last executing test programs:

5.722792049s ago: executing program 3 (id=1259):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
r0 = syz_open_dev$I2C(0x0, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000280)={{}, 'syz0\x00', 0x52})
ioctl$UI_DEV_CREATE(r1, 0x5501)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, 0x0)
r2 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(r2, &(0x7f0000000040)='syscall\x00')
pread64(r3, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000300)={[0x7, 0x80000000, 0x9, 0x2, 0x100, 0x7, 0x5, 0x4, 0xc85, 0xf153, 0x2, 0x5, 0x5, 0x4, 0x8000000000000001, 0x1235], 0x4052000, 0x400})
r4 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(r4, 0xc040564a, &(0x7f0000000140)={0x0, 0x1, @value})
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@file={0x1}, 0x6e)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000003000)=@abs={0x1, 0x0, 0xffffffff}, 0x6e)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x2}}, 0x20)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000001c0)=0x1, r10, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000400), r10, 0x0, 0x2, 0x4}}, 0xffffffffffffff6e)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r9, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x0, @empty}, {0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00'}, r10}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x2, 0x4e22, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, r8}}, 0x48)

5.45325563s ago: executing program 3 (id=1262):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x2000)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

5.301691977s ago: executing program 2 (id=1264):
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000, 0x13, r0, 0x17ab9000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = userfaultfd(0x800)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x280})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@remote}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x7fff, 0x3, {0xffffffffffffffff}, {<r3=>0x0}, 0x40000000, 0x7fff})
statx(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x6000, 0x80, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(r2, r3, r4)
madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xe)
syz_io_uring_setup(0x754c, &(0x7f0000000340)={0x0, 0x727f, 0x80, 0x0, 0x1a2}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000400))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f0000000440)=0xd30, 0x0, 0x4)
writev(r0, &(0x7f00000018c0)=[{&(0x7f0000000480)="3ef60e3db4de8080c00407ecabf81ad575b1bed7b445c13a29df2f76935e43b408c61eaa75bb884cb0c5ebeb7ec38adbe90a4b5da2992f0456b69a59977d56e610060ca68b09b5796ca3993b1fafcc256df312d9dda46500f3f21f507863", 0x5e}, {&(0x7f0000000500)="58242434b9c5ca3c591b37a6a01311e8d07d9c293770cd1b8453c519120a038e3c55c184ea9c299ae4d25c061fff9400b047bddbe95c28d3dbea109b67c70d8d2271a26264ec7769d5fba78e6059547049599bd8c4454745fb4ca37d1e2bc1ba4f9500402d4d91db1a952fb02dcc5c19e356ae31562eba3f5281f51ea98e8cffb7aecb3d983dba4b160f7a78099adb013fb4b405738e6daa711ea2edeca4f8a454249220047c270ac8cf638c58f99a1636c10220fba0f646ae937bdc", 0xbc}, {&(0x7f00000005c0)="95ee599810bd4d9cb830d02992d5571a7e437d786a00c3676ac1324ea8f736f5e777ebb6b1a0ca20fcd7303239eacf34525ecb8fb3ab9af1d66ebcc87da4f0bc42f23754b793c72654a0c0b618e24f4bbf2387aae554346ff63220c46337d87a68a575a33c5275505dcd97bb36f2e2d01ecdc30d4404efc0045ef20117e1fd3683143bcee22948caac00d692dfe3ef124a78b4369c01c8eed944e481e66996dd7212e2626850e38174178984c965a64e4b22de2e0bf0d2e26db80d184d7a65b9b54ee3c246270c54caceb39e5aa425d7efa1ee5a63cc90342e310380ca74f6e952937de350ebd1", 0xe7}, {&(0x7f00000006c0)="8940ac5c36077cfa8c242dc08f86d1468290ded768eed2b4c950dd2a49884ae773bfce7bdcfb4b2780289f6acefa685adee02c57e9b9e5c9d5b618448ed27aaeee052017a3569cb0442c750702b321b9b6364c04490e2b609b806e332c5af6de5a68c19879666d00ca", 0x69}, {&(0x7f0000000740)="cef005841753155b975712decefc666da1e434e11e9f87ed12c185b303183d6b57cc07f7272e388cd9f3d72b744e17fa7e5b649e9a11b0e4076a2a96ed197247293cbccc504ef5a04fab6b6e9ce9ef61cc0548f57c8a22f97b7fadefae0b99d81dfe06c8dca397d369358ba1e36319a7196cc73f1513374d0e", 0x79}, {&(0x7f00000007c0)="0bbeaba24fdf2fb4de4e0621b1b3fa604350bf4f43f9092ad991e124c86733ac2f56a8953216e58c0d065ed71ef15611fbcc527b516ba1677632bdab3382d12862faa70ce489dbcbdd92695c07dbb3f9f3bdc0dd24191177d556eac633ebf99a7edb29a7b239449950dcf1c50f48aac1436530f22f0d7cf01d428e459e5f44ec63bc7b0e2a7208895937b9627f0f54c799daa9e7168621d6aea9296d76159b905638fd2ad40ba66730c696bee3f9397169b5b8078b54a3372a601908c02b51a2bb28fab1eb54ca206618b6a1a0495d62eba5ac396d7edc7d82693144ec0ecff219823d23d0c33868b9dfc1fb74e3252393ea5e0f297acc9d8312957aa4", 0xfd}, {&(0x7f00000008c0)="af276708681ecbb9402cf534839279a5cbede7f46dfcdf0546be31f634fc2bae96e052873e1c3eedabbffb77013a79150e97a68b17a72d6f11d66c05256a13353f06bd245ebe23ae80c3ac2364e9d0b4eaa821b360af578e6a37368e34f77ca15456895111534b15f8a0cae1b0867e777ecec7fa91f3a3cddafc3928cc8c4237e67025c0780154fe81fc1af73471130d3d41e7c597755a7c4827b3965eca36d4f0384477e17ee1ffb7da0112265cde71466f7d8cfc4fba956c50de3a157faa7d9ddfbcbbbbad0d596d76656216eb8bed23295c260ce132258828b030070e49274e851e7a2a7302f4d098c5c89bffec9def7fefde0705a5560741ccd4bcfa97283bd056b5db3072f4ccbb9f6e6d7bb3789dc622e564ccbc66cbf110fc9fae2967be3e3511302ac930543b5e81a19f6ac89785411e8d8712bb78cdb977f7af2a2820a870c48a1d6f0a12a9aad53bb00bf69858aed79025fe38c2b811bb89cde6db73964b71938f6336dd7159e8412e57c0f213a6cd4b1a7d24a6d9c59348e332aecd2664fa107780b0d339d45719239d3d0438eb772c1a68ca313fa74e7905997608e44dcc4e7341370fb184bb7111c42992b1166891f3f5b655a1a034fd20f75d4c6f1630c540e80a725e15ee82c041ede2ced1ebc9379e2b9cfcbc03c15ad8eeaa9f378699156a8c5c428a303f5cd6e201f86c34014b4ab09df9053cde378f43d6eca9c4eaae6cd51d9e00afcef66c01def4d8e20a7e689c54e5c46099bf1e6ea098780d3a2eec227e8193b145fc10140c6a78a38f0da74b9a85804b8f7192844ad5a912e2c5efcb9a39c82e5b1cd2bd137eb7993e57bbf31da8234e5d3effba1e006116f55cde3e65b7ec954d0372b1c95b8bb96e7395a9f50f678de46cddeea0449be4ea8a0829e4a251c6cec2f8414573b17ca13ee791873f3efac12c58dc44c15c49364fc8e88ede630b3749ba841e2997ad7ba602ab6e4540b8b2eeb318801c0227bcdc08ed56208250bb7c97752b1469a823680dc307ab86e27ac5f7275e088e4aec1d352027b6f3f075d56815309164cffcf391b2b310d8e9fb7630c61b456f4eb3e24b018a9e0b2c98bda8d6b35379a614a544d926fcd8152f787309e19aaf939017d7d613b947da4c25ad4197fdbf84ee6d54754a2eb29ac08f235f9a2be5a316920178e3604e1c4a7c0e82033ab4b018871bf70d670e8528f2450e8d693492cab14b87afbc1790ca10b69d8140e6c6e2b1c2a93076b48c43766b30f0ff6cbce337a4e9e55490092d4f357474e163286bfc4580f79e1a4876f8ea19eab5373c9a1148f93a311579abcd23f135f298ed6f34888aa09f99edd91d252e1b699b2a3cdedddf1dc72d81e70aaea52b26e94d423a00afc71cb3cb34ee2a649c900e7a1fa319e0fcdc03a0051802fc604a7fbb6455e7665fce046cf60e4b70fa7d5eb3433d2ba06438cb49fbbfa0c37731ae0042a898a0a32bd3094c8f1af445c9833ee7fcafb6373cea5ad5716656d8b28679cb2e4374d2cfbd0935241457e0cf83589959f9b0b7d55ff2f7967224570760e6ef60429f71e99c2d53dabfe46fadff9f5f855d38960d16dc7b94f42302654c3e11334d9f6d731cb150e87f5736f94e21f5cfd4402bc328f988548b779b68a2fcc98b833e6f659f1f7bc0d37f491df445ed5bc8dfbac0cc756548b5fe98a24f7693550465a25e8072b8ab8842f197088e4a4d73ee428d34e7f04bcfee89a622099ed188d2ee845512eec4f94eeac60bd4d74a63e55218e2818d2c3070d84e0cafb90635a1203ad6c5cc5ef547bdbd94b60a2d3e7644c2da3cb5b1936a9a912ad95a45e899e6a4f17e37aed720df7a596add4b96efc1267b8f85e4054609af72a7a7f4c0b762be1e6520cd99c55e67fd7396004e6a2ac5c032df9d3a44e9459e804c2b0cadc08fbf5a68285d8e6ac75613c93a62cd3e7d1534eafbb07238e8541344a35e83346e234655ef9ed5beb2f9dc56e8096159b44d69d6fd2a1654f57e3c8e49441e6fde5ee889acb326a3810bb98fcb03679fbe82e99c8942d7bafdce0ccd0853d547c845f568aa564367cd351a27deddb322b9ef4a836f480a83d75deb3f0cf7a364f61a785e5b7cbfedf662064042bb6e267e8e836123396d304dee77d01cca5b836c61597a78461a250f8aa6c0020070d335b48292f04f2a3956ab03ea93b8df15deafb359dadfaed435bc66b8382406611326d888e6540347c9c89ca4defb5e0b74f1b07eaf48a1d6172a914bc1d5bc93655e247d23caf90fde2261c87e67ae392f32b7412a0e34c147f8e1bd77cb70e58cd8ba1908ebd5bf18c798bc62db05f8128662c405f0f53cbc263b10f45996bf1fc9f9b7bb457787442bc40b995cdc3117be828eeb550ae5d84e179688f9fbf4ced0557ffbd00b2d0468fa19d26b75503becd5c35c6eb185b99c2d922a41e9e35da4c18a5ccd59a9b40b464d757e4a273f6b3f3302c67e03d1f952bb134d23668cf0a2ccead3182790f32c91c4802bd4c69e094334a3828b2493dcd299fc841b4fe2c6a12f76debd75851dfbc568a3ce53a86c2d1b3240c142e5f5515d81fa6d4ac5a0fe28c96855f73e5a38400b138bb726159d82343ec9529d9fe608c34d77eef67fdcae1f20efe2c6e4988062f6f76a2a2b82726a88b7a3942d8e06f4ac71136be768d495a8c6ec215327a611b214d60a1069f129cb4f1983a5e453519c2b74a20c46c94bf9a5af64ce2fd0abbb54de84e9c75080a4de85b7c2c5590487a1f1499d20c8303f5084589a42a235ba8bb329397ddc893bd2841731347c9fa9f36670d7d174cfa799d9cce0d1f0ae765807a4fab029328b0ca290622f56d6d8ff74a8423d5d191a74810e879bff32bc02c5747a4e80107799334982f7952b20ea56b03a93850c5d805a3161e5266e434d61454a71f873deabf28fadfcd9798a5cbe9e2bdb7625b5181f2e24014901e6f187c224fc7be8b75eb8fd7f9cf4ae3191193a8738d6f0648bb8c96ebcb16446bad84870f723c94530798987e699f0362bacecbd1bd19da3df62a77ec147e5098b21c6c4c2488369de8253d98b4bac73c63aaf93f6bdf4709417b52783dfb15d111d2420bb8f6a2210d041af8f058c3f21b302020c914a908200e67f402d083db6d4a98bc82ffdf287496615120e121b47646e424169b149539a1dd493108198bc7ac835dcc2690b64c014dcd42b866e9621015cb6f6a0bad037669cfc8c3207efbdf7362d9268fff3c299a40f95fb278bd21af3761f8b3e7b022e6354630b7c5bd62c7496023691161d88c48c260f52a1f222cfa73e511c92b739dd227b23a0cac8fdd12ea2f429871171e9384f6d6772e2298e0ed093104751e48f431d2082f82f237dbcdc587b891f949c07b9367f969c9fe9a06e0187bbb597844d4e3cbf8ad31819d94e125fe6c457f8dc4242525451c1c5ed8cb1d9601cdd8c1a965f372aec504c152bfbbec332b79c30472c284c089c01cedbaf5a04d7b4d92ff2fb84a94cdf857576190134162e758634da795022bb11605dd8c3dea89c8dbc23c027f25175d7336b340063d63f0127e5acad0c5e860ffe28bc0fbbc88e44ac80e7db4c1b0bc8ad369a7e3f87f92bf50013d4f9395b18ff5dd2b8844b5ddc46455087dbb40c98d0ff5a5dc2933363dff30cfee2ccadfee865a9d06ae3fd59b43a9d675a46ecd3f8daca5ebe23196833f8532214730a3b2e48bd69aa95990de96b0c6f2de75c780f1f472d4390d4dc256f3d0bd9a86ab603c83ad9d6bb807ac276fc83e0dce710e1134cad794b62935dc6d9997d28fff48ffe042b7e14e95942dd2933da1675be40d5430f915e9c7a80c8c8f05165738823068f86778ca1734e948ee601947994249821dfd38d5f9a73202827309509fb57121af864db95efbc6c3e659a16e67e5ae3c6b646318228d968968662a2e56b9428dbc91819fec2e0d943bdca317e429e694acddffc771e4a39bf088f4f1d175af7c71d7f25073959fd3dcaa8a2c42347fc4f5901ea616fea596197eb49f74e018149aef7df67c673608cc979ab018ac052710d907fbfd2853ba833895ba2a2ca98949b9525bf16f566ff42e00ca937ce9647b02b443aa9a2e492974248dbd2989a5dc32f72f4283f30eb99e1051c00b83a5950f65e7f0ca0d2c99e7503ab8f4f3330df64b328840e8166a4617bf92e9784278b3ceffd21a8af459c1504a5848ed4e58b6176eee097a14bc02074e32f657c8219a60c28a82d84142483a07e1902261fdc956b12ace9afe0b3fb49afe349697101bdbbd47132febf92b65bdbd40b0bbd27d324bd9cbf389fc172b2effb978fe69efbcfb62f090d0190c567324d1d4ec34fa593d6a71146bd69546ed5928e74f9fb33ad9b8e6e33778eec64b424811fc02d029e781d92ab8154e960202bb93682ad8536e18fac1f0e9827ffbaffb27d612cd51fc46c536c17f54e94244fd96417d3228f51b516093bf87b3c24a995a04fcbfc892081eff26c6d4c4ee0acd2f3f8205663d5d31c4c2fce658f030466620ac434f4b734473e3a23e461d6a3691a91ee037e1c5c7d62a47b176bb6287754edd221d6fce68db51e7284727cb4a3d602291c3652134fd5ac24698a2be6f89f5558d52686eb1f2a08f4006ab1602d4fd39927f8fe7072c3495ddbfb3e3fe14e95ef15a615164e5b3299a92c1a1caa4f1b4e856f9e3e658829f126e63b120127165d2b9c4304c497f403253efc57e63e2e97dd042e49c83a6dedff5e6a2ca4a96d5dd6c99d58faac9811a5d3e30e0848d6075f84c752862931e3f6ceccb45395ff9ac684f9c168efddd8caa6415969fd4b41284d3d0ea61375a7456cac7e47a08297f92ac9aab354d3e49a405f6ba5e5f950b65ef80ada508957b6449ce22d1ca1ef00bd2a4834a815a87a661ac456d76f9b43f4c73d70ef71c37f8704a03cfeb52713c29411c37ca48488c1a384bebf0519165c7f9fcb1f4c60ba5f45154f0199329b105e92443b6e8e29858be32051f04bb6543226bee9c87ef7acfa01945d2f384c4f7d0df2d967aad9d529d5c409d9d2df13c8bec694f8489d4eb1a9f090da7dc4734f36dfb0494a650916a08e8340bc6954457089d8bc77a4a358ff7d051bc402f0b018f8a8ed6836ae42b39616ab2a19ab3acf57b93f4f6d80a8ef19c56fa92b1c20868a26eba495e6ca63443a34fa6a7cb303cf6a7fa340fdf45fa72d4cf0d5fef44e54637cc9161bfe3bf2409bb54595b838dd2ae3c0494f64e18b6613fcef2e7c8bb65ba573b8d76f5618b0c92726e14cd66842413da83466cc42b80445ba08611aa987e5c058a3d7dd0553d2d8b76478ab1afe7520c0ac6a38240e8a02a237dd6e91378d99af9b0c17084721ef9570e37bde7309d41d2d8af1452a16243f6e897964f80daddfce50631b264c32b669acfb6f96557f168ffda129b1dbfba8dbfa5573e4067cba1a035580f3b9f7b317879f0b8cd5b2d490f00e40e3dc15e2f040659a91ccbde25504864e519f42bc016023db4206c86474ee23012b05c0d02ec1892b8953e87c879d523e3413f518c95a850eb417118bd1f8cb8a5a985f97ad81789bc36da4e23c54db9dd5c429f40348bd89c2517b288047a3e5609e727fe2edb3e4753b88932d5d6c29616d7280b68002b4e83f9c42848bc3eb174a8fab20a3b4c6461a0be4e98ecfc98df92c92f816072d1e2e2b2c05221e7d87ebcb02810e2bffeee3106120180f1e1e5e41609b42b8bf1b8f44de4c7d3933a93722adbfb91723f41c833a38f1e0c9b5c65a", 0x1000}], 0x7)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000001940)={[0x3, 0x3, 0x7, 0xc8a, 0xe8f, 0x4, 0x10001, 0x40, 0x7fff, 0x4, 0x8, 0xf22f, 0xc4df, 0x2, 0x7fffffffffffffff, 0x10], 0x8000000, 0x2600})
prctl$PR_GET_SECCOMP(0x15)
r7 = syz_usb_connect(0x5, 0x98e, &(0x7f0000001a00)={{0x12, 0x1, 0x200, 0x2c, 0xc8, 0xc, 0x10, 0x257a, 0x1602, 0x4ca6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x97c, 0x3, 0x2, 0x16, 0x10, 0xf3, [{{0x9, 0x4, 0x85, 0x8, 0xa, 0xf3, 0x58, 0x54, 0x7, [@cdc_ecm={{0xa, 0x24, 0x6, 0x0, 0x0, "c501a47631"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x3, 0x9, 0x8}, [@mbim_extended={0x8, 0x24, 0x1c, 0xe, 0x81, 0xa75e}, @network_terminal={0x7, 0x24, 0xa, 0xff, 0x8, 0x3, 0x6}]}], [{{0x9, 0x5, 0xe, 0x0, 0x3ff, 0x81, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x25, 0x8}, @generic={0x58, 0x7, "8c0b3b82b1819c1064f0f0080ac60b0ad30d0bafb26b2be1f9f2f442b99c1d151d674cc18a2480fb56c87ac8f7836b3e8ffd188e3509bf515be5e043ddcec00d4130a68e5aab458e2361ea274bbf40b217a67bd8732a"}]}}, {{0x9, 0x5, 0x1, 0xc, 0x400, 0x6, 0x40, 0xc8, [@generic={0xd, 0x7, "9e62926b4259bc322b05e3"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x20, 0xe, 0x6, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x1}]}}, {{0x9, 0x5, 0x6, 0x0, 0x200, 0x8, 0x8b, 0x3f, [@generic={0xf2, 0x4, "adad93042f03bc83578fa32ffb2fce3c956220b2e57b8c3a8ed9caa6f117769abce285e00a4233811c0fe39abe4b0f09f2901cace17ff9bee5a508ad6c8e91d7cdc43b6f4bdc1d47cabb1107a525f4d26861009fb0446f613471735d1ef88c61245ea3bdbdcdb81802273e4199348781982716719d3307d32f959fa5895917eeb5aa4658454f7cf96c89b600b5aa76c493dbc2273a747e753364c4107c333d41fd097b6d2983ddb4770faebfea99dba219cda252d079f0f67d6ee43e612615c0e4ecf95bf5c0ee5b678a5939fc61673fbff0d8327d5c5cfe46304172779d702f6403bab8d56185e36f0b48b2319eb011"}]}}, {{0x9, 0x5, 0x9, 0x10, 0x8, 0x7, 0x6, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5d, 0x6}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0x6}]}}, {{0x9, 0x5, 0x8, 0x10, 0x20, 0x0, 0x1, 0x81, [@generic={0xba, 0x24, "b8eec2ccc756b616fe72ba774cbc2ec4e9ad66f5e233d485a02cbc7ff112b50d83c20fe9946cea69ad91cbd968cb6d531f3b8b28c93a35452c8f0580c85d53159bfc52d3dfe5381685e843680a2f7649075b9b8ab9a2619bcf696b1a0cd0dfaa5234de1d658dbc4a2d84cffeb528a2a62e694d27b26150598d1e67d7a4dd883023b0339a5a9011a91f6cba4ebe81dd87e5f50eb0d6de21824374d7188e294c14e50e7c8e500a4457bb89a10897711c40d52eb0455f6d0ad1"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x20, 0xc, 0x10, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x3}]}}, {{0x9, 0x5, 0xf, 0x10, 0x10, 0x80, 0x5, 0x2, [@generic={0x4a, 0xb, "80db74b0645e79927a74eaba46022e3dcfdc5f5ec0187ba28a4553876b1bb9f70ecadd5bff9b39a9a577f1cb74efc44cf577ae08126b4a941b5a57e226ac88c3656d650182298d2a"}]}}, {{0x9, 0x5, 0xb, 0x8, 0x0, 0x3, 0x5, 0x2, [@generic={0xf3, 0x23, "3f41c3307a08fb3de800dd66e33f62f0cebfda78c1f7c0253b073a7d2eb97cc8214f04d66aef6fe9b4bb4738dd3c906cd344b1a049bdb8f34d4cf3ed5d91194cbe8b5a86b1803e67567fa71fdc2a6e0a535e2c0f5ca100b7c5e409275130090dbb9056e1d013849b3fd2072eaaef3600d8e79d501ceaf3bdd9a2990087c244d8d5f656752bf70c38cb8b9138062f8a3bedd962cb51774e87fea6e38a15db8990186d9be0c067ecc606eba8b060c2b971faf8950fb49affb0ddf9f05735fbe67de0ec1faace2ead7f5e69381cb1bdb69f3dcda13dc5e4aaf34a884dfce711d1abe9190546857e9be5c2f40a421eef44f554"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xb2, 0x8}]}}, {{0x9, 0x5, 0x80, 0x8, 0x10, 0x7, 0x10, 0x4f, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x16bb}]}}]}}, {{0x9, 0x4, 0xa2, 0x5a, 0x2, 0x8a, 0xd0, 0x90, 0x6, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x800, 0x7, 0x5}, {0x6, 0x24, 0x1a, 0x1, 0x21}, [@mdlm={0x15, 0x24, 0x12, 0x200}]}], [{{0x9, 0x5, 0xc, 0x0, 0x8, 0x8, 0x99, 0x9, [@generic={0x25, 0x1, "2341b9b36e0dd635fa00e2b9a36c4b5643da5c9b86f95be01e72e202a615765b199c0e"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0xd}]}}, {{0x9, 0x5, 0x8, 0x10, 0x3ff, 0x2, 0x5, 0xfa, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7f, 0x9}]}}]}}, {{0x9, 0x4, 0x9d, 0x4e, 0xd, 0xa6, 0x2a, 0xbc, 0x0, [@hid_hid={0x9, 0x21, 0x3ae, 0x1, 0x1, {0x22, 0x337}}], [{{0x9, 0x5, 0x2, 0x8, 0x3af, 0xee, 0x7, 0x5, [@generic={0xbe, 0x2, "c3adae74393dfae5058daf354655962c717e5da044df961f9bf3c8cb85f36d220cef7126818da0f88ccba40cd22b885752dd4c840f593ff04d3fffe2fc5e8366ed2e6e1bf094775d84fd7c3f332ec76a3fd653d00a9a2d690be3781b91c550e2b2cc27078a284a08078bbcfa33c8bcc2ffed9ad250feb29d95fe4375776f280f893961bae3549787c465927786c707bdbf71baaa6ca67f764882db1fa9aa7362b00a07c0f5fc0e4ec97d60ed64cf06d820ac01d227539985dcbb33c0"}]}}, {{0x9, 0x5, 0x3, 0x1, 0x40, 0x5, 0x4, 0x0, [@generic={0x1d, 0x5, "78aa5be656e1369bb5b19f1c4c16370cb74809484a9797aa056c46"}, @generic={0x34, 0x5, "673ebfaa5ba5a25acf80831aedac2c6c25583af04f4ab6d1c27b9f8edd3ae638c50018738c7b887e5f22491a65bf3138c4a3"}]}}, {{0x9, 0x5, 0xe, 0x10, 0x40, 0x7, 0x80, 0x1, [@generic={0xf7, 0x10, "07badf2b2cad0867b50d471c83dd6751e3ef9afa604ad7d91da789a4d1ead1dc5690afa71e53ee61832a3c169e58aad6403ed2768a20fc6995f9456112e1ab3c0fd8b670ceae6032e555591019a98c2c061d555d03d059aad4c3d9410cd6b2087f36225cebc361d584795dac9222410e77459582e3952712b9aab630a767bd7576864b4b5d07dbbe6cd81a5275d4694e76df45f39d391e6c4698b6eea7d5235a0a6994f141d9ac2b929181cb3d33dc25eeb9bfa2bce99185958d9fc19977f89d4328a0a04d374f236f5f8eb8e004b022fc229b3b46eadb96b8797d360ac0b4ab043cb7e053d5896eb0a54de9ce7460796f4c8efb3f"}]}}, {{0x9, 0x5, 0x4, 0x2, 0x3ff, 0x5, 0xe7, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x40}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x13}]}}, {{0x9, 0x5, 0x80, 0xc, 0x200, 0x2, 0x6, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0x3}, @generic={0xe7, 0x21, "7b1dec774c223cf8af247de63130b7f1dc7d234048f7c4fce9361a587ea03befac87e8eaa7861abeaeae44060b3cbb44da5f88e6c65109ae0a56a0a4a797050c989bffa2d790151015825c7a8feabb48655099ab84fce1318a609678dd5937f1f789f7e3cfb18aed53cafdf59cd462e5c01bd849843609d1a556ba501166e3d0650cb853827cdeba53ab1f3a564cb2a6955fc2e1ac95ef0bb148e6104704e80144a905695b964c588b797ed3649d308148337c284982e6a3a0300927bec098ec843a741c50b9a1821c4ad9bb845a9333c1c8284bdc23345f6d2852a4f18dd56f1362cd795c"}]}}, {{0x9, 0x5, 0xe, 0x2, 0x400, 0x6, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x9}]}}, {{0x9, 0x5, 0x2, 0x0, 0x3ff, 0x2, 0x3, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x3d, 0x10}]}}, {{0x9, 0x5, 0xc, 0x0, 0x400, 0xc, 0xf, 0x6, [@generic={0x2c, 0xc, "d0f6701063d08f99bd595f11aed467898d153c92ebae69cb4f733dadcb44740fb422cd61eaa145f34315"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x3ff, 0x6, 0xfa, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x4, 0x5}, @generic={0x2e, 0x27, "20a2533d44c6897e1c834b978ac674bbf4b8ff1698983cb7bd4a52298ae4c7b0fcc444afb1876ec1cdb8bb1b"}]}}, {{0x9, 0x5, 0xf, 0x3, 0x400, 0x7f, 0x6, 0x9, [@generic={0xcb, 0x21, "8efd96fe5eaefa7ebd24c0ea842f7bf9c80e6a5d8d61f2e5a98cec6ad0f25c8822ac46839bc2c5e09b84aaf0188d9e5dbc60a6e5b201f6b82022a1cc95ffe7a14c702a137ecc23404765056a89d35becb5315516fac0a2f7f94e7715b47b070d56b5e0a345d2f09b1ad274bbd4fe7e934d6fec0c15c0ba68618c78d508532bd70f6c7e32953e003a8f64531e52960055524d2262e374425dd4bf3230717ff4d70a2c1a90ee2ab121e2ff68588004f6b0be6bb1bc998a65a633c5ffad2e69bc5766c176ef06e3da264b"}]}}, {{0x9, 0x5, 0x9, 0xc, 0x200, 0x0, 0x1, 0x9d, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x2f, 0xa}]}}, {{0x9, 0x5, 0xb, 0x1, 0x8, 0x6, 0x5, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x3}]}}, {{0x9, 0x5, 0xd, 0x0, 0x400, 0x9, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x77, 0x6}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x4}]}}]}}]}}]}}, &(0x7f0000002740)={0xa, &(0x7f00000023c0)={0xa, 0x6, 0x201, 0x4, 0x4, 0x1, 0x40}, 0x20, &(0x7f0000002400)={0x5, 0xf, 0x20, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x2, "2f5e10536378be07bbf4b8a5c107a981"}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x8, 0x5, 0x1ff}]}, 0x7, [{0x6d, &(0x7f0000002440)=@string={0x6d, 0x3, "b73caff1a08b7b13f61b686c57bfbf9a9a72c3ebbf711809662c743105bc6c0a78199588aac4c2141d322d3c51456b2780e7946c6626e3ffcb6007bcb5c8306a8f652eebe0da2d31b1c5f02b5850fe6329282f23148c111c31d06ca16b7a0c62db5763aa838ef6f1258094"}}, {0x8b, &(0x7f00000024c0)=@string={0x8b, 0x3, "ebb385400fe153042d0f6b8155790b90a51326280b2f743d5daaf608195b187e6915875ed77a7ff5276e25fb04b0259e98a989fd6cb3fcecf4e70a81df06b4fb4b7ef4a5790c6c92dee7578c15fb7a96c5d77045079fb64a510030e23e902699ce4ddcc04ec196ee5c2c1ac5e132ab8a2a68f7488b23c58e84b15d76c55b334a18c877d7f278297583"}}, {0x77, &(0x7f0000002580)=@string={0x77, 0x3, "fdd0059c1eb00765e04e81ad802b6a547561b731fe7c3c5d200a47d279b89258723a99e5e6fb3cdc2663ad2764326831191d99ae4c993276272cda205ba19390b1823f26126affce0e25ccfc41f17d59ab050eefe8305650bbad4928f7cadf6c24696c54a3c9501675a93749d863c09175393c68ae"}}, {0x4, &(0x7f0000002600)=@lang_id={0x4, 0x3, 0x447}}, {0x4, &(0x7f0000002640)=@lang_id={0x4, 0x3, 0x1c09}}, {0x4, &(0x7f0000002680)=@lang_id={0x4, 0x3, 0x180a}}, {0x7c, &(0x7f00000026c0)=@string={0x7c, 0x3, "09a82105a474bc8900da16546ad0bcb08975c86d2c7071fe8aa8ed5ad51a66add82d22c8fd1132c7169444d13b6a885ce8aa595e1ed5eab2990cbef49f23060621b1585019b835d5dfc0f23844f2862ca79fa4e0b233d9f9c6421bfe8c58c1405c47b8a42c1e4c1e5b8a0eaf226a21711c2bf767b17a69691eaf"}}]})
syz_usb_control_io(r7, &(0x7f0000002980)={0x2c, &(0x7f00000027c0)={0x20, 0xe, 0x6d, {0x6d, 0x4, "6c6a7bc0319e0042a2b3a6d033db4e077977357f21a427f6192854ffe262132dda53cc6b6a55c2bd7ac8aa2739d51151530da0dcf8d3bc26fc5db039e42cbdf0c51fcb49590be78cb5dacc55ab36d1c52c9821f6dc37c03f445f37362be30407c767b410888db29d754d95"}}, &(0x7f0000002840)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, &(0x7f0000002880)={0x0, 0xf, 0x3c, {0x5, 0xf, 0x3c, 0x3, [@ssp_cap={0x20, 0x10, 0xa, 0x2a, 0x5, 0xab5f, 0xf, 0x9, [0xff000f, 0x3f00, 0xc0c0, 0xc0, 0x0]}, @ssp_cap={0x14, 0x10, 0xa, 0xb6, 0x2, 0x1, 0xf00, 0x2, [0xff0030, 0x0]}, @ptm_cap={0x3}]}}, &(0x7f0000002900)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x10, 0x3, 0x4, "59701d19", "eba5dd34"}}, &(0x7f0000002940)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x4, 0x4, 0x20, 0x21, 0x10, 0xc, 0x1010}}}, &(0x7f0000002ec0)={0x84, &(0x7f00000029c0)={0x0, 0x5, 0xff, "eddac92bff19056e56579ef2efae09e9c8dba0cc84ac98dbb868b8202e42b76267cf4268f64101230a3af8d6b7a971c5c9ea020343da7335b417d0de7eafe3e790904fb5bbc2af3b6c40b9f3190bf6adc15f3eae29e05d55e9eadde305dc7860202cd710e9774ad4e09e431188c133baddafe1d31bb323723222b758fb27d87f8ba632003c9edce40bf79d01da507d970dbfd64a413d907a2b83dd78240d89f8c4d0d61b1d872b685228bf49b8d8deffa0814bed98086ae3196c38fcef399288cb5e22c17cbf7fc8663fb45ce5f37cdb0d9b5aebf1c68e8c604159a59202e90b0731569add19b91b5ca2344d7eb97913cb36f3a67a233fceb42d725dfd6511"}, &(0x7f0000002b00)={0x0, 0xa, 0x1, 0xc2}, &(0x7f0000002b40)={0x0, 0x8, 0x1}, &(0x7f0000002b80)={0x20, 0x0, 0x4, {0x0, 0x2}}, &(0x7f0000002bc0)={0x20, 0x0, 0x8, {0x20, 0x20, [0xf000]}}, &(0x7f0000002c00)={0x40, 0x7, 0x2, 0x9b}, &(0x7f0000002c40)={0x40, 0x9, 0x1, 0x4e}, &(0x7f0000002c80)={0x40, 0xb, 0x2, "85f2"}, &(0x7f0000002cc0)={0x40, 0xf, 0x2, 0x2}, &(0x7f0000002d00)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000002d40)={0x40, 0x17, 0x6, @random="84f439e49df0"}, &(0x7f0000002d80)={0x40, 0x19, 0x2, 'bi'}, &(0x7f0000002dc0)={0x40, 0x1a, 0x2}, &(0x7f0000002e00)={0x40, 0x1c, 0x1, 0x1}, &(0x7f0000002e40)={0x40, 0x1e, 0x1, 0x8}, &(0x7f0000002e80)={0x40, 0x21, 0x1}})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000002f80)={{0x1, 0x1, 0x18, <r8=>r0, {0x1}}, './file0\x00'})
r9 = openat$cgroup_ro(r8, &(0x7f0000002fc0)='cpuacct.stat\x00', 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r10 = inotify_init1(0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r10, 0x80049367, &(0x7f0000003000))
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f0000003040)={0xaa, 0x220})
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r8, &(0x7f0000003080)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @rand_addr=0x64010101}, @ib={0x1b, 0x100, 0x7, {"415f347155cfbe1a02033c07d1bf47f4"}, 0x7, 0xa65d, 0x8}}}, 0x118)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000031c0)={0xaa, 0x20})
r11 = openat$dir(0xffffffffffffff9c, &(0x7f0000003200)='./file0\x00', 0x40200, 0x104)
r12 = openat(r11, &(0x7f0000003240)='./file0\x00', 0x40000, 0x0)
ioctl$PAGEMAP_SCAN(r12, 0xc0606610, &(0x7f00000032c0)={0x60, 0x2, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x7000)=nil, 0x2, &(0x7f0000003280)=[{0x6, 0x9}], 0x1, 0x6, 0x8, 0x10, 0x2a, 0x37})

4.234660879s ago: executing program 3 (id=1271):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300459993f2bf47f6ea464e77c267f1fe48f46f3ea576852ff7547519e11d3c48a505008d4557495f6febafebfa33b8e14f720ad61024721fa3cdab31f72b23a74dffaeb2b392340b2f76167bd50de3fed45d07d4cfe0bd2f817a107d3e563832170ec8e10071a93a7399b2aa1b251c8e2275b8e423c288e31cbb0a2c488bb72f2426a6835bda180ad760428c534e9959fcabfc3e2a2e", @ANYRES32=r2, @ANYBLOB="30003300d000000008021100000108021100000050505050505020400f03720603030303030375080100030005002500"], 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000580), 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000008c0)={&(0x7f00000005c0)=[0x0], &(0x7f0000000600)=[0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, <r5=>0x0, 0x0, 0x0], 0x1, 0x2, 0x4, 0x4})
ioctl$DRM_IOCTL_MODE_GETENCODER(r4, 0xc01464a6, &(0x7f0000000900)={r5})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f0000000300)={'gre0\x00', <r6=>0x0, 0x700, 0x8, 0x3, 0x2, {{0x1d, 0x4, 0x2, 0x0, 0x74, 0x67, 0x0, 0xd, 0x4, 0x0, @rand_addr=0x64010101, @multicast1, {[@ra={0x94, 0x4}, @end, @lsrr={0x83, 0x1f, 0xd9, [@private=0xa010100, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0xd}, @broadcast]}, @ssrr={0x89, 0x27, 0x6, [@rand_addr=0x64010101, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @multicast1, @empty, @multicast2]}, @ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @multicast1]}, @ra={0x94, 0x4, 0x1}]}}}}})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@ipv4={""/10, ""/2, @private}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f00000004c0)=0xe8)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f0000000680)=@report={0x190, 0x20, 0x318, 0x70bd2a, 0x25dfdbfc, {0x33, {@in6=@local, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x0, 0x4e22, 0x4, 0x2, 0xa0, 0xa0, 0x8, r6, r7}}, [@coaddr={0x14, 0xe, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}}, @algo_aead={0x113, 0x12, {{'morus640\x00'}, 0x638, 0xa0, "a75dd5e07fc7b4b77981db627e2ff49cf27b0eb713807f8ed6eb0958f5c6db6691f31eb2a7635f69e342bdc97b732fc158730c3d6f63d7a61d96415e72183620b2daac572c1041dfc283fc19dcfdefd432ac826c500a5cba9676cd683dad25485329410c8ddc141e3d4f0f8287ac85f497b097a21f55b3fa3909ac26a6cec2b00b796d7743dbbc38f9e24da01ada75efd1d129b419ad770fc5bcd714efe36b0ed4e08c840259e149758a10e3050772f18b55b0b8af72a46db87d702d543709a3c489071b412689"}}, @extra_flags={0x8, 0x18, 0x8}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x30000000}, @lastused={0xc, 0xf, 0x1}]}, 0x190}, 0x1, 0x0, 0x0, 0x40010}, 0x4010)
mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000040)='hpfs\x00', 0x208002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300459993f2bf47f6ea464e77c267f1fe48f46f3ea576852ff7547519e11d3c48a505008d4557495f6febafebfa33b8e14f720ad61024721fa3cdab31f72b23a74dffaeb2b392340b2f76167bd50de3fed45d07d4cfe0bd2f817a107d3e563832170ec8e10071a93a7399b2aa1b251c8e2275b8e423c288e31cbb0a2c488bb72f2426a6835bda180ad760428c534e9959fcabfc3e2a2e", @ANYRES32=r2, @ANYBLOB="30003300d000000008021100000108021100000050505050505020400f03720603030303030375080100030005002500"], 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) (async)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2200, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$zero(0xffffffffffffff9c, &(0x7f0000000580), 0x200, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000008c0)={&(0x7f00000005c0)=[0x0], &(0x7f0000000600)=[0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x1, 0x2, 0x4, 0x4}) (async)
ioctl$DRM_IOCTL_MODE_GETENCODER(r4, 0xc01464a6, &(0x7f0000000900)={r5}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f0000000300)={'gre0\x00', 0x0, 0x700, 0x8, 0x3, 0x2, {{0x1d, 0x4, 0x2, 0x0, 0x74, 0x67, 0x0, 0xd, 0x4, 0x0, @rand_addr=0x64010101, @multicast1, {[@ra={0x94, 0x4}, @end, @lsrr={0x83, 0x1f, 0xd9, [@private=0xa010100, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0xd}, @broadcast]}, @ssrr={0x89, 0x27, 0x6, [@rand_addr=0x64010101, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @multicast1, @empty, @multicast2]}, @ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @multicast1]}, @ra={0x94, 0x4, 0x1}]}}}}}) (async)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@ipv4={""/10, ""/2, @private}, @in=@local}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f00000004c0)=0xe8) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f0000000680)=@report={0x190, 0x20, 0x318, 0x70bd2a, 0x25dfdbfc, {0x33, {@in6=@local, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x0, 0x4e22, 0x4, 0x2, 0xa0, 0xa0, 0x8, r6, r7}}, [@coaddr={0x14, 0xe, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}}, @algo_aead={0x113, 0x12, {{'morus640\x00'}, 0x638, 0xa0, "a75dd5e07fc7b4b77981db627e2ff49cf27b0eb713807f8ed6eb0958f5c6db6691f31eb2a7635f69e342bdc97b732fc158730c3d6f63d7a61d96415e72183620b2daac572c1041dfc283fc19dcfdefd432ac826c500a5cba9676cd683dad25485329410c8ddc141e3d4f0f8287ac85f497b097a21f55b3fa3909ac26a6cec2b00b796d7743dbbc38f9e24da01ada75efd1d129b419ad770fc5bcd714efe36b0ed4e08c840259e149758a10e3050772f18b55b0b8af72a46db87d702d543709a3c489071b412689"}}, @extra_flags={0x8, 0x18, 0x8}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x30000000}, @lastused={0xc, 0xf, 0x1}]}, 0x190}, 0x1, 0x0, 0x0, 0x40010}, 0x4010) (async)
mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000040)='hpfs\x00', 0x208002, 0x0) (async)

4.03982879s ago: executing program 1 (id=1273):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x20, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000400)={r2, @in6={{0xa, 0x4e21, 0x4, @empty, 0x9}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, 0x0, 0x0)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e00, @multicast2}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x40804, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @sack_perm, @sack_perm], 0x6)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f00000001c0)={'wg1\x00', <r7=>0x0})
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000240)={@broadcast, @private=0xa010102, r7}, 0xc)
sendto$inet(r6, 0x0, 0x0, 0x0, &(0x7f0000001100)={0x2, 0x0, @private=0xa010101}, 0x10)
r8 = socket$igmp(0x2, 0x3, 0x2)
r9 = inotify_init1(0x80000)
r10 = dup3(r8, r9, 0x80000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), r10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_STD(r12, 0x40085618, &(0x7f0000000140)=0xff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r8, @ANYRES16=r4, @ANYBLOB="08802dbd7000fcdb0001000000003d6feb51c8d1d9a4ccf21e4571d29c40a516cfcd397e21074faa2b27b98554a932a50d9f8b14d5ed4a45ad701165d14b063ff05a3c0da4e243179d69a2ab0c239156e35d23f8b348a80b930b1a263a777b9fae73dacc58b5a2e1cb6a267d0896ff55d6c77a95485dd5fc9ecfd66fa98fee8c30be76340ac41782c062b6f69f17572d8d02ab4de35d"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8000)
clock_adjtime(0xa00, &(0x7f0000000000)={0x7883, 0x55a0, 0x1, 0x4, 0x9, 0x8000000000000000, 0xffff, 0x7, 0x2, 0x9, 0x0, 0x7, 0xffff, 0x8, 0x7ff, 0xa085, 0x8001, 0x81, 0xfff, 0x8, 0xc2, 0x1ff, 0x9, 0x9, 0x8})
sendfile(r0, r0, 0x0, 0x7ffff000)

3.997957601s ago: executing program 3 (id=1274):
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x71)
r1 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_connect$uac1(0x1, 0xf0, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xde, 0x3, 0x1, 0x3, 0x0, 0x7, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x4, 0xae}, [@mixer_unit={0x8, 0x24, 0x4, 0x2, 0x1, "997bad"}, @mixer_unit={0xb, 0x24, 0x4, 0x6, 0x8, "d55517cb1fdc"}, @mixer_unit={0x5, 0x24, 0x4, 0x1, 0x9}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x94, 0x1, 0x4, 0x1, "a53f", "a6"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0xf, 0x1, 0x3, 0x6, "b8a45afb"}, @as_header={0x7, 0x24, 0x1, 0xf, 0x7, 0x5}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x800, 0x0, 0xa, "5220748310aa93d5bd"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x6, 0x4, 0x2, 0xc2, "c1a0"}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x1, 0x8, 0xfd, {0x7, 0x25, 0x1, 0x2, 0x0, 0xd7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x2, 0x1, 0x8, 0x2, "fa"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x1, 0x2, 0x6, 0x5, "", "aaf9"}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x8, 0x4, 0x1, 0x4, "d25f45d9782e4a"}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x5, 0x2, 0x8, 0x0, "95f3d3"}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0xfb, 0x3, 0x0, {0x7, 0x25, 0x1, 0x1, 0xe, 0xe}}}}}}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x250, 0xcb, 0xfe, 0x4, 0x10, 0x57}, 0xc, &(0x7f00000002c0)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0xe, 0x0, 0x1, 0x80}]}, 0x3, [{0x52, &(0x7f0000000300)=@string={0x52, 0x3, "25887536be2e6f9ff7a81803a80a4b8a507b64ca2ad195f2b2299b3285f0d04d47d5aec1490106f4e1d1e9ba63844604941ec9df5e50772c29c6a53821ac66d242a863f54597256d00e348721757495b"}}, {0xae, &(0x7f0000000380)=@string={0xae, 0x3, "4ed2c2e14c713d933a825024ceba3768bf068d6d750f0271b294ffed6f46a616d026f29e76d6515aece9e77f73714ee582d783dbb9ee8b3247ab7f108f5806b5cf94c099c7038cc56f6d4cc6367aa8dd23098d09cc909f5d487e6a39bb9c442abffcc1e0e0806e72e07c8a1a04052e2eb8e6bfc643b32deee778fde7a45e554916e3a981f919ab4ecf9e5adf288ea85fa557c2fd1c1c240b10174690447296f4a5405cea852bd8a88870bd8a"}}, {0x4c, &(0x7f0000000440)=@string={0x4c, 0x3, "20a953ca5c7ffd30b4de19792390b9c75733b1804a8b7ed639c18c648a4019359b90bf693ef00abecaa1c3ceb330ffdbdf0ba149e732c10d70071b8b4166e64f1aa7833e97c09f8a6d3d"}}]})
syz_usb_connect$hid(0x3, 0x3f, &(0x7f0000000500)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x487aaab2c7bd4c61, 0x2087, 0xf01, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x1, 0x10, 0xb, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x1, 0x1, 0x5, {0x9, 0x21, 0x7, 0x7, 0x1, {0x22, 0xdb9}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x6, 0x4, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x5, 0x8, 0x3}}]}}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000540)={0xa, 0x6, 0x201, 0x0, 0x8, 0x1, 0x20, 0x73}, 0x97, &(0x7f0000000600)={0x5, 0xf, 0x97, 0x4, [@ssp_cap={0x24, 0x10, 0xa, 0x0, 0x6, 0xdc, 0xf00f, 0x8, [0xff0000, 0x30, 0xffc0f0, 0xc0c0, 0xff0000, 0xf]}, @ssp_cap={0x10, 0x10, 0xa, 0x6, 0x1, 0x6, 0xf000, 0x80, [0x3f00]}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x3, 0x2, 0x4}, @generic={0x57, 0x10, 0xb, "d970392738aa48440912fab97cdcfe2ad771851855f2474bd17cc5a9c6c58caa88550612a23da3df5052bd5560ed4f8cd653848154dc9cccaaaecbad2e2d448fc55226f76291fcd7727598050d3ec96236ebc67d"}]}, 0x3, [{0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x300a}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x41b}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x1864}}]}) (async, rerun: 64)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) (rerun: 64)
syz_usb_control_io(r2, 0x0, 0x0) (async)
syz_usb_control_io(r2, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="002206000000"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r2, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f0000000240)="17000000020001000003be8c5ee17688a20032000203000a0292000098fc5a000a00bb6a880000d6c8db0000dba67e0602000043c59ed66b5571ca5f2ae0e28900000200df018002000000fc060f0000000000000061547a681f009cee4a5a2d8f89814bc6c252674f00c88ebb01005033bf79ac2dfc060115003901000000000000ea0000000000000800b59bd2b8e50ce5af649a702202ffff02dfccebf6ba000840024f0298e9e90554062a80e605197f71174aa951f3", 0xb8) (async)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000740)={0xfffffffffffffd2e, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0], 0x0, 0x0}) (async, rerun: 32)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_control_io$hid(r1, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0})
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='bfs\x00', 0x208003, 0x0)

3.05619991s ago: executing program 1 (id=1276):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8) (fail_nth: 91)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

1.989103163s ago: executing program 0 (id=1278):
r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4)
r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000480)={0x80000000, 0x0, &(0x7f0000000400)=[{}, {{<r2=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f0000001040)={{r2}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000fc0)={'syz1\x00', {0x6, 0x8001, 0x0, 0x529}, 0x26, [0xf5, 0x6, 0x80000001, 0x2, 0x202, 0xffffffff, 0x8e, 0x9, 0x9, 0x4, 0x0, 0x9, 0x7, 0x1, 0xfffffffe, 0x38, 0xffffff7f, 0xac, 0x5, 0x1443, 0x0, 0xea7, 0x1, 0x9be4bf38, 0x0, 0x20002, 0xc, 0x5, 0xc, 0x6, 0x84, 0xd3, 0x8001, 0x3, 0x2001, 0xb, 0x2, 0x5f84, 0xfffffffe, 0xd1e, 0x9da, 0x939a, 0x8000, 0x1, 0x5c, 0x8, 0x7f, 0x3, 0xf2b, 0x1, 0x6, 0xfffffffa, 0xffff, 0x2, 0x7, 0x6, 0xffffff7e, 0xf3, 0x6, 0xd2, 0x8001, 0x5, 0x53, 0x1], [0x5, 0x2, 0xd91, 0x8, 0x401, 0x8, 0x1, 0x5, 0xfffffffe, 0x40a89, 0xffb, 0xffffff4b, 0x1, 0x2, 0x0, 0x0, 0x8, 0x8, 0xffffffff, 0x405, 0x2, 0x9, 0x5, 0x5, 0xd, 0xa, 0x206, 0x9, 0xa, 0x5, 0xf, 0xb2cf, 0x1, 0x200, 0xec, 0x9, 0x100, 0x9, 0x5, 0x10001, 0x1, 0x865f, 0x8ec5, 0x3, 0x802, 0x7, 0x3, 0x29e3, 0xce, 0x40b4e5, 0x20000, 0x200, 0x5, 0x4, 0xff, 0x9, 0x1d, 0x3, 0x10000, 0xa, 0x26, 0x2, 0x5, 0xad], [0x4343fe9f, 0xfffffffd, 0x101, 0xffffffff, 0x7f, 0x8, 0x3, 0x3, 0xc, 0x0, 0xcb06, 0xfffeffff, 0x4, 0x37, 0x5, 0x80003, 0xc8, 0xc, 0x8000, 0x2, 0xdf9e, 0x40005, 0x8, 0xa, 0x3, 0x7, 0x401, 0x5, 0x5, 0x2, 0x3, 0x2, 0x1, 0x0, 0x10000004, 0x911, 0x7, 0x8000, 0x31c1, 0x8, 0xb, 0x4, 0x2, 0x1f83, 0x9, 0x1, 0x2, 0x8, 0x7, 0x402, 0x9, 0xffff, 0x400, 0x80000000, 0x0, 0xc, 0x80, 0xf, 0x8, 0x8, 0x9, 0x4, 0x4, 0xfffffdad], [0x27b, 0x6, 0x6, 0x10, 0x7, 0x4009, 0x8, 0xff, 0x7fffffff, 0xe012, 0xfffffff8, 0x200008, 0xffff7bfb, 0xffffffff, 0x401, 0x100, 0x2, 0x0, 0xb, 0x8, 0x3, 0x5, 0xfffffc00, 0x91, 0x9, 0x4, 0x80000000, 0x2, 0xa, 0x27, 0x400, 0x70, 0x9, 0xffc, 0x400002, 0xc, 0xffffffff, 0x49, 0x80088, 0x10, 0x5, 0x9a2, 0x81, 0xf011, 0x400, 0x103000, 0x8, 0x5, 0x4, 0xfffffffe, 0xb, 0x1, 0xc3, 0x9, 0x807ff, 0x1, 0x3, 0xfffffc02, 0x3, 0xb, 0x5, 0x8, 0xa, 0xfffffff4]}, 0x45c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r3, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
pipe(&(0x7f0000000080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
pipe(&(0x7f0000000000))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r6 = fanotify_init(0x10, 0x40000)
fsetxattr$system_posix_acl(r6, &(0x7f0000000080)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec309d59191b00867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, 0x0, &(0x7f00000000c0))
openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0)
mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='romfs\x00', 0x0, 0x0)

1.86007673s ago: executing program 1 (id=1279):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x842, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000009, 0x12, r0, 0x45809000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x81}]}]}, 0x28}}, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x43}, @empty}}}], 0x20}, 0x0)
mlock2(&(0x7f00002e5000/0xc00000)=nil, 0xc00000, 0x0)

1.741235041s ago: executing program 0 (id=1280):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000001c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000400), r3, 0x0, 0x2, 0x4}}, 0xffffffffffffff6e)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x2, 0x4e22, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, r1}}, 0x48)

1.578902421s ago: executing program 0 (id=1281):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300050018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f00000001c0)={0x5c, 0xa, 0x0, "b75c89e7a20c8eac82ad0416bb1844038d2cd97c945462f31638b5394c00"})
r3 = syz_open_dev$I2C(0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r5, &(0x7f0000000100)=""/159, 0xfffffe5a)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000440)=ANY=[@ANYBLOB="380000007ced29ac941566b06298a164cf792946df36c6517c24c4a5c7fec2042d0abdb482065e3664ed2a0d3faa7167627024f53aeeb5651a75a42d0f027452dad0ded31678419d1b2a4485de7e038de5ee80af79d5316884ec5ea928b8820ce485ed2048f118443b844becde031208e7bad8a186339f7143c29d6c798c0560c6e4302dcb78ac31333d31285c21c6c050a1548f6d61e06d2d151550313d33871c82907d45f4522300dfb58080ce46b884d0f5c11cf1e9894ecf17e56e65cb3524aa0fd2503d5dade601f5b49cb4377da4de144cdbd65f2a60df173fcc07e756b9d8f3b789a8ff474aa9fc030d83ceefd085e1f686e62bea524c3de4e883a8435ec29b56949a9fb6b19a143b814fc5d4628a89c05d901da1cc2fa62cc3a2b2179c4b3d3fe7732f1c8ea5e654abad38f8c34f2f4a27d855aabb10215d2287de2dccb3cdc06f4566bffa22cd64a8359b3bb6d7b65ae695efc04285f6e9e72ab219e2fbf41cc3a1d96536b331042d06517ff81fd274896a2b943cbe449d907245a6a5a8551a0dc916f783903a4a8d41da8d102a42adf03b1b023ccc30d3a4e259114c7c17e28c238f037f835762f23505c9e893bd0c937d3e67060ea7d7", @ANYRES16=r7, @ANYBLOB="010226bd7000fcdbdf250c0000000c0003800400040004000380180001801400020076657468315f766c616e000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x20000094}, 0x404c004)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x385fc2, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r9, 0xc008561c, &(0x7f0000000400)={0xf0f002, 0x5})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r8, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
r10 = dup2(r4, r4)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r10, 0x84, 0x20, 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, 0x0)
r11 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
fstat(r12, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
setreuid(0x0, r13)
ioctl$SIOCAX25DELFWD(r11, 0x89eb, 0x0)
mlock2(&(0x7f0000af1000/0x2000)=nil, 0x2000, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x10, r0, 0x6b525000)
mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
fremovexattr(r3, &(0x7f0000000000)=@known='trusted.syz\x00')
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)

1.460027253s ago: executing program 2 (id=1282):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000040)='exofs\x00', 0x208002, 0x0)

1.268165498s ago: executing program 2 (id=1283):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000240)={0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000005a00000000000000260fc7b8b47000000f20d835200000000f22d8c4c1fc109200000100660fe22966ba6100edb8010000000f01d9260fc77d010f20e035400000000f22e02ed9f9410f0fb20000000090c30800000000000000510000000000000066b867008ec80fc758102e400f217766b891000f00d8670f01c2c4e3e1ce2509000000000f9b9172000000c4e345793900c4e2f9db3500000100f0410fba2f00c30200000000000000180000000000000009000000010400000100000000000000840000000000000040f426420f01c9440f20c0350b000000440f22c048b80e458c560000000023f8c744240007000000c7442402c5000000c7442406000000000f011c24400f21380f20c035010000000f22c0b9ee0a0000b84110614fba48279e2e0f30c4a12d665b2565420f2291c300"/327], 0x147})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000100)={0x65, 0xfe, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe) (async)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000200)=0x1ff, 0x4) (async)
shutdown(r1, 0x1) (async)
recvmmsg(r1, &(0x7f0000005000)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x60, 0x0) (async)
r2 = socket$inet6(0xa, 0x1, 0x8)
bind$inet6(r2, &(0x7f0000000880)={0xa, 0x80, 0x0, @local, 0x14}, 0x1c) (async)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9}) (async)
r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000400)='tasks\x00', 0x2, 0x0)
getsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000500), &(0x7f0000000540)=0x4) (async)
r4 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000480), 0x0)
splice(r3, &(0x7f0000000440)=0x2, r4, &(0x7f00000004c0)=0x99, 0x61ffdb4d, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000200)='stack\x00')
readv(r5, &(0x7f0000000340)=[{&(0x7f0000000140)=""/95, 0x5f}], 0x1)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c) (async)
r6 = dup2(r2, r2)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000002c0)="40d3c3a76ea2ae33673dae44dd71222941e6cc54a1e80ac3bc67da440ea971ddafffb6f85952f8f0", 0x28}], 0x1}, 0x4000004) (async)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="1e00000000000000145f62ebf701201a0b7de0f7bd5916bd958b03dc8483c4e91955045b924cd567f51bae6ba2e68fc569ac8f8e23fda5cd7f90fc1c87ba54ffbe00"/75]) (async)
r7 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r8, 0x6)
accept4$inet6(r8, 0x0, 0x0, 0x0)
shutdown(r8, 0x1) (async)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000181401"], 0x40}, 0x1, 0x0, 0x0, 0x400d5}, 0x20000000)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='hpfs\x00', 0x0, 0x0)

1.194683999s ago: executing program 1 (id=1284):
mount(&(0x7f0000000000)=@md0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='exfat\x00', 0x200000, 0x0)
mount$bind(&(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100)='./cgroup\x00', &(0x7f0000000140), 0x2110002, 0x0)
r0 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ff7000/0x2000)=nil)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040e05002d0c00f2f99ff61c7bf6245f8f9209b7478e229a"], 0x45)
faccessat2(r1, &(0x7f00000002c0)='./file1\x00', 0xcb, 0x1100)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="040000", @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x10b280, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
ioctl$KVM_SET_CLOCK(r6, 0x4188aec6, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x20000000000000, 0x4})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x22, 0x0, 0x0)
syz_fuse_handle_req(r2, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c4ab97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2044, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x90, 0xfffffffffffffffe, 0xdb5, {0x3, 0x0, 0xfffffffffffffcf7, 0x30000000, 0x7ff, 0x0, {0xfffffffffffffffe, 0x0, 0x4f, 0x8, 0x0, 0x10, 0x0, 0x0, 0x3, 0xc000, 0x1, r3, r4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
setuid(r3)

1.118462193s ago: executing program 0 (id=1285):
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x800, 0x5, 0x0})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)

1.10646781s ago: executing program 2 (id=1286):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000380001ff23bd7002fa0000ca07"], 0x14}}, 0x4000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x404c004}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r5, 0x10, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x46}, @val={0x8}, @val={0xc, 0x99, {0x8, 0x5b}}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x810}, 0x48000)
creat(&(0x7f0000001380)='./file0\x00', 0x4)
mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000001480)='qnx4\x00', 0x0, 0x0)
statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=""/128)

841.961172ms ago: executing program 1 (id=1287):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8) (fail_nth: 92)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

841.486962ms ago: executing program 2 (id=1288):
creat(&(0x7f0000001380)='./file0\x00', 0x4)
creat(&(0x7f0000000040)='./file0\x00', 0x121)
mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='romfs\x00', 0x8000, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r1, 0x0, &(0x7f00004f9000/0x3000)=nil, 0x3000})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000040)={0x28, 0x5, r1, r1, 0x3, 0xfffffffffefffff8, 0x3fff})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000580)='net/igmp\x00')
preadv(r2, &(0x7f0000000180)=[{&(0x7f0000000340)=""/163, 0xa3}, {&(0x7f0000000240)=""/71, 0x47}], 0x2, 0x1, 0xe3d0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4, 0x0, <r5=>0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000003500)={0x2, 0x0, [{0xffff1000, 0x0, 0x0}, {0x100000, 0x88, &(0x7f0000002340)=""/136}]})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x6}]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r7, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
syz_open_procfs(0x0, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r8, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x3}]})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x14, r5, 0x0, r4})
ioctl$IOMMU_DESTROY$stdev(r2, 0x3b80, &(0x7f0000000100)={0x8, r5})
setrlimit(0x4, &(0x7f0000000080)={0x9, 0x8001})

732.128197ms ago: executing program 0 (id=1289):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000001c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000400), r3, 0x0, 0x2, 0x4}}, 0xffffffffffffff6e)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x2, 0x4e22, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, r1}}, 0x48)

411.061023ms ago: executing program 3 (id=1290):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x44, r0, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x0)

335.497594ms ago: executing program 0 (id=1291):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x800000000, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac000000000000000000000000000000000001", "90be8b1c551265406c7f306003d8a0f4bd00"}})

142.913339ms ago: executing program 3 (id=1292):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000200)={0x1, 0x101})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000880))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f0000000540)=""/97, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002"], 0x7c}}, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r3 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r3})
r4 = userfaultfd(0x80001)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x40})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000180)=@mmap={0x0, 0x2, 0x4, 0x0, 0x80000001, {}, {0x4, 0x8, 0x0, 0x0, 0x0, 0x0, "186856f3"}})
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000380)={0xaa, 0x7c})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/56, 0x0, 0xeeee8000})
ppoll(&(0x7f0000000300)=[{r5, 0x8}], 0x1, &(0x7f0000000340), &(0x7f0000000500)={[0x7fff8000000]}, 0x8)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r6, 0x45809000)

68.1249ms ago: executing program 1 (id=1293):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
unshare(0x22020600)
ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000380)={0x3, 0x0, @ioapic={0x2, 0x6, 0x101, 0x5, 0x0, [{0xd, 0x9, 0x6, '\x00', 0x1}, {0x6, 0x2, 0x26, '\x00', 0xfc}, {0x2, 0xef, 0xd, '\x00', 0xee}, {0xfb, 0x7, 0xd}, {0x13, 0x9, 0x2, '\x00', 0x62}, {0x1, 0x3, 0x2, '\x00', 0xd3}, {0xf, 0x0, 0x8, '\x00', 0x4}, {0x9, 0xdb, 0x1}, {0x81, 0x23, 0x5, '\x00', 0x2}, {0xde, 0x20, 0x3}, {0x40, 0x4, 0xf8, '\x00', 0x1}, {0xf5, 0x5, 0x4, '\x00', 0xb5}, {0x7, 0x3, 0x2b, '\x00', 0x6}, {0x4, 0x0, 0x0, '\x00', 0xe9}, {0x10, 0x39, 0x40, '\x00', 0xcf}, {0x6c, 0x3f, 0x0, '\x00', 0x72}, {0x6e, 0x4, 0x84, '\x00', 0xe}, {0x7, 0x2, 0x8, '\x00', 0x7}, {0xf, 0x7, 0x5}, {0x1, 0x6, 0x9}, {0x4, 0x6, 0x1, '\x00', 0x49}, {0xee, 0x2, 0x95, '\x00', 0xba}, {0x2, 0x8, 0x0, '\x00', 0xc3}, {0x8, 0x9, 0x54, '\x00', 0x9}]}})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
personality(0x5400004)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000340)={r4})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r3, 0x7dfff000)

0s ago: executing program 2 (id=1294):
r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4)
mount(&(0x7f0000000080)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='ext3\x00', 0x400, 0x0)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="700000000c06050000000000000000000a00000309cd13c29fa118ebea9f8e957bdba300020073797a3100000000050001000700000005000100070000000900020073797a31000000000900020073797a31000000000900020073797a310000000005000100070000000900020073797a32000000000500010007000000"], 0x70}, 0x1, 0x0, 0x0, 0x4000014}, 0x100)
r1 = getpgrp(0xffffffffffffffff)
capset(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000100)={0x67, 0x9, 0x3, 0x8, 0x1, 0x1})

kernel console output (not intermixed with test programs):

ng+0x15/0xb0
[  233.609919][ T8505]  ? do_syscall_64+0xbe/0x3b0
[  233.609946][ T8505]  do_syscall_64+0xfa/0x3b0
[  233.609968][ T8505]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.609990][ T8505]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.610009][ T8505]  ? clear_bhb_loop+0x60/0xb0
[  233.610033][ T8505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.610051][ T8505] RIP: 0033:0x7ffad978e929
[  233.610070][ T8505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.610087][ T8505] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  233.610109][ T8505] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  233.610123][ T8505] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  233.610136][ T8505] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  233.610148][ T8505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  233.610160][ T8505] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  233.610193][ T8505]  </TASK>
[  233.965822][    T9] usb 1-1: USB disconnect, device number 42
[  234.024903][ T5957] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  234.040293][ T8469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.054121][ T8469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.196493][ T5957] usb 3-1: Using ep0 maxpacket: 32
[  234.212379][ T8510] netlink: 12 bytes leftover after parsing attributes in process `syz.0.894'.
[  234.222218][ T5957] usb 3-1: config 0 has no interfaces?
[  234.251595][ T5957] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  234.291269][ T5957] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.332221][ T5957] usb 3-1: Product: syz
[  234.339612][ T8511] netlink: 8 bytes leftover after parsing attributes in process `syz.0.894'.
[  234.359776][ T5957] usb 3-1: Manufacturer: syz
[  234.381219][ T5957] usb 3-1: SerialNumber: syz
[  234.419777][ T5957] usb 3-1: config 0 descriptor??
[  234.687739][   T43] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[  234.871717][   T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.894355][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  234.922598][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.943972][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  234.979017][   T43] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  234.992825][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.019523][   T43] usb 1-1: config 0 descriptor??
[  235.326544][   T43] usbhid 1-1:0.0: can't add hid device: -71
[  235.339611][   T43] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  235.360755][   T43] usb 1-1: USB disconnect, device number 43
[  235.707091][ T8526] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  235.714557][ T8526] /dev/rnullb0: Can't open blockdev
[  235.804040][   T43] usb 2-1: USB disconnect, device number 37
[  235.834785][ T8528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.899'.
[  235.998825][ T8533] loop6: detected capacity change from 0 to 7
[  236.010438][ T5845] Dev loop6: unable to read RDB block 7
[  236.017558][ T5845]  loop6: AHDI p3 p4
[  236.021688][ T5845] loop6: partition table partially beyond EOD, truncated
[  236.038069][ T5845] loop6: p3 start 1886353253 is beyond EOD, truncated
[  236.051332][ T8533] Dev loop6: unable to read RDB block 7
[  236.063631][ T8533]  loop6: AHDI p3 p4
[  236.068789][ T8533] loop6: partition table partially beyond EOD, truncated
[  236.076732][ T8533] loop6: p3 start 1886353253 is beyond EOD, truncated
[  236.312098][ T8538] FAULT_INJECTION: forcing a failure.
[  236.312098][ T8538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.314241][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.3.904'.
[  236.339236][ T8538] CPU: 1 UID: 0 PID: 8538 Comm: syz.1.903 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  236.339266][ T8538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.339276][ T8538] Call Trace:
[  236.339284][ T8538]  <TASK>
[  236.339292][ T8538]  dump_stack_lvl+0x189/0x250
[  236.339320][ T8538]  ? __pfx____ratelimit+0x10/0x10
[  236.339345][ T8538]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.339368][ T8538]  ? __pfx__printk+0x10/0x10
[  236.339390][ T8538]  ? __might_fault+0xb0/0x130
[  236.339426][ T8538]  should_fail_ex+0x414/0x560
[  236.339462][ T8538]  _copy_from_user+0x2d/0xb0
[  236.339491][ T8538]  snd_seq_event_dup+0x467/0x780
[  236.339532][ T8538]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  236.339568][ T8538]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  236.339609][ T8538]  snd_seq_write+0x5c2/0x810
[  236.339644][ T8538]  ? __pfx_snd_seq_write+0x10/0x10
[  236.339665][ T8538]  ? bpf_lsm_file_permission+0x9/0x20
[  236.339683][ T8538]  ? security_file_permission+0x75/0x290
[  236.339719][ T8538]  ? rw_verify_area+0x258/0x650
[  236.339741][ T8538]  ? __pfx_snd_seq_write+0x10/0x10
[  236.339763][ T8538]  vfs_write+0x27b/0xa90
[  236.339805][ T8538]  ? __pfx_vfs_write+0x10/0x10
[  236.339830][ T8538]  ? __fget_files+0x2a/0x420
[  236.339860][ T8538]  ? __fget_files+0x2a/0x420
[  236.339884][ T8538]  ? __fget_files+0x3a0/0x420
[  236.339907][ T8538]  ? __fget_files+0x2a/0x420
[  236.339939][ T8538]  ksys_write+0x145/0x250
[  236.339965][ T8538]  ? __pfx_ksys_write+0x10/0x10
[  236.339994][ T8538]  ? do_syscall_64+0xbe/0x3b0
[  236.340024][ T8538]  do_syscall_64+0xfa/0x3b0
[  236.340049][ T8538]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.340067][ T8538]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  236.340086][ T8538]  ? clear_bhb_loop+0x60/0xb0
[  236.340110][ T8538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.340127][ T8538] RIP: 0033:0x7fc1f1d8e929
[  236.340144][ T8538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.340161][ T8538] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  236.340183][ T8538] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  236.340197][ T8538] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  236.340209][ T8538] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  236.340221][ T8538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  236.340233][ T8538] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  236.340272][ T8538]  </TASK>
[  236.669403][ T8548] /dev/rnullb0: Can't open blockdev
[  236.838541][ T8554] netlink: 4 bytes leftover after parsing attributes in process `syz.1.908'.
[  237.246207][ T8565] program syz.3.911 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.377857][   T51] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  237.661428][   T43] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  237.881845][   T43] usb 1-1: Using ep0 maxpacket: 16
[  237.914929][   T43] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.959182][   T43] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  237.992900][   T43] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  238.021018][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.056643][   T43] usb 1-1: Product: syz
[  238.072419][   T43] usb 1-1: Manufacturer: syz
[  238.093329][   T43] usb 1-1: SerialNumber: syz
[  238.228119][ T5957] usb 3-1: USB disconnect, device number 55
[  238.231241][ T8572] FAULT_INJECTION: forcing a failure.
[  238.231241][ T8572] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  238.254331][ T8572] CPU: 0 UID: 0 PID: 8572 Comm: syz.1.913 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  238.254359][ T8572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.254370][ T8572] Call Trace:
[  238.254378][ T8572]  <TASK>
[  238.254392][ T8572]  dump_stack_lvl+0x189/0x250
[  238.254419][ T8572]  ? __pfx____ratelimit+0x10/0x10
[  238.254443][ T8572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.254465][ T8572]  ? __pfx__printk+0x10/0x10
[  238.254509][ T8572]  ? fs_reclaim_acquire+0x7d/0x100
[  238.254543][ T8572]  should_fail_ex+0x414/0x560
[  238.254575][ T8572]  prepare_alloc_pages+0x213/0x610
[  238.254610][ T8572]  __alloc_frozen_pages_noprof+0x123/0x370
[  238.254640][ T8572]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  238.254675][ T8572]  ? policy_nodemask+0x27c/0x720
[  238.254693][ T8572]  ? __lock_acquire+0xab9/0xd20
[  238.254724][ T8572]  alloc_pages_mpol+0x232/0x4a0
[  238.254752][ T8572]  vma_alloc_folio_noprof+0xe4/0x200
[  238.254774][ T8572]  ? page_table_check_set+0x18d/0x730
[  238.254797][ T8572]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  238.254831][ T8572]  folio_prealloc+0x30/0x180
[  238.254856][ T8572]  __handle_mm_fault+0x2ab9/0x5440
[  238.254894][ T8572]  ? __pfx___handle_mm_fault+0x10/0x10
[  238.254928][ T8572]  ? follow_page_pte+0x7ef/0x13e0
[  238.254967][ T8572]  handle_mm_fault+0x40a/0x8e0
[  238.254999][ T8572]  __get_user_pages+0x1699/0x2ce0
[  238.255057][ T8572]  populate_vma_page_range+0x29f/0x3a0
[  238.255078][ T8572]  ? __pfx_populate_vma_page_range+0x10/0x10
[  238.255094][ T8572]  ? apply_vma_lock_flags+0x344/0x3c0
[  238.255127][ T8572]  ? down_read+0x1ad/0x2e0
[  238.255153][ T8572]  __mm_populate+0x24c/0x380
[  238.255174][ T8572]  ? __pfx___mm_populate+0x10/0x10
[  238.255193][ T8572]  ? up_write+0x1c4/0x420
[  238.255217][ T8572]  do_mlock+0x625/0x740
[  238.255252][ T8572]  ? __pfx_do_mlock+0x10/0x10
[  238.255279][ T8572]  ? fput+0xa0/0xd0
[  238.255296][ T8572]  ? ksys_write+0x22a/0x250
[  238.255320][ T8572]  ? __pfx_ksys_write+0x10/0x10
[  238.255339][ T8572]  ? rcu_is_watching+0x15/0xb0
[  238.255365][ T8572]  __x64_sys_mlock2+0xac/0xd0
[  238.255390][ T8572]  do_syscall_64+0xfa/0x3b0
[  238.255412][ T8572]  ? lockdep_hardirqs_on+0x9c/0x150
[  238.255434][ T8572]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.255452][ T8572]  ? clear_bhb_loop+0x60/0xb0
[  238.255474][ T8572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.255491][ T8572] RIP: 0033:0x7fc1f1d8e929
[  238.255508][ T8572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.255525][ T8572] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  238.255546][ T8572] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  238.255559][ T8572] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  238.255571][ T8572] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  238.255583][ T8572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  238.255596][ T8572] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  238.255626][ T8572]  </TASK>
[  238.587422][   T43] usb 1-1: 0:2 : does not exist
[  238.802719][   T43] usb 1-1: USB disconnect, device number 44
[  238.896561][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  239.085494][ T8581] FAULT_INJECTION: forcing a failure.
[  239.085494][ T8581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.115616][ T8581] CPU: 0 UID: 0 PID: 8581 Comm: syz.2.916 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  239.115650][ T8581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.115661][ T8581] Call Trace:
[  239.115669][ T8581]  <TASK>
[  239.115677][ T8581]  dump_stack_lvl+0x189/0x250
[  239.115705][ T8581]  ? __pfx____ratelimit+0x10/0x10
[  239.115727][ T8581]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.115747][ T8581]  ? __pfx__printk+0x10/0x10
[  239.115769][ T8581]  ? __might_fault+0xb0/0x130
[  239.115803][ T8581]  should_fail_ex+0x414/0x560
[  239.115836][ T8581]  _copy_from_user+0x2d/0xb0
[  239.115873][ T8581]  snd_seq_event_dup+0x467/0x780
[  239.115914][ T8581]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  239.115949][ T8581]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  239.115985][ T8581]  snd_seq_write+0x5c2/0x810
[  239.116018][ T8581]  ? __pfx_snd_seq_write+0x10/0x10
[  239.116039][ T8581]  ? bpf_lsm_file_permission+0x9/0x20
[  239.116057][ T8581]  ? security_file_permission+0x75/0x290
[  239.116085][ T8581]  ? rw_verify_area+0x258/0x650
[  239.116106][ T8581]  ? __pfx_snd_seq_write+0x10/0x10
[  239.116128][ T8581]  vfs_write+0x27b/0xa90
[  239.116160][ T8581]  ? __pfx_vfs_write+0x10/0x10
[  239.116182][ T8581]  ? __fget_files+0x2a/0x420
[  239.116207][ T8581]  ? __fget_files+0x2a/0x420
[  239.116229][ T8581]  ? __fget_files+0x3a0/0x420
[  239.116249][ T8581]  ? __fget_files+0x2a/0x420
[  239.116285][ T8581]  ksys_write+0x145/0x250
[  239.116311][ T8581]  ? __pfx_ksys_write+0x10/0x10
[  239.116329][ T8581]  ? rcu_is_watching+0x15/0xb0
[  239.116352][ T8581]  ? do_syscall_64+0xbe/0x3b0
[  239.116379][ T8581]  do_syscall_64+0xfa/0x3b0
[  239.116399][ T8581]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.116420][ T8581]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.116437][ T8581]  ? clear_bhb_loop+0x60/0xb0
[  239.116460][ T8581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.116478][ T8581] RIP: 0033:0x7f7aea38e929
[  239.116496][ T8581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.116510][ T8581] RSP: 002b:00007f7aeb1ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  239.116530][ T8581] RAX: ffffffffffffffda RBX: 00007f7aea5b5fa0 RCX: 00007f7aea38e929
[  239.116544][ T8581] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  239.116556][ T8581] RBP: 00007f7aeb1ce090 R08: 0000000000000000 R09: 0000000000000000
[  239.116567][ T8581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.116578][ T8581] R13: 0000000000000000 R14: 00007f7aea5b5fa0 R15: 00007ffd8ccbeb68
[  239.116609][ T8581]  </TASK>
[  239.438983][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.1.918'.
[  239.582181][ T8592] /dev/rnullb0: Can't open blockdev
[  240.008982][    T9] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[  240.210114][    T9] usb 3-1: config 8 has an invalid interface number: 196 but max is 0
[  240.311029][    T9] usb 3-1: config 8 has no interface number 0
[  240.436809][    T9] usb 3-1: config 8 interface 196 has no altsetting 0
[  240.548509][    T9] usb 3-1: New USB device found, idVendor=061d, idProduct=c170, bcdDevice=e5.59
[  240.663663][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.730583][ T8605] /dev/rnullb0: Can't open blockdev
[  240.915359][ T8595] /dev/rnullb0: Can't open blockdev
[  240.926709][ T8610] /dev/rnullb0: Can't open blockdev
[  240.956941][    T9] usb 3-1: string descriptor 0 read error: -71
[  240.976260][    T9] quatech2 3-1:8.196: Quatech 2nd gen USB to Serial Driver converter detected
[  240.996514][    T9] usb 3-1: qt2_attach - failed to power on unit: -71
[  241.005255][    T9] quatech2 3-1:8.196: probe with driver quatech2 failed with error -71
[  241.033202][    T9] usb 3-1: USB disconnect, device number 56
[  241.182956][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.929'.
[  241.245576][ T8617] FAULT_INJECTION: forcing a failure.
[  241.245576][ T8617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.260996][ T8617] CPU: 1 UID: 0 PID: 8617 Comm: syz.1.930 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  241.261017][ T8617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.261028][ T8617] Call Trace:
[  241.261037][ T8617]  <TASK>
[  241.261045][ T8617]  dump_stack_lvl+0x189/0x250
[  241.261072][ T8617]  ? __pfx____ratelimit+0x10/0x10
[  241.261093][ T8617]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.261111][ T8617]  ? __pfx__printk+0x10/0x10
[  241.261124][ T8617]  ? __might_fault+0xb0/0x130
[  241.261143][ T8617]  should_fail_ex+0x414/0x560
[  241.261163][ T8617]  _copy_from_user+0x2d/0xb0
[  241.261180][ T8617]  snd_seq_event_dup+0x467/0x780
[  241.261204][ T8617]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  241.261225][ T8617]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  241.261262][ T8617]  snd_seq_write+0x5c2/0x810
[  241.261294][ T8617]  ? __pfx_snd_seq_write+0x10/0x10
[  241.261313][ T8617]  ? bpf_lsm_file_permission+0x9/0x20
[  241.261326][ T8617]  ? security_file_permission+0x75/0x290
[  241.261342][ T8617]  ? rw_verify_area+0x258/0x650
[  241.261355][ T8617]  ? __pfx_snd_seq_write+0x10/0x10
[  241.261367][ T8617]  vfs_write+0x27b/0xa90
[  241.261385][ T8617]  ? __pfx_vfs_write+0x10/0x10
[  241.261399][ T8617]  ? __fget_files+0x2a/0x420
[  241.261416][ T8617]  ? __fget_files+0x2a/0x420
[  241.261430][ T8617]  ? __fget_files+0x3a0/0x420
[  241.261447][ T8617]  ? __fget_files+0x2a/0x420
[  241.261480][ T8617]  ksys_write+0x145/0x250
[  241.261504][ T8617]  ? __pfx_ksys_write+0x10/0x10
[  241.261530][ T8617]  ? do_syscall_64+0xbe/0x3b0
[  241.261552][ T8617]  do_syscall_64+0xfa/0x3b0
[  241.261565][ T8617]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.261578][ T8617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.261595][ T8617]  ? clear_bhb_loop+0x60/0xb0
[  241.261608][ T8617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.261619][ T8617] RIP: 0033:0x7fc1f1d8e929
[  241.261630][ T8617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.261640][ T8617] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  241.261654][ T8617] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  241.261668][ T8617] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  241.261679][ T8617] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  241.261690][ T8617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  241.261701][ T8617] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  241.261731][ T8617]  </TASK>
[  241.523042][   T43] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  241.689778][   T43] usb 1-1: Using ep0 maxpacket: 16
[  241.697376][   T43] usb 1-1: unable to get BOS descriptor or descriptor too short
[  241.706519][   T43] usb 1-1: config 2 has an invalid interface number: 151 but max is 0
[  241.714799][   T43] usb 1-1: config 2 has no interface number 0
[  241.721932][   T43] usb 1-1: config 2 interface 151 has no altsetting 0
[  241.729389][   T43] usb 1-1: string descriptor 0 read error: -22
[  241.736061][   T43] usb 1-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=40.1f
[  241.745201][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.011050][   T43] mos7840 1-1:2.151: required endpoints missing
[  242.036837][   T43] usb 1-1: USB disconnect, device number 45
[  242.749908][ T8640] FAULT_INJECTION: forcing a failure.
[  242.749908][ T8640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.790934][ T8640] CPU: 1 UID: 0 PID: 8640 Comm: syz.3.939 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  242.790967][ T8640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  242.790979][ T8640] Call Trace:
[  242.790987][ T8640]  <TASK>
[  242.790996][ T8640]  dump_stack_lvl+0x189/0x250
[  242.791022][ T8640]  ? __pfx____ratelimit+0x10/0x10
[  242.791044][ T8640]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.791063][ T8640]  ? __pfx__printk+0x10/0x10
[  242.791084][ T8640]  ? __might_fault+0xb0/0x130
[  242.791119][ T8640]  should_fail_ex+0x414/0x560
[  242.791154][ T8640]  _copy_from_user+0x2d/0xb0
[  242.791192][ T8640]  snd_seq_event_dup+0x467/0x780
[  242.791236][ T8640]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  242.791271][ T8640]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  242.791310][ T8640]  snd_seq_write+0x5c2/0x810
[  242.791345][ T8640]  ? __pfx_snd_seq_write+0x10/0x10
[  242.791367][ T8640]  ? bpf_lsm_file_permission+0x9/0x20
[  242.791385][ T8640]  ? security_file_permission+0x75/0x290
[  242.791415][ T8640]  ? rw_verify_area+0x258/0x650
[  242.791437][ T8640]  ? __pfx_snd_seq_write+0x10/0x10
[  242.791459][ T8640]  vfs_write+0x27b/0xa90
[  242.791490][ T8640]  ? __pfx_vfs_write+0x10/0x10
[  242.791513][ T8640]  ? __fget_files+0x2a/0x420
[  242.791543][ T8640]  ? __fget_files+0x2a/0x420
[  242.791575][ T8640]  ? __fget_files+0x3a0/0x420
[  242.791598][ T8640]  ? __fget_files+0x2a/0x420
[  242.791642][ T8640]  ksys_write+0x145/0x250
[  242.791668][ T8640]  ? __pfx_ksys_write+0x10/0x10
[  242.791689][ T8640]  ? rcu_is_watching+0x15/0xb0
[  242.791711][ T8640]  ? do_syscall_64+0xbe/0x3b0
[  242.791740][ T8640]  do_syscall_64+0xfa/0x3b0
[  242.791763][ T8640]  ? lockdep_hardirqs_on+0x9c/0x150
[  242.791785][ T8640]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.791804][ T8640]  ? clear_bhb_loop+0x60/0xb0
[  242.791827][ T8640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.791844][ T8640] RIP: 0033:0x7ffad978e929
[  242.791863][ T8640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.791879][ T8640] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  242.791900][ T8640] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  242.791913][ T8640] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  242.791924][ T8640] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  242.791935][ T8640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  242.791947][ T8640] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  242.791980][ T8640]  </TASK>
[  243.368688][    T9] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  243.539577][    T9] usb 1-1: Using ep0 maxpacket: 32
[  243.560914][    T9] usb 1-1: config 0 has no interfaces?
[  243.573018][    T9] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  243.591555][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.611973][    T9] usb 1-1: Product: syz
[  243.622774][    T9] usb 1-1: Manufacturer: syz
[  243.632647][    T9] usb 1-1: SerialNumber: syz
[  243.658419][    T9] usb 1-1: config 0 descriptor??
[  243.702938][ T8663] netlink: 12 bytes leftover after parsing attributes in process `syz.2.945'.
[  243.722516][ T8665] /dev/rnullb0: Can't open blockdev
[  243.743683][ T8665] vcan0: tx drop: invalid da for name 0x0000000000000002
[  243.851122][ T8670] /dev/rnullb0: Can't open blockdev
[  244.109993][ T8671] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  244.415907][    T9] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  244.618218][    T9] usb 3-1: Using ep0 maxpacket: 32
[  244.644294][    T9] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  244.661415][    T9] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  244.672736][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  244.686652][    T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  244.697017][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.709365][    T9] usb 3-1: Product: о
[  244.713584][    T9] usb 3-1: Manufacturer: ᰉ
[  244.719477][    T9] usb 3-1: SerialNumber: 鑡䝭倞鈈嚓⬩풜ի⏚鱓䬦꽨榣蒴란䄣傸㛮ဋ묂屻苯믹௉4्媿禩緉쀀
[  244.720065][ T8679] FAULT_INJECTION: forcing a failure.
[  244.720065][ T8679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.766332][ T8679] CPU: 1 UID: 0 PID: 8679 Comm: syz.3.951 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  244.766362][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.766374][ T8679] Call Trace:
[  244.766383][ T8679]  <TASK>
[  244.766391][ T8679]  dump_stack_lvl+0x189/0x250
[  244.766420][ T8679]  ? __pfx____ratelimit+0x10/0x10
[  244.766442][ T8679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.766463][ T8679]  ? __pfx__printk+0x10/0x10
[  244.766483][ T8679]  ? __might_fault+0xb0/0x130
[  244.766516][ T8679]  should_fail_ex+0x414/0x560
[  244.766548][ T8679]  _copy_from_user+0x2d/0xb0
[  244.766576][ T8679]  snd_seq_event_dup+0x467/0x780
[  244.766617][ T8679]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  244.766653][ T8679]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  244.766692][ T8679]  snd_seq_write+0x5c2/0x810
[  244.766725][ T8679]  ? __pfx_snd_seq_write+0x10/0x10
[  244.766744][ T8679]  ? bpf_lsm_file_permission+0x9/0x20
[  244.766761][ T8679]  ? security_file_permission+0x75/0x290
[  244.766789][ T8679]  ? rw_verify_area+0x258/0x650
[  244.766819][ T8679]  ? __pfx_snd_seq_write+0x10/0x10
[  244.766840][ T8679]  vfs_write+0x27b/0xa90
[  244.766872][ T8679]  ? __pfx_vfs_write+0x10/0x10
[  244.766896][ T8679]  ? __fget_files+0x2a/0x420
[  244.766922][ T8679]  ? __fget_files+0x2a/0x420
[  244.766945][ T8679]  ? __fget_files+0x3a0/0x420
[  244.766968][ T8679]  ? __fget_files+0x2a/0x420
[  244.767003][ T8679]  ksys_write+0x145/0x250
[  244.767028][ T8679]  ? __pfx_ksys_write+0x10/0x10
[  244.767046][ T8679]  ? rcu_is_watching+0x15/0xb0
[  244.767071][ T8679]  ? do_syscall_64+0xbe/0x3b0
[  244.767098][ T8679]  do_syscall_64+0xfa/0x3b0
[  244.767117][ T8679]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.767139][ T8679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.767157][ T8679]  ? clear_bhb_loop+0x60/0xb0
[  244.767180][ T8679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.767198][ T8679] RIP: 0033:0x7ffad978e929
[  244.767217][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.767232][ T8679] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  244.767254][ T8679] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  244.767269][ T8679] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  244.767281][ T8679] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  244.767293][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  244.767305][ T8679] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  244.767336][ T8679]  </TASK>
[  245.148693][    T9] usb 3-1: 0:2 : does not exist
[  245.250614][    T9] usb 3-1: USB disconnect, device number 57
[  245.396955][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  246.102356][ T8696] /dev/rnullb0: Can't open blockdev
[  246.298612][ T8700] /dev/rnullb0: Can't open blockdev
[  246.321933][ T8702] loop6: detected capacity change from 0 to 7
[  246.333344][ T5845] Dev loop6: unable to read RDB block 7
[  246.344852][ T5845]  loop6: AHDI p3 p4
[  246.355201][ T5845] loop6: partition table partially beyond EOD, truncated
[  246.371198][ T5845] loop6: p3 start 1886353253 is beyond EOD, truncated
[  246.410765][ T8702] Dev loop6: unable to read RDB block 7
[  246.426039][ T8702]  loop6: AHDI p3 p4
[  246.431952][ T8702] loop6: partition table partially beyond EOD, truncated
[  246.435340][ T8704] FAULT_INJECTION: forcing a failure.
[  246.435340][ T8704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.453812][ T8702] loop6: p3 start 1886353253 is beyond EOD, truncated
[  246.464125][ T8704] CPU: 1 UID: 0 PID: 8704 Comm: syz.1.960 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  246.464150][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.464161][ T8704] Call Trace:
[  246.464169][ T8704]  <TASK>
[  246.464178][ T8704]  dump_stack_lvl+0x189/0x250
[  246.464206][ T8704]  ? __pfx____ratelimit+0x10/0x10
[  246.464230][ T8704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.464251][ T8704]  ? __pfx__printk+0x10/0x10
[  246.464274][ T8704]  ? __might_fault+0xb0/0x130
[  246.464309][ T8704]  should_fail_ex+0x414/0x560
[  246.464343][ T8704]  _copy_from_user+0x2d/0xb0
[  246.464371][ T8704]  snd_seq_event_dup+0x467/0x780
[  246.464413][ T8704]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  246.464449][ T8704]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  246.464490][ T8704]  snd_seq_write+0x5c2/0x810
[  246.464524][ T8704]  ? __pfx_snd_seq_write+0x10/0x10
[  246.464546][ T8704]  ? bpf_lsm_file_permission+0x9/0x20
[  246.464561][ T8704]  ? security_file_permission+0x75/0x290
[  246.464586][ T8704]  ? rw_verify_area+0x258/0x650
[  246.464604][ T8704]  ? __pfx_snd_seq_write+0x10/0x10
[  246.464624][ T8704]  vfs_write+0x27b/0xa90
[  246.464657][ T8704]  ? __pfx_vfs_write+0x10/0x10
[  246.464682][ T8704]  ? __fget_files+0x2a/0x420
[  246.464712][ T8704]  ? __fget_files+0x2a/0x420
[  246.464737][ T8704]  ? __fget_files+0x3a0/0x420
[  246.464761][ T8704]  ? __fget_files+0x2a/0x420
[  246.464795][ T8704]  ksys_write+0x145/0x250
[  246.464820][ T8704]  ? __pfx_ksys_write+0x10/0x10
[  246.464849][ T8704]  ? rcu_is_watching+0x15/0xb0
[  246.464876][ T8704]  ? do_syscall_64+0xbe/0x3b0
[  246.464906][ T8704]  do_syscall_64+0xfa/0x3b0
[  246.464928][ T8704]  ? lockdep_hardirqs_on+0x9c/0x150
[  246.464949][ T8704]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.464968][ T8704]  ? clear_bhb_loop+0x60/0xb0
[  246.464991][ T8704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.465008][ T8704] RIP: 0033:0x7fc1f1d8e929
[  246.465025][ T8704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.465046][ T8704] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  246.465067][ T8704] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  246.465081][ T8704] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  246.465093][ T8704] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  246.465104][ T8704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  246.465116][ T8704] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  246.465149][ T8704]  </TASK>
[  247.145094][ T8706] /dev/rnullb0: Can't open blockdev
[  247.325303][ T8717] program syz.2.965 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.427147][ T8722] /dev/rnullb0: Can't open blockdev
[  247.542140][ T8725] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  247.559505][ T8725] /dev/rnullb0: Can't open blockdev
[  247.756716][ T8729] loop6: detected capacity change from 0 to 7
[  247.785113][ T5845] Dev loop6: unable to read RDB block 7
[  247.791391][ T5845]  loop6: AHDI p3 p4
[  247.797278][ T5845] loop6: partition table partially beyond EOD, truncated
[  247.806369][ T5845] loop6: p3 start 1886353253 is beyond EOD, truncated
[  247.818892][ T8731] FAULT_INJECTION: forcing a failure.
[  247.818892][ T8731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.838415][ T8731] CPU: 1 UID: 0 PID: 8731 Comm: syz.1.970 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  247.838443][ T8731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.838454][ T8731] Call Trace:
[  247.838462][ T8731]  <TASK>
[  247.838471][ T8731]  dump_stack_lvl+0x189/0x250
[  247.838496][ T8731]  ? __pfx____ratelimit+0x10/0x10
[  247.838517][ T8731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.838537][ T8731]  ? __pfx__printk+0x10/0x10
[  247.838555][ T8731]  ? __might_fault+0xb0/0x130
[  247.838581][ T8731]  should_fail_ex+0x414/0x560
[  247.838608][ T8731]  _copy_from_user+0x2d/0xb0
[  247.838631][ T8731]  snd_seq_event_dup+0x467/0x780
[  247.838662][ T8731]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  247.838690][ T8731]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  247.838720][ T8731]  snd_seq_write+0x5c2/0x810
[  247.838750][ T8731]  ? __pfx_snd_seq_write+0x10/0x10
[  247.838775][ T8731]  ? bpf_lsm_file_permission+0x9/0x20
[  247.838789][ T8731]  ? security_file_permission+0x75/0x290
[  247.838811][ T8731]  ? rw_verify_area+0x258/0x650
[  247.838828][ T8731]  ? __pfx_snd_seq_write+0x10/0x10
[  247.838843][ T8731]  vfs_write+0x27b/0xa90
[  247.838868][ T8731]  ? __pfx_vfs_write+0x10/0x10
[  247.838887][ T8731]  ? __fget_files+0x2a/0x420
[  247.838909][ T8731]  ? __fget_files+0x2a/0x420
[  247.838927][ T8731]  ? __fget_files+0x3a0/0x420
[  247.838946][ T8731]  ? __fget_files+0x2a/0x420
[  247.838975][ T8731]  ksys_write+0x145/0x250
[  247.838995][ T8731]  ? __pfx_ksys_write+0x10/0x10
[  247.839010][ T8731]  ? rcu_is_watching+0x15/0xb0
[  247.839029][ T8731]  ? do_syscall_64+0xbe/0x3b0
[  247.839051][ T8731]  do_syscall_64+0xfa/0x3b0
[  247.839068][ T8731]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.839086][ T8731]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.839100][ T8731]  ? clear_bhb_loop+0x60/0xb0
[  247.839118][ T8731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.839132][ T8731] RIP: 0033:0x7fc1f1d8e929
[  247.839146][ T8731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.839160][ T8731] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  247.839180][ T8731] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  247.839191][ T8731] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  247.839200][ T8731] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  247.839209][ T8731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.839218][ T8731] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  247.839242][ T8731]  </TASK>
[  247.943994][ T8729] Dev loop6: unable to read RDB block 7
[  248.122274][ T5957] usb 1-1: USB disconnect, device number 46
[  248.128571][ T8729]  loop6: AHDI p3 p4
[  248.137429][ T8729] loop6: partition table partially beyond EOD, truncated
[  248.156476][ T8729] loop6: p3 start 1886353253 is beyond EOD, truncated
[  248.444437][ T8736] pimreg: left allmulticast mode
[  248.951653][    T9] usb 2-1: new low-speed USB device number 38 using dummy_hcd
[  249.101412][ T1212] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  249.132866][    T9] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  249.149218][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.172484][    T9] usb 2-1: config 0 descriptor??
[  249.214300][ T8764] loop6: detected capacity change from 0 to 7
[  249.221667][ T8764] Dev loop6: unable to read RDB block 7
[  249.228288][ T8764]  loop6: AHDI p3 p4
[  249.232883][ T8764] loop6: partition table partially beyond EOD, truncated
[  249.240958][ T8764] loop6: p3 start 1886353253 is beyond EOD, truncated
[  249.282786][ T1212] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.310827][ T1212] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.336438][ T1212] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  249.367514][ T1212] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.378459][ T1212] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.380755][ T8766] FAULT_INJECTION: forcing a failure.
[  249.380755][ T8766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.393864][ T1212] usb 1-1: config 0 descriptor??
[  249.406663][ T8766] CPU: 0 UID: 0 PID: 8766 Comm: syz.3.982 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  249.406689][ T8766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  249.406701][ T8766] Call Trace:
[  249.406709][ T8766]  <TASK>
[  249.406718][ T8766]  dump_stack_lvl+0x189/0x250
[  249.406746][ T8766]  ? __pfx____ratelimit+0x10/0x10
[  249.406772][ T8766]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.406802][ T8766]  ? __pfx__printk+0x10/0x10
[  249.406824][ T8766]  ? __might_fault+0xb0/0x130
[  249.406859][ T8766]  should_fail_ex+0x414/0x560
[  249.406893][ T8766]  _copy_from_user+0x2d/0xb0
[  249.406921][ T8766]  snd_seq_event_dup+0x467/0x780
[  249.406963][ T8766]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  249.407000][ T8766]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  249.407038][ T8766]  snd_seq_write+0x5c2/0x810
[  249.407073][ T8766]  ? __pfx_snd_seq_write+0x10/0x10
[  249.407094][ T8766]  ? bpf_lsm_file_permission+0x9/0x20
[  249.407112][ T8766]  ? security_file_permission+0x75/0x290
[  249.407140][ T8766]  ? rw_verify_area+0x258/0x650
[  249.407162][ T8766]  ? __pfx_snd_seq_write+0x10/0x10
[  249.407182][ T8766]  vfs_write+0x27b/0xa90
[  249.407215][ T8766]  ? __pfx_vfs_write+0x10/0x10
[  249.407238][ T8766]  ? __fget_files+0x2a/0x420
[  249.407268][ T8766]  ? __fget_files+0x2a/0x420
[  249.407291][ T8766]  ? __fget_files+0x3a0/0x420
[  249.407312][ T8766]  ? __fget_files+0x2a/0x420
[  249.407346][ T8766]  ksys_write+0x145/0x250
[  249.407372][ T8766]  ? __pfx_ksys_write+0x10/0x10
[  249.407392][ T8766]  ? rcu_is_watching+0x15/0xb0
[  249.407417][ T8766]  ? do_syscall_64+0xbe/0x3b0
[  249.407445][ T8766]  do_syscall_64+0xfa/0x3b0
[  249.407465][ T8766]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.407486][ T8766]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.407505][ T8766]  ? clear_bhb_loop+0x60/0xb0
[  249.407529][ T8766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.407545][ T8766] RIP: 0033:0x7ffad978e929
[  249.407563][ T8766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.407579][ T8766] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  249.407600][ T8766] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  249.407613][ T8766] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  249.407626][ T8766] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  249.407637][ T8766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  249.407648][ T8766] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  249.407680][ T8766]  </TASK>
[  249.678631][   T10] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  249.857476][   T10] usb 3-1: Using ep0 maxpacket: 32
[  249.880628][   T10] usb 3-1: config 0 has no interfaces?
[  249.888601][   T10] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  249.899445][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.908031][   T10] usb 3-1: Product: syz
[  249.914708][   T10] usb 3-1: Manufacturer: syz
[  249.919459][   T10] usb 3-1: SerialNumber: syz
[  249.933851][   T10] usb 3-1: config 0 descriptor??
[  250.156135][ T1212] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  250.338402][ T8778] /dev/rnullb0: Can't open blockdev
[  250.524307][ T8782] netlink: 36 bytes leftover after parsing attributes in process `syz.0.977'.
[  250.736572][ T8772] usb 1-1: USB disconnect, device number 47
[  250.977200][ T8791] FAULT_INJECTION: forcing a failure.
[  250.977200][ T8791] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.998006][ T8791] CPU: 1 UID: 0 PID: 8791 Comm: syz.3.991 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  250.998036][ T8791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.998047][ T8791] Call Trace:
[  250.998055][ T8791]  <TASK>
[  250.998064][ T8791]  dump_stack_lvl+0x189/0x250
[  250.998092][ T8791]  ? __pfx____ratelimit+0x10/0x10
[  250.998117][ T8791]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.998137][ T8791]  ? __pfx__printk+0x10/0x10
[  250.998160][ T8791]  ? __might_fault+0xb0/0x130
[  250.998195][ T8791]  should_fail_ex+0x414/0x560
[  250.998230][ T8791]  _copy_from_user+0x2d/0xb0
[  250.998259][ T8791]  snd_seq_event_dup+0x467/0x780
[  250.998299][ T8791]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  250.998335][ T8791]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  250.998376][ T8791]  snd_seq_write+0x5c2/0x810
[  250.998411][ T8791]  ? __pfx_snd_seq_write+0x10/0x10
[  250.998431][ T8791]  ? bpf_lsm_file_permission+0x9/0x20
[  250.998448][ T8791]  ? security_file_permission+0x75/0x290
[  250.998476][ T8791]  ? rw_verify_area+0x258/0x650
[  250.998498][ T8791]  ? __pfx_snd_seq_write+0x10/0x10
[  250.998519][ T8791]  vfs_write+0x27b/0xa90
[  250.998552][ T8791]  ? __pfx_vfs_write+0x10/0x10
[  250.998576][ T8791]  ? __fget_files+0x2a/0x420
[  250.998604][ T8791]  ? __fget_files+0x2a/0x420
[  250.998628][ T8791]  ? __fget_files+0x3a0/0x420
[  250.998651][ T8791]  ? __fget_files+0x2a/0x420
[  250.998685][ T8791]  ksys_write+0x145/0x250
[  250.998711][ T8791]  ? __pfx_ksys_write+0x10/0x10
[  250.998737][ T8791]  ? rcu_is_watching+0x15/0xb0
[  250.998763][ T8791]  ? do_syscall_64+0xbe/0x3b0
[  250.998792][ T8791]  do_syscall_64+0xfa/0x3b0
[  250.998814][ T8791]  ? lockdep_hardirqs_on+0x9c/0x150
[  250.998837][ T8791]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.998856][ T8791]  ? clear_bhb_loop+0x60/0xb0
[  250.998878][ T8791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.998895][ T8791] RIP: 0033:0x7ffad978e929
[  250.998912][ T8791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.998928][ T8791] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  250.998949][ T8791] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  250.998963][ T8791] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  250.998976][ T8791] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  250.998988][ T8791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  250.998999][ T8791] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  250.999031][ T8791]  </TASK>
[  251.261304][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.354156][ T3576] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  251.508445][ T8746] /dev/rnullb0: Can't open blockdev
[  251.515130][    T9] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  251.526055][    T9] asix 2-1:0.0: probe with driver asix failed with error -71
[  251.577157][    T9] usb 2-1: USB disconnect, device number 38
[  251.692007][ T8804] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  251.833420][ T8811] /dev/rnullb0: Can't open blockdev
[  252.027597][ T5908] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  252.149928][ T8820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1001'.
[  252.211785][ T5908] usb 1-1: unable to get BOS descriptor or descriptor too short
[  252.241220][ T5908] usb 1-1: config 3 has an invalid interface number: 24 but max is 0
[  252.260859][ T5908] usb 1-1: config 3 has no interface number 0
[  252.276420][ T5908] usb 1-1: config 3 interface 24 altsetting 4 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  252.289129][ T5908] usb 1-1: config 3 interface 24 has no altsetting 0
[  252.307816][ T5908] usb 1-1: New USB device found, idVendor=0b57, idProduct=b2eb, bcdDevice=36.b7
[  252.324252][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.332758][ T5908] usb 1-1: Product: syz
[  252.337079][ T5908] usb 1-1: Manufacturer: syz
[  252.344902][ T5908] usb 1-1: SerialNumber: syz
[  252.824424][ T8830] /dev/rnullb0: Can't open blockdev
[  252.911756][ T5908] usbhid 1-1:3.24: couldn't find an input interrupt endpoint
[  252.934127][ T5908] usb 1-1: USB disconnect, device number 48
[  253.564291][ T8772] usb 3-1: USB disconnect, device number 58
[  253.648117][ T8836] /dev/rnullb0: Can't open blockdev
[  253.983510][ T8845] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  254.112526][ T8772] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  254.242764][ T8855] Bluetooth: MGMT ver 1.23
[  254.272689][ T8772] usb 3-1: Using ep0 maxpacket: 16
[  254.296357][ T8772] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  254.315382][ T8772] usb 3-1: config 0 has no interface number 0
[  254.325215][ T8772] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  254.342075][ T8772] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.358174][ T8772] usb 3-1: Product: syz
[  254.369112][ T8772] usb 3-1: Manufacturer: syz
[  254.379558][ T8772] usb 3-1: SerialNumber: syz
[  254.404897][ T8772] usb 3-1: config 0 descriptor??
[  254.528559][ T8860] FAULT_INJECTION: forcing a failure.
[  254.528559][ T8860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.542067][ T8860] CPU: 0 UID: 0 PID: 8860 Comm: syz.0.1015 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  254.542101][ T8860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.542113][ T8860] Call Trace:
[  254.542121][ T8860]  <TASK>
[  254.542130][ T8860]  dump_stack_lvl+0x189/0x250
[  254.542157][ T8860]  ? __pfx____ratelimit+0x10/0x10
[  254.542183][ T8860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.542204][ T8860]  ? __pfx__printk+0x10/0x10
[  254.542226][ T8860]  ? __might_fault+0xb0/0x130
[  254.542261][ T8860]  should_fail_ex+0x414/0x560
[  254.542297][ T8860]  _copy_from_user+0x2d/0xb0
[  254.542326][ T8860]  snd_seq_event_dup+0x467/0x780
[  254.542365][ T8860]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  254.542398][ T8860]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  254.542438][ T8860]  snd_seq_write+0x5c2/0x810
[  254.542472][ T8860]  ? __pfx_snd_seq_write+0x10/0x10
[  254.542494][ T8860]  ? bpf_lsm_file_permission+0x9/0x20
[  254.542512][ T8860]  ? security_file_permission+0x75/0x290
[  254.542542][ T8860]  ? rw_verify_area+0x258/0x650
[  254.542564][ T8860]  ? __pfx_snd_seq_write+0x10/0x10
[  254.542585][ T8860]  vfs_write+0x27b/0xa90
[  254.542619][ T8860]  ? __pfx_vfs_write+0x10/0x10
[  254.542644][ T8860]  ? __fget_files+0x2a/0x420
[  254.542674][ T8860]  ? __fget_files+0x2a/0x420
[  254.542705][ T8860]  ? __fget_files+0x3a0/0x420
[  254.542730][ T8860]  ? __fget_files+0x2a/0x420
[  254.542767][ T8860]  ksys_write+0x145/0x250
[  254.542793][ T8860]  ? __pfx_ksys_write+0x10/0x10
[  254.542813][ T8860]  ? rcu_is_watching+0x15/0xb0
[  254.542839][ T8860]  ? do_syscall_64+0xbe/0x3b0
[  254.542869][ T8860]  do_syscall_64+0xfa/0x3b0
[  254.542892][ T8860]  ? lockdep_hardirqs_on+0x9c/0x150
[  254.542915][ T8860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.542934][ T8860]  ? clear_bhb_loop+0x60/0xb0
[  254.542973][ T8860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.543000][ T8860] RIP: 0033:0x7f9f6dd8e929
[  254.543026][ T8860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.543050][ T8860] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  254.543073][ T8860] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  254.543087][ T8860] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  254.543100][ T8860] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  254.543113][ T8860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.543125][ T8860] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  254.543158][ T8860]  </TASK>
[  254.829430][ T8840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.838590][ T8840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.082827][ T8772] usb 3-1: selecting invalid altsetting 1
[  255.092360][ T8772] speedtch 3-1:0.1: speedtch_bind: setting interface to  1 failed (-22)!
[  255.101438][ T8772] speedtch 3-1:0.1: usbatm_usb_probe: bind failed: -22!
[  255.108955][ T8772] speedtch 3-1:0.1: probe with driver speedtch failed with error -22
[  255.121075][ T8867] netlink: 'syz.0.1017': attribute type 16 has an invalid length.
[  255.134787][ T8772] usb 3-1: USB disconnect, device number 59
[  255.169309][ T8867] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1017'.
[  255.480838][ T8772] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  255.662602][ T8772] usb 3-1: Using ep0 maxpacket: 32
[  255.676101][ T8772] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.691475][ T8772] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  255.720319][ T8772] usb 3-1: config 0 interface 0 has no altsetting 0
[  255.733945][ T8772] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  255.743359][ T8772] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.760793][ T8772] usb 3-1: config 0 descriptor??
[  255.824188][ T8878] /dev/rnullb0: Can't open blockdev
[  255.940366][ T5908] usb 1-1: new full-speed USB device number 49 using dummy_hcd
[  256.116155][ T5908] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  256.129261][ T5908] usb 1-1: config 0 has no interface number 0
[  256.138973][ T5908] usb 1-1: config 0 interface 41 has no altsetting 0
[  256.162679][ T5908] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  256.175199][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.186486][ T5908] usb 1-1: Product: syz
[  256.190702][ T5908] usb 1-1: Manufacturer: syz
[  256.195487][ T5908] usb 1-1: SerialNumber: syz
[  256.208364][ T5908] usb 1-1: config 0 descriptor??
[  256.210532][ T8772] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0
[  256.240563][ T8772] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0
[  256.255387][ T8772] hid-thrustmaster 0003:044F:B65D.0006: item fetching failed at offset 2/5
[  256.266664][ T8772] hid-thrustmaster 0003:044F:B65D.0006: parse failed with error -22
[  256.277341][ T8772] hid-thrustmaster 0003:044F:B65D.0006: probe with driver hid-thrustmaster failed with error -22
[  256.439186][ T8840] /dev/rnullb0: Can't open blockdev
[  256.453303][ T5957] usb 3-1: USB disconnect, device number 60
[  256.959448][ T8894] overlay: ./file0 is not a directory
[  257.091253][ T5908] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  257.276909][ T5957] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  257.310864][ T8906] /dev/rnullb0: Can't open blockdev
[  257.324614][ T8874] syz.0.1020: attempt to access beyond end of device
[  257.324614][ T8874] md0: rw=2048, sector=2, nr_sectors = 1 limit=0
[  257.340135][ T5908] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  257.368158][ T5908] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  257.386999][ T5908] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  257.405148][ T5908] usb 1-1: USB disconnect, device number 49
[  257.460933][ T5957] usb 2-1: Using ep0 maxpacket: 16
[  257.478010][ T5957] usb 2-1: config 0 has an invalid interface number: 149 but max is 0
[  257.490673][ T5957] usb 2-1: config 0 has no interface number 0
[  257.497362][ T5957] usb 2-1: config 0 interface 149 altsetting 0 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  257.509034][ T5957] usb 2-1: config 0 interface 149 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  257.523199][ T5957] usb 2-1: New USB device found, idVendor=06f8, idProduct=0001, bcdDevice=7d.3b
[  257.532454][ T5957] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.540830][ T5957] usb 2-1: Product: syz
[  257.545524][ T5957] usb 2-1: Manufacturer: syz
[  257.550153][ T5957] usb 2-1: SerialNumber: syz
[  257.566593][ T5957] usb 2-1: config 0 descriptor??
[  257.855187][ T5957] usb 2-1: USB disconnect, device number 39
[  257.948332][ T8929] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  257.960520][ T8929] /dev/rnullb0: Can't open blockdev
[  257.991463][ T8931] /dev/rnullb0: Can't open blockdev
[  258.844140][ T8944] /dev/rnullb0: Can't open blockdev
[  259.233759][ T5908] usb 2-1: new full-speed USB device number 40 using dummy_hcd
[  259.253124][ T8959] FAULT_INJECTION: forcing a failure.
[  259.253124][ T8959] name failslab, interval 1, probability 0, space 0, times 0
[  259.282430][ T8959] CPU: 1 UID: 0 PID: 8959 Comm: syz.0.1048 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  259.282461][ T8959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.282473][ T8959] Call Trace:
[  259.282481][ T8959]  <TASK>
[  259.282490][ T8959]  dump_stack_lvl+0x189/0x250
[  259.282518][ T8959]  ? __pfx____ratelimit+0x10/0x10
[  259.282543][ T8959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.282565][ T8959]  ? __pfx__printk+0x10/0x10
[  259.282594][ T8959]  ? __pfx___might_resched+0x10/0x10
[  259.282610][ T8959]  ? fs_reclaim_acquire+0x7d/0x100
[  259.282639][ T8959]  should_fail_ex+0x414/0x560
[  259.282674][ T8959]  should_failslab+0xa8/0x100
[  259.282699][ T8959]  kmem_cache_alloc_noprof+0x73/0x3c0
[  259.282720][ T8959]  ? ptlock_alloc+0x20/0x70
[  259.282745][ T8959]  ptlock_alloc+0x20/0x70
[  259.282766][ T8959]  pte_alloc_one+0x7d/0x170
[  259.282788][ T8959]  __handle_mm_fault+0x2795/0x5440
[  259.282825][ T8959]  ? __pfx___handle_mm_fault+0x10/0x10
[  259.282861][ T8959]  ? follow_page_pte+0xd03/0x13e0
[  259.282885][ T8959]  ? __pfx___might_resched+0x10/0x10
[  259.282907][ T8959]  handle_mm_fault+0x40a/0x8e0
[  259.282940][ T8959]  __get_user_pages+0x1699/0x2ce0
[  259.282999][ T8959]  populate_vma_page_range+0x29f/0x3a0
[  259.283022][ T8959]  ? __pfx_populate_vma_page_range+0x10/0x10
[  259.283038][ T8959]  ? apply_vma_lock_flags+0x344/0x3c0
[  259.283070][ T8959]  ? down_read+0x1ad/0x2e0
[  259.283099][ T8959]  __mm_populate+0x24c/0x380
[  259.283120][ T8959]  ? __pfx___mm_populate+0x10/0x10
[  259.283147][ T8959]  ? up_write+0x1c4/0x420
[  259.283174][ T8959]  do_mlock+0x625/0x740
[  259.283212][ T8959]  ? __pfx_do_mlock+0x10/0x10
[  259.283239][ T8959]  ? fput+0xa0/0xd0
[  259.283255][ T8959]  ? ksys_write+0x22a/0x250
[  259.283280][ T8959]  ? __pfx_ksys_write+0x10/0x10
[  259.283300][ T8959]  ? rcu_is_watching+0x15/0xb0
[  259.283328][ T8959]  __x64_sys_mlock2+0xac/0xd0
[  259.283357][ T8959]  do_syscall_64+0xfa/0x3b0
[  259.283388][ T8959]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.283410][ T8959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.283428][ T8959]  ? clear_bhb_loop+0x60/0xb0
[  259.283451][ T8959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.283467][ T8959] RIP: 0033:0x7f9f6dd8e929
[  259.283485][ T8959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.283501][ T8959] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  259.283522][ T8959] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  259.283537][ T8959] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  259.283550][ T8959] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  259.283562][ T8959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  259.283574][ T8959] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  259.283606][ T8959]  </TASK>
[  259.571389][    C1] vkms_vblank_simulate: vblank timer overrun
[  259.625184][ T8962] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1049'.
[  259.767614][ T5908] usb 2-1: device descriptor read/64, error -71
[  259.978035][ T8969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1050'.
[  260.174117][ T8976] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1053'.
[  260.281294][ T5947] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  260.451775][ T5947] usb 1-1: Using ep0 maxpacket: 32
[  260.459106][ T5947] usb 1-1: config 0 has an invalid interface number: 37 but max is 0
[  260.467802][ T5947] usb 1-1: config 0 has no interface number 0
[  260.474196][ T5947] usb 1-1: config 0 interface 37 has no altsetting 0
[  260.496401][ T5947] usb 1-1: New USB device found, idVendor=07b8, idProduct=401a, bcdDevice=10.8f
[  260.506166][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.514201][ T5947] usb 1-1: Product: syz
[  260.527057][ T5947] usb 1-1: Manufacturer: syz
[  260.531704][ T5947] usb 1-1: SerialNumber: syz
[  260.552190][ T5947] usb 1-1: config 0 descriptor??
[  260.571747][ T5947] rtl8150 1-1:0.37: couldn't find required endpoints
[  260.578801][ T5947] rtl8150 1-1:0.37: probe with driver rtl8150 failed with error -5
[  260.668563][ T8987] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  260.799257][ T8772] usb 1-1: USB disconnect, device number 50
[  260.848202][ T8991] tipc: Started in network mode
[  260.853133][ T8991] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  260.872344][ T8991] tipc: Enabled bearer <udp:s>, priority 10
[  260.882181][ T8991] /dev/rnullb0: Can't open blockdev
[  260.911999][ T8993] FAULT_INJECTION: forcing a failure.
[  260.911999][ T8993] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  260.927424][ T8993] CPU: 0 UID: 0 PID: 8993 Comm: syz.2.1059 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  260.927457][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  260.927468][ T8993] Call Trace:
[  260.927476][ T8993]  <TASK>
[  260.927484][ T8993]  dump_stack_lvl+0x189/0x250
[  260.927511][ T8993]  ? __pfx____ratelimit+0x10/0x10
[  260.927536][ T8993]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.927557][ T8993]  ? __pfx__printk+0x10/0x10
[  260.927581][ T8993]  ? fs_reclaim_acquire+0x7d/0x100
[  260.927613][ T8993]  should_fail_ex+0x414/0x560
[  260.927646][ T8993]  prepare_alloc_pages+0x213/0x610
[  260.927680][ T8993]  __alloc_frozen_pages_noprof+0x123/0x370
[  260.927712][ T8993]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  260.927750][ T8993]  ? policy_nodemask+0x27c/0x720
[  260.927769][ T8993]  ? __lock_acquire+0xab9/0xd20
[  260.927801][ T8993]  alloc_pages_mpol+0x232/0x4a0
[  260.927830][ T8993]  vma_alloc_folio_noprof+0xe4/0x200
[  260.927852][ T8993]  ? page_table_check_set+0x18d/0x730
[  260.927875][ T8993]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  260.927912][ T8993]  folio_prealloc+0x30/0x180
[  260.927937][ T8993]  __handle_mm_fault+0x2ab9/0x5440
[  260.927977][ T8993]  ? __pfx___handle_mm_fault+0x10/0x10
[  260.928014][ T8993]  ? follow_page_pte+0x7ef/0x13e0
[  260.928045][ T8993]  handle_mm_fault+0x40a/0x8e0
[  260.928078][ T8993]  __get_user_pages+0x1699/0x2ce0
[  260.928138][ T8993]  populate_vma_page_range+0x29f/0x3a0
[  260.928160][ T8993]  ? __pfx_populate_vma_page_range+0x10/0x10
[  260.928176][ T8993]  ? apply_vma_lock_flags+0x344/0x3c0
[  260.928209][ T8993]  ? down_read+0x1ad/0x2e0
[  260.928235][ T8993]  __mm_populate+0x24c/0x380
[  260.928257][ T8993]  ? __pfx___mm_populate+0x10/0x10
[  260.928278][ T8993]  ? up_write+0x1c4/0x420
[  260.928306][ T8993]  do_mlock+0x625/0x740
[  260.928344][ T8993]  ? __pfx_do_mlock+0x10/0x10
[  260.928380][ T8993]  ? fput+0xa0/0xd0
[  260.928399][ T8993]  ? ksys_write+0x22a/0x250
[  260.928425][ T8993]  ? __pfx_ksys_write+0x10/0x10
[  260.928443][ T8993]  ? rcu_is_watching+0x15/0xb0
[  260.928471][ T8993]  __x64_sys_mlock2+0xac/0xd0
[  260.928499][ T8993]  do_syscall_64+0xfa/0x3b0
[  260.928524][ T8993]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.928542][ T8993]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  260.928561][ T8993]  ? clear_bhb_loop+0x60/0xb0
[  260.928582][ T8993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.928599][ T8993] RIP: 0033:0x7f7aea38e929
[  260.928617][ T8993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.928633][ T8993] RSP: 002b:00007f7aeb1ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  260.928655][ T8993] RAX: ffffffffffffffda RBX: 00007f7aea5b5fa0 RCX: 00007f7aea38e929
[  260.928669][ T8993] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  260.928682][ T8993] RBP: 00007f7aeb1ce090 R08: 0000000000000000 R09: 0000000000000000
[  260.928694][ T8993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  260.928706][ T8993] R13: 0000000000000000 R14: 00007f7aea5b5fa0 R15: 00007ffd8ccbeb68
[  260.928739][ T8993]  </TASK>
[  261.295835][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1060'.
[  261.474809][ T8997] /dev/rnullb0: Can't open blockdev
[  261.628772][ T9003] /dev/rnullb0: Can't open blockdev
[  261.705908][ T9008] program syz.3.1066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  261.851249][ T9017] FAULT_INJECTION: forcing a failure.
[  261.851249][ T9017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.893148][ T9017] CPU: 0 UID: 0 PID: 9017 Comm: syz.1.1068 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  261.893176][ T9017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  261.893188][ T9017] Call Trace:
[  261.893196][ T9017]  <TASK>
[  261.893205][ T9017]  dump_stack_lvl+0x189/0x250
[  261.893232][ T9017]  ? __pfx____ratelimit+0x10/0x10
[  261.893262][ T9017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.893283][ T9017]  ? __pfx__printk+0x10/0x10
[  261.893305][ T9017]  ? __might_fault+0xb0/0x130
[  261.893339][ T9017]  should_fail_ex+0x414/0x560
[  261.893374][ T9017]  _copy_from_user+0x2d/0xb0
[  261.893401][ T9017]  snd_seq_event_dup+0x467/0x780
[  261.893452][ T9017]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  261.893488][ T9017]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  261.893527][ T9017]  snd_seq_write+0x5c2/0x810
[  261.893561][ T9017]  ? __pfx_snd_seq_write+0x10/0x10
[  261.893583][ T9017]  ? bpf_lsm_file_permission+0x9/0x20
[  261.893601][ T9017]  ? security_file_permission+0x75/0x290
[  261.893630][ T9017]  ? rw_verify_area+0x258/0x650
[  261.893651][ T9017]  ? __pfx_snd_seq_write+0x10/0x10
[  261.893672][ T9017]  vfs_write+0x27b/0xa90
[  261.893704][ T9017]  ? __pfx_vfs_write+0x10/0x10
[  261.893728][ T9017]  ? __fget_files+0x2a/0x420
[  261.893754][ T9017]  ? __fget_files+0x2a/0x420
[  261.893777][ T9017]  ? __fget_files+0x3a0/0x420
[  261.893799][ T9017]  ? __fget_files+0x2a/0x420
[  261.893833][ T9017]  ksys_write+0x145/0x250
[  261.893859][ T9017]  ? __pfx_ksys_write+0x10/0x10
[  261.893878][ T9017]  ? rcu_is_watching+0x15/0xb0
[  261.893901][ T9017]  ? do_syscall_64+0xbe/0x3b0
[  261.893931][ T9017]  do_syscall_64+0xfa/0x3b0
[  261.893952][ T9017]  ? lockdep_hardirqs_on+0x9c/0x150
[  261.893974][ T9017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.893993][ T9017]  ? clear_bhb_loop+0x60/0xb0
[  261.894017][ T9017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.894035][ T9017] RIP: 0033:0x7fc1f1d8e929
[  261.894052][ T9017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.894068][ T9017] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  261.894090][ T9017] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  261.894105][ T9017] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  261.894117][ T9017] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  261.894129][ T9017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.894141][ T9017] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  261.894173][ T9017]  </TASK>
[  261.962362][ T5947] tipc: Node number set to 4269801488
[  262.354846][ T5850] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  262.515470][ T5850] usb 1-1: Using ep0 maxpacket: 32
[  262.521942][ T5947] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  262.532111][ T5850] usb 1-1: config 0 has no interfaces?
[  262.550155][ T5850] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  262.568784][ T5850] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.577264][ T5850] usb 1-1: Product: syz
[  262.608654][ T5850] usb 1-1: Manufacturer: syz
[  262.619443][ T5850] usb 1-1: SerialNumber: syz
[  262.659848][ T5850] usb 1-1: config 0 descriptor??
[  262.697694][ T5947] usb 2-1: Using ep0 maxpacket: 16
[  262.717507][ T5947] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  262.749645][ T5947] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  262.804144][ T5947] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  262.855644][ T5947] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  262.867192][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.880145][ T5947] usb 2-1: Product: syz
[  262.884343][ T5947] usb 2-1: Manufacturer: syz
[  262.957720][ T5947] usb 2-1: SerialNumber: syz
[  263.055734][ T9033] /dev/rnullb0: Can't open blockdev
[  263.435427][ T5947] usb 2-1: 0:2 : does not exist
[  263.441740][ T9037] /dev/rnullb0: Can't open blockdev
[  264.080557][ T9021] /dev/rnullb0: Can't open blockdev
[  264.127001][ T5947] usb 2-1: USB disconnect, device number 42
[  264.411127][ T9061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1083'.
[  264.492079][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  264.498700][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  264.574828][ T9065] /dev/rnullb0: Can't open blockdev
[  265.135081][ T9089] /dev/rnullb0: Can't open blockdev
[  265.358311][ T9099] /dev/rnullb0: Can't open blockdev
[  265.785200][ T9113] fuseblk: Bad value for 'user_id'
[  265.799160][ T9113] fuseblk: Bad value for 'user_id'
[  266.008478][ T9119] /dev/rnullb0: Can't open blockdev
[  266.289218][ T9130] /dev/rnullb0: Can't open blockdev
[  266.328283][   T43] usb 1-1: USB disconnect, device number 51
[  266.526649][ T9139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1108'.
[  266.561247][ T9139] /dev/rnullb0: Can't open blockdev
[  266.670089][ T9144] /dev/rnullb0: Can't open blockdev
[  266.800598][ T9149] /dev/rnullb0: Can't open blockdev
[  266.862570][ T9151] /dev/rnullb0: Can't open blockdev
[  267.005271][   T43] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  267.165505][   T43] usb 1-1: Using ep0 maxpacket: 32
[  267.172430][   T43] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  267.183511][ T5947] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  267.191160][   T43] usb 1-1: config 0 has no interface number 0
[  267.198729][ T8772] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  267.200337][   T43] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  267.215587][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.223678][   T43] usb 1-1: Product: syz
[  267.229129][   T43] usb 1-1: Manufacturer: syz
[  267.233941][   T43] usb 1-1: SerialNumber: syz
[  267.241351][   T43] usb 1-1: config 0 descriptor??
[  267.371039][ T8772] usb 2-1: unable to get BOS descriptor or descriptor too short
[  267.379317][ T5947] usb 3-1: Using ep0 maxpacket: 32
[  267.386191][ T8772] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  267.389801][ T5947] usb 3-1: config 0 has no interfaces?
[  267.395515][ T8772] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  267.411707][ T8772] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  267.419572][ T5947] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  267.421019][ T8772] usb 2-1: config 1 has no interface number 1
[  267.431140][ T5947] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.436814][ T8772] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  267.450828][ T5947] usb 3-1: Product: syz
[  267.461739][ T8772] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  267.463059][   T43] radio-si470x 1-1:0.35: this is not a si470x device.
[  267.471851][ T8772] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.478008][ T5947] usb 3-1: Manufacturer: syz
[  267.478033][ T5947] usb 3-1: SerialNumber: syz
[  267.487450][ T5947] usb 3-1: config 0 descriptor??
[  267.492332][ T8772] usb 2-1: Product: syz
[  267.506015][ T8772] usb 2-1: Manufacturer: syz
[  267.511121][ T8772] usb 2-1: SerialNumber: syz
[  267.685324][ T9147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.695705][ T9147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.705275][   T43] radio-raremono 1-1:0.35: this is not Thanko's Raremono.
[  267.726822][   T43] usb 1-1: USB disconnect, device number 52
[  268.784473][ T9170] /dev/rnullb0: Can't open blockdev
[  268.962887][ T9179] input: syz1 as /devices/virtual/input/input15
[  269.415013][ T9190] program syz.0.1123 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.554994][ T9200] /dev/rnullb0: Can't open blockdev
[  270.073565][   T43] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  270.133491][ T8772] usb 2-1: found format II with max.bitrate = 8, frame size=9
[  270.150592][ T8772] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  270.216566][ T8772] usb 2-1: USB disconnect, device number 43
[  270.245938][   T43] usb 1-1: Using ep0 maxpacket: 8
[  270.257472][   T43] usb 1-1: unable to get BOS descriptor or descriptor too short
[  270.277647][   T43] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  270.306740][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  270.329316][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  270.350319][ T9209] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  270.352608][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  270.368102][ T9209] /dev/rnullb0: Can't open blockdev
[  270.396827][   T43] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  270.423853][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  270.447486][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  270.471325][   T43] usb 1-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  270.480673][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.488783][   T43] usb 1-1: Product: syz
[  270.503927][   T43] usb 1-1: Manufacturer: syz
[  270.508585][   T43] usb 1-1: SerialNumber: syz
[  270.534302][   T43] usb 1-1: config 0 descriptor??
[  270.551539][ T9207] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  270.563778][   T43] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  270.769704][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  270.814947][ T8772] usb 1-1: USB disconnect, device number 53
[  270.944243][ T9213] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  271.016854][   T43] usb 3-1: USB disconnect, device number 61
[  271.367578][ T9225] random: crng reseeded on system resumption
[  271.513908][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'.
[  271.547622][ T9235] /dev/rnullb0: Can't open blockdev
[  271.590000][ T9236] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  271.597450][ T9236] /dev/rnullb0: Can't open blockdev
[  271.750509][ T9246] /dev/rnullb0: Can't open blockdev
[  271.870569][    T9] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  271.894568][ T9255] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  271.903050][ T9255] syzkaller0: entered promiscuous mode
[  271.908626][ T9255] syzkaller0: entered allmulticast mode
[  271.917554][ T9255] /dev/rnullb0: Can't open blockdev
[  272.053457][    T9] usb 1-1: Using ep0 maxpacket: 32
[  272.073909][    T9] usb 1-1: config 0 has no interfaces?
[  272.088174][    T9] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  272.101230][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.112057][    T9] usb 1-1: Product: syz
[  272.116507][    T9] usb 1-1: Manufacturer: syz
[  272.123918][    T9] usb 1-1: SerialNumber: syz
[  272.144853][    T9] usb 1-1: config 0 descriptor??
[  272.253977][ T9264] IPv4: Oversized IP packet from 127.202.26.0
[  272.268707][ T9264] /dev/rnullb0: Can't open blockdev
[  272.377350][ T9268] nfs: Bad value for 'source'
[  272.414025][ T9268] nfs: Bad value for 'source'
[  272.561264][ T9274] vlan1: entered promiscuous mode
[  272.572054][ T9274] vlan1: entered allmulticast mode
[  272.580926][ T9274] veth0_vlan: entered allmulticast mode
[  272.736195][ T9274] fuse: Unknown parameter '00000000000000000000012u��{8whmW'֯���'�FG�3Qd�2Y�Bdg�t�6UhoXa�l���t���������m+�2'
[  272.963924][ T9282] netlink: 5128 bytes leftover after parsing attributes in process `syz.1.1154'.
[  272.973503][ T9282] netlink: 5128 bytes leftover after parsing attributes in process `syz.1.1154'.
[  272.982822][ T9282] netlink: 584 bytes leftover after parsing attributes in process `syz.1.1154'.
[  273.248636][    T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  273.434510][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  273.444862][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  273.455325][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  273.464662][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  273.473704][    T9] usb 2-1: SerialNumber: syz
[  273.702000][ T9282] gfs2: gfs2 mount does not exist
[  273.723878][    T9] usb 2-1: 0:2 : does not exist
[  273.732015][    T9] usb 2-1: unit 255 not found!
[  273.760960][    T9] usb 2-1: USB disconnect, device number 44
[  273.791241][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  275.363940][ T9294] /dev/rnullb0: Can't open blockdev
[  275.376249][ T5850] IPVS: starting estimator thread 0...
[  275.412493][ T5850] usb 1-1: USB disconnect, device number 54
[  275.482971][ T9296] IPVS: using max 28 ests per chain, 67200 per kthread
[  275.892303][ T9323] FAULT_INJECTION: forcing a failure.
[  275.892303][ T9323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.917231][ T9329] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  275.933048][ T9323] CPU: 1 UID: 0 PID: 9323 Comm: syz.3.1168 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  275.933078][ T9323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.933090][ T9323] Call Trace:
[  275.933099][ T9323]  <TASK>
[  275.933107][ T9323]  dump_stack_lvl+0x189/0x250
[  275.933136][ T9323]  ? __pfx____ratelimit+0x10/0x10
[  275.933160][ T9323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.933183][ T9323]  ? __pfx__printk+0x10/0x10
[  275.933206][ T9323]  ? __might_fault+0xb0/0x130
[  275.933236][ T9323]  should_fail_ex+0x414/0x560
[  275.933271][ T9323]  _copy_from_user+0x2d/0xb0
[  275.933301][ T9323]  snd_seq_event_dup+0x467/0x780
[  275.933343][ T9323]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  275.933380][ T9323]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  275.933420][ T9323]  snd_seq_write+0x5c2/0x810
[  275.933452][ T9323]  ? __pfx_snd_seq_write+0x10/0x10
[  275.933484][ T9323]  ? bpf_lsm_file_permission+0x9/0x20
[  275.933502][ T9323]  ? security_file_permission+0x75/0x290
[  275.933531][ T9323]  ? rw_verify_area+0x258/0x650
[  275.933553][ T9323]  ? __pfx_snd_seq_write+0x10/0x10
[  275.933575][ T9323]  vfs_write+0x27b/0xa90
[  275.933608][ T9323]  ? __pfx_vfs_write+0x10/0x10
[  275.933633][ T9323]  ? __fget_files+0x2a/0x420
[  275.933660][ T9323]  ? __fget_files+0x2a/0x420
[  275.933682][ T9323]  ? __fget_files+0x3a0/0x420
[  275.933705][ T9323]  ? __fget_files+0x2a/0x420
[  275.933740][ T9323]  ksys_write+0x145/0x250
[  275.933765][ T9323]  ? __pfx_ksys_write+0x10/0x10
[  275.933785][ T9323]  ? rcu_is_watching+0x15/0xb0
[  275.933811][ T9323]  ? do_syscall_64+0xbe/0x3b0
[  275.933838][ T9323]  do_syscall_64+0xfa/0x3b0
[  275.933860][ T9323]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.933881][ T9323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.933900][ T9323]  ? clear_bhb_loop+0x60/0xb0
[  275.933923][ T9323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.933942][ T9323] RIP: 0033:0x7ffad978e929
[  275.933960][ T9323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.933976][ T9323] RSP: 002b:00007ffada6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  275.933997][ T9323] RAX: ffffffffffffffda RBX: 00007ffad99b5fa0 RCX: 00007ffad978e929
[  275.934011][ T9323] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  275.934024][ T9323] RBP: 00007ffada6c8090 R08: 0000000000000000 R09: 0000000000000000
[  275.934036][ T9323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  275.934047][ T9323] R13: 0000000000000000 R14: 00007ffad99b5fa0 R15: 00007ffd0cfc43a8
[  275.934097][ T9323]  </TASK>
[  275.964286][ T9329] /dev/rnullb0: Can't open blockdev
[  275.967282][    C1] vkms_vblank_simulate: vblank timer overrun
[  276.114638][ T9328] syzkaller1: entered promiscuous mode
[  276.227082][ T9328] syzkaller1: entered allmulticast mode
[  276.464259][ T9340] /dev/rnullb0: Can't open blockdev
[  276.875195][ T9361] FAULT_INJECTION: forcing a failure.
[  276.875195][ T9361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.889968][ T9361] CPU: 0 UID: 0 PID: 9361 Comm: syz.0.1180 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  276.889999][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  276.890012][ T9361] Call Trace:
[  276.890021][ T9361]  <TASK>
[  276.890035][ T9361]  dump_stack_lvl+0x189/0x250
[  276.890064][ T9361]  ? __pfx____ratelimit+0x10/0x10
[  276.890090][ T9361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.890113][ T9361]  ? __pfx__printk+0x10/0x10
[  276.890136][ T9361]  ? __might_fault+0xb0/0x130
[  276.890171][ T9361]  should_fail_ex+0x414/0x560
[  276.890207][ T9361]  _copy_from_user+0x2d/0xb0
[  276.890238][ T9361]  snd_seq_event_dup+0x467/0x780
[  276.890288][ T9361]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  276.890325][ T9361]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  276.890367][ T9361]  snd_seq_write+0x5c2/0x810
[  276.890402][ T9361]  ? __pfx_snd_seq_write+0x10/0x10
[  276.890425][ T9361]  ? bpf_lsm_file_permission+0x9/0x20
[  276.890444][ T9361]  ? security_file_permission+0x75/0x290
[  276.890473][ T9361]  ? rw_verify_area+0x258/0x650
[  276.890496][ T9361]  ? __pfx_snd_seq_write+0x10/0x10
[  276.890517][ T9361]  vfs_write+0x27b/0xa90
[  276.890548][ T9361]  ? __pfx_vfs_write+0x10/0x10
[  276.890574][ T9361]  ? __fget_files+0x2a/0x420
[  276.890602][ T9361]  ? __fget_files+0x2a/0x420
[  276.890626][ T9361]  ? __fget_files+0x3a0/0x420
[  276.890650][ T9361]  ? __fget_files+0x2a/0x420
[  276.890687][ T9361]  ksys_write+0x145/0x250
[  276.890714][ T9361]  ? __pfx_ksys_write+0x10/0x10
[  276.890735][ T9361]  ? rcu_is_watching+0x15/0xb0
[  276.890759][ T9361]  ? do_syscall_64+0xbe/0x3b0
[  276.890786][ T9361]  do_syscall_64+0xfa/0x3b0
[  276.890807][ T9361]  ? lockdep_hardirqs_on+0x9c/0x150
[  276.890829][ T9361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.890848][ T9361]  ? clear_bhb_loop+0x60/0xb0
[  276.890872][ T9361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.890891][ T9361] RIP: 0033:0x7f9f6dd8e929
[  276.890911][ T9361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.890927][ T9361] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  276.890949][ T9361] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  276.890963][ T9361] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  276.890975][ T9361] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  276.890987][ T9361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  276.890999][ T9361] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  276.891032][ T9361]  </TASK>
[  277.503310][   T43] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  277.680644][   T43] usb 3-1: config 0 has an invalid interface number: 117 but max is 0
[  277.689552][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  277.701066][   T43] usb 3-1: config 0 has no interface number 0
[  277.707976][   T43] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  277.709021][ T9368] /dev/rnullb0: Can't open blockdev
[  277.717984][   T43] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  277.725222][   T43] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  277.747927][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.757816][   T43] usb 3-1: Product: syz
[  277.762706][   T43] usb 3-1: Manufacturer: syz
[  277.767324][   T43] usb 3-1: SerialNumber: syz
[  277.776436][   T43] usb 3-1: config 0 descriptor??
[  277.898877][ T5908] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  278.048680][ T5908] usb 1-1: device descriptor read/64, error -71
[  278.067697][   T43] usbtouchscreen 3-1:0.117: probe with driver usbtouchscreen failed with error -71
[  278.082191][   T43] usb 3-1: USB disconnect, device number 62
[  278.305246][ T5908] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  278.444179][ T5908] usb 1-1: device descriptor read/64, error -71
[  278.575465][ T5908] usb usb1-port1: attempt power cycle
[  278.727340][ T9380] /dev/rnullb0: Can't open blockdev
[  278.923757][ T9390] loop6: detected capacity change from 0 to 7
[  278.935532][ T9390] Dev loop6: unable to read RDB block 7
[  278.943676][ T9390]  loop6: AHDI p3 p4
[  278.946652][ T5908] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  278.948006][ T9390] loop6: partition table partially beyond EOD, truncated
[  278.964514][ T9390] loop6: p3 start 1886353253 is beyond EOD, truncated
[  278.988993][ T5908] usb 1-1: device descriptor read/8, error -71
[  279.082801][ T9392] FAULT_INJECTION: forcing a failure.
[  279.082801][ T9392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.099138][ T9392] CPU: 1 UID: 0 PID: 9392 Comm: syz.2.1191 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  279.099167][ T9392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.099179][ T9392] Call Trace:
[  279.099188][ T9392]  <TASK>
[  279.099198][ T9392]  dump_stack_lvl+0x189/0x250
[  279.099227][ T9392]  ? __pfx____ratelimit+0x10/0x10
[  279.099251][ T9392]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.099273][ T9392]  ? __pfx__printk+0x10/0x10
[  279.099296][ T9392]  ? __might_fault+0xb0/0x130
[  279.099332][ T9392]  should_fail_ex+0x414/0x560
[  279.099365][ T9392]  _copy_from_user+0x2d/0xb0
[  279.099394][ T9392]  snd_seq_event_dup+0x467/0x780
[  279.099437][ T9392]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  279.099473][ T9392]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  279.099522][ T9392]  snd_seq_write+0x5c2/0x810
[  279.099557][ T9392]  ? __pfx_snd_seq_write+0x10/0x10
[  279.099578][ T9392]  ? bpf_lsm_file_permission+0x9/0x20
[  279.099595][ T9392]  ? security_file_permission+0x75/0x290
[  279.099624][ T9392]  ? rw_verify_area+0x258/0x650
[  279.099646][ T9392]  ? __pfx_snd_seq_write+0x10/0x10
[  279.099668][ T9392]  vfs_write+0x27b/0xa90
[  279.099702][ T9392]  ? __pfx_vfs_write+0x10/0x10
[  279.099728][ T9392]  ? __fget_files+0x2a/0x420
[  279.099758][ T9392]  ? __fget_files+0x2a/0x420
[  279.099781][ T9392]  ? __fget_files+0x3a0/0x420
[  279.099803][ T9392]  ? __fget_files+0x2a/0x420
[  279.099840][ T9392]  ksys_write+0x145/0x250
[  279.099866][ T9392]  ? __pfx_ksys_write+0x10/0x10
[  279.099896][ T9392]  ? do_syscall_64+0xbe/0x3b0
[  279.099926][ T9392]  do_syscall_64+0xfa/0x3b0
[  279.099949][ T9392]  ? lockdep_hardirqs_on+0x9c/0x150
[  279.099972][ T9392]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.099997][ T9392]  ? clear_bhb_loop+0x60/0xb0
[  279.100043][ T9392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.100076][ T9392] RIP: 0033:0x7f7aea38e929
[  279.100095][ T9392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.100111][ T9392] RSP: 002b:00007f7aeb1ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  279.100134][ T9392] RAX: ffffffffffffffda RBX: 00007f7aea5b5fa0 RCX: 00007f7aea38e929
[  279.100150][ T9392] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  279.100175][ T9392] RBP: 00007f7aeb1ce090 R08: 0000000000000000 R09: 0000000000000000
[  279.100187][ T9392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  279.100206][ T9392] R13: 0000000000000000 R14: 00007f7aea5b5fa0 R15: 00007ffd8ccbeb68
[  279.100237][ T9392]  </TASK>
[  279.418803][ T9394] ./cgroup: Can't lookup blockdev
[  279.491851][ T5908] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  279.513870][ T5908] usb 1-1: device descriptor read/8, error -71
[  279.544203][ T9398] syz.2.1194: attempt to access beyond end of device
[  279.544203][ T9398] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  279.563212][ T9398] syz.2.1194: attempt to access beyond end of device
[  279.563212][ T9398] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  279.624331][ T9400] /dev/rnullb0: Can't open blockdev
[  279.631207][ T5908] usb usb1-port1: unable to enumerate USB device
[  279.918816][ T9411] FAULT_INJECTION: forcing a failure.
[  279.918816][ T9411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.953062][ T9411] CPU: 0 UID: 0 PID: 9411 Comm: syz.2.1200 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  279.953092][ T9411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.953110][ T9411] Call Trace:
[  279.953119][ T9411]  <TASK>
[  279.953128][ T9411]  dump_stack_lvl+0x189/0x250
[  279.953157][ T9411]  ? __pfx____ratelimit+0x10/0x10
[  279.953182][ T9411]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.953203][ T9411]  ? __pfx__printk+0x10/0x10
[  279.953236][ T9411]  ? __might_fault+0xb0/0x130
[  279.953271][ T9411]  should_fail_ex+0x414/0x560
[  279.953305][ T9411]  _copy_from_user+0x2d/0xb0
[  279.953336][ T9411]  snd_seq_event_dup+0x467/0x780
[  279.953377][ T9411]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  279.953413][ T9411]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  279.953454][ T9411]  snd_seq_write+0x5c2/0x810
[  279.953486][ T9411]  ? __pfx_snd_seq_write+0x10/0x10
[  279.953507][ T9411]  ? bpf_lsm_file_permission+0x9/0x20
[  279.953525][ T9411]  ? security_file_permission+0x75/0x290
[  279.953555][ T9411]  ? rw_verify_area+0x258/0x650
[  279.953576][ T9411]  ? __pfx_snd_seq_write+0x10/0x10
[  279.953597][ T9411]  vfs_write+0x27b/0xa90
[  279.953630][ T9411]  ? __pfx_vfs_write+0x10/0x10
[  279.953655][ T9411]  ? __fget_files+0x2a/0x420
[  279.953685][ T9411]  ? __fget_files+0x2a/0x420
[  279.953709][ T9411]  ? __fget_files+0x3a0/0x420
[  279.953733][ T9411]  ? __fget_files+0x2a/0x420
[  279.953769][ T9411]  ksys_write+0x145/0x250
[  279.953795][ T9411]  ? __pfx_ksys_write+0x10/0x10
[  279.953815][ T9411]  ? rcu_is_watching+0x15/0xb0
[  279.953841][ T9411]  ? do_syscall_64+0xbe/0x3b0
[  279.953869][ T9411]  do_syscall_64+0xfa/0x3b0
[  279.953892][ T9411]  ? lockdep_hardirqs_on+0x9c/0x150
[  279.953911][ T9411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.953930][ T9411]  ? clear_bhb_loop+0x60/0xb0
[  279.953954][ T9411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.953972][ T9411] RIP: 0033:0x7f7aea38e929
[  279.953991][ T9411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.954031][ T9411] RSP: 002b:00007f7aeb1ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  279.954054][ T9411] RAX: ffffffffffffffda RBX: 00007f7aea5b5fa0 RCX: 00007f7aea38e929
[  279.954068][ T9411] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  279.954082][ T9411] RBP: 00007f7aeb1ce090 R08: 0000000000000000 R09: 0000000000000000
[  279.954095][ T9411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  279.954106][ T9411] R13: 0000000000000000 R14: 00007f7aea5b5fa0 R15: 00007ffd8ccbeb68
[  279.954139][ T9411]  </TASK>
[  282.507386][ T9442] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1207'.
[  282.539813][ T9442] /dev/rnullb0: Can't open blockdev
[  282.863103][ T9450] /dev/rnullb0: Can't open blockdev
[  283.060011][ T9456] usb usb8: usbfs: process 9456 (syz.2.1213) did not claim interface 0 before use
[  283.159275][ T9460] loop6: detected capacity change from 0 to 7
[  283.187730][ T5845] Dev loop6: unable to read RDB block 7
[  283.193961][ T5845]  loop6: AHDI p3 p4
[  283.200829][ T5845] loop6: partition table partially beyond EOD, truncated
[  283.218011][ T5845] loop6: p3 start 1886353253 is beyond EOD, truncated
[  283.241526][ T9460] Dev loop6: unable to read RDB block 7
[  283.263870][ T9460]  loop6: AHDI p3 p4
[  283.285530][ T9460] loop6: partition table partially beyond EOD, truncated
[  283.308686][ T9460] loop6: p3 start 1886353253 is beyond EOD, truncated
[  283.516864][ T9463] /dev/rnullb0: Can't open blockdev
[  283.668882][ T9463] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  284.319982][ T9481] loop6: detected capacity change from 0 to 7
[  284.335958][ T9481] Dev loop6: unable to read RDB block 7
[  284.352719][ T9481]  loop6: AHDI p3 p4
[  284.357619][ T9481] loop6: partition table partially beyond EOD, truncated
[  284.373170][ T9481] loop6: p3 start 1886353253 is beyond EOD, truncated
[  284.401437][ T9483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1225'.
[  284.468387][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  284.672302][ T9485] FAULT_INJECTION: forcing a failure.
[  284.672302][ T9485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.698307][ T9485] CPU: 1 UID: 0 PID: 9485 Comm: syz.0.1226 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  284.698337][ T9485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  284.698349][ T9485] Call Trace:
[  284.698358][ T9485]  <TASK>
[  284.698367][ T9485]  dump_stack_lvl+0x189/0x250
[  284.698394][ T9485]  ? __pfx____ratelimit+0x10/0x10
[  284.698419][ T9485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.698441][ T9485]  ? __pfx__printk+0x10/0x10
[  284.698463][ T9485]  ? __might_fault+0xb0/0x130
[  284.698497][ T9485]  should_fail_ex+0x414/0x560
[  284.698533][ T9485]  _copy_from_user+0x2d/0xb0
[  284.698564][ T9485]  snd_seq_event_dup+0x467/0x780
[  284.698607][ T9485]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  284.698643][ T9485]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  284.698681][ T9485]  snd_seq_write+0x5c2/0x810
[  284.698715][ T9485]  ? __pfx_snd_seq_write+0x10/0x10
[  284.698736][ T9485]  ? bpf_lsm_file_permission+0x9/0x20
[  284.698753][ T9485]  ? security_file_permission+0x75/0x290
[  284.698783][ T9485]  ? rw_verify_area+0x258/0x650
[  284.698806][ T9485]  ? __pfx_snd_seq_write+0x10/0x10
[  284.698827][ T9485]  vfs_write+0x27b/0xa90
[  284.698860][ T9485]  ? __pfx_vfs_write+0x10/0x10
[  284.698883][ T9485]  ? __fget_files+0x2a/0x420
[  284.698911][ T9485]  ? __fget_files+0x2a/0x420
[  284.698936][ T9485]  ? __fget_files+0x3a0/0x420
[  284.698962][ T9485]  ? __fget_files+0x2a/0x420
[  284.698998][ T9485]  ksys_write+0x145/0x250
[  284.699026][ T9485]  ? __pfx_ksys_write+0x10/0x10
[  284.699046][ T9485]  ? rcu_is_watching+0x15/0xb0
[  284.699072][ T9485]  ? do_syscall_64+0xbe/0x3b0
[  284.699109][ T9485]  do_syscall_64+0xfa/0x3b0
[  284.699131][ T9485]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.699155][ T9485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.699174][ T9485]  ? clear_bhb_loop+0x60/0xb0
[  284.699198][ T9485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.699217][ T9485] RIP: 0033:0x7f9f6dd8e929
[  284.699235][ T9485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.699251][ T9485] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  284.699273][ T9485] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  284.699287][ T9485] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  284.699300][ T9485] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  284.699312][ T9485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  284.699323][ T9485] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  284.699354][ T9485]  </TASK>
[  285.220752][ T9497] /dev/rnullb0: Can't open blockdev
[  285.287577][ T9501] /dev/rnullb0: Can't open blockdev
[  285.456718][ T9508] loop6: detected capacity change from 0 to 7
[  285.473194][ T9508] Dev loop6: unable to read RDB block 7
[  285.484574][ T9508]  loop6: AHDI p3 p4
[  285.489703][ T9508] loop6: partition table partially beyond EOD, truncated
[  285.498079][ T9508] loop6: p3 start 1886353253 is beyond EOD, truncated
[  286.097542][ T9532] FAULT_INJECTION: forcing a failure.
[  286.097542][ T9532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.113376][ T9532] CPU: 1 UID: 0 PID: 9532 Comm: syz.0.1242 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  286.113406][ T9532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  286.113429][ T9532] Call Trace:
[  286.113438][ T9532]  <TASK>
[  286.113448][ T9532]  dump_stack_lvl+0x189/0x250
[  286.113477][ T9532]  ? __pfx____ratelimit+0x10/0x10
[  286.113502][ T9532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.113525][ T9532]  ? __pfx__printk+0x10/0x10
[  286.113548][ T9532]  ? __might_fault+0xb0/0x130
[  286.113584][ T9532]  should_fail_ex+0x414/0x560
[  286.113621][ T9532]  _copy_from_user+0x2d/0xb0
[  286.113652][ T9532]  snd_seq_event_dup+0x467/0x780
[  286.113692][ T9532]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  286.113728][ T9532]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  286.113770][ T9532]  snd_seq_write+0x5c2/0x810
[  286.113804][ T9532]  ? __pfx_snd_seq_write+0x10/0x10
[  286.113826][ T9532]  ? bpf_lsm_file_permission+0x9/0x20
[  286.113844][ T9532]  ? security_file_permission+0x75/0x290
[  286.113874][ T9532]  ? rw_verify_area+0x258/0x650
[  286.113895][ T9532]  ? __pfx_snd_seq_write+0x10/0x10
[  286.113915][ T9532]  vfs_write+0x27b/0xa90
[  286.113970][ T9532]  ? __pfx_vfs_write+0x10/0x10
[  286.113997][ T9532]  ? __fget_files+0x2a/0x420
[  286.114028][ T9532]  ? __fget_files+0x2a/0x420
[  286.114052][ T9532]  ? __fget_files+0x3a0/0x420
[  286.114077][ T9532]  ? __fget_files+0x2a/0x420
[  286.114112][ T9532]  ksys_write+0x145/0x250
[  286.114138][ T9532]  ? __pfx_ksys_write+0x10/0x10
[  286.114158][ T9532]  ? rcu_is_watching+0x15/0xb0
[  286.114184][ T9532]  ? do_syscall_64+0xbe/0x3b0
[  286.114214][ T9532]  do_syscall_64+0xfa/0x3b0
[  286.114238][ T9532]  ? lockdep_hardirqs_on+0x9c/0x150
[  286.114261][ T9532]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.114281][ T9532]  ? clear_bhb_loop+0x60/0xb0
[  286.114305][ T9532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.114322][ T9532] RIP: 0033:0x7f9f6dd8e929
[  286.114339][ T9532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.114356][ T9532] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  286.114384][ T9532] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  286.114399][ T9532] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  286.114420][ T9532] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  286.114433][ T9532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  286.114446][ T9532] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  286.114481][ T9532]  </TASK>
[  286.194821][ T5865] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  286.198775][    C1] vkms_vblank_simulate: vblank timer overrun
[  286.365853][ T5865] usb 2-1: Using ep0 maxpacket: 32
[  286.405304][ T5865] usb 2-1: config 0 has no interfaces?
[  286.426441][ T5865] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  286.437223][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.456164][ T5865] usb 2-1: Product: syz
[  286.466546][ T5865] usb 2-1: Manufacturer: syz
[  286.467089][    C1] vkms_vblank_simulate: vblank timer overrun
[  286.477231][ T5865] usb 2-1: SerialNumber: syz
[  286.491494][ T9536] binder: 9535:9536 ioctl c018620c 200000000380 returned -22
[  286.520768][ T5865] usb 2-1: config 0 descriptor??
[  286.665201][   T43] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  286.857586][   T43] usb 3-1: Using ep0 maxpacket: 16
[  286.865569][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.878406][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.896669][   T43] usb 3-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[  286.912200][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.939708][   T43] usb 3-1: config 0 descriptor??
[  287.230674][ T9545] loop6: detected capacity change from 0 to 7
[  287.241906][ T9545] Dev loop6: unable to read RDB block 7
[  287.251133][ T9545]  loop6: AHDI p3 p4
[  287.257980][ T9545] loop6: partition table partially beyond EOD, truncated
[  287.270819][ T9545] loop6: p3 start 1886353253 is beyond EOD, truncated
[  287.473814][ T9548] input: syz0 as /devices/virtual/input/input17
[  288.109090][ T9555] /dev/rnullb0: Can't open blockdev
[  288.201611][ T9558] netlink: 'syz.0.1250': attribute type 1 has an invalid length.
[  288.212742][ T9558] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1250'.
[  288.485770][ T5865] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  288.666332][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.678598][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.695105][ T5865] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  288.718420][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.734542][ T5865] usb 1-1: config 0 descriptor??
[  289.192137][ T5865] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[  289.204725][ T5865] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[  289.248028][ T5865] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0007/input/input18
[  289.345655][ T5865] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  289.415267][ T9558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.430204][ T9558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.452331][ T5865] usb 1-1: USB disconnect, device number 59
[  289.469709][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  289.475773][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  289.530274][   T43] usb 3-1: USB disconnect, device number 63
[  289.601711][ T9559] fido_id[9559]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  289.973485][ T9563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1252'.
[  290.012071][   T43] usb 2-1: USB disconnect, device number 45
[  290.172960][ T9571] syz.0.1256: attempt to access beyond end of device
[  290.172960][ T9571] md0: rw=0, sector=0, nr_sectors = 1 limit=0
[  290.186264][ T9571] exFAT-fs (md0): unable to read boot sector
[  290.197019][ T9571] exFAT-fs (md0): failed to read boot sector
[  290.203187][ T9571] exFAT-fs (md0): failed to recognize exfat type
[  290.230920][   T51] Bluetooth: hci2: unexpected cc 0x0c2d length: 63 > 4
[  290.241471][   T51] Bluetooth: hci2: unexpected event for opcode 0x0c2d
[  290.341797][ T9573] FAULT_INJECTION: forcing a failure.
[  290.341797][ T9573] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  290.363129][ T9574] ./file0: Can't lookup blockdev
[  290.372868][ T9573] CPU: 1 UID: 0 PID: 9573 Comm: syz.2.1254 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  290.372898][ T9573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.372910][ T9573] Call Trace:
[  290.372918][ T9573]  <TASK>
[  290.372927][ T9573]  dump_stack_lvl+0x189/0x250
[  290.372956][ T9573]  ? __pfx____ratelimit+0x10/0x10
[  290.372980][ T9573]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.373001][ T9573]  ? __pfx__printk+0x10/0x10
[  290.373025][ T9573]  ? fs_reclaim_acquire+0x7d/0x100
[  290.373058][ T9573]  should_fail_ex+0x414/0x560
[  290.373103][ T9573]  prepare_alloc_pages+0x213/0x610
[  290.373137][ T9573]  __alloc_frozen_pages_noprof+0x123/0x370
[  290.373169][ T9573]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  290.373211][ T9573]  ? policy_nodemask+0x27c/0x720
[  290.373227][ T9573]  ? __lock_acquire+0xab9/0xd20
[  290.373256][ T9573]  alloc_pages_mpol+0x232/0x4a0
[  290.373280][ T9573]  vma_alloc_folio_noprof+0xe4/0x200
[  290.373299][ T9573]  ? page_table_check_set+0x18d/0x730
[  290.373319][ T9573]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  290.373351][ T9573]  folio_prealloc+0x30/0x180
[  290.373372][ T9573]  __handle_mm_fault+0x2ab9/0x5440
[  290.373406][ T9573]  ? __pfx___handle_mm_fault+0x10/0x10
[  290.373438][ T9573]  ? follow_page_pte+0x7ef/0x13e0
[  290.373465][ T9573]  handle_mm_fault+0x40a/0x8e0
[  290.373493][ T9573]  __get_user_pages+0x1699/0x2ce0
[  290.373543][ T9573]  populate_vma_page_range+0x29f/0x3a0
[  290.373560][ T9573]  ? __pfx_populate_vma_page_range+0x10/0x10
[  290.373575][ T9573]  ? apply_vma_lock_flags+0x344/0x3c0
[  290.373604][ T9573]  ? down_read+0x1ad/0x2e0
[  290.373628][ T9573]  __mm_populate+0x24c/0x380
[  290.373647][ T9573]  ? __pfx___mm_populate+0x10/0x10
[  290.373665][ T9573]  ? up_write+0x1c4/0x420
[  290.373689][ T9573]  do_mlock+0x625/0x740
[  290.373721][ T9573]  ? __pfx_do_mlock+0x10/0x10
[  290.373744][ T9573]  ? fput+0xa0/0xd0
[  290.373760][ T9573]  ? ksys_write+0x22a/0x250
[  290.373783][ T9573]  ? __pfx_ksys_write+0x10/0x10
[  290.373799][ T9573]  ? rcu_is_watching+0x15/0xb0
[  290.373823][ T9573]  __x64_sys_mlock2+0xac/0xd0
[  290.373846][ T9573]  do_syscall_64+0xfa/0x3b0
[  290.373865][ T9573]  ? lockdep_hardirqs_on+0x9c/0x150
[  290.373884][ T9573]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.373921][ T9573]  ? clear_bhb_loop+0x60/0xb0
[  290.373942][ T9573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.373958][ T9573] RIP: 0033:0x7f7aea38e929
[  290.373975][ T9573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.373990][ T9573] RSP: 002b:00007f7aeb1ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  290.374010][ T9573] RAX: ffffffffffffffda RBX: 00007f7aea5b6080 RCX: 00007f7aea38e929
[  290.374022][ T9573] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  290.374032][ T9573] RBP: 00007f7aeb1ad090 R08: 0000000000000000 R09: 0000000000000000
[  290.374042][ T9573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  290.374052][ T9573] R13: 0000000000000000 R14: 00007f7aea5b6080 R15: 00007ffd8ccbeb68
[  290.374082][ T9573]  </TASK>
[  290.679524][    C1] vkms_vblank_simulate: vblank timer overrun
[  290.801618][ T9580] /dev/rnullb0: Can't open blockdev
[  290.920840][ T9584] /dev/rnullb0: Can't open blockdev
[  290.940653][ T9582] input: syz0 as /devices/virtual/input/input19
[  290.976431][ T5865] hid (null): unknown global tag 0xd
[  291.004116][ T5865] hid (null): unknown global tag 0xc
[  291.012182][ T5865] hid (null): unknown global tag 0xc
[  291.024583][ T5865] hid (null): report_id 0 is invalid
[  291.035691][ T5865] hid (null): unknown global tag 0xe
[  291.061693][ T9586] netlink: 'syz.0.1261': attribute type 3 has an invalid length.
[  291.079419][ T5865] hid-generic 0002:0008:00A6.0008: unknown global tag 0xd
[  291.102042][ T9586] netlink: 'syz.0.1261': attribute type 1 has an invalid length.
[  291.109961][ T9586] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1261'.
[  291.123179][ T5865] hid-generic 0002:0008:00A6.0008: item 0 2 1 13 parsing failed
[  291.131879][ T5865] hid-generic 0002:0008:00A6.0008: probe with driver hid-generic failed with error -22
[  291.147988][ T9586] NCSI netlink: No device for ifindex 0
[  291.362246][ T9595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1263'.
[  291.562764][ T9599] FAULT_INJECTION: forcing a failure.
[  291.562764][ T9599] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  291.576738][ T9599] CPU: 0 UID: 0 PID: 9599 Comm: syz.0.1266 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  291.576767][ T9599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.576780][ T9599] Call Trace:
[  291.576794][ T9599]  <TASK>
[  291.576803][ T9599]  dump_stack_lvl+0x189/0x250
[  291.576832][ T9599]  ? __pfx____ratelimit+0x10/0x10
[  291.576858][ T9599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.576881][ T9599]  ? __pfx__printk+0x10/0x10
[  291.576906][ T9599]  ? fs_reclaim_acquire+0x7d/0x100
[  291.576942][ T9599]  should_fail_ex+0x414/0x560
[  291.576978][ T9599]  prepare_alloc_pages+0x213/0x610
[  291.577014][ T9599]  __alloc_frozen_pages_noprof+0x123/0x370
[  291.577046][ T9599]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  291.577094][ T9599]  ? policy_nodemask+0x27c/0x720
[  291.577113][ T9599]  ? __lock_acquire+0xab9/0xd20
[  291.577147][ T9599]  alloc_pages_mpol+0x232/0x4a0
[  291.577177][ T9599]  vma_alloc_folio_noprof+0xe4/0x200
[  291.577200][ T9599]  ? page_table_check_set+0x18d/0x730
[  291.577225][ T9599]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  291.577264][ T9599]  folio_prealloc+0x30/0x180
[  291.577290][ T9599]  __handle_mm_fault+0x2ab9/0x5440
[  291.577329][ T9599]  ? __pfx___handle_mm_fault+0x10/0x10
[  291.577367][ T9599]  ? follow_page_pte+0x7ef/0x13e0
[  291.577400][ T9599]  handle_mm_fault+0x40a/0x8e0
[  291.577434][ T9599]  __get_user_pages+0x1699/0x2ce0
[  291.577496][ T9599]  populate_vma_page_range+0x29f/0x3a0
[  291.577520][ T9599]  ? __pfx_populate_vma_page_range+0x10/0x10
[  291.577537][ T9599]  ? apply_vma_lock_flags+0x344/0x3c0
[  291.577572][ T9599]  ? down_read+0x1ad/0x2e0
[  291.577602][ T9599]  __mm_populate+0x24c/0x380
[  291.577625][ T9599]  ? __pfx___mm_populate+0x10/0x10
[  291.577647][ T9599]  ? up_write+0x1c4/0x420
[  291.577675][ T9599]  do_mlock+0x625/0x740
[  291.577715][ T9599]  ? __pfx_do_mlock+0x10/0x10
[  291.577744][ T9599]  ? fput+0xa0/0xd0
[  291.577763][ T9599]  ? ksys_write+0x22a/0x250
[  291.577790][ T9599]  ? __pfx_ksys_write+0x10/0x10
[  291.577810][ T9599]  ? rcu_is_watching+0x15/0xb0
[  291.577839][ T9599]  __x64_sys_mlock2+0xac/0xd0
[  291.577867][ T9599]  do_syscall_64+0xfa/0x3b0
[  291.577889][ T9599]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.577911][ T9599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.577931][ T9599]  ? clear_bhb_loop+0x60/0xb0
[  291.577955][ T9599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.577974][ T9599] RIP: 0033:0x7f9f6dd8e929
[  291.577993][ T9599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.578008][ T9599] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  291.578030][ T9599] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  291.578045][ T9599] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  291.578067][ T9599] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  291.578080][ T9599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  291.578092][ T9599] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  291.578126][ T9599]  </TASK>
[  291.908471][ T5865] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  292.181974][ T5865] usb 3-1: Using ep0 maxpacket: 16
[  292.190203][ T5865] usb 3-1: config 2 has an invalid interface number: 133 but max is 2
[  292.198807][ T5865] usb 3-1: config 2 has an invalid interface number: 173 but max is 2
[  292.207213][ T5865] usb 3-1: config 2 has an invalid interface number: 162 but max is 2
[  292.215704][ T5865] usb 3-1: config 2 contains an unexpected descriptor of type 0x1, skipping
[  292.224816][ T5865] usb 3-1: config 2 has an invalid interface number: 157 but max is 2
[  292.233169][ T5865] usb 3-1: config 2 contains an unexpected descriptor of type 0x2, skipping
[  292.245698][ T5865] usb 3-1: config 2 has 4 interfaces, different from the descriptor's value: 3
[  292.254855][ T5865] usb 3-1: config 2 has no interface number 0
[  292.262152][ T5865] usb 3-1: config 2 has no interface number 1
[  292.269681][ T5865] usb 3-1: config 2 has no interface number 2
[  292.275890][ T5865] usb 3-1: config 2 has no interface number 3
[  292.282329][ T5865] usb 3-1: config 2 interface 133 altsetting 8 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  292.293639][ T5865] usb 3-1: config 2 interface 133 altsetting 8 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  292.306619][ T5865] usb 3-1: config 2 interface 133 altsetting 8 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  292.342324][ T5865] usb 3-1: config 2 interface 133 altsetting 8 has 4 endpoint descriptors, different from the interface descriptor's value: 10
[  292.392355][ T5865] usb 3-1: too many endpoints for config 2 interface 173 altsetting 173: 147, using maximum allowed: 30
[  292.399651][ T9615] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1271'.
[  292.417020][ T5865] usb 3-1: config 2 interface 173 altsetting 173 has a duplicate endpoint with address 0x7, skipping
[  292.444089][ T9615] /dev/rnullb0: Can't open blockdev
[  292.449321][ T5865] usb 3-1: config 2 interface 173 altsetting 173 endpoint 0xB has invalid wMaxPacketSize 0
[  292.480887][ T5865] usb 3-1: config 2 interface 173 altsetting 173 has an invalid descriptor for endpoint zero, skipping
[  292.512973][ T5865] usb 3-1: config 2 interface 173 altsetting 173 has 6 endpoint descriptors, different from the interface descriptor's value: 147
[  292.545036][ T5865] usb 3-1: config 2 interface 162 altsetting 90 has a duplicate endpoint with address 0x8, skipping
[  292.562998][ T5865] usb 3-1: config 2 interface 157 altsetting 78 endpoint 0x2 has invalid maxpacket 943, setting to 64
[  292.576638][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has an endpoint descriptor with address 0x78, changing to 0x8
[  293.058173][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0x8, skipping
[  293.070207][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has an endpoint descriptor with address 0x67, changing to 0x7
[  293.082208][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0x7, skipping
[  293.098675][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0xE, skipping
[  293.112854][ T5865] usb 3-1: config 2 interface 157 altsetting 78 bulk endpoint 0x4 has invalid maxpacket 1023
[  293.133670][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has an invalid descriptor for endpoint zero, skipping
[  293.144921][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0xE, skipping
[  293.165168][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0x2, skipping
[  293.186404][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0xC, skipping
[  293.207819][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has an invalid descriptor for endpoint zero, skipping
[  293.239901][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0xF, skipping
[  293.254514][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0x9, skipping
[  293.284994][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has a duplicate endpoint with address 0xB, skipping
[  293.304036][ T5865] usb 3-1: config 2 interface 157 altsetting 78 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  293.336105][ T5865] usb 3-1: config 2 interface 157 altsetting 78 has 15 endpoint descriptors, different from the interface descriptor's value: 13
[  293.357470][ T5865] usb 3-1: config 2 interface 133 has no altsetting 0
[  293.375281][ T5865] usb 3-1: config 2 interface 173 has no altsetting 0
[  293.390609][ T5865] usb 3-1: config 2 interface 162 has no altsetting 0
[  293.408605][ T5865] usb 3-1: config 2 interface 157 has no altsetting 0
[  293.422117][ T5865] usb 3-1: New USB device found, idVendor=257a, idProduct=1602, bcdDevice=4c.a6
[  293.431588][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.439824][ T5865] usb 3-1: Product: 탽鰅뀞攇仠궁⮀呪慵ㆷ糾崼ਠ퉇롹墒㩲ﯦ挦➭㉤ㅨᴙ꺙饌瘲Ⱗ⃚ꅛ邓花☿樒컿┎ﳌ好֫ヨ偖궻⡉쫷泟椤呬즣ᙐꥵ䤷揘釀㥵格
[  293.460006][ T9630] fuse: Bad value for 'user_id'
[  293.475202][ T9630] fuse: Bad value for 'user_id'
[  293.515549][ T5865] usb 3-1: Manufacturer: 돫䂅ѓ༭腫祕逋Ꭵ⠦⼋㵴꩝ࣶ嬙縘ᕩ庇竗渧ﬥ뀄鸥ꦘﶉ덬脊۟﮴繋ꗴ౹鉬豗ﬕ険ퟅ䕰鼇䪶Q逾餦䷎샜셎ⱜ씚㋡誫株䣷⎋軅놄癝寅䨳젘흷磲甩
[  293.539935][ T5865] usb 3-1: SerialNumber: ч
[  293.555103][ T9632] FAULT_INJECTION: forcing a failure.
[  293.555103][ T9632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.574428][ T9632] CPU: 0 UID: 0 PID: 9632 Comm: syz.1.1276 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  293.574461][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  293.574473][ T9632] Call Trace:
[  293.574480][ T9632]  <TASK>
[  293.574489][ T9632]  dump_stack_lvl+0x189/0x250
[  293.574517][ T9632]  ? __pfx____ratelimit+0x10/0x10
[  293.574540][ T9632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.574561][ T9632]  ? __pfx__printk+0x10/0x10
[  293.574582][ T9632]  ? __might_fault+0xb0/0x130
[  293.574616][ T9632]  should_fail_ex+0x414/0x560
[  293.574647][ T9632]  _copy_from_user+0x2d/0xb0
[  293.574675][ T9632]  snd_seq_event_dup+0x467/0x780
[  293.574715][ T9632]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  293.574751][ T9632]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  293.574790][ T9632]  snd_seq_write+0x5c2/0x810
[  293.574824][ T9632]  ? __pfx_snd_seq_write+0x10/0x10
[  293.574847][ T9632]  ? bpf_lsm_file_permission+0x9/0x20
[  293.574866][ T9632]  ? security_file_permission+0x75/0x290
[  293.574896][ T9632]  ? rw_verify_area+0x258/0x650
[  293.574918][ T9632]  ? __pfx_snd_seq_write+0x10/0x10
[  293.574940][ T9632]  vfs_write+0x27b/0xa90
[  293.574973][ T9632]  ? __pfx_vfs_write+0x10/0x10
[  293.574999][ T9632]  ? __fget_files+0x2a/0x420
[  293.575029][ T9632]  ? __fget_files+0x2a/0x420
[  293.575051][ T9632]  ? __fget_files+0x3a0/0x420
[  293.575076][ T9632]  ? __fget_files+0x2a/0x420
[  293.575112][ T9632]  ksys_write+0x145/0x250
[  293.575139][ T9632]  ? __pfx_ksys_write+0x10/0x10
[  293.575168][ T9632]  ? do_syscall_64+0xbe/0x3b0
[  293.575198][ T9632]  do_syscall_64+0xfa/0x3b0
[  293.575220][ T9632]  ? lockdep_hardirqs_on+0x9c/0x150
[  293.575242][ T9632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.575261][ T9632]  ? clear_bhb_loop+0x60/0xb0
[  293.575295][ T9632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.575314][ T9632] RIP: 0033:0x7fc1f1d8e929
[  293.575333][ T9632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.575350][ T9632] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  293.575371][ T9632] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  293.575386][ T9632] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  293.575400][ T9632] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  293.575413][ T9632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.575426][ T9632] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  293.575460][ T9632]  </TASK>
[  293.927595][ T9635] FAULT_INJECTION: forcing a failure.
[  293.927595][ T9635] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  293.941739][ T9635] CPU: 0 UID: 0 PID: 9635 Comm: syz.0.1277 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  293.941773][ T9635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  293.941786][ T9635] Call Trace:
[  293.941795][ T9635]  <TASK>
[  293.941804][ T9635]  dump_stack_lvl+0x189/0x250
[  293.941833][ T9635]  ? __pfx____ratelimit+0x10/0x10
[  293.941858][ T9635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.941880][ T9635]  ? __pfx__printk+0x10/0x10
[  293.941905][ T9635]  ? fs_reclaim_acquire+0x7d/0x100
[  293.941941][ T9635]  should_fail_ex+0x414/0x560
[  293.941971][ T9635]  prepare_alloc_pages+0x213/0x610
[  293.942004][ T9635]  __alloc_frozen_pages_noprof+0x123/0x370
[  293.942035][ T9635]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  293.942068][ T9635]  ? policy_nodemask+0x27c/0x720
[  293.942087][ T9635]  ? __lock_acquire+0xab9/0xd20
[  293.942120][ T9635]  alloc_pages_mpol+0x232/0x4a0
[  293.942148][ T9635]  vma_alloc_folio_noprof+0xe4/0x200
[  293.942171][ T9635]  ? page_table_check_set+0x18d/0x730
[  293.942194][ T9635]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  293.942230][ T9635]  folio_prealloc+0x30/0x180
[  293.942256][ T9635]  __handle_mm_fault+0x2ab9/0x5440
[  293.942302][ T9635]  ? __pfx___handle_mm_fault+0x10/0x10
[  293.942338][ T9635]  ? follow_page_pte+0x7ef/0x13e0
[  293.942370][ T9635]  handle_mm_fault+0x40a/0x8e0
[  293.942403][ T9635]  __get_user_pages+0x1699/0x2ce0
[  293.942461][ T9635]  populate_vma_page_range+0x29f/0x3a0
[  293.942484][ T9635]  ? __pfx_populate_vma_page_range+0x10/0x10
[  293.942500][ T9635]  ? apply_vma_lock_flags+0x344/0x3c0
[  293.942533][ T9635]  ? down_read+0x1ad/0x2e0
[  293.942562][ T9635]  __mm_populate+0x24c/0x380
[  293.942583][ T9635]  ? __pfx___mm_populate+0x10/0x10
[  293.942604][ T9635]  ? up_write+0x1c4/0x420
[  293.942629][ T9635]  do_mlock+0x625/0x740
[  293.942667][ T9635]  ? __pfx_do_mlock+0x10/0x10
[  293.942694][ T9635]  ? fput+0xa0/0xd0
[  293.942713][ T9635]  ? ksys_write+0x22a/0x250
[  293.942737][ T9635]  ? __pfx_ksys_write+0x10/0x10
[  293.942757][ T9635]  ? rcu_is_watching+0x15/0xb0
[  293.942784][ T9635]  __x64_sys_mlock2+0xac/0xd0
[  293.942812][ T9635]  do_syscall_64+0xfa/0x3b0
[  293.942838][ T9635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.942856][ T9635]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  293.942875][ T9635]  ? clear_bhb_loop+0x60/0xb0
[  293.942899][ T9635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.942917][ T9635] RIP: 0033:0x7f9f6dd8e929
[  293.942936][ T9635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.942952][ T9635] RSP: 002b:00007f9f6bbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  293.942974][ T9635] RAX: ffffffffffffffda RBX: 00007f9f6dfb5fa0 RCX: 00007f9f6dd8e929
[  293.942989][ T9635] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00002000002e5000
[  293.943002][ T9635] RBP: 00007f9f6bbf6090 R08: 0000000000000000 R09: 0000000000000000
[  293.943014][ T9635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.943026][ T9635] R13: 0000000000000000 R14: 00007f9f6dfb5fa0 R15: 00007ffcff0ca298
[  293.943057][ T9635]  </TASK>
[  294.362538][ T5865] option 3-1:2.133: GSM modem (1-port) converter detected
[  294.389247][ T5865] option 3-1:2.173: GSM modem (1-port) converter detected
[  294.406727][ T5865] option 3-1:2.162: GSM modem (1-port) converter detected
[  294.421010][ T5865] option 3-1:2.157: GSM modem (1-port) converter detected
[  294.443633][ T5865] usb 3-1: USB disconnect, device number 64
[  294.474752][ T5865] option 3-1:2.133: device disconnected
[  294.542966][ T5865] option 3-1:2.173: device disconnected
[  294.561545][ T5865] option 3-1:2.162: device disconnected
[  294.598560][ T5865] option 3-1:2.157: device disconnected
[  294.607412][   T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  294.617907][   T51] Bluetooth: hci2: Injecting HCI hardware error event
[  294.628024][ T5842] Bluetooth: hci2: hardware error 0x00
[  295.085126][ T9644] netlink: 'syz.0.1281': attribute type 5 has an invalid length.
[  295.100114][ T9644] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1281'.
[  295.407746][ T9655] syz.1.1284: attempt to access beyond end of device
[  295.407746][ T9655] md0: rw=0, sector=0, nr_sectors = 1 limit=0
[  295.457877][ T9655] exFAT-fs (md0): unable to read boot sector
[  295.468661][ T9655] exFAT-fs (md0): failed to read boot sector
[  295.495789][ T9655] exFAT-fs (md0): failed to recognize exfat type
[  295.523945][   T51] Bluetooth: hci0: unexpected cc 0x0c2d length: 63 > 4
[  295.532721][   T51] Bluetooth: hci0: unexpected event for opcode 0x0c2d
[  295.765330][ T9664] /dev/rnullb0: Can't open blockdev
[  295.788148][ T9665] FAULT_INJECTION: forcing a failure.
[  295.788148][ T9665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.803566][ T9664] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  295.855510][ T9665] CPU: 1 UID: 0 PID: 9665 Comm: syz.1.1287 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  295.855541][ T9665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.855553][ T9665] Call Trace:
[  295.855561][ T9665]  <TASK>
[  295.855570][ T9665]  dump_stack_lvl+0x189/0x250
[  295.855600][ T9665]  ? __pfx____ratelimit+0x10/0x10
[  295.855624][ T9665]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.855645][ T9665]  ? __pfx__printk+0x10/0x10
[  295.855667][ T9665]  ? __might_fault+0xb0/0x130
[  295.855701][ T9665]  should_fail_ex+0x414/0x560
[  295.855736][ T9665]  _copy_from_user+0x2d/0xb0
[  295.855766][ T9665]  snd_seq_event_dup+0x467/0x780
[  295.855807][ T9665]  snd_seq_client_enqueue_event+0x2d4/0x4a0
[  295.855842][ T9665]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  295.855881][ T9665]  snd_seq_write+0x5c2/0x810
[  295.855915][ T9665]  ? __pfx_snd_seq_write+0x10/0x10
[  295.855936][ T9665]  ? bpf_lsm_file_permission+0x9/0x20
[  295.855954][ T9665]  ? security_file_permission+0x75/0x290
[  295.855982][ T9665]  ? rw_verify_area+0x258/0x650
[  295.856003][ T9665]  ? __pfx_snd_seq_write+0x10/0x10
[  295.856024][ T9665]  vfs_write+0x27b/0xa90
[  295.856051][ T9665]  ? __pfx_vfs_write+0x10/0x10
[  295.856071][ T9665]  ? __fget_files+0x2a/0x420
[  295.856097][ T9665]  ? __fget_files+0x2a/0x420
[  295.856121][ T9665]  ? __fget_files+0x3a0/0x420
[  295.856144][ T9665]  ? __fget_files+0x2a/0x420
[  295.856179][ T9665]  ksys_write+0x145/0x250
[  295.856204][ T9665]  ? __pfx_ksys_write+0x10/0x10
[  295.856233][ T9665]  ? do_syscall_64+0xbe/0x3b0
[  295.856260][ T9665]  do_syscall_64+0xfa/0x3b0
[  295.856292][ T9665]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.856315][ T9665]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.856333][ T9665]  ? clear_bhb_loop+0x60/0xb0
[  295.856356][ T9665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.856374][ T9665] RIP: 0033:0x7fc1f1d8e929
[  295.856392][ T9665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.856408][ T9665] RSP: 002b:00007fc1f2bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  295.856429][ T9665] RAX: ffffffffffffffda RBX: 00007fc1f1fb5fa0 RCX: 00007fc1f1d8e929
[  295.856443][ T9665] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000004
[  295.856455][ T9665] RBP: 00007fc1f2bbb090 R08: 0000000000000000 R09: 0000000000000000
[  295.856466][ T9665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  295.856477][ T9665] R13: 0000000000000000 R14: 00007fc1f1fb5fa0 R15: 00007ffe99d6ab78
[  295.856508][ T9665]  </TASK>
[  296.290099][ T9672] loop6: detected capacity change from 0 to 7
[  296.299662][ T5845] Dev loop6: unable to read RDB block 7
[  296.312000][ T5845]  loop6: AHDI p3 p4
[  296.316067][ T5845] loop6: partition table partially beyond EOD, truncated
[  296.377055][ T5845] loop6: p3 start 1886353253 is beyond EOD, truncated
[  296.439182][ T9672] Dev loop6: unable to read RDB block 7
[  296.486242][ T9674] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  296.505687][ T9672]  loop6: AHDI p3 p4
[  296.528600][ T9672] loop6: partition table partially beyond EOD, truncated
[  296.580456][ T9672] loop6: p3 start 1886353253 is beyond EOD, truncated
[  296.659110][ T9680] /dev/rnullb0: Can't open blockdev
[  296.676134][   T31] INFO: task kworker/0:4:5893 blocked for more than 143 seconds.
[  296.701071][   T31]       Not tainted 6.16.0-rc4-next-20250630-syzkaller #0
[  296.727625][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  296.752240][   T31] task:kworker/0:4     state:D stack:21800 pid:5893  tgid:5893  ppid:2      task_flags:0x4208060 flags:0x00004000
[  296.780784][   T31] Workqueue: events_power_efficient hub_init_func2
[  296.788874][   T31] Call Trace:
[  296.792493][   T31]  <TASK>
[  296.795472][   T31]  __schedule+0x16f5/0x4d00
[  296.800408][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  296.805650][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  296.813455][ T5842] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  296.832143][   T31]  ? schedule+0x165/0x360
[  296.843190][   T31]  ? __pfx___schedule+0x10/0x10
[  296.853509][   T31]  ? irqentry_exit+0x74/0x90
[  296.858179][   T31]  ? schedule+0x91/0x360
[  296.863278][   T31]  schedule+0x165/0x360
[  296.867876][   T31]  schedule_preempt_disabled+0x13/0x30
[  296.873534][   T31]  __mutex_lock+0x724/0xe80
[  296.878321][   T31]  ? kthread+0x70e/0x8a0
[  296.882594][   T31]  ? ret_from_fork+0x3fc/0x770
[  296.887914][   T31]  ? __mutex_lock+0x51b/0xe80
[  296.893926][   T31]  ? hub_activate+0xb7/0x1ea0
[  296.899008][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  296.904183][   T31]  ? do_raw_spin_lock+0x121/0x290
[  296.909602][   T31]  ? __lock_acquire+0xab9/0xd20
[  296.914677][   T31]  hub_activate+0xb7/0x1ea0
[  296.919492][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  296.925340][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  296.930990][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  296.936825][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  296.943187][   T31]  process_scheduled_works+0xae1/0x17b0
[  296.948886][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  296.955431][   T31]  worker_thread+0x8a0/0xda0
[  296.960500][   T31]  kthread+0x70e/0x8a0
[  296.964605][   T31]  ? __pfx_worker_thread+0x10/0x10
[  296.969739][   T31]  ? __pfx_kthread+0x10/0x10
[  296.974965][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  296.980196][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.985892][   T31]  ? __pfx_kthread+0x10/0x10
[  296.990518][   T31]  ret_from_fork+0x3fc/0x770
[  296.995642][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  297.000872][   T31]  ? __switch_to_asm+0x39/0x70
[  297.007521][   T31]  ? __switch_to_asm+0x33/0x70
[  297.012411][   T31]  ? __pfx_kthread+0x10/0x10
[  297.017518][   T31]  ret_from_fork_asm+0x1a/0x30
[  297.022347][   T31]  </TASK>
[  297.025902][   T31] INFO: task kworker/0:5:5894 blocked for more than 143 seconds.
[  297.033739][   T31]       Not tainted 6.16.0-rc4-next-20250630-syzkaller #0
[  297.043296][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  297.052339][   T31] task:kworker/0:5     state:D stack:23016 pid:5894  tgid:5894  ppid:2      task_flags:0x4288060 flags:0x00004000
[  297.065593][   T31] Workqueue: usb_hub_wq hub_event
[  297.074591][   T31] Call Trace:
[  297.086079][   T31]  <TASK>
[  297.092224][   T31]  __schedule+0x16f5/0x4d00
[  297.096945][   T31]  ? schedule+0x165/0x360
[  297.102501][   T31]  ? __pfx___schedule+0x10/0x10
[  297.107753][   T31]  ? preempt_schedule_common+0x83/0xd0
[  297.118929][   T31]  ? __pfx_preempt_schedule+0x10/0x10
[  297.125639][   T31]  ? schedule+0x91/0x360
[  297.130093][   T31]  schedule+0x165/0x360
[  297.137450][   T31]  schedule_timeout+0x9a/0x270
[  297.143419][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  297.149032][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  297.158603][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.165073][   T31]  ? wait_for_completion+0x267/0x5d0
[  297.170569][   T31]  wait_for_completion+0x2bf/0x5d0
[  297.180432][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  297.187307][   T31]  ? __flush_work+0xd2/0xbc0
[  297.192185][   T31]  ? __flush_work+0xd2/0xbc0
[  297.204848][   T31]  __flush_work+0x9b9/0xbc0
[  297.210611][   T31]  ? __flush_work+0xd2/0xbc0
[  297.215493][   T31]  ? __pfx___flush_work+0x10/0x10
[  297.229723][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  297.235683][   T31]  ? __queue_work+0xc56/0xfb0
[  297.243762][   T31]  ? flush_delayed_work+0x11d/0x190
[  297.250343][   T31]  flush_delayed_work+0x13e/0x190
[  297.255557][   T31]  ? __pfx_flush_delayed_work+0x10/0x10
[  297.264304][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.269700][   T31]  ? usb_hcd_flush_endpoint+0x3e9/0x400
[  297.277378][   T31]  hub_quiesce+0x1f0/0x330
[  297.285065][   T31]  hub_disconnect+0xc8/0x470
[  297.289877][   T31]  usb_unbind_interface+0x26b/0x910
[  297.296773][   T31]  ? __pfx_usb_unbind_interface+0x10/0x10
[  297.305978][   T31]  device_release_driver_internal+0x4d6/0x7c0
[  297.312385][   T31]  bus_remove_device+0x34d/0x410
[  297.325132][   T31]  device_del+0x511/0x8e0
[  297.330084][   T31]  ? kfree+0x18e/0x440
[  297.340344][   T31]  ? __pfx_device_del+0x10/0x10
[  297.345435][   T31]  ? kobject_put+0x446/0x480
[  297.350236][   T31]  usb_disable_device+0x3e9/0x8a0
[  297.355465][   T31]  usb_disconnect+0x330/0x950
[  297.364306][   T31]  hub_event+0x1cdb/0x4a00
[  297.369780][   T31]  ? do_raw_spin_lock+0x121/0x290
[  297.375045][   T31]  ? register_lock_class+0x51/0x320
[  297.384420][   T31]  ? __pfx_hub_event+0x10/0x10
[  297.390685][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  297.396915][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  297.406435][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  297.412511][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  297.418505][   T31]  process_scheduled_works+0xae1/0x17b0
[  297.424508][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  297.430966][   T31]  worker_thread+0x8a0/0xda0
[  297.435788][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  297.443426][   T31]  ? __kthread_parkme+0x7b/0x200
[  297.448546][   T31]  kthread+0x70e/0x8a0
[  297.452982][   T31]  ? __pfx_worker_thread+0x10/0x10
[  297.458208][   T31]  ? __pfx_kthread+0x10/0x10
[  297.463020][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  297.468315][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.473728][   T31]  ? __pfx_kthread+0x10/0x10
[  297.478687][   T31]  ret_from_fork+0x3fc/0x770
[  297.483324][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  297.488645][   T31]  ? __switch_to_asm+0x39/0x70
[  297.493503][   T31]  ? __switch_to_asm+0x33/0x70
[  297.498513][   T31]  ? __pfx_kthread+0x10/0x10
[  297.503198][   T31]  ret_from_fork_asm+0x1a/0x30
[  297.508257][   T31]  </TASK>
[  297.511365][   T31] 
[  297.511365][   T31] Showing all locks held in the system:
[  297.534365][   T31] 1 lock held by ksoftirqd/1/23:
[  297.539634][   T31]  #0: ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  297.550850][   T31] 1 lock held by khungtaskd/31:
[  297.555953][   T31]  #0: ffffffff8e33bee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  297.566239][   T31] 2 locks held by syslogd/5188:
[  297.571235][   T31]  #0: ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  297.582191][   T31]  #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39a/0x6d0
[  297.593947][   T31] 2 locks held by getty/5600:
[  297.598694][   T31]  #0: ffff88814d9520a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  297.608614][   T31]  #1: ffffc9000331b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  297.619056][   T31] 3 locks held by kworker/0:4/5893:
[  297.624427][   T31]  #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  297.637074][   T31]  #1: ffffc90003e47bc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  297.650376][   T31]  #2: ffff888033e0a198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0
[  297.660372][   T31] 5 locks held by kworker/0:5/5894:
[  297.665671][   T31]  #0: ffff888021a99d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  297.684291][   T31]  #1: ffffc90003e57bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  297.696452][   T31]  #2: ffff8881453a2198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00
[  297.705617][   T31]  #3: ffff888033e0a198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950
[  297.715017][   T31]  #4: ffff88807e96b160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0
[  297.725757][   T31] 
[  297.728146][   T31] =============================================
[  297.728146][   T31] 
[  297.736758][   T31] NMI backtrace for cpu 0
[  297.736777][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  297.736800][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.736812][   T31] Call Trace:
[  297.736820][   T31]  <TASK>
[  297.736827][   T31]  dump_stack_lvl+0x189/0x250
[  297.736852][   T31]  ? __wake_up_klogd+0xd9/0x110
[  297.736877][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.736898][   T31]  ? __pfx__printk+0x10/0x10
[  297.736939][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  297.736963][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  297.736979][   T31]  ? _printk+0xcf/0x120
[  297.737005][   T31]  ? __pfx__printk+0x10/0x10
[  297.737029][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  297.737068][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  297.737091][   T31]  watchdog+0xfee/0x1030
[  297.737119][   T31]  ? watchdog+0x1de/0x1030
[  297.737154][   T31]  kthread+0x70e/0x8a0
[  297.737182][   T31]  ? __pfx_watchdog+0x10/0x10
[  297.737207][   T31]  ? __pfx_kthread+0x10/0x10
[  297.737233][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  297.737255][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.737276][   T31]  ? __pfx_kthread+0x10/0x10
[  297.737298][   T31]  ret_from_fork+0x3fc/0x770
[  297.737330][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  297.737364][   T31]  ? __switch_to_asm+0x39/0x70
[  297.737385][   T31]  ? __switch_to_asm+0x33/0x70
[  297.737405][   T31]  ? __pfx_kthread+0x10/0x10
[  297.737428][   T31]  ret_from_fork_asm+0x1a/0x30
[  297.737466][   T31]  </TASK>
[  297.737495][   T31] Sending NMI from CPU 0 to CPUs 1:
[  297.898171][    C1] NMI backtrace for cpu 1
[  297.898190][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  297.898209][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.898219][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  297.898252][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 45 11 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  297.898266][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  297.898282][    C1] RAX: 031aa708f591f400 RBX: ffffffff81971188 RCX: 031aa708f591f400
[  297.898294][    C1] RDX: 0000000000000001 RSI: ffffffff8da68861 RDI: ffffffff8be4a9c0
[  297.898305][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3
[  297.898317][    C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fc29730
[  297.898328][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a5db40
[  297.898340][    C1] FS:  0000000000000000(0000) GS:ffff888125ae4000(0000) knlGS:0000000000000000
[  297.898353][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  297.898365][    C1] CR2: 00007fc1f1f81178 CR3: 0000000077c56000 CR4: 00000000003526f0
[  297.898383][    C1] DR0: 00000000000000f8 DR1: 0000000000000000 DR2: 0000000000000000
[  297.898394][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  297.898405][    C1] Call Trace:
[  297.898412][    C1]  <TASK>
[  297.898419][    C1]  default_idle+0x13/0x20
[  297.898439][    C1]  default_idle_call+0x74/0xb0
[  297.898459][    C1]  do_idle+0x1e8/0x510
[  297.898478][    C1]  ? __pfx_do_idle+0x10/0x10
[  297.898492][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.898516][    C1]  cpu_startup_entry+0x44/0x60
[  297.898532][    C1]  start_secondary+0x101/0x110
[  297.898551][    C1]  common_startup_64+0x13e/0x147
[  297.898576][    C1]  </TASK>
[  297.899342][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  298.090065][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  298.101352][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.111413][   T31] Call Trace:
[  298.114784][   T31]  <TASK>
[  298.117719][   T31]  dump_stack_lvl+0x99/0x250
[  298.122318][   T31]  ? __asan_memcpy+0x40/0x70
[  298.126916][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.132115][   T31]  ? __pfx__printk+0x10/0x10
[  298.136718][   T31]  panic+0x2db/0x790
[  298.140620][   T31]  ? __pfx_panic+0x10/0x10
[  298.145037][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  298.149913][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  298.155726][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  298.161111][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  298.167273][   T31]  watchdog+0x102d/0x1030
[  298.171614][   T31]  ? watchdog+0x1de/0x1030
[  298.176043][   T31]  kthread+0x70e/0x8a0
[  298.180120][   T31]  ? __pfx_watchdog+0x10/0x10
[  298.184800][   T31]  ? __pfx_kthread+0x10/0x10
[  298.189397][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  298.194771][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.199989][   T31]  ? __pfx_kthread+0x10/0x10
[  298.204586][   T31]  ret_from_fork+0x3fc/0x770
[  298.209192][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  298.214330][   T31]  ? __switch_to_asm+0x39/0x70
[  298.219098][   T31]  ? __switch_to_asm+0x33/0x70
[  298.223863][   T31]  ? __pfx_kthread+0x10/0x10
[  298.228635][   T31]  ret_from_fork_asm+0x1a/0x30
[  298.233420][   T31]  </TASK>
[  298.236618][   T31] Kernel Offset: disabled
[  298.240939][   T31] Rebooting in 86400 seconds..