910] usb 1-1: SerialNumber: syz
[  256.312308][ T5910] usb 1-1: config 0 descriptor??
[  256.319587][ T8741] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  256.335525][ T5910] ati_remote 1-1:0.0: ati_remote_probe: Unexpected endpoint_out
[  256.347508][ T5988] usb 2-1: USB disconnect, device number 54
[  256.391612][ T5924] usb 3-1: GET_CAPABILITIES returned 0
[  256.397277][ T5924] usbtmc 3-1:16.0: can't read capabilities
[  256.533232][ T8741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.552555][ T8741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.597151][ T8741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.635458][ T5910] usb 3-1: USB disconnect, device number 44
[  256.646108][ T8741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.660151][ T8749] netlink: 'syz.1.867': attribute type 2 has an invalid length.
[  256.721159][ T8749] ve_0: entered promiscuous mode
[  256.806501][ T5903] usb 1-1: USB disconnect, device number 48
[  257.063373][ T8771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.087649][ T8771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.549842][ T8784] netlink: 'syz.1.873': attribute type 12 has an invalid length.
[  257.686295][ T8789] program syz.0.877 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  257.994477][ T8795] program syz.3.879 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.325532][ T8800] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  259.518804][   T30] audit: type=1326 audit(1753925026.223:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  259.629857][   T30] audit: type=1326 audit(1753925026.263:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63c4d8d310 code=0x7ffc0000
[  259.718464][   T30] audit: type=1326 audit(1753925026.263:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f63c4d8d45f code=0x7ffc0000
[  259.744198][   T30] audit: type=1326 audit(1753925026.263:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  259.771071][   T30] audit: type=1326 audit(1753925026.263:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63c4d8e9e3 code=0x7ffc0000
[  259.876108][   T30] audit: type=1326 audit(1753925026.263:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63c4d8e9e3 code=0x7ffc0000
[  259.958967][   T30] audit: type=1326 audit(1753925026.263:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f63c4d8d3bc code=0x7ffc0000
[  260.035336][   T30] audit: type=1326 audit(1753925026.263:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f63c4d8d45f code=0x7ffc0000
[  260.131276][   T30] audit: type=1326 audit(1753925026.263:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f63c4d8d60a code=0x7ffc0000
[  260.201858][   T30] audit: type=1326 audit(1753925026.263:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8811 comm="syz.1.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c4d8e9a9 code=0x7ffc0000
[  260.562085][ T8829] loop6: detected capacity change from 0 to 63
[  260.613333][ T8829] Buffer I/O error on dev loop6, logical block 0, async page read
[  260.636879][ T8829] Buffer I/O error on dev loop6, logical block 1, async page read
[  260.646270][ T8829] Buffer I/O error on dev loop6, logical block 2, async page read
[  260.681847][ T8829] Buffer I/O error on dev loop6, logical block 3, async page read
[  260.691231][ T8832] Buffer I/O error on dev loop6, logical block 0, async page read
[  260.826374][ T8832] Buffer I/O error on dev loop6, logical block 1, async page read
[  260.945580][ T8839] netlink: 'syz.1.890': attribute type 13 has an invalid length.
[  260.998860][ T8832] Buffer I/O error on dev loop6, logical block 2, async page read
[  261.007090][ T8838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.893'.
[  261.104031][ T8832] Buffer I/O error on dev loop6, logical block 3, async page read
[  261.112156][ T6188] Buffer I/O error on dev loop6, logical block 0, async page read
[  261.120636][ T6188] Buffer I/O error on dev loop6, logical block 1, async page read
[  261.362684][   T10] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  261.523796][   T10] usb 1-1: Using ep0 maxpacket: 8
[  261.532072][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  261.577023][   T10] usb 1-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[  261.586110][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.594723][   T10] usb 1-1: Product: syz
[  261.599048][   T10] usb 1-1: Manufacturer: syz
[  261.603643][   T10] usb 1-1: SerialNumber: syz
[  261.617601][   T10] usb 1-1: config 0 descriptor??
[  261.626090][   T10] gspca_main: stk014-2.14.0 probing 05e1:0893
[  261.632200][   T10] usb 1-1: selecting invalid altsetting 1
[  261.756101][ T8839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.777405][ T8839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.829458][   T10] gspca_stk014: reg_r err -71
[  261.834574][   T10] stk014 1-1:0.0: probe with driver stk014 failed with error -71
[  261.868429][   T10] usb 1-1: USB disconnect, device number 49
[  262.083205][ T1036] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.114581][ T1036] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  262.123406][ T1036] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.166352][ T1036] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  262.181299][ T8854] dlm: no locking on control device
[  262.185457][ T1036] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.211397][ T1036] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  262.261084][ T1036] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.290542][ T1036] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  262.414021][   T10] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  262.615078][   T10] usb 3-1: Using ep0 maxpacket: 32
[  262.621970][   T10] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  262.630897][   T10] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  262.675222][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  262.699199][   T10] usb 3-1: config 1 has no interface number 0
[  262.706135][   T10] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  262.717554][   T10] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 10229, setting to 1024
[  262.784832][   T10] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  262.799841][   T10] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  262.811656][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.828006][ T8855] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  262.840812][   T10] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  263.047581][ T8855] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  263.075079][   T10] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  263.462773][ T5924] usb 3-1: USB disconnect, device number 45
[  263.470029][ T5924] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  263.934412][ T8890] netlink: 'syz.1.908': attribute type 12 has an invalid length.
[  264.384536][ T8895] netlink: 'syz.0.909': attribute type 12 has an invalid length.
[  265.595046][ T8913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.628468][ T8913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.813619][ T8921] netlink: 32 bytes leftover after parsing attributes in process `syz.4.920'.
[  266.343315][ T5925] usb 2-1: new low-speed USB device number 55 using dummy_hcd
[  266.648820][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  266.691184][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.758408][ T5925] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  266.834024][ T8942] netlink: 'syz.3.927': attribute type 30 has an invalid length.
[  266.865877][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.3.927'.
[  266.915564][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.975645][ T5925] usb 2-1: config 0 descriptor??
[  267.084177][ T8942] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  267.528943][ T5925] glorious 0003:258A:0036.0010: item fetching failed at offset 0/2
[  267.564293][ T5925] glorious 0003:258A:0036.0010: probe with driver glorious failed with error -22
[  267.769355][ T8923] syz.1.918 (8923): drop_caches: 2
[  267.925889][ T8955] netlink: 244 bytes leftover after parsing attributes in process `syz.0.930'.
[  268.894352][ T5910] usb 2-1: USB disconnect, device number 55
[  269.333402][ T8977] team0 (unregistering): Port device team_slave_0 removed
[  269.338259][ T8980] netlink: 144 bytes leftover after parsing attributes in process `syz.1.940'.
[  269.349761][ T5924] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  269.358082][ T8977] team0 (unregistering): Port device team_slave_1 removed
[  269.381974][ T8977] team0 (unregistering): Port device geneve0 removed
[  269.437192][ T8984] FAULT_INJECTION: forcing a failure.
[  269.437192][ T8984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.463566][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.1.941 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  269.463610][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  269.463630][ T8984] Call Trace:
[  269.463638][ T8984]  <TASK>
[  269.463645][ T8984]  dump_stack_lvl+0x189/0x250
[  269.463671][ T8984]  ? __pfx____ratelimit+0x10/0x10
[  269.463692][ T8984]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.463715][ T8984]  ? __pfx__printk+0x10/0x10
[  269.463735][ T8984]  ? __might_fault+0xb0/0x130
[  269.463769][ T8984]  should_fail_ex+0x414/0x560
[  269.463797][ T8984]  _copy_from_iter+0x1db/0x16f0
[  269.463822][ T8984]  ? rcu_is_watching+0x15/0xb0
[  269.463846][ T8984]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  269.463869][ T8984]  ? __pfx__copy_from_iter+0x10/0x10
[  269.463890][ T8984]  ? __build_skb_around+0x257/0x3e0
[  269.463916][ T8984]  ? netlink_sendmsg+0x642/0xb30
[  269.463936][ T8984]  ? skb_put+0x11b/0x210
[  269.463956][ T8984]  netlink_sendmsg+0x6b2/0xb30
[  269.463987][ T8984]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.464012][ T8984]  ? aa_sock_msg_perm+0x94/0x160
[  269.464034][ T8984]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  269.464050][ T8984]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.464072][ T8984]  __sock_sendmsg+0x21c/0x270
[  269.464096][ T8984]  ____sys_sendmsg+0x505/0x830
[  269.464120][ T8984]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.464147][ T8984]  ? import_iovec+0x74/0xa0
[  269.464171][ T8984]  ___sys_sendmsg+0x21f/0x2a0
[  269.464197][ T8984]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.464249][ T8984]  ? __fget_files+0x2a/0x420
[  269.464265][ T8984]  ? __fget_files+0x3a0/0x420
[  269.464291][ T8984]  __x64_sys_sendmsg+0x19b/0x260
[  269.464311][ T8984]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  269.464339][ T8984]  ? __pfx_ksys_write+0x10/0x10
[  269.464358][ T8984]  ? rcu_is_watching+0x15/0xb0
[  269.464384][ T8984]  ? do_syscall_64+0xbe/0x3b0
[  269.464409][ T8984]  do_syscall_64+0xfa/0x3b0
[  269.464428][ T8984]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.464447][ T8984]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.464462][ T8984]  ? clear_bhb_loop+0x60/0xb0
[  269.464481][ T8984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.464496][ T8984] RIP: 0033:0x7f63c4d8e9a9
[  269.464512][ T8984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.464526][ T8984] RSP: 002b:00007f63c5b2c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.464545][ T8984] RAX: ffffffffffffffda RBX: 00007f63c4fb5fa0 RCX: 00007f63c4d8e9a9
[  269.464557][ T8984] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  269.464567][ T8984] RBP: 00007f63c5b2c090 R08: 0000000000000000 R09: 0000000000000000
[  269.464575][ T8984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.464584][ T8984] R13: 0000000000000000 R14: 00007f63c4fb5fa0 R15: 00007f63c50dfa28
[  269.464611][ T8984]  </TASK>
[  269.746865][ T5924] usb 3-1: device descriptor read/64, error -71
[  269.766422][   T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  269.776071][   T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  269.787351][   T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  269.802769][   T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  269.894875][ T5910] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  269.983864][ T5924] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  270.064357][ T5910] usb 1-1: Using ep0 maxpacket: 8
[  270.073071][ T5910] usb 1-1: config index 0 descriptor too short (expected 6427, got 27)
[  270.097126][ T5910] usb 1-1: config 0 has an invalid interface number: 21 but max is 0
[  270.121207][ T5910] usb 1-1: config 0 has no interface number 0
[  270.127412][ T5924] usb 3-1: device descriptor read/64, error -71
[  270.158364][ T5910] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  270.170435][ T5910] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  270.184303][ T5910] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  270.199358][ T5910] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  270.209796][ T5910] usb 1-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  270.220295][ T5910] usb 1-1: Product: syz
[  270.227444][ T5910] usb 1-1: config 0 descriptor??
[  270.271715][ T5924] usb usb3-port1: attempt power cycle
[  270.277950][ T8982] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  270.498727][ T5910] usb 1-1: USB disconnect, device number 50
[  270.592402][ T9003] FAULT_INJECTION: forcing a failure.
[  270.592402][ T9003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.608136][ T9003] CPU: 1 UID: 0 PID: 9003 Comm: syz.3.948 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  270.608165][ T9003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  270.608176][ T9003] Call Trace:
[  270.608184][ T9003]  <TASK>
[  270.608192][ T9003]  dump_stack_lvl+0x189/0x250
[  270.608214][ T9003]  ? __pfx____ratelimit+0x10/0x10
[  270.608237][ T9003]  ? __pfx_dump_stack_lvl+0x10/0x10
[  270.608254][ T9003]  ? __pfx__printk+0x10/0x10
[  270.608286][ T9003]  should_fail_ex+0x414/0x560
[  270.608315][ T9003]  _copy_to_user+0x31/0xb0
[  270.608338][ T9003]  simple_read_from_buffer+0xe1/0x170
[  270.608367][ T9003]  proc_fail_nth_read+0x1b3/0x220
[  270.608389][ T9003]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  270.608411][ T9003]  ? rw_verify_area+0x258/0x650
[  270.608431][ T9003]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  270.608450][ T9003]  vfs_read+0x1fd/0x980
[  270.608470][ T9003]  ? fdget_pos+0x247/0x320
[  270.608490][ T9003]  ? __pfx___mutex_lock+0x10/0x10
[  270.608512][ T9003]  ? __pfx_vfs_read+0x10/0x10
[  270.608534][ T9003]  ? __fget_files+0x2a/0x420
[  270.608554][ T9003]  ? __fget_files+0x3a0/0x420
[  270.608568][ T9003]  ? __fget_files+0x2a/0x420
[  270.608592][ T9003]  ksys_read+0x145/0x250
[  270.608616][ T9003]  ? __pfx_ksys_read+0x10/0x10
[  270.608637][ T9003]  ? __secure_computing+0xe2/0x2a0
[  270.608661][ T9003]  do_syscall_64+0xfa/0x3b0
[  270.608681][ T9003]  ? lockdep_hardirqs_on+0x9c/0x150
[  270.608701][ T9003]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.608717][ T9003]  ? clear_bhb_loop+0x60/0xb0
[  270.608736][ T9003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.608751][ T9003] RIP: 0033:0x7fc11a98d3bc
[  270.608767][ T9003] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  270.608781][ T9003] RSP: 002b:00007fc11b7ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  270.608800][ T9003] RAX: ffffffffffffffda RBX: 00007fc11abb5fa0 RCX: 00007fc11a98d3bc
[  270.608812][ T9003] RDX: 000000000000000f RSI: 00007fc11b7ef0a0 RDI: 0000000000000003
[  270.608823][ T9003] RBP: 00007fc11b7ef090 R08: 0000000000000000 R09: 0000000000000000
[  270.608833][ T9003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.608843][ T9003] R13: 0000000000000000 R14: 00007fc11abb5fa0 R15: 00007fc11acdfa28
[  270.608870][ T9003]  </TASK>
[  270.844423][ T5924] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  270.934383][ T5924] usb 3-1: device descriptor read/8, error -71
[  271.174194][ T5924] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  271.206732][ T5924] usb 3-1: device descriptor read/8, error -71
[  271.314063][ T5924] usb usb3-port1: unable to enumerate USB device
[  271.517004][ T9018] netlink: 'syz.0.951': attribute type 12 has an invalid length.
[  272.404026][ T5925] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  272.589351][ T9041] fuse: blksize only supported for fuseblk
[  272.596001][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  272.603034][ T5925] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  272.613820][ T5925] usb 2-1: config 1 has no interface number 0
[  272.619926][ T5925] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  272.633578][ T5925] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  272.645404][ T5925] usb 2-1: config 1 interface 105 has no altsetting 0
[  272.669226][ T5925] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  272.678457][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.723323][ T5925] usb 2-1: Product: syz
[  272.734555][ T5925] usb 2-1: Manufacturer: syz
[  272.744374][ T5925] usb 2-1: SerialNumber: syz
[  272.770576][ T9028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  272.799824][ T9028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  273.223771][ T5910] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  273.250597][ T9028] sctp: [Deprecated]: syz.1.956 (pid 9028) Use of struct sctp_assoc_value in delayed_ack socket option.
[  273.250597][ T9028] Use struct sctp_sack_info instead
[  273.280471][ T9028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  273.291890][ T9028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  273.377325][ T5910] usb 5-1: device descriptor read/64, error -71
[  273.509754][ T9057] trusted_key: encrypted_key: insufficient parameters specified
[  273.527705][ T9057] netlink: 12 bytes leftover after parsing attributes in process `syz.0.968'.
[  273.627309][ T5910] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  273.794155][ T5910] usb 5-1: device descriptor read/64, error -71
[  273.904356][ T5910] usb usb5-port1: attempt power cycle
[  273.923312][ T9028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.022225][ T9028] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.134907][ T5925] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  274.161166][ T5925] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  274.220532][ T5925] aqc111 2-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[  274.255735][ T5910] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  274.257731][ T5925] usb 2-1: USB disconnect, device number 56
[  274.279402][   T24] usb 1-1: new full-speed USB device number 51 using dummy_hcd
[  274.304507][ T5910] usb 5-1: device descriptor read/8, error -71
[  274.332497][ T5925] aqc111 2-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  274.445790][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.481339][   T24] usb 1-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  274.505601][ T5925] aqc111 2-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  274.516852][ T5925] aqc111 2-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  274.533738][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.547812][   T24] usb 1-1: config 0 descriptor??
[  274.563855][ T5925] aqc111 2-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  274.583899][ T5910] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  274.607504][ T5910] usb 5-1: device descriptor read/8, error -71
[  274.734098][ T5910] usb usb5-port1: unable to enumerate USB device
[  274.849315][ T9075] erspan1: entered promiscuous mode
[  274.986155][   T24] nintendo 0003:057E:200E.0011: unbalanced delimiter at end of report description
[  274.999382][   T24] nintendo 0003:057E:200E.0011: HID parse failed
[  275.010780][   T24] nintendo 0003:057E:200E.0011: probe - fail = -22
[  275.019784][   T24] nintendo 0003:057E:200E.0011: probe with driver nintendo failed with error -22
[  275.176496][   T24] usb 1-1: USB disconnect, device number 51
[  275.206266][ T9087] netlink: 'syz.1.979': attribute type 1 has an invalid length.
[  275.233947][ T9087] input: syz1 as /devices/virtual/input/input15
[  276.116621][ T9104] netlink: 12 bytes leftover after parsing attributes in process `syz.1.986'.
[  276.210530][ T9106] program syz.4.987 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.220736][ T9106] FAULT_INJECTION: forcing a failure.
[  276.220736][ T9106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.234032][   T24] usb 1-1: new low-speed USB device number 52 using dummy_hcd
[  276.248810][ T9106] CPU: 1 UID: 0 PID: 9106 Comm: syz.4.987 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  276.248833][ T9106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  276.248843][ T9106] Call Trace:
[  276.248850][ T9106]  <TASK>
[  276.248857][ T9106]  dump_stack_lvl+0x189/0x250
[  276.248879][ T9106]  ? __pfx____ratelimit+0x10/0x10
[  276.248901][ T9106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.248919][ T9106]  ? __pfx__printk+0x10/0x10
[  276.248938][ T9106]  ? __might_fault+0xb0/0x130
[  276.248971][ T9106]  should_fail_ex+0x414/0x560
[  276.248998][ T9106]  _copy_from_user+0x2d/0xb0
[  276.249020][ T9106]  scsi_ioctl+0x16fe/0x1fb0
[  276.249045][ T9106]  ? __pfx_scsi_ioctl+0x10/0x10
[  276.249096][ T9106]  ? kasan_quarantine_put+0xdd/0x220
[  276.249125][ T9106]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  276.249144][ T9106]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  276.249165][ T9106]  ? do_vfs_ioctl+0xbe8/0x1430
[  276.249187][ T9106]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  276.249218][ T9106]  ? __lock_acquire+0xab9/0xd20
[  276.249242][ T9106]  sg_ioctl+0x158e/0x2230
[  276.249269][ T9106]  ? __pfx_sg_ioctl+0x10/0x10
[  276.249287][ T9106]  ? __fget_files+0x2a/0x420
[  276.249317][ T9106]  ? __fget_files+0x2a/0x420
[  276.249330][ T9106]  ? __fget_files+0x3a0/0x420
[  276.249344][ T9106]  ? __fget_files+0x2a/0x420
[  276.249364][ T9106]  ? bpf_lsm_file_ioctl+0x9/0x20
[  276.249384][ T9106]  ? __pfx_sg_ioctl+0x10/0x10
[  276.249401][ T9106]  __se_sys_ioctl+0xf9/0x170
[  276.249423][ T9106]  do_syscall_64+0xfa/0x3b0
[  276.249443][ T9106]  ? lockdep_hardirqs_on+0x9c/0x150
[  276.249464][ T9106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.249481][ T9106]  ? clear_bhb_loop+0x60/0xb0
[  276.249499][ T9106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.249513][ T9106] RIP: 0033:0x7ff35dd8e9a9
[  276.249529][ T9106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.249543][ T9106] RSP: 002b:00007ff35ec04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.249560][ T9106] RAX: ffffffffffffffda RBX: 00007ff35dfb5fa0 RCX: 00007ff35dd8e9a9
[  276.249571][ T9106] RDX: 00002000000000c0 RSI: 0000000000000001 RDI: 0000000000000003
[  276.249581][ T9106] RBP: 00007ff35ec04090 R08: 0000000000000000 R09: 0000000000000000
[  276.249590][ T9106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.249599][ T9106] R13: 0000000000000000 R14: 00007ff35dfb5fa0 R15: 00007ff35e0dfa28
[  276.249624][ T9106]  </TASK>
[  276.648200][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  276.659261][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.669091][   T24] usb 1-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  276.679889][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.690915][   T24] usb 1-1: config 0 descriptor??
[  277.015779][ T9120] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  277.289792][ T9131] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  277.300763][   T24] glorious 0003:258A:0036.0012: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.0-1/input0
[  277.433818][ T5925] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  277.563877][ T5925] usb 5-1: device descriptor read/64, error -71
[  277.703974][ T5988] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  277.804635][ T5925] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  277.934001][ T5925] usb 5-1: device descriptor read/64, error -71
[  277.957563][ T5988] usb 2-1: config 0 has no interfaces?
[  277.967754][ T5988] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  277.977098][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.998732][ T5988] usb 2-1: Product: syz
[  278.007476][ T5988] usb 2-1: Manufacturer: syz
[  278.015377][ T5988] usb 2-1: SerialNumber: syz
[  278.031103][ T5988] usb 2-1: config 0 descriptor??
[  278.071044][ T5925] usb usb5-port1: attempt power cycle
[  278.295340][ T9130] fuse: Bad value for 'fd'
[  278.317458][ T9130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.333317][ T9130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.471598][ T5925] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  278.496413][ T5925] usb 5-1: device descriptor read/8, error -71
[  278.733922][ T5925] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  278.755087][ T5925] usb 5-1: device descriptor read/8, error -71
[  278.867202][ T5925] usb usb5-port1: unable to enumerate USB device
[  279.528055][   T24] usb 1-1: USB disconnect, device number 52
[  280.245971][ T5925] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  280.302805][   T10] usb 2-1: USB disconnect, device number 57
[  280.417285][ T5925] usb 3-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice= 0.02
[  280.426729][ T5925] usb 3-1: New USB device strings: Mfr=0, Product=232, SerialNumber=255
[  280.436402][ T5925] usb 3-1: Product: syz
[  280.444985][ T5925] usb 3-1: SerialNumber: syz
[  280.453418][ T5925] usb 3-1: config 0 descriptor??
[  280.490180][ T9162] kvm: MONITOR instruction emulated as NOP!
[  280.593876][ T5988] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  280.668881][ T9152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.677849][ T9152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.724065][ T5988] usb 5-1: device descriptor read/64, error -71
[  280.951232][ T9166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.961525][ T9166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.971117][ T5988] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  281.033796][   T24] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  281.104028][ T5988] usb 5-1: device descriptor read/64, error -71
[  281.183772][   T24] usb 1-1: Using ep0 maxpacket: 32
[  281.200302][   T24] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  281.209200][   T24] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  281.218273][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  281.231701][ T5988] usb usb5-port1: attempt power cycle
[  281.238554][   T24] usb 1-1: config 1 has no interface number 0
[  281.245180][   T24] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  281.259220][   T24] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 10229, setting to 1024
[  281.270827][   T24] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  281.291193][   T24] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  281.300480][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.319841][ T9168] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  281.350681][   T24] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  281.547173][ T9168] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  281.594491][ T9173] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  281.607443][ T5988] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  281.622107][   T24] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  281.690823][ T5988] usb 5-1: device descriptor read/8, error -71
[  281.933885][ T5988] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  281.950681][ T5903] usb 1-1: USB disconnect, device number 53
[  281.958980][ T5903] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  281.969088][ T5988] usb 5-1: device descriptor read/8, error -71
[  282.084169][ T5988] usb usb5-port1: unable to enumerate USB device
[  283.102571][ T5925] ldusb 3-1:0.0: Interrupt in endpoint not found
[  283.123299][ T5925] usb 3-1: USB disconnect, device number 50
[  283.404177][ T5988] usb 1-1: new low-speed USB device number 54 using dummy_hcd
[  283.611701][ T5988] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  283.622998][ T5988] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.646518][ T5988] usb 1-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  283.660813][ T5988] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.678470][ T5988] usb 1-1: config 0 descriptor??
[  283.723791][ T5925] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  283.863955][ T5925] usb 3-1: device descriptor read/64, error -71
[  284.117464][ T5925] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  284.126608][ T5988] glorious 0003:258A:0036.0013: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.0-1/input0
[  284.253793][ T5925] usb 3-1: device descriptor read/64, error -71
[  284.448828][ T5925] usb usb3-port1: attempt power cycle
[  284.823764][ T5925] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  284.925201][ T5925] usb 3-1: device descriptor read/8, error -71
[  285.163756][ T5903] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  285.213784][ T5925] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  285.243509][ T5925] usb 3-1: device descriptor read/8, error -71
[  285.327736][ T5903] usb 5-1: config 0 has no interfaces?
[  285.340756][ T5903] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  285.350003][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.358454][ T5925] usb usb3-port1: unable to enumerate USB device
[  285.365467][ T5903] usb 5-1: Product: syz
[  285.378450][ T5903] usb 5-1: Manufacturer: syz
[  285.391890][ T5903] usb 5-1: SerialNumber: syz
[  285.420198][ T5903] usb 5-1: config 0 descriptor??
[  285.818112][ T9215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.829949][ T9215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.870151][ T5903] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  286.027559][ T5903] usb 2-1: config 0 has no interfaces?
[  286.034162][   T24] usb 1-1: USB disconnect, device number 54
[  286.066128][ T5903] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  286.075821][ T5903] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.119760][ T5903] usb 2-1: Product: syz
[  286.182635][ T5903] usb 2-1: Manufacturer: syz
[  286.213826][ T5903] usb 2-1: SerialNumber: syz
[  286.339631][ T5903] usb 2-1: config 0 descriptor??
[  286.788644][   T10] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  286.845917][ T9221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.857810][ T9221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.012666][   T10] usb 3-1: Using ep0 maxpacket: 32
[  287.073459][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  287.084194][   T10] usb 3-1: config 4 has an invalid interface number: 239 but max is 0
[  287.101479][   T10] usb 3-1: config 4 has no interface number 0
[  287.134665][   T10] usb 3-1: New USB device found, idVendor=0dba, idProduct=5000, bcdDevice=48.59
[  287.149964][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.307826][   T10] usb 3-1: Product: syz
[  287.326865][   T10] usb 3-1: Manufacturer: syz
[  287.359847][   T10] usb 3-1: SerialNumber: syz
[  287.609623][ T9237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.621258][ T5925] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  287.629230][ T9237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.645543][ T5925] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  287.841566][ T5910] usb 5-1: USB disconnect, device number 53
[  288.563865][ T5925] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  288.758642][ T5925] usb 5-1: config 0 has no interfaces?
[  288.804726][ T5925] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  288.815848][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.824619][ T5925] usb 5-1: Product: syz
[  288.829025][ T5925] usb 5-1: Manufacturer: syz
[  288.859338][ T5925] usb 5-1: SerialNumber: syz
[  288.882553][ T5925] usb 5-1: config 0 descriptor??
[  289.089706][ T5925] usb 2-1: USB disconnect, device number 58
[  289.180328][ T9250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.202847][ T9250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.491899][   T10] usb 3-1: MBOX3: Invalid descriptor size=18.
[  289.588129][   T10] usb 3-1: USB disconnect, device number 55
[  289.951291][ T9267] FAULT_INJECTION: forcing a failure.
[  289.951291][ T9267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.968186][ T9267] CPU: 0 UID: 0 PID: 9267 Comm: syz.3.1036 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  289.968209][ T9267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  289.968220][ T9267] Call Trace:
[  289.968227][ T9267]  <TASK>
[  289.968235][ T9267]  dump_stack_lvl+0x189/0x250
[  289.968259][ T9267]  ? __pfx____ratelimit+0x10/0x10
[  289.968279][ T9267]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.968289][ T9267]  ? __pfx__printk+0x10/0x10
[  289.968307][ T9267]  should_fail_ex+0x414/0x560
[  289.968325][ T9267]  _copy_to_user+0x31/0xb0
[  289.968341][ T9267]  simple_read_from_buffer+0xe1/0x170
[  289.968358][ T9267]  proc_fail_nth_read+0x1b3/0x220
[  289.968372][ T9267]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.968385][ T9267]  ? rw_verify_area+0x258/0x650
[  289.968398][ T9267]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.968410][ T9267]  vfs_read+0x1fd/0x980
[  289.968423][ T9267]  ? fdget_pos+0x247/0x320
[  289.968441][ T9267]  ? __pfx___mutex_lock+0x10/0x10
[  289.968456][ T9267]  ? __pfx_vfs_read+0x10/0x10
[  289.968470][ T9267]  ? __fget_files+0x2a/0x420
[  289.968481][ T9267]  ? __fget_files+0x3a0/0x420
[  289.968489][ T9267]  ? __fget_files+0x2a/0x420
[  289.968503][ T9267]  ksys_read+0x145/0x250
[  289.968516][ T9267]  ? __fget_files+0x3a0/0x420
[  289.968525][ T9267]  ? __pfx_ksys_read+0x10/0x10
[  289.968541][ T9267]  ? do_syscall_64+0xbe/0x3b0
[  289.968557][ T9267]  do_syscall_64+0xfa/0x3b0
[  289.968570][ T9267]  ? lockdep_hardirqs_on+0x9c/0x150
[  289.968583][ T9267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.968593][ T9267]  ? clear_bhb_loop+0x60/0xb0
[  289.968604][ T9267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.968613][ T9267] RIP: 0033:0x7fc11a98d3bc
[  289.968622][ T9267] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  289.968630][ T9267] RSP: 002b:00007fc11b7ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  289.968642][ T9267] RAX: ffffffffffffffda RBX: 00007fc11abb5fa0 RCX: 00007fc11a98d3bc
[  289.968649][ T9267] RDX: 000000000000000f RSI: 00007fc11b7ef0a0 RDI: 0000000000000006
[  289.968655][ T9267] RBP: 00007fc11b7ef090 R08: 0000000000000000 R09: 0000000000000000
[  289.968660][ T9267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.968666][ T9267] R13: 0000000000000000 R14: 00007fc11abb5fa0 R15: 00007fc11acdfa28
[  289.968681][ T9267]  </TASK>
[  290.364802][ T9268] syz.2.1035: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  290.381918][ T9268] CPU: 1 UID: 0 PID: 9268 Comm: syz.2.1035 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  290.381935][ T9268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  290.381942][ T9268] Call Trace:
[  290.381947][ T9268]  <TASK>
[  290.381951][ T9268]  dump_stack_lvl+0x189/0x250
[  290.381966][ T9268]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  290.381981][ T9268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.381990][ T9268]  ? __pfx__printk+0x10/0x10
[  290.382002][ T9268]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  290.382013][ T9268]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  290.382027][ T9268]  warn_alloc+0x214/0x310
[  290.382038][ T9268]  ? stack_depot_save_flags+0x429/0x900
[  290.382056][ T9268]  ? __pfx_warn_alloc+0x10/0x10
[  290.382067][ T9268]  ? kasan_save_track+0x4f/0x80
[  290.382081][ T9268]  ? xskq_create+0x56/0x170
[  290.382093][ T9268]  ? xsk_init_queue+0xb0/0x110
[  290.382103][ T9268]  ? xsk_setsockopt+0x4dc/0x8d0
[  290.382113][ T9268]  ? do_sock_setsockopt+0x179/0x1b0
[  290.382122][ T9268]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  290.382131][ T9268]  ? do_syscall_64+0xfa/0x3b0
[  290.382143][ T9268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.382157][ T9268]  __vmalloc_node_range_noprof+0x125/0x12f0
[  290.382182][ T9268]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  290.382192][ T9268]  ? xskq_create+0x56/0x170
[  290.382206][ T9268]  ? __kasan_kmalloc+0x93/0xb0
[  290.382221][ T9268]  vmalloc_user_noprof+0xad/0xf0
[  290.382229][ T9268]  ? xskq_create+0xbf/0x170
[  290.382242][ T9268]  xskq_create+0xbf/0x170
[  290.382274][ T9268]  xsk_init_queue+0xb0/0x110
[  290.382287][ T9268]  xsk_setsockopt+0x4dc/0x8d0
[  290.382305][ T9268]  ? __pfx_xsk_setsockopt+0x10/0x10
[  290.382317][ T9268]  ? __pfx_aa_sk_perm+0x10/0x10
[  290.382331][ T9268]  ? aa_sock_opt_perm+0x74/0x110
[  290.382344][ T9268]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  290.382355][ T9268]  ? __pfx_xsk_setsockopt+0x10/0x10
[  290.382367][ T9268]  do_sock_setsockopt+0x179/0x1b0
[  290.382379][ T9268]  __x64_sys_setsockopt+0x13f/0x1b0
[  290.382392][ T9268]  do_syscall_64+0xfa/0x3b0
[  290.382407][ T9268]  ? lockdep_hardirqs_on+0x9c/0x150
[  290.382421][ T9268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.382430][ T9268]  ? clear_bhb_loop+0x60/0xb0
[  290.382442][ T9268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.382450][ T9268] RIP: 0033:0x7f50b798e9a9
[  290.382460][ T9268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.382468][ T9268] RSP: 002b:00007f50b87fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  290.382479][ T9268] RAX: ffffffffffffffda RBX: 00007f50b7bb6080 RCX: 00007f50b798e9a9
[  290.382486][ T9268] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000b
[  290.382492][ T9268] RBP: 00007f50b7a10d69 R08: 0000000000000052 R09: 0000000000000000
[  290.382498][ T9268] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  290.382504][ T9268] R13: 0000000000000000 R14: 00007f50b7bb6080 R15: 00007f50b7cdfa28
[  290.382519][ T9268]  </TASK>
[  290.382548][ T9268] Mem-Info:
[  290.506627][ T9242] delete_channel: no stack
[  290.689141][ T9268] active_anon:8521 inactive_anon:0 isolated_anon:0
[  290.689141][ T9268]  active_file:10848 inactive_file:39947 isolated_file:0
[  290.689141][ T9268]  unevictable:768 dirty:37 writeback:0
[  290.689141][ T9268]  slab_reclaimable:6192 slab_unreclaimable:187036
[  290.689141][ T9268]  mapped:32089 shmem:1363 pagetables:1580
[  290.689141][ T9268]  sec_pagetables:0 bounce:0
[  290.689141][ T9268]  kernel_misc_reclaimable:0
[  290.689141][ T9268]  free:1228561 free_pcp:12813 free_cma:0
[  290.777286][ T9268] Node 0 active_anon:34184kB inactive_anon:0kB active_file:43392kB inactive_file:159588kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:132444kB dirty:148kB writeback:0kB shmem:3920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12636kB pagetables:6088kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  290.816335][   T31] INFO: task kworker/1:4:5923 blocked for more than 143 seconds.
[  290.824252][   T31]       Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0
[  290.860600][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  290.871118][ T9268] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  290.905271][ T9268] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  290.926715][   T31] task:kworker/1:4     state:D
[  290.940007][ T9268] lowmem_reserve[]: 0 2500 2502 2502 2502
[  290.953194][ T9268] Node 0 DMA32 free:1019684kB boost:4096kB min:38360kB low:46924kB high:55488kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34228kB inactive_anon:0kB active_file:43392kB inactive_file:157756kB unevictable:1536kB writepending:204kB present:3129332kB managed:2560292kB mlocked:0kB bounce:0kB free_pcp:33188kB local_pcp:19556kB free_cma:0kB
[  290.990285][ T9268] lowmem_reserve[]: 0 0 1 1 1
[  290.995206][   T31]  stack:22104 pid:5923  tgid:5923  ppid:2      task_flags:0x4208060 flags:0x00004000
[  291.005259][   T31] Workqueue: usb_hub_wq hub_event
[  291.241998][   T24] usb 5-1: USB disconnect, device number 54
[  291.251789][   T31] Call Trace:
[  291.267894][   T31]  <TASK>
[  291.281908][   T31]  __schedule+0x1737/0x4d30
[  291.288520][   T31]  ? check_path+0x21/0x40
[  291.297504][   T31]  ? schedule+0x165/0x360
[  291.307265][   T31]  ? __lock_acquire+0xab9/0xd20
[  291.312250][   T31]  ? __pfx___schedule+0x10/0x10
[  291.318646][   T31]  ? schedule+0x91/0x360
[  291.322978][   T31]  schedule+0x165/0x360
[  291.327993][   T31]  schedule_timeout+0x9a/0x270
[  291.335158][ T9268] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  291.368509][ T9268] lowmem_reserve[]: 0 0 0 0 0
[  291.374155][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  291.385401][ T9268] Node 1 Normal free:3879380kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:22560kB local_pcp:10816kB free_cma:0kB
[  291.390842][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.423989][ T9268] lowmem_reserve[]: 0 0 0 0 0
[  291.429711][ T9268] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (UM) = 15360kB
[  291.431701][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.451712][   T31]  ? wait_for_completion+0x267/0x5d0
[  291.457669][   T31]  wait_for_completion+0x2bf/0x5d0
[  291.462915][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  291.470957][   T31]  i2c_del_adapter+0x581/0x6e0
[  291.477513][   T31]  ? __pfx__dev_err+0x10/0x10
[  291.482271][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  291.491911][   T31]  ? dvb_module_release+0x79/0x90
[  291.503297][   T31]  ? friio_frontend_detach+0x83/0xa0
[  291.520624][   T31]  ? dvb_usbv2_exit+0x85a/0x9e0
[  291.528249][   T31]  dvb_usbv2_probe+0x4ae/0x41a0
[  291.533253][   T31]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[  291.540617][   T31]  ? __pm_runtime_set_status+0x785/0xa50
[  291.549971][   T31]  usb_probe_interface+0x634/0xbf0
[  291.555847][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  291.562781][   T31]  really_probe+0x26d/0x9e0
[  291.567888][   T31]  __driver_probe_device+0x18c/0x2f0
[  291.574821][   T31]  driver_probe_device+0x4f/0x430
[  291.579975][   T31]  __device_attach_driver+0x2ce/0x530
[  291.586825][   T31]  bus_for_each_drv+0x24e/0x2e0
[  291.591958][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  291.599290][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  291.605072][   T31]  __device_attach+0x2b8/0x400
[  291.610055][   T31]  ? __pfx___device_attach+0x10/0x10
[  291.613432][ T9268] Node 0 
[  291.617099][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  291.625937][   T31]  bus_probe_device+0x185/0x260
[  291.631038][   T31]  device_add+0x7b6/0xb50
[  291.635921][   T31]  usb_set_configuration+0x1a87/0x20e0
[  291.641561][   T31]  usb_generic_driver_probe+0x8d/0x150
[  291.649918][ T9268] DMA32: 1290*4kB (UE) 772*8kB (UME) 575*16kB (UME) 538*32kB (UME) 305*64kB (UME) 51*128kB (UME) 33*256kB (UM) 10*512kB (M) 5*1024kB (UM) 7*2048kB (UM) 225*4096kB (U) = 1018424kB
[  291.650364][   T31]  usb_probe_device+0x1c4/0x390
[  291.718775][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  291.723799][ T9268] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 
[  291.724557][   T31]  really_probe+0x26d/0x9e0
[  291.737922][   T31]  __driver_probe_device+0x18c/0x2f0
[  291.740677][ T9268] 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  291.743350][   T31]  driver_probe_device+0x4f/0x430
[  291.754964][   T31]  __device_attach_driver+0x2ce/0x530
[  291.760478][   T31]  bus_for_each_drv+0x24e/0x2e0
[  291.760505][ T9268] Node 1 Normal: 189*4kB (U) 54*8kB (UME) 45*16kB (UME) 69*32kB (UME) 31*64kB (UME) 4*128kB (UME) 4*256kB (UME) 4*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 943*4096kB (UM) = 3879380kB
[  291.766619][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  291.790039][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  291.805564][   T31]  __device_attach+0x2b8/0x400
[  291.813089][   T31]  ? __pfx___device_attach+0x10/0x10
[  291.819173][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  291.824826][   T31]  bus_probe_device+0x185/0x260
[  291.830091][   T31]  device_add+0x7b6/0xb50
[  291.834926][   T31]  usb_new_device+0xa39/0x16f0
[  291.839965][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  291.840075][ T9268] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.854962][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.860960][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.867135][   T31]  hub_event+0x2958/0x4a20
[  291.872423][   T31]  ? __pfx_hub_event+0x10/0x10
[  291.877672][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  291.883646][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.884251][ T9268] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=2 hugepages_size=2048kB
[  291.889485][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  291.939673][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  291.941867][ T9268] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.958487][ T9268] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  291.968539][ T9268] 52153 total pagecache pages
[  291.970315][   T31]  process_scheduled_works+0xade/0x17b0
[  291.979070][ T9268] 0 pages in swap cache
[  291.983219][ T9268] Free swap  = 124996kB
[  291.984653][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  291.993896][   T31]  worker_thread+0x8a0/0xda0
[  291.998660][   T31]  kthread+0x711/0x8a0
[  292.004253][ T9268] Total swap = 124996kB
[  292.008823][   T31]  ? __pfx_worker_thread+0x10/0x10
[  292.013606][ T9268] 2097051 pages RAM
[  292.020219][ T9268] 0 pages HighMem/MovableOnly
[  292.026295][   T31]  ? __pfx_kthread+0x10/0x10
[  292.029060][ T9268] 424872 pages reserved
[  292.030988][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.042571][ T9268] 0 pages cma reserved
[  292.048400][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.059468][   T31]  ? __pfx_kthread+0x10/0x10
[  292.069040][   T31]  ret_from_fork+0x3fc/0x770
[  292.081335][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  292.092564][   T31]  ? __switch_to_asm+0x39/0x70
[  292.103912][   T31]  ? __switch_to_asm+0x33/0x70
[  292.118885][   T31]  ? __pfx_kthread+0x10/0x10
[  292.161071][   T31]  ret_from_fork_asm+0x1a/0x30
[  292.166811][   T31]  </TASK>
[  292.170014][   T31] 
[  292.170014][   T31] Showing all locks held in the system:
[  292.181596][   T31] 1 lock held by khungtaskd/31:
[  292.186716][   T31]  #0: ffffffff8e13c5a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  292.237665][   T31] 2 locks held by kworker/u8:4/59:
[  292.242805][   T31]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  292.257526][   T31]  #1: ffff8880b8724008 (per_cpu_ptr(&psi_seq, cpu)){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  292.272015][   T31] 2 locks held by getty/5597:
[  292.277705][   T31]  #0: ffff8880337d20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  292.290650][   T31]  #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  292.303239][   T31] 5 locks held by kworker/1:4/5923:
[  292.310691][   T31]  #0: ffff88801febe148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  292.337217][   T31]  #1: ffffc90004b7fbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  292.353945][   T31]  #2: ffff888144f58198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[  292.362980][   T31]  #3: ffff88807a175198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  292.372387][   T31]  #4: ffff888057ec6160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  292.381986][   T31] 2 locks held by kworker/1:7/5988:
[  292.389828][   T31] 4 locks held by udevd/6187:
[  292.394833][   T31]  #0: ffff888032357c30 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
[  292.403767][   T31]  #1: ffff888079dd7888 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x55/0x3c0
[  292.413315][   T31]  #2: ffff8880727e95a8 (kn->active#20){++++}-{0:0}, at: kernfs_seq_start+0x75/0x3c0
[  292.422891][   T31]  #3: ffff88807a175198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  292.432383][   T31] 1 lock held by syz.0.1038/9272:
[  292.437507][   T31]  #0: ffffffff8e141f00 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  292.447490][   T31] 
[  292.449818][   T31] =============================================
[  292.449818][   T31] 
[  292.459726][   T31] NMI backtrace for cpu 0
[  292.459742][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  292.459762][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.459772][   T31] Call Trace:
[  292.459779][   T31]  <TASK>
[  292.459787][   T31]  dump_stack_lvl+0x189/0x250
[  292.459811][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.459829][   T31]  ? __pfx__printk+0x10/0x10
[  292.459860][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  292.459883][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  292.459904][   T31]  ? __pfx__printk+0x10/0x10
[  292.459928][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  292.459953][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  292.459975][   T31]  watchdog+0xf93/0xfe0
[  292.460001][   T31]  ? watchdog+0x1de/0xfe0
[  292.460026][   T31]  kthread+0x711/0x8a0
[  292.460048][   T31]  ? __pfx_watchdog+0x10/0x10
[  292.460066][   T31]  ? __pfx_kthread+0x10/0x10
[  292.460092][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.460112][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.460132][   T31]  ? __pfx_kthread+0x10/0x10
[  292.460150][   T31]  ret_from_fork+0x3fc/0x770
[  292.460175][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  292.460209][   T31]  ? __switch_to_asm+0x39/0x70
[  292.460224][   T31]  ? __switch_to_asm+0x33/0x70
[  292.460240][   T31]  ? __pfx_kthread+0x10/0x10
[  292.460258][   T31]  ret_from_fork_asm+0x1a/0x30
[  292.460289][   T31]  </TASK>
[  292.460297][   T31] Sending NMI from CPU 0 to CPUs 1:
[  292.611805][    C1] NMI backtrace for cpu 1
[  292.611824][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  292.611841][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.611850][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  292.611874][    C1] Code: 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 5f 18 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  292.611886][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
[  292.611900][    C1] RAX: 7d4bf8c76b7d4000 RBX: ffffffff81969b38 RCX: 7d4bf8c76b7d4000
[  292.611911][    C1] RDX: 0000000000000001 RSI: ffffffff8d979737 RDI: ffffffff8be30a80
[  292.611922][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb
[  292.611933][    C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fa08df0
[  292.611943][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039dbb40
[  292.611953][    C1] FS:  0000000000000000(0000) GS:ffff888125d7e000(0000) knlGS:0000000000000000
[  292.611965][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  292.611975][    C1] CR2: 000055558e6a15c8 CR3: 0000000071c7a000 CR4: 00000000003526f0
[  292.611988][    C1] DR0: 0000000000000000 DR1: 0000000000000004 DR2: 0000000000000000
[  292.611996][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  292.612005][    C1] Call Trace:
[  292.612011][    C1]  <TASK>
[  292.612017][    C1]  default_idle+0x13/0x20
[  292.612031][    C1]  default_idle_call+0x74/0xb0
[  292.612045][    C1]  do_idle+0x1e8/0x510
[  292.612066][    C1]  ? __pfx_do_idle+0x10/0x10
[  292.612083][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.612108][    C1]  cpu_startup_entry+0x44/0x60
[  292.612125][    C1]  start_secondary+0x101/0x110
[  292.612143][    C1]  common_startup_64+0x13e/0x147
[  292.612166][    C1]  </TASK>
[  292.713976][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  292.713997][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  292.714018][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.714029][   T31] Call Trace:
[  292.714037][   T31]  <TASK>
[  292.714045][   T31]  dump_stack_lvl+0x99/0x250
[  292.714067][   T31]  ? __asan_memcpy+0x40/0x70
[  292.714088][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.714106][   T31]  ? __pfx__printk+0x10/0x10
[  292.714137][   T31]  panic+0x2db/0x790
[  292.714159][   T31]  ? __pfx_panic+0x10/0x10
[  292.714175][   T31]  ? __pfx___x2apic_send_IPI_mask+0x10/0x10
[  292.714204][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  292.714230][   T31]  watchdog+0xfd2/0xfe0
[  292.714256][   T31]  ? watchdog+0x1de/0xfe0
[  292.714290][   T31]  kthread+0x711/0x8a0
[  292.714312][   T31]  ? __pfx_watchdog+0x10/0x10
[  292.714331][   T31]  ? __pfx_kthread+0x10/0x10
[  292.714351][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.714371][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.714390][   T31]  ? __pfx_kthread+0x10/0x10
[  292.714409][   T31]  ret_from_fork+0x3fc/0x770
[  292.714434][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  292.714461][   T31]  ? __switch_to_asm+0x39/0x70
[  292.714478][   T31]  ? __switch_to_asm+0x33/0x70
[  292.714495][   T31]  ? __pfx_kthread+0x10/0x10
[  292.714514][   T31]  ret_from_fork_asm+0x1a/0x30
[  292.714545][   T31]  </TASK>
[  292.936943][   T31] Kernel Offset: disabled
[  292.941277][   T31] Rebooting in 86400 seconds..