last executing test programs:

7m5.729423673s ago: executing program 0 (id=120):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x1}, 0x18, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c00028005000100000000004700028005000100010000000600040000000000060005"], 0xe4}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000340)={[0x3ffffd, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x213f85fc, 0x0, 0x200000, 0x1, 0x0, 0x3, 0xfffffffffffffffd, 0x5, 0x7, 0x9], 0x3000, 0x280384})
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r5, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x12, &(0x7f00000000c0)=0x3731, 0x4)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r6, 0x103, 0x1, &(0x7f0000000040)=0x3, 0x4)

7m5.643496677s ago: executing program 0 (id=121):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000013b80)=ANY=[@ANYBLOB="280000001b1401"], 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000080)={0x3, 'vlan1\x00', {0x9}})
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_PIE_ON(r2, 0x7005)
ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x722)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0xcccc0000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x28, r5, 0x1, 0x70bd2c, 0x25dfdc00, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}, @NL80211_ATTR_REG_RULES={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040001}, 0x8000)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f00007c7000/0x18000)=nil, &(0x7f0000000480)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x40000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000009, 0x12, r6, 0x99b33000)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x10000000000, 0x1000, &(0x7f0000fff000/0x1000)=nil})

7m5.337410475s ago: executing program 0 (id=123):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0x0, 0x58595556}})

7m5.321891905s ago: executing program 0 (id=124):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
setxattr$system_posix_acl(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {0x1, 0x1}, [], {0x4, 0x3}, [], {0x10, 0x2}}, 0x24, 0x3)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='mode=0'])
socket(0x40000000015, 0x5, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
close(r1)
syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc01020301090212000100000000090401"], 0x0)
syz_open_dev$I2C(0x0, 0x1, 0x402)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000e400)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x204a)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, r3, {0x7, 0x1f, 0xffffffff, 0x240009, 0x1, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x20, 0x7}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000a3c0)="61ddaf21c1282a5a6352f350c2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009985f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff418fe4bd892d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4d6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f32574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152aefdc45eac6ff786dae370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee1482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa350448ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f582300", 0x2000, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x410000003, 0x0, 0x0, {0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7, 0x0, 0x8001, 0x0, r4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000006100)="d1f89c14e7f8640b43b1f1d1e00b2b0b3146d223d281c321953af4ade40d696d07f4b7d2ed1c1fd5691291056351901df48500519139568c88f49bb32801f1eb24b30efbab27313a3acab179fd6ce1f7150b0f0aae8cde4dd46b4f63cd60f647ea9bcf83f107e981a050f61f5d1bb5c7883f93269bba25e4122796c0f88ab27d913586d055f8c977ffcb05c85210f93cbad91499fedb2ab95e06bf009e54b422f66cef043560f4d77ae5c083cc67fcb0d3f10699aac8cceaf6d3b8f32e15555924edbc42b4ca3d2f4a92f5d30c18176c3abd17db4de2ef74472ffb637dd07460aeb7c882811c089217d88cbb5eec41d2be903e1c65cad2ad742f9ba8b512adab575f89d539492034ddfe4fd28205c8f27c52f0f631703d384634bfcad149ea9e842125062ac67006ca474be31f708b4f4f1e0c97a4eb2f26b671e172e251e8a6e9e1510bb74931aaf6b6ff84f8aefd63591f18f2ae8028985d78fcc5ed2d57bf595d3068e904387eeddd19bd359721a432bed0bff033cbca6acfddb6529fb11290bf1563b45034bd9b6c331091efef04303ca9942fcb64e56f3ff74d610e14c8f8a87e41582aebb272e5d6e945fdc7095bd181b93f13ddbdc18545f9cfc4db7f134c9ffa6add6727ab8755a06dca23d24a67658fda84321bb97fc475ace3b9912dad73f0ee6c8b2d6d58d7328ca63d1aeceb22a419fe4ec4c3b943051e9d276c559c33e6a45a97813bfcf80c7d79ebe04b1827878c4c8c2da2d598f9f3e444ae82f142716827dddcd94f8997d88a30be2a76432641125e28d5a0896b3e040a8b6805abc98da90844261468826b89f6cbac8d7b5eb6cd8a23f7c7ae9b99dfa6616f9dd10ac48e8c53a38ebfcee8c0ae1be1ee982515ce12a1ebf5d2d1902203007a9bd062c453845ce75f54dd07e3d8079e19b3b116dc51f7a07d005ba682da13b73e3854bb60059fb021b8f4b9430629d408b32ccd3678bf1dc149a3493c44b2a52a5572c128957e0db8a4a214848b64bea6733bb48fc17a4e42474e2b1f47b507d038bb87a3fc32e7bf471685a61f736a414772cc1825e9342c58768640c83486dbf058050dd6c8a9843c106d1a4efa5e5b36deae71448e55f4ef2721d2d210ce075bdc52c97bd6c097a9a4120a507f6c99cd9054579c250cd5b207684deadf75f2f8c54349a57500625be7577fd6c81ca72111935f577c74c2bd1e9419344e2a3563b5a7d6026722469a30a061d123b45f93027a01c7d38863589118d25e333c07f5c3eb85d4dde937d8f1421b72035f8733754ef4793acdc8d1362ef08ac1e9f0246bfb478647ada002f809a3e63433d031e6d5e4f86218ace6a6221103608705719c3106b4659c377f7e3b6ae1777075ea45a68df2004deb6ef742c5971c23d409278be94c5de68153d93d1a2378f1b1656786ec896b72de0da8259a6f181be8829f9cb7cb98ce0b169e734e4a240508952f6ce3ca984eef7e0cd549996147fe56a0bb1598f015ab955df145a51d783397366084e53455840d5688cb9b7d2cdf8abbfcdf850a7de4073eada567d6ca989611c4910e692e44677a857eec2b654f8dc66b2be192786dce3b9780f9806652bdef013304a43dba3f8d15e5105414f6d1fb2a57dea02211fa311b489088a9802e36d649ada97d72a216f54ca6da090a51c01f5638a04f364a3cbf24bb374f644fda38856a7e0f5c3c9cd7b00555d105daf57561379cf1d77bce66d12de44f202a866a43a7a05a6e0910a1f0ab5b1341d8ae992ae9d95fa2c876db1bcd3635d7851f03dde1eddae6dcf95b182edab72a0521c88c8c3a8c2ad3c6ec2cc44321ce1550d51476e95a18ae5fdab801ef4f5a7a56580261d850f392929061ae5808ba390b2f7d8fe7325df9c07c39faadeeb0ee1ed95db7ccf49c9b93fca83e06be745156d422c8b936d65b8e7e76d9eeb2bbf19c1f9a59b8ee6b55d594d4794a869b2d3b37b0b936866894f00e6a90c788c22e0fb87d0ac53ce75e519765647deee2862552c77ceb75d419627e0627067ba24571807cbfae0bd959fa95cb14c2812a1ce41f76d2ad620c55df55f473e56cb219f7b13bed8cc4a98dddfda9d3b9b5650754f73c34bf00496993a1c4056aeb44e4160c3e2090d733604b2b13f40ae346b726a31365b7a230d8f66665dcb726594280678a258f8ddddfe69d424d62abe910db05c0efa5e773d0f6d8ef8c4c49926b46568a7a1321d996eacabb2f716539a020e34a02afc3bfead458287dd2050000000000000068853637dba0b2eb5e5318750b63c829ab0145c02d6bc05aef4113ee0ea0ba97c44d74cedcc89adff648eb5d7fe932a7a76c772b1e2e36c148dd3be951cfa0cfe11bc58635b38708fa1ff88f949eb15f4a4a3de71c33e2915c799d8204d7d1f9cf7c13c608e6ddf29e12b409028ee5edf37353df7982f67a120ff1871001094b1a3148ed5f4f75d9372aa21b2bb6e02b470336a2c20efee8af866032acd6dc56d1fa7a84dc314cafea1a7bba5fbae89e037a4a5597d2eefd153406d67ddbb3b4eeed6d981b229c2c1b76347b05d20835ecc979b697a2981f6785df853d3d5ce07c624136c805d4dc6c7419d68afe2ad4822aea38da761742b33de8394bcd2462518b35c6ef265eb2a9b130e5a3d669b55d457f92500a7b69156475e001989d55547fc831edf2afe2290591e902858914af73ad4e87ddb8ea3a719f435fe1c2839a39fe088ccc863e7c82e96b66e1b6d32ddbdc42bf2f6076b9e93ed2ec4b6ba6fce5dd3a8f5b3aa105aecf72a5cc9108d02a0b923de2d490ad90aed3a45c46d4594948e7b3f3cc7d153f4b2837ca378fb4af215657f016fd9c66395b98357c1d12a655ce07268beccb35acb3f928c1522bea5df98a0337c751308bfb361e68f3775c75e020ac9570283119264d4f8916c143ccc28d8e0709df356de6b6f35fccde79a677606b5b4d846fdad7c271fc5c2ae5f5e2fbcd6fbf21508a2615ab8f0208e276164bce80fb886b648b4cb085c7922a829c2bccdd850cec329870c866f7923c2c1cd59d6c2653263f7aa1f13d84c82575a021793ef875954ce8737c98abee465e780ab64f1d23da92828e62908543850e5730099eb34f5e47dee740581f596413b8e2711bbfc9d25e4a35b57416a741a60ba650b52ae2189cdd125f64565544f9e75bd8c2cbd898ed2dbdd704ee40d1746715eab4155a51289cf7d89a19ab7a355609dff8111c94f6cdf94a94c667508d7201eab7e86569b8b08bca2291cf3fb166df68f6d6da05398e8a1c0c5c66ca3cee621727a77f19b92927569ba44709302c1102683f338150989d971ea6d0151b69865e540ad4e5a186ad9fc8ce57a56ad114487c5ad99c0beae0fd49927c52380de839cc952f8e41e167006573b4ffc39ebec8f9f9fb4168386a78fe52c00cf3c3be6dbcd4ab32ac7cb8fdd1bae70a5c3da6f555aa6c8e6bd7e668391bd5d87e39ee21f9035b0b14dd50b3c4e211794bfd7e8fbc48658044eab550f6b564d8f663c25ddb30233fb260e2d30bc9956f7293fd5532df2f74019f639c7313ca029280c513c2fc3c77dc4d0e7f5a9f273fda00349c28319743bc8f7eaeacc7f487bcf5866a55b2fa5b66e31964f090ac448a1ccd3b8cbc9735db5d7d1dd2f2bcdad1ee48b4f8a36688d8ddead1f166a5afb2efe12e943ce6ca41f1f45fe650536860881c28ff04a66ddce9cd19b4304c26e3238f114a1f4080999aaf6ff1f4b8b59ef5d54c10cd8a6598420949f1c0eff13259ba7da9f4c749b58f31f01627b780c2502cc6d1d82f68271e2bc945ddcb6784532e1aba414385096eeeb45afca0ddec570b16b476fbf7b4818275a05afe4beec9086e1c816ebf96608ed57a570c931577ca5b14c9359718b4b31b4789f291f5cb012f832e5763ba53521f58d3ee0a10930d3b4ea7747c5c751cfb476159287a9d371530e5d7cffa6ab09f049d2435960b0ad34f7890df22a3cfd6ce052b08409e67a1291f8459a59b988d7b97d2534f306d83656fd43313eebce1732837b6c22dc60a80d03c54b695b4efbf31381916c7da9644ef8e0f6739c98e7892ca89bf696715391c989c3bd53362e01b81d998e50e46fab088f9312465d200c034691b7e5dcb22ead3c3f3225f16a5588b2be09470e225290d8073dce5cd955d31e7acd452950505597f01c4b54a6f16f2e7d00ab182258f26e40bb70db783b2a10aae019f87708e1306e1957fcc081dac3659d603d4044c10b0a1fe61f4482e56d031d43fc355100a9dcf822db16d0895e554b439bd032e6103df725123da3fdd4a48b68863e6bb36e05343136e171d39d86168be30188bf1ebac4a1d748115167033149ac61bb4f8d4cad7f4c68c32de226b03fb42d24d5e37ba886fa357100644e64d869f6395e3d6d3768a30f53e2aca3688408807bd4818a2c5150f8ee770121a4a6402c7dc334a9ee5e876566d19867e45d4bdc73477ff7f543a23f38d5f0bf666219b0391e66457af4238c5bd9a05586333556f8972aca1def4507c4b073d1bc1c3051f0bf34f71673ccc1de9c69170c9fc5299ac733569cfde6a7bbb3cd60b601cfca16510bf7fbb26ffab3b674000844daf55fbf4ab48eade708cf7f5de901454acc8cc95c63fd2ee771bffaf19205e9a119b847931bcfb4c738e39701a3882cef4ff47b46b72ce26ac207a1ccaa253cd3ddae2b2eb61d5b9b3c8156928a169d7dbb2874b884c3b2097cb8ea92ce7fe70af90514c11887df33c4f7ec3d3ee6c327e7129b0188b0ca8c777451b17d8f489d547d711404bef72d1914f66a5676e9d716ede8c4282526419adb31d071d241db47a58bb55ee6ebcb67c82765a25e5e6fedc4c8d1d9b17e2b5bac5e0af3c63ea870ad8c5f9521390b660fc735d331e6eb326abde284256cdb381b4651d05f55807f4ad1b5b883bf6b55ee87285fad8de366f3248ae0b9c32bf85fc95d5bc19a716ac2a5f41e4e58d26bfdfa582be5d506f9929bfe7cea70184c81722ef7300f779d5d64c08a225a083d44ce75ced73f3a016f5047af67245bc8a81214024e905f383252cc0228085aa5fc184cbcb41db3eccede89480e0a1c1d1754cc3ffa53edc27c337ec86ae2f68c6225edb0027c1c5bf9aee1b94b62f6144e4631887272a36add32d908add308207559064cd61576f917db864845e5e89efcb27c80d259eb6fd5fca398da0c7e62fc423511bb8eb3969732c862de33448e95aa5e15d2028b84b3b8348a50abb39c5c10ac7fdc2034d1ceeae9870dc4486f48ac6aae573a775716ec380ed57665b9bf1c77f6869f720e428f8b94170b14c23786ff1cacf95a66ae631c70245bf264ce5078c3bddb4aaa7928eb6f1261d52e45ae5fde6f1b3bff90cd560c6c2f77ecfcf553db137051685c925be70def2be6c9bdd5825eac58d4c892a6d4ad5dcc078c6582ca140e5a75993e5ab7b487f31e5c601844f18f13039c099317f5e512eb9e054dcd8535106a9bd8977bf74254b68753b7f3a9b385d4a38ccaa17e029bd9ab4ff9b9b561b2a7e613ea05eb18a50fc231f32b79b9f32514469193a3d12269f58f3c932e501513e48e81774ad389275d9f00b4f8c677b8bb584b503201f83c7ad2e934e909f9ae1fc540f544dd2327fe1d8e3bb86984a252e2ffa88e2aed6d65a302d1883e51654fdb046d35270130fb9f8e4a4861d7278a07ee627fe272dcf99d294d7b1ce72f2f804cddfe4fa7aeb2c9543ef2665bf826c8ce0ca82dc7d4e57b7181b55a5d96ad83417b79376793235ed5a320a3ffac3a025aefa669450a6df20d830042034c0953836097c9461bc0d9c1446485692d1b9d5c991086f3f118a49bfe2a0888a5af8a868d880e31946dbd0c7ddcfcd27dcf5c62c9c5ff8fa9750d129f32e3c4f524eb3c31d5c9cb33fbcf52384a04a9f4faa216020e45be91181efeb7393d96b1f3ad8e9fadcffe49bec1bf36e70c2291475356ec5a416feb5d3b4f1331052271679d1186b338163682ac5b6bb79c64d6d0f8ddfec84d0d9870f45a64413f529c8dd93b358e66c9da2fd233e53b73ae2761f363ee69a38a0d7320a149c90c086e6a426abca5c461088747a2fb5006919ad7640aad79b1ec03cf6f49206f37382ad3105fcbd0e08d00815029d8cc3ca16472e58226f1def116bfab456c32a2a2323bb5a661eacb3b7c915d1eaa8c5aa8b1bf25c3a7bc9a2e047c499d8f2fbf2fe25606fc7f0ae5a539af68830b1955f82962f596e2ad0feb3e99b1982ffe3e553f102b4360b8e1d659575a8f713b8bb88d97dbcfd98f91c147a97e896646a47a43334569da8a01541b012063e0465c4122cb96b57484b0ab8c5f0c8f346c0766be69decf4e3ebef7f74f153ef8c6b6e9c5fe224e8f995f11c1867c5600cd7a345afacafec9076d4ccfca741fd41e445478a3b71a5f06b0d0cf596c755235408782a5e37abeb1f2dad79c83e59a1040c4b3b6a5a2acce9df0ebdb607c9c0549a4b16028595f7a9cd9da115dab0189f3d98b0dc2b8ddf6be4de2b38421a2071d91f14f8752c74df31fecb64de59dce09da2c3a1a2826446d982509baaa89b76379d8320bf3c1f76448e0ddc0889fe57ba756ab1403949cd2ca9ab520fa485576eca5acb471002a14a31e8d7f54c8c3edda8f416b0ae9d9fdfc445b54ed8fb34ed7c1d11b3c57a2c5ad92217ab2fdebafc195d09fee7a518e027ccf9d2e8de8cef1e0ad52144d82b65519495b8a5c314e85361adca8953dce587cf461a461dc9bbc0eb13a54144964930d80d8b4a015676f3efd10ccfd0ec5fe64deb93b5901b506581461bf2aaf04fa9f8118936c5e67e1cee60ccfc4f011ee2812eb9716af42b22c40d83c55d4e4c4838826cc34387a2085aa3e17219c78255ace7bb1fc30ec80676449084744c0887dc4e7696d25a544f3e4b365cc6ad800931d5787be99d678347ea4d6cdeab5662f6cbcb5fa80590e513c4ca96d73d378085026e0e7c71d968a670aefd48519e35beaeef9c67506db6f9b3edb62ef1b3b52b9c2db876b76101644e7dcf5a5056a8d916a0f69ea5bf096e7a4c2f8f1d0da29dbcef9d2ad1b82179ccd0ef95006b7a1d542a847e3e0f864d63434c15d6de4fecad18b788a867da5515e3d51871417bfd783d2dffd852953ea7113d3a61aac3c7c1a4efb449faa928456eb570e62d0ff9542a971b542d7c1fed9d633eb4a81499c105d0f73c5165badb54b0e83f8192d3d51d46ddd9908b04e9f57d5a4e6b65affee3799ae7cc51b4098f71e8ee947ffdeee4fd03095536376e1281ef8158fd1da4a39aebdad37fad75f6217bf45bfad16f2f1a80f5e8a3eea1141a56beb91319fe948bb44350a6e79959c140a5dad9955fb287aeba0a8a45d1fd8d692d30c96d01c9100e417082ae6edf62965fef7e190af60a99145925a307d1e11534d2a64484be3c6cd642432a2db66ba6d3ab1b7ea645edf4e54623d2ba0619bcc2a917cc2df8b0dbed096951947445ed5f08c626e1f9a5f566515bf106c48174f73587314b513962ed556fa7f16d8c6a953bcdda72f083a9b16357b3262c13cd500dfa09cc3d09240a7338514031768ea3053caa5166c8e4e090b3128464a88ccdc751d8ee1b3b1098997c9eaa2b3a13a47e43723a49e5d011dabb22c0d9605e48d5e26b90a47519536fd77c5260bc713e2b510fa6da698069f6c1df7a72462399d7dd288be19a0eab18adb072677268a306f19685c2d813564bab4ac90b7389c2fb87c0517e769577c081ced55572da71b40d18e4979b6b6290afcde4caa610166920549286dfa80197a10ff074b08d6b96c97110e36742fdbc5607f4c48ea9dd53301eecb5c25fce4eec9381b84e6b5af767c5bcca600149a3021c3f4aa237a0143363549a705c5768b5aa6ed51fd1ca9f0f9dd242f0df21f7c3eaf321fca97837d989ca101b5462d2dc248316c21339cb2b4e3451bb483390c09c958d474c6df2f2eac208ef704cbae5c9f6597c19ce48c4c9161c1b14622ed824b0e8669cbe6746051729fd2fcabb020190764a468c58ce369528bfca46cf8ec51ab69e711a53c4121476d2a5d2ceb19c332a5a86a52cabb246d2be739f361d97a6efc2c1d408b6f079ff5cbfdfa7ffb5da3af4611e42f876a44f8180ebadf8efe05645f3326fd1b1bb7f82753ee13e25c406469a6b103b9083ac06d590a48543240bca6e467eafc7069c97aa93a3a4ef61b6043383b6e990d174637d695893bd910f217c9c2465688eccd8a171cb5270fca2e002261f2e3e595f3484b67c0bbd7b50ea53a470e3935c0eafc6226521f0a15fc7cf5494b67fcfb705019a86a5972a9dd285bc50985947e42ca8519de25510db7ba6553419d4e368fe56c2a7acec8e77cd734f557a0f1b507e0869d2d5c9913c52fcd78b42b8f59ad3ae92226e292ea4439b5486629b739f4cca3d7f21cef79045427656fd1679dc5ab23686e13500dcb6284df60599ce81e2570d1cd5c7c2e0026640177bf1395fcf6e999acac08e3a993c3700ad891b1a68d5efc32a4b4f9cc8841e837e778c2500eb6cffc1b9970b2adf724839c7711ebbb2ee3e55f7aa97746d7538153589deafeef63eee6dfbd43fc72e0b763a0e4709da3deb26691303e99230a93c490029383b322099363ba3b2f76b4773c0c43907361b578cfb312cde55ea6de2f477c351ac82786d15b52f08a42385b2a3349116d34f8719264f79082d7c24165423a8e6764c53b922a0b3121cbb88976e6f53c455be77521bc1ad4997135ff24c520b2fa0002cbcc8eb8ee5cb33b1140dc811ee36816f47f23ff0b77d6680d597ec2fe77f5bfe1bb75c3eddb2356940c01e694da66d1c4fd78f7df5857111c01bb5e9954585e54086af287dc0ce861d921b378e9a2a9c9c5a37d9812595063643b1dae4afa57d884501ee0de2d7e39692ed5ecbd2ba1d9bf4e3f291cf0b1dfb809a2f915ae90bd5fbe76d5848752c298f34e69d8e95f6f3c8a8ef365d0927811b8a90c8f58836da07c058f71b01025af8c9829f761d71465d3d813e1e08a7d8f66dcb0f98daa19bb106fb9b25d49a35e8900e6de4502668cecbb9638c5b0d158317970e802be345ab3570f6a452e18da421fb4957429ec4b6c481b5393be9c7f1cea3d77ad1c935ce6cab01ed08f7f24e5b01d25105211d5e28b25d3a5fea30e3c4cd1289bc2606728f127574cdfed91d7c19d7381c3e532c92d7e532e74f3d24281cbf0f4e1908dd4f5cf145daeb21db6b34f2fe175aafd1c20224544c113f132cefe620bd99c5caff7b74d6acf8a1aae2fda5212ec64c80d647308439d5f90f6f481101599b539cd09a1bdfc510b6c9027c879f76bfd397dce9d3985ff01e62ee0455372960b68202412c6d5eb7b09c36f265b7b8b3822aa489dc169f8079e71dc96e0b75de2ade686761b067416e4915287dfdd6309946487a68115ee9d0bec73ffc63223e9463a30b819297d24824cb20724c6b524d58af1e03264e8e2b8dce59377c78dbd5ff5977782181aeaa8c2bd6d9f3d25ec566fa4a01eb5aeaeb6912acad55ca7336d28e305781bf128d6575dba16110d64c55ec9840f299e353fcc5628f248bd660f4dfa5f3a1bb7fbdac78ec727e87a134c98a98f405a4cd3773e79bd4f22bd3239a5fa8cd5806601e07241b25678f048b05bab6f8da56818f8dd9c97d001f4a7ea8beb3fa65ed7a951878bcef7e1da873e21ac6208cf0852c6cb297c10c84b74582bf59aaa11e7d8239997c9e7fd3c5bbee5b8466c17394fa61771aa10a3541f88419b16bb4fa36126745e99c292911d30ed0fa366dcd62c10879a6826609ab2b80b3a0c2de3d877805a564ce925916063c53d9698bb918eed2b49315fb83465a0db1a63a0528a887f5106dd054edbf381280989581c859a517573a6eb4946e0fcc61956fd5868fd37c788090fd7c3341028cf1bcb38ed595a4fd845ccd45558282c6e23d92d4268875f80ebad1c24f8d247595de2f8b83708b504f674447bc6fa1748b86fdfc971c9275baedda1348324c4dbde22d423744e2d537a4e28d95771b18302bc5d92f9e0ba6b1029a3e73761080a4e6e1b52a9ebe3538cb3e982586c23f0b0cfa78126198a0a496d96734880885e4aef7b35d90af287f9d5b18998fba69cf5a13b9153edc5f1c3cd0d181c1cecb4936a489f34682b056eaf5c57caea4a9ebd9fc7d842bc3850046f925dc430769863922ce5bea6709fa9bf7f21098097d7f47c74269b524c4194bceae0571fe968ebdda85a28fa5be7f794632189da179e248fde037a3ba3fd53845e42db45747caa6cebf574e9abb75e3b33c1096e40e0e845385d6f961c56fd1c71f92ae31a0c9088b2100b457cf2f8b33ac984fe79ceeb65fde350f9c6229433aa20d226aeb7677e0e7e8002e3e220fb74d4a1bc07ca43fa23fcf9cbabe7799b5b8daeb63b35923c4a92d2c636d36d58e719e6855b57445a26072d716aba7b653dfcdee115b3310b0c8af8649337597c1ac8bcee8b0533cb458d165b4ca4ee72c60a49f4a7061aab09449a318a6dc1d5b1a4f2a7f82c5af241e1f0cbe3e9fd5079e385ec86bc978ca82aaf1de5b470dcbb06b5f0360142857a0519583e3a77a6fbdadfff48de440bb5c3dcb2c3e6624800fa7898ab00242b7109809d58e5aa8a25705266d9bb04f165f843f1c61c23b41f010ad67f80aa8e455385cf3ff89073dc9434ce9be78993d6c73a8adf4db6b540e7a9f60d8dbcf3133a8f5c5c59f8378f2e5aad07f31707fb9834c66d6d0ded8a8b2d984ff5b6bfe70bb6479aecf208beb8f4da7b23957ce77d574993e1a44de0b3a5cb245f0ebf8ea32a22472270798defec3deeb94a4d025d1fe276612ebfe0f4e6e639de1300d47e542fb032150ab0aded71ba693817feb9cb43beb6f3074c2d7bfb77b9b2783e0335449c9a9775ccf9060ab2468a6644ebddd41f70add6d2d24fb9dd377c4f0dce3439283f22075ff3973e4e70e0bdcb53001be03800392084d6768c3e8f7fad09b192a497a36f602d07655d3e6a7ccab561ab92c79506e1e06aad05975accc9b8b48c41da8bc611d331717ee312d77403f9f66ee9a81fa4e624cca690540dca722986dc740a919597f7836ee95b554d3c34db3443ee5b6908f8623b2c82f32b65c3e8c20ee92825d9c82745bb5368ddda47036390910e26470b96cfd7c4e7b0df89f897153fd5ab4302de65fcda1f48206346d6051a94d8e0c32b959d914c218f54813811d13d99ef6259f54c0e635c04f875772b38524e94fae3a73109f60d0b00c96c1809f37e8fb37e61620690b07d726d388e9ae5dbc3a1c3557d1e4288da0622d77081ab4cd00ce22243824c363ad1be5cb0ceaad6336a797d8ca6d988c4373b3c00667d651452d50f81a830ac6ebb71559590181eea67dce1599d10000000000000000736dcc7c36782c1788cdc8d5c3820d68093ea84d56daaeaac19c19724ed7d3ebc1b8c1e3092839314dc6eddd99dc0eede13dbcb7fd22d401df8eb7f679a04f785006d3b4c4012bf78b7e43b1b355a9f6d04ca0e86c32d44f73fa514d1e2b14746400", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x20, 0x0, 0xa, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000008100)="90963290a651e2b2399c2d004adbe725427c427c690403f03474b35eb9811334171e9c44d0c4bf2b0c2e45663eed585c77264358ede5f886edf5abbf52b410d4d637fb82660b02b4c691762cfe751568a03cf34bda78010153b8a75c9efefddf6d5a249ec8ec085f0b13f85d0829460a4c177e97b451dc31ad579def07d40918f0dcc4ba20d0746d4a94f3411a2ae77e9429bd791c8d4bc7b7eac1f5e2e0240f15773fc9b6fd46f34f5437f204d6421535b4217057f88bedff7b4e161d48f645b0be10e52f86bfa18629cd4e1fcd65bc985a066c4dd4fe2625f9f952777c390c8133102d9481d0f988d1ab4f0b171b1948a88718b3c0f14d64bcb76bcbaef4cd64b47e0a3cfe639d2db053dce896a251bd9a09a41a0a9ee5a25970586784b4dd797296f80e659f71bd591576c72c288e3a7d03cc15658d6e885029cecd3ce9f537cce46bb40e8ec54da7e497f43ee828ddf6af10794945554e057636efcb762a6a73cbb6ec5b6748b3fd8c5fed6c4c695ed1d9d8bf63c0e751a551a56c1eb5cf911c93e8fe8c9ae6a73a5d9f9c2ff0811b18efd4f9c309d01a5577bea35c36c74c7b97d3b9c96dcb25754f297dd1f9ba53f0e1c6c6f86ae5a3cd2e19b5b6d2b1000a53488cfe61d9569305e64b2f22ccc4ea00258574aa10531bfd198990878779405d2681a7e6246cc59e89a043cd04d52a1c11437b369af205907df51a2775df7763ab89542fcef2994a4ec7274c8b2bfd2fdc59bf46cfcb6c2e40b3b3fb13cf351fa229fb3e89509d68bd82be3139896c9c4931c814b4d0c85c859d8e5c450442a3509f495baa8cb5d5e5f2cce0a33ffb5a267e3de16e752cc882f2c2ee79bf108655625bfc7ef17c06c111d7f1b8a6acef35baef4b9bbc665b45e101a16388fa16aa9d7e8ecc15970b8f93c47b2cf6d57481cef71387dc52f9b054ad04c6b9179a56e0fb78cf6290817534b8c4d7043fc7714bbacbc184cdd1ed277ab16614788ea9b3cf5775f99b2a3742fbc01ec97fa2089969300f30f4830cba544813a888a520f5fae1f4a5475d1744700f1cb036ba79b4cd6e9e0e2dbb806ac552e37c14f4d20e896e86ee29f79454382f5d2901e7bba314422e4a40af6797bd6dfc4a3be25e631860cdf999ba4e0e1970936ed5a26c76282263834af0e03abccab36c999a30cb02c29c867b18679cb9a8a4ed8b5b56109197c0674421a193e7994458be069625e2da0e1fc808b1199414ac13c9b4a15f01419ed862d46d46c6b46b2a3da5fe9b596009f5d1dc2372098fdbe08bc72b102aed161d3e66d8cc7cbab2f9db4128905cbd602fc1eaeeee3cd6e2bd6828139f2550c7d4d8c77141abe22f4acff5b3cdb2037ebe102cbf5973e40f38ee504e0c74b6a91b4a419755f7cb523a5c67a1943350d7498d931f3cabd6642b985d9ee3ffcbfc4a1c0601747a385b9847097342219994145d563852637fa5d35ddbbacb786f12541c42ad4a27e930687c4974ba05ed99c24f27fa97b98931e74a6167d20d29b4e9f6b343df96a1e9d3cbfc23145d4c8e2921d4912308c0a0de88abddab029cb4a116f90d82c32e881b5137e5ab405f895ab292e8c8e072c441879a60556bb2a57b4e09bc6514a8e4e1336bde9d9e8b923b401f572c77ff3dd8c687d7c7af0e30d251577ab2ce4e931e84dc67746cd47acbf22459a4ac20f9ad5301c06572cb328cf843dcb1dcb695f244bd8b6f9ba44143db9ad849326389dc3a05afa3194ec0e51a560ec0fad76c094e99edcc9a41cb4026dad45cd024c227afde3699a8bb2c29423de8cd40718f7bc5ee3d995cce2d8dcc923bb939513c9b5fb9542e0ee31d61e54b7eb303ca941d62078f8923ee69ad7f5484a80b45b2af0b85e3ddea151d8d455be24fe0cc32ba8c6a5761b402cefb460ef7b4eeb251208d44b0f183fb5abce5a23e5675eb3db4d25bba671a888bdd99ab4d45b121578a030cdbf9ed6faaca091a29a535dcbc0023e5fd78b638ac3f359c17d5d5a716ba83a0e206c0010edc2c215a13f72b6cd772f752d9894b94aceab9f3335b733c1f7adbecf80c2d3cbeed93b7403ef078b7b4ea27a33f80eafb95a95d70c589ca5fa7e61d8cb1397ca31748e09ffd9e8ec78138a00803234392c23ec81850d6b7f8d179aa18bab15e0aa7ffa65016821d9d69d76e925608eaed13312c25a3232ff7a3d98d63e923a306543ed3e69c689c0c90138707318ca22e8da5a5f1981302836eb0130340cc09b4ef16a97c745d800f17ac1a172ec15eab2165978d2644f8ca172a4e562cb04ceb02478372ec4a4b992a0187d28a170fb8131ef4a1d61bbf9b908d2733d62cdca82046f6742fe289d4d478c6e0e68631f9f104b2e32f67c407628bb80ba26a21a2f2797cae76bf7be1b6a7b43f524e2b2fb1bd4562d49709f58250a254763dedaba5f73bb661e38e8e565f862d589587ee51d55c97b30332ff5214409255e5fb3805510e7118aa6afeca8584bb174375bdc36e74589f3a76554e58004f1734f595e93cf09766e4f43cd438ee16ed347d512e00a352711030719f293de15d8895e231f0e209db391674b52f4929072b667ea02d8706492645d61140b6a055f171bc849c65a0c8051d501c5c7dae440b0d308ec37279a036852fee4d45c2d35aeba1e90932d8ffb6c0bdb955c4aa245a3d197e3d01bcc329e5aa537f2f95b5a878f50491d1f86c6b3922a21f164a2140da5bfca5ee01bae291945ab756b1f504137654d35392b061215071b9ed6c0d706668b1e92e6a60c8e009266799383bad0b10d2ef14bb4e114cdc503db7bcdd011b8657f33dedd7b96d929a3158739c025f91097b7a9274700456e5508df7cb022431d51d27e4182f64ee9eac8b44bd2620a1df1e826b830b11e84ca0328a9aabe1df4fdc6f4b0aa3036e17c130fa4429f26ae5e540e243eac8e55cc6cd7d6148832b8c8e60a892a698bd5ad3bbfa6384cf7ec681cc84a4d8edc60fb149bac4998333fa4db4b67680fdeecac6743760a315b42f341489fcbed4ef075de09ccbbd47ffd2152ed6fc2eae649746b8aecdc760925751239d25603576beda86612257d6069aa983690b6eeea8d3b52256172bf4c972a521635f3af2a84174cf847254b034dcec607ad7a82c387bc00f1a1d5a5c68b0345b1ab5ac610a0aae39234f4a661e2ec791ebd60eacdc6977708ee9baaa3bcc4d676dcf618e410a60123ff9cefb5095bb5fa9f9387766e19d5b2f61eda417aa51cb9ea394111a9553ecde92e856d15f248056028d009438eff5a8c8875786d78b93d12e993159cd9eef898fcb18443f417df3e576ea1bf99c5923635d80887c9aff7952fca46342de8ed33dd84193ed3bd96bbe1a2d3b1e0f0160efb92e6c6febe41b9a6bbcd226b9dd626bddf543b4d387859a2d307319443e3d2460a079f0b51e0a0f12a26393e070c0d9344500bfde586dc46a3647b6747bdc5393145aa200494c6e28bf0a0550646762245b828ce41fc299e56ae0f68636a3de5ef5993e0fc560309766e58e3f6a33745b73daa6b1f11f449a57b5893a43efccc8406ab000bffd5610304efb80c292cec316a6e0bb4f225061f5e8f9601208440d455024e94d100b1a89e81fcf0a68a0c8555601d8bc2b66849d37822e8c278c9df828c174dfcf684e6951d1f0acd2aae30eae7a15786b8b9c2bcc8a26118c8bef5c21c0bad4f163eacccf6b86942425878f55a5a47f18a8b6ea4310ce224cfa5e7a20b16fa65d77d0037adc509a9c0cd0987e49df36eebe9ddad49457b3218b5e48da29f5b5ca6f62128c3ae6c2a086a88b2d07505eb0b0a8cffd364fdad344a9b20c818b63fd45b13145f9ff2e3f75d7c70fa857b6c0cd6c168ad17a88c40a78d98ab6a06e1c816dd4723ed6230160265ec8ae6ce5c18fdefcfe2c46ed38fbd4edca2cca4f167f79101590109b6547a2ceda13336aca6c44b803041ed6d9bec28c884c021eae5d4209365dc9e4845cf442213d856425b8375304a82fe927c2fd31068a5cf371d8c88ea8e6bb52db72f2bc27ef525fb5dd152ad2c9427f958c541fdafce28248cc1add362d9d650b5a873ff2dc1f63cd2adb50ae6dc6b6f512ca9f3aa7714222adb9d18097fcadb534502fda4531c6a9ea77643c69d1f9622463577009dcb16587f0f7a87283e043eca4a2871ca6e89b40597d0c29940925fe063108c807cab1ad550b12dcc52318ac863ca0475bf7221873ed5055fa5f1df9a44437fa8c72502c8a3f3d43aedcf4a2ffbc8d5e3e26084ab1e1edb77c144762019f4e7ecd76f4d331428fde9d06c76d41d5aca885371381b6c1c6890beceef95cfd71db5d80d9f32c4fbd54698539fd1945196d6cc4b893c823ffbd936cc3e3528d803002e594bd1f1de14413635d8335d7d7b77b7c380c2f7d18e229ab1fa4b25d6c28af50b6c60d6426528bd44d58a2fb00964b04d3a9c202d7973fa5a919a0d864dc2a2f6fe8b3c3707d772f56be6820a012649da9a74af153af23243a532d79f04e24002ef853c9362c16a3a3463212d18581473c02b3bc81ce840f6c3249c56241f0984c850d29e993bdb92ead8d5cd7ac4720736897981be0ff111d7626a6ed0feeb86ef21bedc9a0f0966bed92228d17317a30ee065ed394f7cf6852eadae5831408966b5c3e1cd3791c9af0ee2fa69fdc7d279ca32f79dfb9704a71204e56370c827dc5b2fcbac6b84b62c5c06ba5c8911e4d450ab62037dc2d8fb1d7a4fcb9dc894625683a61d6e095cde9421b3ced15c37473b91d4a28314c5e31700004a10792fcb11c440e297e8ff2c1738d71a0927abcfa7e11684429659210e52b4802b4fa6115b3f860a07bc4019e5bc115e94050e8a73bb86c9f669ff153ef6eaafd06d6757135f3d70f02ff962c10556943addade4422269278abab30f8660c0eb308ca1456e0e9e91e34906af4723ca282a5bec327d6bb96af49b3cbf84cc70348ef69cd2d39182f188eb4466da600eb1fd697a2e65757579b9a52bacf44022b69c8970221e5aed156753bbc0cf572f68c6caf49efe96968b0dd9e1aa022f6f7ae698d2b7ca8b50b3f02d11dd0adc096b22f2e9bf1b30351b425d545060af866313ae24ad78447face13d0cf8f6e65023ae0e4d3f70755f1ddea28f8cf8891990a640a97a6b649fce72ef9b9a0061da989d91b14b273e3ce1a156d884ebfe468ce206b6de9493c65d1c96263ac56fe98b4c76c8e2939b2b6f40c3fa7542cdcf218cfd40d08c41dfc8002c323272bc72526793ee2a4ef4ed501ba21a3498a7c7d189363a0eba849781e4df904d3f366a259b7db73d659b78028c4dea90accd718cdb114a676eb46390edea0723319edda68e59810181e8dc7523dc80874e7974f1020058ff6af8e846d3f3d99ece11588adb1059ab5dd677d5566e26e06d258b4e725b8355619d2fc26690c4ba8fdf9a33eceddf6c314c3960a501f4844779bd0846a9d20b6de7da3414a91c3d729970f98ac6bd0513658dcf19e7b23ba6954e817427650303623286afa8518e6fe2f3076888ba63ad52f28b557796ad9ee5d55b50c56e0c7ae2daa8666783349ba65adf9ed6eb177a06a7342ff59143a5152b8743e0d92f6649a899689d928ea6f69c908dc4448c7250e452ecd60f593272f682cb976f0ffe8fd775491ade316d6fb1d0f92505e1efc108da283e00aeafe3b69575419f126cfba57fcecc57c05cce2c0581d9abbe22f58e59fadd0f462a1c3eae03e5b0a460bf69cc951d3f518c950dafdeafe49b21c420730196f35fff9efc99177c65b7a9fc686b1e5d1d6e04274da59a5e8e00c12af8245da3405976f014292a89b0a2fdb44dc24bf978dee4463baa61c0d84780e36183e94056008d95401d730ae8cb6ff07af512c5b88182c5fe054c68c663a999fd3060815263bddf5dd9a04b3074ef0e16e2b87754a189a840f84e3a74894ca00e1cf5cab7e3d422097e8dc374536be9a398713cfe8829f548c98591205994b557873bf82a8b07b09732e1273eafe1122f674288601fcb0d0b94147cd2863e3b7188dc11afba2fb3eca3d7b0039a85a62e25705e68d60e897f030c3e2432bd985ae643c941aa8e1befa902d2ba280ff2bd9e763d0f81f29c7ea641f20fff995e1f857ebf51d7f9546696e618aeaf1fb956055291d4329659c49816deb9cb53120ee4a908fdba3b85b428c6e4b5fcb524bbd61e54d681e844a69282bb9b329bda39619edc70b74869473dbabab03330692a3577b2df1421e6202b2ddca646a1d7d5d15349a615a71e047060cfce37f0d95c63d1254bd23348033ab78fa761c1286ebbf4acfb9c2b36a097a22035d26116e422c611f82a7d451b94354ad887c8e9b8cd803368952d6876bcf0faa423cbc74bf73f8d868a6dfac7ffbb9b9aec02e3ad74dee9260ef590585c5982894d7918d3d7e05f563b507a938b7ac2d78d912cea4e2b01a20deb2a10c2e3e56d8a7c5621c383e647e8911abc6d6d476f2c88f455aa64859641f4f91f4a3da1020e8f70d358904ce0cf37bb256fbbebfa9e7028937e43634084265cef39d9a5e116b6f891ddb100c94a78579b45f262a2d8e2438eb6b32daaf09e16f2ba78335ffbf205a6de8ede2e0d5c560915edaf55e20750dc2bcc7b12deb31e7f37a7838440330a32f43e60b7ba4cf4c3aeceeed08f52f90dba07217ec2d247713db46822a5260efabaa56d8befe256e112587a67c6c5d2aacd631c2285cfcd529e9f2e16388833eecb9338b4fb6b2b7db325b75e5dcdb907ac8881f13469cbc4783afc1089ea19c655fc338abfa74698a686de0bd5fd7725d9a298432a6d69e9215eff16337744c56b8b1999cc0333e3a664043ef23fd3ed6dbbae614fa9284d9d94abf7403ea85ba822d4a5515f009d33c700373039f0f9af7a3ff70073245f0d1fcf8680449e4e03dcac394f1d955ffb77fde89ebf11dee596f2ab476668009e18ac8ab2dbafd1f4f3c2af9d8d1ccd34ac8832e95a018b158dd0a62761b2ecff2e9c4e65ab5d662ecda0bda92877b68606515ee76241feebfd2c2ae34ff11d8a9374eb95b41edf1c0edda3571778d9f3e94faabe7f5f7099872624d44929949bdd08ad982fe00822804230446beff8806b4574b8106e153215494e5c197f9bde82e3ef5f271a1ce8c1c454248c7cf67bf7e25dd1b258d5cb02f7cfa5e657de3ac6ccb07cecd1a9fbebaab2c07f88fe2e6c2786df2d2002459ee3beb73479e0d49118380ac98bcb1cfb4238df4a712809392f87fa23dc2d3a8158d39af1b76cf6c6405da0491dd8da0ec07b578b16bfd9cfe74d27bd3eec69157eba24792e6843d0d57854f4d0d562cbdeeb3c6212d56dd587d913a7314a468a9a14a496ac56fae5ae86b26a2d6a2b526eafedd29722a8db293abe8e3edba9821e24d40617b1903bf77815e0041fafecb676a34adb471ffd465dcdd932d58249b9de417e0a235237494b9cb4162dff67b533712a523f723b22fab4f90c1bd4ad9320e352eb279013ff85b7b2535243a2cd039b50dd2e5acd6373424824d4240a4087267bfdaabae42a8773e0ad038b288ed7a1fcc76a26a52e93764f97af1d180e20728dc2279d5c72600f130bfb957e53ef29e2b23d069bff65f5b3d128539eec76929b1ef952f549b97213fa22196e0c088ae18a5df3c4d2265b277ee77b6241fad8b174381ec8e62ab46c729a6782bf4abd586cc4dc581fd7b828e24e91013d2e9464bfb06a09dcc807bc02d96d1b2feb63a523e01dfb2ceec0b363cce45b597f131231a4326861a97f5cdc42a855cb6d32795603298e14962727cef9a6a2880ddd1b4b695fcc87f9297dbb37c954e9475b5e3b4edfda6a3295ae4f2bbbd01ddc953407516e0e799896026f3ae9755b4c495b19712de162e6f7f9b13f5f7fdda0439c6e57b1dfa8f927611740e301ad979eaf45f1940a8ed8f6d351369ab15d5320cb8163373f52c6c36657ba2f5f48429c62765282d2c12a806d384e00deccbff8997e90cffa8b4e8d1fd0b9fa27f310f30f919af145532b6bcaf9b535012da1eed2bfb514c0755f132cc17ad31625126a51bf9294464fc557e47ec8395b41667f37394165e4901a9133f40f49d34a1c79058cb8e99991c6fbe3e94d5ac5fecadd1b121aa66e58dd37de8c4ddbb4d6b10a39d20b7429b58956be394568270fefd660d1a9e40f06799b07fd21b5758dc46fefe0b94ed7959ba05ab801c253699dedf7b526348e612c9cb3186a8e2a700baf3c56a03c87393816d4ee18ccf7aa2f42611ca9ad155978d70c09612c15e680fb1ed37e54f82d76d26a36a98a9cdfef05a8c2a838dd462b9d1cf150ae4fe4ce8d830b039e6a2a17cfcf722c67c2803ba5778a1676826878ecd3cf8bf0cde25800c5c7d95e236dcd96b1e404b43abf298cf0ba4c7f1bccc71c08ce74edb3e8cfaeb64ce66a4353ebaeaadbde82e136a7a03c794cff16a65ee863d004368d3a6b5931644fdd654a85de626c57ae2649dca787feefbe334303eaf61602ab56ce79ac576905ef8884a404a6b5f7a02dafbf727e61e0d45a5479e5d958a0c81761cd483335adf1f3d6cea27d468e32f2a412392f905ac31bafad57b334251ce24ecd4311e7c321516d21dff08ffcc5e7a9932dd0d089189e20b884f327966e8854ec98a8743637c1bb80a09605a003b413c39c3688333adcf156e48d920ffe73d43b4d40e79272930febc9dc38bd30bc1c89f284d4690217f2c02a2f0a6ba1b31ec996bef8b807d9796062ae131efbce7e25f47f2d79a9071c952ebdf2c70661d24dc8d2e24e470df4c39a6d4f69263b17199b30197415cd0a1741f6650b3dcb23d30a268f0c1fb03136cc10a1e0e3033d3304c7c2243a58b3d7a5af2c567f91374cec4912f025015eaeced4bb4b03d908ad5c6c1c8dc654d797d0c621891dd5300a1122110627242fac5e549181fc198de0f481849b92921e67f2968c80617d0f1d27b5e889e454e2ab8130f08eeb0bbd2be8553c9e318a2e94f05c3e6ba19c98a3ccffec44b2ce178766ce388fbd7e783b4d7a4258453e3b46889dc7bb25917883a37cffc71ad078a1b1ac8f54635811c222f2671c10d3bfacaed236c6d7a0c7bbb6493500e03b5019a50837c7534be2613aa36895dd6152406c7c0f3f24e24f7934c7ed7271d67deeff65578d53e650d7f69b7b2b2b9d2981d09bcdeda91b0994ac9633b7de4fe4c9d6c422cccdbdf6d94a843cf59e88392e0a9bac92aec56b4df8cc912057a8264a8999a3e0912ebab43d9695920bf1d86ab79d49990efca8b763994286c11a307642bca4a46a447cd0468a7f001cdd8318102e68d80f3674d71268c15200dd17ecda6efe2ab6ab49b6a526a596bd3758cd91a7339be5a9755973415b1c16c63e234ba653ee89514c1b123ee0b0af17380d50bf6f00a71f4bb06e7328445c1bfcddc3df2bfaadd9b3b1a343d7b2e2ba7dc054e5d1ac46a22554e41ac5987d8e058f9d3edf0cbe8143e59c86d24daf10f3d50ccc9ea65fb8288b19aed9905788e1f2e6621c12e348a5ebbfccfb285f732d627c916555f13811ae18de2dfdbe2b78f36e1958fe99b5a4fc2970ff45dfc1100ef8e12fc47fec878d98434c34df17e8abcc1dbaa8612cfb5fbd26363a27643d45087c50ba52637c83872fe4dc9ff0b562d7f6f67fd4160633f77d0d5853cb21827ca7b7e27f9e2776f6c5969ec05e144f38b20f5bdb4c6979aee49cfbbab4a4cd9c06c56dbbfdf835ffb816caa81be627924ce24774fe56c1c59fdf2160ee6e0ef96d3f61c3c95b5d4d233517e4dec39661f2315b1a34f03031f31ebad66a83ff74405f8d67bce6db678bddcc07d5660ef14574cca7f3ce0dba10a8f7129c22f5ebdb9a7099472500e578db951bb6985a93455c5c14c7e375f55c071ece92cf6a90ae2d41a46bdc5958af9405f8c814df1f0be5c8ae130a44908ffa4ed17dc827d5a4d0309f61715b455e81ef712fdab50730a88310524dc220f0d9199631585517db4cef8ab0a63017aaa8b800a5533caa5ff9b490a34b731f024b0079c982860e95d4af9addbaa2da2b34eba8389508469f7475a06677720b23cb3516f97c1eead554be21368a62363004e493d0ff2e574ff7569c76b225dc854a22cc70869dc4ebe5e1341db5ba6b0826904ba164a0bbae11a9b63099a1e7bc2351f567e6d3c4daca40919f0c12a903451f97fe576e6e626b1638b1639bf21d228af36092f7a634e16a662d5d414f153cbfcd40cf7e9c3fca13d1e562374fd6397aac53c3f91a0256036b508851e92da0533acb609349bc98db1b681d7fad305276c0768869c4e0a82c7ac367ee5f561867dcd70d6556b4a19eb1e3471de217ac30f07504e781a5d6f83b48ed67610a81309278343eb733ee3028309c55fd12c2f82b3e17cfce1fa5fafca24164414cf0093bf2cce0af57947e553fd9d423d96104bcb8379df97653e46237f40fb54768aa4cffa5483c957dc5eb1c9637887c7a2c48d125f7aab7fa49ca190a4955b161ea1371e35e94bb5bca074a51ad3768608a6b7d23d15863908147ddb790778e5ae3a009b71f85c436a59cfb18aaf735ff0fc43ccbe36523d0270420e7534418d7caa6e9982544988c5658ccff12e12e369dae2b5fc8dbdba18ddd2d32af6a84fe1e496fea35eb5b5d70386b90ca4507d886cdbecad4d3a94a00880233850b7afc6a4c267589af39ad502048c111fef85d3b03ffcce940e1353ad5d6f43c96bdacc7f788dfa82cedf1fbc01ebed2b378295fc361e2d4ece485929bf499f4f58118cbb0301d26cbb3e8540df6e6e1e44b9bc187041aa2858f8823dfd69b1f22b5b8e234977d4ece92097446bffa25008e510eeba544bd1389750876814cadd231348ad1ac1dd057a46c9afd058c194ba0c1dbb3a607e1f4695ae697b1fd2bd86c5408c300757a70cce940f7bf4fc2c432b361ed2c2891f4ea8257ec276d5eeafc1a92d0c36b13235c7a6cadb656b3d89e3ba43b2d775d013a89b0640e875a1b17ce724f12dc1b66fd7557ce76df2a5b9dd6e3762033bf00b5abff0f347e39cd8a177075151d29374ebf82b1ebae35923e05ffdaef2e1bce80a4138d7d9a10272ba82a8bd36e69291b050720381e3412c038591bbb81e9aa82e15d5c5860980063cb542b23f52c9185cfa0faa974372557f7d9424899d20773e0532775d536480cb3689884697157371e3a1726f48d26dee6a957398efee4a59a34bd34176b3f81cef3771fe40bf0f1b9ad4902d739b0a5296fb8e96bebe00daf693d4e79dd563ba9fdde7096a74988e7b026718620f5396110c0fa9e7ef0c4b15b78fbcef50a2ced00618264652772a07d74726ef5db55286373f6cb05db2da64485a80fbc754a885f161e7c1c186cf4810ac5bbbec28b9229ef62e4248f077ebd25760746a8a68176fd3d4fc973376b38ea27ef757fcc89ebad3108824d0775c3a3a94ef24e79f8acd9631462a44ad6fcd08c907b3e6dc95645db9c4a34caa8e23452d778b900ee71c905e16d4507f319c8fd12a5afe8ea9912e608d8d5db8647b33e2e8fb221c2440fb7d2491bb4d4009be897d43ea547b758656dba628c71f", 0x2000, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_usb_connect(0x0, 0x3b, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ec13b2106d04d308280b0102030109022900010000000009046900000e01000008240501020205050764f7edb276"], 0x0)
syz_usb_control_io(r5, &(0x7f0000000740)={0x2c, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="4900695db72de59e3e1ff3", @ANYBLOB="1f1a1a8a8e86870ef7f562927d465770d90f1189fc3113e9e110322899b4ded29a2a5524ed870f7981c808966f24ffe3f1ffb3d5520c38680622e9e1b00d1eeb5b", @ANYRES32=r0], 0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00'})

7m3.743013778s ago: executing program 0 (id=142):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f00000000c0)=@ethtool_rxnfc={0x42ce93dc461fffd, 0x12, 0x6, {0x2, @ah_ip4_spec={@empty, @broadcast, 0x4, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0x8, 0x4, [0x99f, 0xfbd]}, @tcp_ip4_spec={@remote, @rand_addr=0x64010101, 0x4e20, 0x4e22, 0xd}, {0x0, @empty, 0x81, 0x800, [0x1, 0x3ff]}, 0x1020000000000000, 0x446}, 0x7, [0x10000000, 0x4, 0x9, 0x6, 0x8, 0xfff, 0x5]}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r5)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x5c, r7, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x26, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x7, 0xf95}, @value=@ver_80211n={0x0, 0x59cf, 0x0, 0x1, 0x0, 0x3, 0x1}}, 0x1, 0x3, 0x25c, @void}}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8001}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r8 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="1303000054009155090893b31b71a54a07"], 0xfe33)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='msdos\x00', 0x200000, 0x0)

7m3.357444489s ago: executing program 0 (id=148):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="82", 0x1}, {&(0x7f0000000140)='p', 0x1}], 0x2}}], 0x1, 0x4400c000)
sendto$inet6(r0, &(0x7f0000000180)="0074372d8e477b4ceb2ec81398030000000000002c96091d813f", 0x1a, 0x3b00, 0x0, 0x0)

7m3.033780634s ago: executing program 32 (id=148):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="82", 0x1}, {&(0x7f0000000140)='p', 0x1}], 0x2}}], 0x1, 0x4400c000)
sendto$inet6(r0, &(0x7f0000000180)="0074372d8e477b4ceb2ec81398030000000000002c96091d813f", 0x1a, 0x3b00, 0x0, 0x0)

6m2.878895603s ago: executing program 2 (id=456):
creat(&(0x7f00000003c0)='./bus\x00', 0x0)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x18d03e, 0x0)
r1 = open(&(0x7f00000004c0)='./bus\x00', 0xc2802, 0x0)
ftruncate(r1, 0x2008002)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$packet(0x11, 0x3, 0x300)
sendto$packet(0xffffffffffffffff, &(0x7f00000008c0), 0x0, 0x810, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2b, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) (fail_nth: 23)
creat(&(0x7f0000000100)='./bus\x00', 0x144)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, 0x0)

6m1.251785694s ago: executing program 2 (id=468):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={@private2={0xfc, 0x2, '\x00', 0x6}, @mcast2, @loopback, 0x7, 0x8, 0x0, 0x0, 0x1, 0x20c200a2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}}, 0x40)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=@newtaction={0x44, 0x30, 0x1, 0x70bd29, 0x25dfdbfb, {}, [{0x30, 0x1, [@m_ipt={0x2c, 0x1, 0x0, 0x0, {{0x59}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8080}, 0x9080)
sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r3, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x405c801}, 0x20000000)

6m0.821923288s ago: executing program 2 (id=471):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000040)=0xb2b9, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r6, @ANYBLOB="05005b"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r3, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x60000000)

5m59.813019665s ago: executing program 2 (id=473):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="1400000016000b63d25a80648c2594f90b24fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000100)=""/189, 0xbd}, {&(0x7f0000000480)=""/191, 0xbf}, {&(0x7f0000002d80)=""/181, 0xb5}, {&(0x7f0000003100)=""/4081, 0xff1}, {&(0x7f00000002c0)=""/169, 0xa9}, {&(0x7f00000003c0)=""/138, 0x8a}, {&(0x7f0000000d40)=""/4090, 0xffa}, {&(0x7f0000000580)=""/234, 0xea}, {&(0x7f00000007c0)=""/42, 0x2a}, {&(0x7f0000000540)=""/47, 0x2f}, {&(0x7f0000000680)=""/195, 0xc3}, {&(0x7f0000000780)=""/39, 0x27}, {&(0x7f00000008c0)=""/255, 0xff}], 0xd}, 0x20)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
fcntl$lock(r3, 0x26, &(0x7f0000000040)={0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff})
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pivot_root(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000001480)='./file0\x00')
r5 = dup(r2)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000580)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0xfffffffe}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x1}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000003000000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16], 0x23c}}, 0x8000)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200), 0x901202, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r7, 0x80811501, &(0x7f0000000800)={0x80})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x1010, r5, 0x45809000)

5m56.653303638s ago: executing program 2 (id=481):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x1, 0xf000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x20000000, 0x440, 0x2, 0x0, 0x0, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], 0x0, 0x200306})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r4, 0x0, 0x0, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r4, 0x0, &(0x7f0000ff6000/0xa000)=nil, 0xa000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r4})
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='vxfs\x00', 0x20080c4, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r6, &(0x7f0000000440), 0x10)
connect$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r6, 0x5)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000100)={0x28, 0x0, 0x0, @hyper}, 0x10)
accept4$unix(r6, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r5, 0x71088000)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r9, 0x110, 0x2, 0x0, 0xfffffffffffffe08)
ioctl$TIOCL_GETSHIFTSTATE(r8, 0x560e, 0x0)
r10 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$EVIOCGUNIQ(r10, 0x80404508, 0x0)

5m55.448076654s ago: executing program 2 (id=489):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00022dbd7000fbdb"], 0x68}, 0x1, 0x0, 0x0, 0x40083}, 0x8001)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000050000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

5m55.04939461s ago: executing program 33 (id=489):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00022dbd7000fbdb"], 0x68}, 0x1, 0x0, 0x0, 0x40083}, 0x8001)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000050000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

2m9.913376585s ago: executing program 3 (id=1811):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000100001000000000000000000d100000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000101000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a19020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d616376746170000000080001400000000514000000110001"], 0xe8}}, 0x0)

2m9.839502305s ago: executing program 3 (id=1813):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00022dbd7000fbdb"], 0x68}, 0x1, 0x0, 0x0, 0x40083}, 0x8001)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000010700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

2m9.591538511s ago: executing program 3 (id=1817):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x800000000, 0x0, 0x1300, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

2m9.369405202s ago: executing program 3 (id=1820):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x9c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x74, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x3c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "8a95"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x110}}, 0xffffffffffffff00)

2m9.277604924s ago: executing program 3 (id=1823):
r0 = fsopen(&(0x7f0000000040)='smb3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
memfd_create(&(0x7f0000000000)='\x00', 0x4)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000040)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000000)=[0x0, 0x0, <r5=>0x0], &(0x7f00000000c0), 0x3, r3})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r2, 0xc01864ba, &(0x7f00000001c0)={0x8, r5, r3})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x7c}}, 0x40)
close(r7)
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, r1)

2m9.038068657s ago: executing program 3 (id=1825):
syz_usb_connect(0x6, 0x4d, &(0x7f00000000c0)=ANY=[@ANYRES16], 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x73, 0x1501)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_interrupt={0x1, {0xf}, 0x7d17, 0x0, &(0x7f0000000180)="d9e8106d5ea57e87fe97d45d083ba85ec246e59b24377d37cced913552888d0722cfb79485d924cf0f105c15c2595e59a1045f1939e6445f13ac278896aa43f6eeeef406a2fad1a2d1b2704d6eccefecc21b17644fb81a87a68d3c1661d9d7ed3e3d257f50b42fd0aa2a11090e49f321fa4d394632b684c5b94b66b4103e68572f93c4f872c9ef254a27d011", 0x8c, 0x7f, 0x8, 0x0, 0x1, 0xb, &(0x7f0000000300)="a6ac9a9d2de5627da7a354c6b4429a01253a95fc2284076089d3b5315d4514edbb30d494a0102bf81e73048a551911310b4e32121bc9e7f2e8da9530efc0bec81773a5879e317ae6ccdb054d529b6774adc4739842cb5a3c4474d69a5e287b8ebac35462db12aa98bc"})
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000440)={{0x2, 0x4e20, @private=0xa010101}, {0x306, @local}, 0x3e, {0x2, 0x4e24, @empty}}) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000797000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r2, 0x7dfff000) (async)
r3 = socket(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4) (async)
sendto$inet(r3, 0x0, 0x0, 0x80, &(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10) (async)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f0000000100)={@mcast2, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x40000, 0x8040, 0x7, 0x100, 0x0, 0x41180043}) (async)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x2000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
writev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000140)="df0a4ae128e9112769fbb42ce1de83449996c52713fe7ed6e98d67221799a67b77400c70371e410565037a7d258912a066", 0x31}], 0x1) (async)
rt_tgsigqueueinfo(0x0, 0x0, 0x1c, &(0x7f0000000140)={0xfffffffe, 0x4, 0x27}) (async)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={0x14, r7, 0x239}, 0x14}}, 0x0) (async)
sendmsg$TIPC_NL_MON_SET(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)={0x8c, r7, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x401}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x24b3}]}, @TIPC_NLA_MEDIA={0x4c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4001}, 0x81)

1m53.549047599s ago: executing program 34 (id=1825):
syz_usb_connect(0x6, 0x4d, &(0x7f00000000c0)=ANY=[@ANYRES16], 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x73, 0x1501)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_interrupt={0x1, {0xf}, 0x7d17, 0x0, &(0x7f0000000180)="d9e8106d5ea57e87fe97d45d083ba85ec246e59b24377d37cced913552888d0722cfb79485d924cf0f105c15c2595e59a1045f1939e6445f13ac278896aa43f6eeeef406a2fad1a2d1b2704d6eccefecc21b17644fb81a87a68d3c1661d9d7ed3e3d257f50b42fd0aa2a11090e49f321fa4d394632b684c5b94b66b4103e68572f93c4f872c9ef254a27d011", 0x8c, 0x7f, 0x8, 0x0, 0x1, 0xb, &(0x7f0000000300)="a6ac9a9d2de5627da7a354c6b4429a01253a95fc2284076089d3b5315d4514edbb30d494a0102bf81e73048a551911310b4e32121bc9e7f2e8da9530efc0bec81773a5879e317ae6ccdb054d529b6774adc4739842cb5a3c4474d69a5e287b8ebac35462db12aa98bc"})
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000440)={{0x2, 0x4e20, @private=0xa010101}, {0x306, @local}, 0x3e, {0x2, 0x4e24, @empty}}) (async)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000797000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r2, 0x7dfff000) (async)
r3 = socket(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4) (async)
sendto$inet(r3, 0x0, 0x0, 0x80, &(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10) (async)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f0000000100)={@mcast2, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x40000, 0x8040, 0x7, 0x100, 0x0, 0x41180043}) (async)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x2000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
writev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000140)="df0a4ae128e9112769fbb42ce1de83449996c52713fe7ed6e98d67221799a67b77400c70371e410565037a7d258912a066", 0x31}], 0x1) (async)
rt_tgsigqueueinfo(0x0, 0x0, 0x1c, &(0x7f0000000140)={0xfffffffe, 0x4, 0x27}) (async)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={0x14, r7, 0x239}, 0x14}}, 0x0) (async)
sendmsg$TIPC_NL_MON_SET(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)={0x8c, r7, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x401}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x24b3}]}, @TIPC_NLA_MEDIA={0x4c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4001}, 0x81)

7.985422648s ago: executing program 4 (id=2758):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x4, 0x0, 0x0, 0x2}, 0x4, [0x8, 0xe74, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xf605, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x80, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x100000, 0x0, 0x9, 0x9, 0x0, 0x8, 0x9, 0x0, 0xfffffffc], [0x80000000, 0x0, 0x0, 0xb16, 0x10000, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x3, 0xbb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x6, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, 0x100, 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8000], [0xfffffffa, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x3, 0x0, 0x2, 0x100e, 0x7, 0x100000, 0x0, 0x80000002, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbcd5, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8, 0xa0d, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0xc62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdec, 0x0, 0x0, 0x0, 0x6, 0x1000, 0x0, 0x0, 0x9, 0x0, 0x5]}, 0x45c)

7.754194125s ago: executing program 4 (id=2759):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000100)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000000)={&(0x7f0000000080)={0x64, 0x8, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4044800}, 0x4040041)

7.542800521s ago: executing program 4 (id=2761):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000bc0)={'veth0_vlan\x00', 0x1})
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x57, {0x57, 0x6, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3fd7c59ccb785025f2e7b3504ff87cbfd10f3c080b733000000000000000800000000000000ea7a288982d5337c364daf03bd400d66293b0a2b103dd93f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000ec0)={0x84, &(0x7f0000000a80)=ANY=[@ANYBLOB="2000100000000d970300985b6b5a8a6997e72d212dbe"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r3, 0x0, 0x0)
r4 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r4})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000300))
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x62)

4.111339461s ago: executing program 4 (id=2773):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000002c0)={'team_slave_1\x00', 0x400})
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000040)={0x0, 0x6})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d10402064d8c57ff202030109021b0001000000000904"], 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8], [0x40], [0x7f]], '\x00', [{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}], '\x00', 0x1000})
r3 = syz_open_dev$I2C(0x0, 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='smaps\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x23b)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
mlock2(&(0x7f00002e5000/0xc00000)=nil, 0xc00000, 0x0)

1.913998657s ago: executing program 5 (id=2790):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500c00108005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000004000000000000000000860090780000000000000000000000000000ee3f000000002b"], 0xfdef)

1.788672984s ago: executing program 5 (id=2791):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x29202, 0x0)
write(r0, &(0x7f0000000000)="fb196dec69a10b2284f761", 0xb)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async, rerun: 32)
syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) (rerun: 32)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x2}}) (async, rerun: 64)
r2 = socket$phonet(0x23, 0x2, 0x1) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00'}) (async, rerun: 64)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x800) (rerun: 64)

1.521454703s ago: executing program 5 (id=2792):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x2000000, {0x7}}}, 0xcc}}, 0x0)

1.452148836s ago: executing program 5 (id=2794):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x1200051, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8000, &(0x7f00000001c0)=ANY=[])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020}, 0x2020)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @loopback}, 0x10)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}])
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x100000000007, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r4, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x6, 0x0, 0x0, 0x4}}, 0x0, 0x0}})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_WIPHY(r5, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x345580, 0x20)
sendfile(r6, r6, 0x0, 0x6)
r7 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r7, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x10)
ioctl$EVIOCGABS2F(r6, 0x8018456f, &(0x7f0000000100)=""/145)
r8 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, 0x0, 0x0)

1.341530971s ago: executing program 1 (id=2795):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="84010000100013070000000000000000fe8000000000000000000000000000bbac1e00010000000000000500"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414bb000000000000000000000000000000003300000020010000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000002000000000000000000000048000400656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c00140073686131"], 0x184}}, 0x0)

1.251257543s ago: executing program 1 (id=2797):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x663a00)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r0, 0xc2604111, &(0x7f0000000780)={0x5, [[0x8, 0x1, 0x6, 0x8, 0x5, 0x3, 0xf, 0x9], [0x1, 0x6, 0x4, 0x80000000, 0xffffffff, 0x10061bf8, 0x6, 0x7], [0x290c83b9, 0x9eae, 0x88, 0x1, 0x0, 0x7fffffff, 0x0, 0x8000000]], '\x00', [{0x4c, 0x4}, {0x93, 0xfff}, {0x5, 0x614f}, {0x6, 0x5, 0x1, 0x1, 0x0, 0x1}, {0x5, 0x4, 0x0, 0x1, 0x1, 0x1}, {0x3, 0xffff7fff, 0x1, 0x0, 0x1}, {0x7e8de198, 0x1, 0x1, 0x1, 0x1}, {0x400, 0x0, 0x0, 0x1}, {0x4, 0x4, 0x0, 0x1}, {0x6, 0x9b, 0x0, 0x1, 0x1}, {0x2, 0x5, 0x1, 0x1, 0x1}, {0x3, 0x9, 0x0, 0x0, 0x0, 0x1}]})

1.093079563s ago: executing program 6 (id=2798):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
close(0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100"], 0x57)

925.38548ms ago: executing program 4 (id=2799):
r0 = creat(&(0x7f0000000040)='./file0/file0\x00', 0x1a8)
mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='omfs\x00', 0x8002, 0x0)
socket$inet(0x2, 0x5, 0x8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00')
fchdir(r1)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'gre0\x00', 0x2})
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
shmctl$SHM_LOCK(0x0, 0xb)
r5 = socket$xdp(0x2c, 0x3, 0x0)
close(r5)
bind$xdp(r2, &(0x7f0000000240)={0x2c, 0x1, r4, 0x2a, r5}, 0x10)
syz_usb_connect(0x6, 0x504, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x5b, 0xcb, 0xbc, 0x10, 0x2c42, 0x1606, 0xf8aa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4f2, 0x3, 0x5, 0x7, 0xf0, 0x9, [{{0x9, 0x4, 0xf7, 0x9, 0x7, 0xdf, 0x63, 0x95, 0xd, [@uac_as={[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x3, 0x6, 0x0, "9c5197"}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x8d, 0x1, 0x10, 0xf, "1534"}, @as_header={0x7, 0x24, 0x1, 0x0, 0xe1, 0x1002}, @format_type_ii_discrete={0xe, 0x24, 0x2, 0x2, 0x11, 0x4, 0x0, "a500b02bcc"}]}], [{{0x9, 0x5, 0x7, 0x10, 0x20, 0x2, 0x9, 0x1}}, {{0x9, 0x5, 0xc, 0x10, 0x3ff, 0x5, 0x4, 0xf9}}, {{0x9, 0x5, 0x9, 0x0, 0x0, 0x6, 0xb, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x5}]}}, {{0x9, 0x5, 0x6, 0x3, 0x8, 0x7, 0x3, 0xff}}, {{0x9, 0x5, 0xc, 0x0, 0x400, 0x8, 0x0, 0x2, [@generic={0xa0, 0x21, "5f1eb201923c2a8b96a44b4cebecb25158bc7cd44cff16c63ad32587ca23275968bfe5fd9cd51081d6a795000330200c7436f99929a9a6c55f406ffffbd227f619033fe7b9c78de60e6f28b0ddea3d0e2a61e171af8d69182808668e2c92e7fdc0bf274d9e56382cd30f14bb3b6e5ce47d98012f9cff38662fd89c2e4d0fe7b99ece0099ceeb5e5c362110b20034ad98dbe57f89628735a03f4290b55b90"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x24}]}}, {{0x9, 0x5, 0x1, 0x2, 0x10, 0x2, 0x7b, 0x2}}, {{0x9, 0x5, 0x0, 0x3, 0x0, 0x4, 0x8, 0x49, [@generic={0x42, 0x21, "72ec827d017cfa273b9cf7305dd992f0988ecf51921a172e322005c97f28137530deaeb9f4135eb9dde107a2d7dd8ac60d4d2c57d0e3c138ed7dbea4bad4be46"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x80, 0x4}]}}]}}, {{0x9, 0x4, 0x33, 0x37, 0x6, 0xfc, 0xfe, 0xb9, 0x7, [], [{{0x9, 0x5, 0xb, 0x0, 0x20, 0x6, 0x3, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x10, 0x3}, @generic={0x29, 0x8, "4dc9404665ae521b3146a1d09ac6558408030574e00c94a9a83ff7748fbcc05147c9a76b904dc2"}]}}, {{0x9, 0x5, 0xe, 0xc, 0x40, 0x4, 0x6, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xfc, 0x9}]}}, {{0x9, 0x5, 0x1, 0x7, 0x8, 0xdb, 0x94, 0x1, [@generic={0xca, 0x1, "d82195d1b477640bc939674dea5337eb21029ea5c84ed859876d37745147964f97ab786f6873b4bb9b652403815a330ab06ae45659f2629d15d630181397acc41d047e23725a6e8fb16bd172c6ceae609b5a57c9202b5bad9443dd6efe7a70bc018d8a132989a61fc3cc32c8b7316a38b565d2f3632f104b6ea8ca2fa217fda72a8473d9b4fca2f62e39b2ee5dea972f975bdecd54d1f6dd4dadbb8fd065020416c775cb5b36f0ab757b64c4bbba7573a342c5d2f0b416ec94b8e3a6541e27768ab8901b2f2af5b0"}]}}, {{0x9, 0x5, 0xf, 0x3, 0x200, 0x3, 0xa, 0x1}}, {{0x9, 0x5, 0x0, 0x10, 0x0, 0x6, 0x0, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x3}]}}, {{0x9, 0x5, 0x0, 0x1, 0x8, 0x5, 0x1, 0x1, [@generic={0xe0, 0x6, "556d6becb17422d52158cae718de82d696ef04d73586aa9120f35122bf76a7c6c8a6e3e93ede3433b1447724edb7c4e001517588a374f91434ab27ce328b1e09ebbc2ad141a0c3c57891e72d61f381136003c33fe2cbaca011546e08bbf0f117168f7b4850d4f63a5172f7adf701672d5b15f362ca2df9bc232a658f2939e503a0ff89367082b6ba05d851501618def2262ff89db34f7da3b5fa835b31d0b4ebd1f31e5e6edb380aab4d76ccc64aadc2e778a7d42e489ac74f2a9a92e3b4e55d0dc71fc6bcf9b8129d430b3fc6be5e0777d4f85d2d280560def2f4f7e2ad"}, @generic={0x40, 0x6, "0a5ec733d22c00a56bf4e208bb957965bad0cd8dd773387e5f00736abccfeef124af8e672f6600eb3fea84e17a75516b94a308803c34205d12eebc26449a"}]}}]}}, {{0x9, 0x4, 0xb0, 0x9, 0x1, 0xbf, 0xbb, 0xf2, 0x8, [@cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "06e728"}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x3, 0x8, 0x9}, {0x6, 0x24, 0x1a, 0x0, 0x2a}, [@mdlm_detail={0x80, 0x24, 0x13, 0x10, "6655531aadace1865e62d3daf42ac454fd2484c3dd4f8613246c1653011a704638fd0dcae38f7e7014e34aa6aa579a305219217007e40acec9da9ae38ee9f1c589f34e12bea7ef6cfbfffd9c20d20fd66c8a26671b202177e09070752e73ca23dd846e836dd433b7b5412222c232496b0170eed7509208e18b9a9001"}, @dmm={0x7, 0x24, 0x14, 0x2, 0x4ab}]}, @hid_hid={0x9, 0x21, 0x2, 0x2, 0x1, {0x22, 0xe85}}], [{{0x9, 0x5, 0xf, 0x10, 0x3ff, 0x6, 0x7a, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0xb4}, @generic={0x49, 0x4, "01c61e04ee8ac23a8bf9d35f814b9dad7399926c549addd0f64b277582c558e9b10e977a1e9b88045e25d0ce3d2343d42b69b367c8f739b96e051db89f4376010f2cecb1e6fbc3"}]}}]}}]}}]}}, &(0x7f0000000a00)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x250, 0x1, 0x10, 0x34, 0x8, 0x5}, 0x3b, &(0x7f0000000200)={0x5, 0xf, 0x3b, 0x6, [@wireless={0xb, 0x10, 0x1, 0xc, 0x28, 0x7, 0x75, 0x8, 0x2}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x3, 0x0, 0x5}, @wireless={0xb, 0x10, 0x1, 0xc, 0x80, 0xaf, 0x27, 0x401, 0x2}, @wireless={0xb, 0x10, 0x1, 0x2, 0x61, 0x32, 0x0, 0x4}, @wireless={0xb, 0x10, 0x1, 0x4, 0x8, 0xf1, 0x10, 0x8, 0x7}, @ptm_cap={0x3}]}, 0x5, [{0x2a, &(0x7f0000000840)=@string={0x2a, 0x3, "f65d350f2ab4ca5d0cda96153bf286735861d6d13362a6549eff2ef171a26e86a67b198c65e13b87"}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x2c0a}}, {0x4, &(0x7f0000000900)=@lang_id={0x4}}, {0x73, &(0x7f0000000940)=@string={0x73, 0x3, "9897ed99da4b663bb44a413d2183766832fe882924991894d4b7c719962be5fde238b35d2103da2f392d193adea0ecec2115dcef1a88dda3b7154d24154be68ef6154b3eeb606270baefcb5d50c26318f37c92258e7b873edb7021f661bb709937fc8d76becc1d6e4cf2d0b0f0efeb21ad"}}, {0x2d, &(0x7f00000009c0)=@string={0x2d, 0x3, "0450db87a27c453d67f12b1453951f613c9140aa527a1fb1c2db8dec81ea35bdaafbf89f0679fdd425d8d7"}}]})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'erspan0\x00', &(0x7f00000000c0)={'syztnl1\x00', r4, 0x40, 0x7, 0x0, 0xfffff535, {{0x1a, 0x4, 0x2, 0x9, 0x68, 0x64, 0x0, 0x1, 0x2f, 0x0, @private=0xa010101, @remote, {[@timestamp={0x44, 0x1c, 0xc3, 0x0, 0x5, [0xb02, 0xca8, 0x81, 0x5, 0xfffffffd, 0x300]}, @end, @cipso={0x86, 0x36, 0x0, [{0x6, 0x5, "1e1a1c"}, {0x2, 0x3, "fb"}, {0x7, 0xa, "467926bdd043b8b1"}, {0x6, 0x9, "5ee3e10d8de5f0"}, {0x6, 0x5, "97c5ab"}, {0x2, 0x3, "be"}, {0x6, 0x5, "90780e"}, {0x6, 0x8, "014b4e133a31"}]}]}}}}})

881.360184ms ago: executing program 6 (id=2800):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r1, 0x1, 0x5f00, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}, 0x1, 0x2200}, 0x0)

716.266126ms ago: executing program 6 (id=2801):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000100)={0x0, 0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0xcccc0000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f00007c7000/0x18000)=nil, &(0x7f0000000480)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x40000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000009, 0x12, r3, 0x99b33000)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x10000000000, 0x1000, &(0x7f0000fff000/0x1000)=nil})

525.505857ms ago: executing program 1 (id=2802):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xc9, 0x2ea068d3, 0x0, 0x0, 0x7, 0x0, 0x43, 0x0, 0xffffffffffffdfff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffbffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x204000000000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3ff, 0x80003, 0x0, 0x0, 0x3, 0x203, 0x0, 0x40000000000, 0x801, 0x0, 0x5241, 0x0, 0x4, 0x5, 0x6, 0x0, 0x40000, 0x767e, 0x80, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0xff, 0x0, 0x0, 0x2000000000000000, 0xa7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x100000001]})

494.044662ms ago: executing program 5 (id=2803):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0xffff0000, {0xa, 0x84}}}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)

453.096896ms ago: executing program 6 (id=2804):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000002dc0)=""/231, 0xe7}, {&(0x7f0000002ec0)=""/185, 0xb9}, {&(0x7f0000002fc0)=""/24, 0x18}, {&(0x7f0000003000)=""/4096, 0x1000}, {&(0x7f0000004000)=""/13, 0xd}, {&(0x7f0000004040)=""/136, 0x88}, {&(0x7f0000004100)=""/246, 0xf6}, {&(0x7f0000004200)=""/217, 0xd9}, {&(0x7f0000004300)=""/200, 0xc8}], 0x9}, 0x2}], 0x3, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x22, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'bond_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmsg$sock(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="199db96d60fdc3ff97d06beced5fbf849b91a259e8b098bf4914239791385081679d397b329b1536541471a9c8dc12b7723f3dbf00db0e82a463c93011670449e7db412a44c0ca9b53fa06d52a4361536bd7c2bffddf", 0x56}, {&(0x7f0000000080)="23162fd0bdff3d695d25b7bb3969aec1d19fddb455c78a81defb053fe03c1a4411b65614e513882c9439bced06d886966feacab481310246a041896b0d479fce5b68dc0d1aa3c4ec791669ad61f4c1a5980667b6caebe1387d7664defbf3ec8518210c2202ae6028368e7c19e45570e1ea8dfe9b44286aa998dc21ada4af2234c1977ed98f707d8705fc74a491e977fecaf1dc7187c588df6ca5ce3a204ed754c95197d26097c51832c24684d009d3532789b469c8ab54df6c257b1f0fc4347c37deee6b03f2c8a817746c66f2ed1ef233840116bbf0c5acdc6b8c2b7d184ae13652ec3b049bf2dd5625b7", 0xeb}], 0x2, &(0x7f0000000200)=[@timestamping={{0x14, 0x1, 0x25, 0xd6}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x8000000000000001}}], 0x48}, 0xc080)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

353.421244ms ago: executing program 1 (id=2805):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x1)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000300)={0x1, 0x0, [{0xeeee0000, 0x0, &(0x7f0000000200)}]})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x10000002, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x7ffffff, 0xfffffffffffffffe, 0x1, 0xf, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0xc03d0})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

320.474999ms ago: executing program 5 (id=2806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_int(r0, 0x1, 0x22, 0x0, &(0x7f0000000080))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x141342, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000002c000092000040"])
r5 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r5, 0x12)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={<r6=>r0})
setsockopt$SO_J1939_ERRQUEUE(r6, 0x6b, 0x4, &(0x7f00000000c0), 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e23, 0x200, @dev={0xfe, 0x80, '\x00', 0x35}, 0x3}, @in6={0xa, 0x4e22, 0xde8, @remote, 0x608}], 0x48)
sendfile(r1, r1, 0x0, 0x7ffff000)

202.123142ms ago: executing program 4 (id=2807):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
close(0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a"], 0x57)

202.006ms ago: executing program 1 (id=2808):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
close(0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100"], 0x57)

201.816146ms ago: executing program 6 (id=2809):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x200000d5}, 0x4000)
recvmmsg(r0, &(0x7f0000000e00)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000440)=""/194, 0xc2}, {&(0x7f0000000cc0)=""/260, 0x105}, {&(0x7f0000001b40)=""/4109, 0x100d}, {&(0x7f0000000800)=""/229, 0xe5}], 0x4}, 0x80000000}, {{0x0, 0x0, 0x0}, 0x7243}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f00000000c0)=""/154, 0x9a}, {&(0x7f0000000940)=""/238, 0x13e}, {&(0x7f0000002b80)=""/4098, 0x1002}, {&(0x7f0000003e40)=""/4111, 0x100f}, {&(0x7f00000003c0)=""/101, 0x65}], 0x5}, 0x1452}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000}, 0x80000000}], 0x8, 0x22, 0x0)

574.75µs ago: executing program 6 (id=2810):
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000500ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

0s ago: executing program 1 (id=2811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x6c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x2, 0x0, @mcast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}, 0x1, 0x0, 0x16}, 0x0)

kernel console output (not intermixed with test programs):

  loop3: unable to read partition table
[  430.804527][T12392] loop3: partition table beyond EOD, truncated
[  430.834761][T12392] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  430.948888][T12398] program syz.5.2038 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  431.100872][ T8795] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  431.121136][ T5941] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  431.149319][ T8795] usb 2-1: device descriptor read/8, error -71
[  431.278388][ T5941] usb 7-1: Using ep0 maxpacket: 32
[  431.387650][ T8795] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  431.430927][ T8795] usb 2-1: device descriptor read/8, error -71
[  431.569755][ T8795] usb usb2-port1: unable to enumerate USB device
[  432.096247][T12411] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  432.685171][T12420] loop3: detected capacity change from 0 to 1
[  432.730786][T12420]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  432.785252][T12420] loop3: p1 start 791543808 is beyond EOD, truncated
[  432.839949][T12420] loop3: p2 start 1633771873 is beyond EOD, truncated
[  432.890942][T12420] loop3: p3 start 1633771873 is beyond EOD, truncated
[  432.934803][T12420] loop3: p4 start 1633771873 is beyond EOD, truncated
[  433.014938][T12420] loop3: p5 start 1633771873 is beyond EOD, truncated
[  433.055095][T12420] loop3: p6 start 1633771776 is beyond EOD, truncated
[  433.106260][T12420] loop3: p7 start 1633771873 is beyond EOD, truncated
[  433.171573][T12420] loop3: p8 start 1886744434 is beyond EOD, truncated
[  433.227769][T12420] loop3: p9 start 1633771873 is beyond EOD, truncated
[  433.265687][T12420] loop3: p10 start 1633771873 is beyond EOD, truncated
[  433.889640][ T5856] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  433.899452][ T5856] Bluetooth: hci4: Injecting HCI hardware error event
[  433.908591][ T5851] Bluetooth: hci4: hardware error 0x00
[  434.040337][ T5941] usb 7-1: unable to get BOS descriptor or descriptor too short
[  434.067245][ T5941] usb 7-1: no configurations
[  434.101146][ T5941] usb 7-1: can't read configurations, error -22
[  434.808469][T12466] exFAT-fs (rnullb0): invalid boot record signature
[  434.827627][T12466] exFAT-fs (rnullb0): failed to read boot sector
[  434.841347][T12466] exFAT-fs (rnullb0): failed to recognize exfat type
[  435.761656][T12501] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  435.800273][T12503] qnx4: no qnx4 filesystem (no root dir).
[  435.911151][T12508] loop3: detected capacity change from 0 to 1
[  435.925978][T12508]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  435.935450][T12508] loop3: p1 start 791543808 is beyond EOD, truncated
[  435.947329][T12508] loop3: p2 start 1633771873 is beyond EOD, truncated
[  435.954731][T12508] loop3: p3 start 1633771873 is beyond EOD, truncated
[  435.966921][T12508] loop3: p4 start 1633771873 is beyond EOD, truncated
[  435.974585][T12508] loop3: p5 start 1633771873 is beyond EOD, truncated
[  435.989162][T12508] loop3: p6 start 1633771776 is beyond EOD, truncated
[  435.995977][T12508] loop3: p7 start 1633771873 is beyond EOD, truncated
[  436.037616][T12508] loop3: p8 start 1886744434 is beyond EOD, truncated
[  436.050303][ T5851] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  436.066910][T12508] loop3: p9 start 1633771873 is beyond EOD, truncated
[  436.097549][T12508] loop3: p10 start 1633771873 is beyond EOD, truncated
[  436.477877][ T8784] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  436.681284][ T8784] usb 6-1: Using ep0 maxpacket: 32
[  437.138882][T12534] FAULT_INJECTION: forcing a failure.
[  437.138882][T12534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.206122][T12534] CPU: 1 UID: 0 PID: 12534 Comm: syz.1.2085 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  437.206157][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.206172][T12534] Call Trace:
[  437.206181][T12534]  <TASK>
[  437.206191][T12534]  dump_stack_lvl+0x189/0x250
[  437.206219][T12534]  ? __pfx____ratelimit+0x10/0x10
[  437.206246][T12534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.206270][T12534]  ? __pfx__printk+0x10/0x10
[  437.206308][T12534]  should_fail_ex+0x414/0x560
[  437.206357][T12534]  _copy_to_user+0x31/0xb0
[  437.206379][T12534]  simple_read_from_buffer+0xe1/0x170
[  437.206413][T12534]  proc_fail_nth_read+0x1df/0x250
[  437.206447][T12534]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.206498][T12534]  ? rw_verify_area+0x258/0x650
[  437.206522][T12534]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.206556][T12534]  vfs_read+0x1fd/0x980
[  437.206586][T12534]  ? __pfx___mutex_lock+0x10/0x10
[  437.206626][T12534]  ? __pfx_vfs_read+0x10/0x10
[  437.206657][T12534]  ? __fget_files+0x2a/0x420
[  437.206690][T12534]  ? __fget_files+0x3a0/0x420
[  437.206717][T12534]  ? __fget_files+0x2a/0x420
[  437.206755][T12534]  ksys_read+0x145/0x250
[  437.206782][T12534]  ? __pfx_ksys_read+0x10/0x10
[  437.206803][T12534]  ? rcu_is_watching+0x15/0xb0
[  437.206829][T12534]  ? do_syscall_64+0xbe/0x3b0
[  437.206860][T12534]  do_syscall_64+0xfa/0x3b0
[  437.206884][T12534]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.206909][T12534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.206929][T12534]  ? clear_bhb_loop+0x60/0xb0
[  437.206954][T12534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.206974][T12534] RIP: 0033:0x7fc949b8d33c
[  437.206993][T12534] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  437.207010][T12534] RSP: 002b:00007fc94aacc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  437.207032][T12534] RAX: ffffffffffffffda RBX: 00007fc949db5fa0 RCX: 00007fc949b8d33c
[  437.207058][T12534] RDX: 000000000000000f RSI: 00007fc94aacc0a0 RDI: 0000000000000005
[  437.207070][T12534] RBP: 00007fc94aacc090 R08: 0000000000000000 R09: 0000000000000000
[  437.207083][T12534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  437.207094][T12534] R13: 0000000000000000 R14: 00007fc949db5fa0 R15: 00007ffdf4fc04a8
[  437.207142][T12534]  </TASK>
[  437.917682][ T5851] Bluetooth: hci0: unexpected cc 0x040d length: 63 > 7
[  437.936758][ T5851] Bluetooth: hci0: unexpected event for opcode 0x040d
[  438.358572][T12545] netlink: 'syz.6.2090': attribute type 4 has an invalid length.
[  438.438499][T12546] netlink: 'syz.6.2090': attribute type 4 has an invalid length.
[  439.308449][ T8784] usb 6-1: unable to get BOS descriptor or descriptor too short
[  439.316195][ T8784] usb 6-1: no configurations
[  439.337506][ T8784] usb 6-1: can't read configurations, error -22
[  439.360329][T12556] syz.6.2094: attempt to access beyond end of device
[  439.360329][T12556] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  439.375565][T12556] FAT-fs (nbd6): unable to read boot sector
[  439.411220][T12558] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2095'.
[  439.557275][T12562] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  439.859331][T12572] netlink: 'syz.6.2101': attribute type 4 has an invalid length.
[  439.893363][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  439.899841][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  439.906216][T12572] netlink: 'syz.6.2101': attribute type 4 has an invalid length.
[  440.500399][T12595] netlink: 'syz.1.2110': attribute type 1 has an invalid length.
[  440.603216][T12597] netlink: 'syz.1.2111': attribute type 4 has an invalid length.
[  440.655096][T12599] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  441.125095][T12613] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2119'.
[  441.134307][T12615] loop3: detected capacity change from 0 to 1
[  441.148772][T12615] Dev loop3: unable to read RDB block 1
[  441.154892][T12615]  loop3: unable to read partition table
[  441.164646][T12615] loop3: partition table beyond EOD, truncated
[  441.173186][T12615] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  441.250864][T12617] netlink: 'syz.6.2121': attribute type 4 has an invalid length.
[  441.440608][T12623] binder: 12622:12623 ioctl c0306201 200000000640 returned -22
[  441.514365][   T30] audit: type=1326 audit(1751360566.504:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12622 comm="syz.1.2123" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc949b8e929 code=0x0
[  441.813048][T12639] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2129'.
[  441.967667][ T5856] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  441.977023][ T5856] Bluetooth: hci0: Injecting HCI hardware error event
[  441.986681][ T5856] Bluetooth: hci0: hardware error 0x00
[  442.019451][T12649] netlink: 'syz.4.2133': attribute type 4 has an invalid length.
[  442.077023][T12644] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  442.088918][T12644] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  442.130146][T12644] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  442.136203][T12644] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  442.152077][T12644] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  442.161488][T12644] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  442.476116][T12664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.507003][ T5851] Bluetooth: hci1: unexpected cc 0x040d length: 63 > 7
[  442.515696][ T5851] Bluetooth: hci1: unexpected event for opcode 0x040d
[  442.526296][T12664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.631359][T12671] netlink: 'syz.6.2142': attribute type 4 has an invalid length.
[  442.707539][ T5941] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  442.781106][T12674] /dev/rnullb0: Can't open blockdev
[  443.517554][ T5941] usb 6-1: device descriptor read/64, error -71
[  443.779780][ T5941] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  443.984273][ T5941] usb 6-1: config 1 has an invalid descriptor of length 219, skipping remainder of the config
[  444.030283][ T5941] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  444.047750][ T5856] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  444.054810][ T5856] Bluetooth: hci3: command 0x0406 tx timeout
[  444.120608][ T5941] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  444.177603][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  444.185667][ T5941] usb 6-1: SerialNumber: syz
[  444.210483][ T5851] Bluetooth: hci2: command 0x0406 tx timeout
[  444.444047][ T5941] usb 6-1: 0:2 : does not exist
[  444.499256][ T5941] usb 6-1: USB disconnect, device number 44
[  444.538715][T12700] netlink: 'syz.4.2152': attribute type 4 has an invalid length.
[  445.255488][ T5851] Bluetooth: hci2: unexpected cc 0x040d length: 63 > 7
[  445.264184][ T5851] Bluetooth: hci2: unexpected event for opcode 0x040d
[  445.273698][T12723] netlink: 'syz.4.2162': attribute type 4 has an invalid length.
[  445.805760][T12731] /dev/rnullb0: Can't open blockdev
[  445.892146][T12695] /dev/rnullb0: Can't open blockdev
[  446.129127][ T5851] Bluetooth: hci3: command 0x0406 tx timeout
[  446.444453][T12746] loop3: detected capacity change from 0 to 1
[  446.454758][T12746]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  446.465024][T12746] loop3: p1 start 791543808 is beyond EOD, truncated
[  446.473679][T12746] loop3: p2 start 1633771873 is beyond EOD, truncated
[  446.483001][T12746] loop3: p3 start 1633771873 is beyond EOD, truncated
[  446.491682][T12746] loop3: p4 start 1633771873 is beyond EOD, truncated
[  446.518720][T12746] loop3: p5 start 1633771873 is beyond EOD, truncated
[  446.530490][ T5851] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  446.539342][ T5851] Bluetooth: hci1: Injecting HCI hardware error event
[  446.546343][T12746] loop3: p6 start 1633771776 is beyond EOD, truncated
[  446.548423][ T5851] Bluetooth: hci1: hardware error 0x00
[  446.564570][T12746] loop3: p7 start 1633771873 is beyond EOD, truncated
[  446.580656][T12746] loop3: p8 start 1886744434 is beyond EOD, truncated
[  446.663756][T12746] loop3: p9 start 1633771873 is beyond EOD, truncated
[  446.711424][T12746] loop3: p10 start 1633771873 is beyond EOD, truncated
[  446.948196][T12751] syzkaller1: entered promiscuous mode
[  446.954209][T12753] netlink: 'syz.6.2171': attribute type 4 has an invalid length.
[  446.967643][T12751] syzkaller1: entered allmulticast mode
[  446.988429][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2170'.
[  447.026546][T12755] loop3: detected capacity change from 0 to 1
[  447.033144][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2170'.
[  447.047045][T12755] Dev loop3: unable to read RDB block 1
[  447.053020][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2170'.
[  447.062742][T12755]  loop3: unable to read partition table
[  447.072319][T12755] loop3: partition table beyond EOD, truncated
[  447.080464][T12755] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  447.401164][T12772] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  447.587583][ T8804] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  447.598363][T12779] netlink: 'syz.5.2182': attribute type 4 has an invalid length.
[  447.643343][T12780] syz.4.2181: attempt to access beyond end of device
[  447.643343][T12780] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  447.679821][T12780] FAT-fs (nbd4): unable to read boot sector
[  447.739424][ T8804] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  447.757704][ T8804] usb 7-1: config 0 interface 0 has no altsetting 0
[  447.781033][ T8804] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  447.798252][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  447.821204][ T8804] usb 7-1: Product: syz
[  447.825772][ T8804] usb 7-1: Manufacturer: syz
[  447.837313][ T8804] usb 7-1: SerialNumber: syz
[  447.866062][ T8804] usb 7-1: config 0 descriptor??
[  447.886601][ T8804] usb 7-1: selecting invalid altsetting 0
[  448.090434][ T8804] usb 7-1: USB disconnect, device number 5
[  448.191166][T12800] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  448.225347][T12800] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  448.256306][T12805] netlink: 'syz.1.2192': attribute type 4 has an invalid length.
[  448.429115][T12809] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  448.437256][T12812] fuseblk: Unknown parameter 'bq'
[  448.567629][   T30] audit: type=1800 audit(1751360573.554:113): pid=12816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2196" name="bus" dev="tmpfs" ino=2963 res=0 errno=0
[  448.599054][T12816] FAULT_INJECTION: forcing a failure.
[  448.599054][T12816] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  448.611827][ T5851] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  448.677621][T12819] bond0: (slave ip6gre0): Error: Device type is different from other slaves
[  448.686793][T12816] CPU: 1 UID: 0 PID: 12816 Comm: syz.1.2196 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  448.686821][T12816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  448.686835][T12816] Call Trace:
[  448.686844][T12816]  <TASK>
[  448.686853][T12816]  dump_stack_lvl+0x189/0x250
[  448.686882][T12816]  ? __pfx____ratelimit+0x10/0x10
[  448.686908][T12816]  ? __pfx_dump_stack_lvl+0x10/0x10
[  448.686932][T12816]  ? __pfx__printk+0x10/0x10
[  448.686957][T12816]  ? fs_reclaim_acquire+0x7d/0x100
[  448.686993][T12816]  should_fail_ex+0x414/0x560
[  448.687031][T12816]  prepare_alloc_pages+0x213/0x610
[  448.687067][T12816]  __alloc_frozen_pages_noprof+0x123/0x370
[  448.687100][T12816]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  448.687127][T12816]  ? css_rstat_updated+0x24f/0x4e0
[  448.687155][T12816]  ? policy_nodemask+0x27c/0x720
[  448.687185][T12816]  alloc_pages_mpol+0x232/0x4a0
[  448.687215][T12816]  folio_alloc_mpol_noprof+0x39/0x70
[  448.687242][T12816]  shmem_alloc_and_add_folio+0x447/0xf60
[  448.687279][T12816]  ? filemap_get_entry+0xad/0x2f0
[  448.687306][T12816]  ? filemap_get_entry+0xad/0x2f0
[  448.687330][T12816]  ? filemap_get_entry+0xad/0x2f0
[  448.687372][T12816]  ? shmem_huge_global_enabled+0x174/0x3a0
[  448.687403][T12816]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  448.687434][T12816]  ? shmem_allowable_huge_orders+0x19c/0x420
[  448.687488][T12816]  shmem_get_folio_gfp+0x59d/0x1660
[  448.687527][T12816]  shmem_fault+0x179/0x390
[  448.687569][T12816]  __do_fault+0x135/0x390
[  448.687596][T12816]  __handle_mm_fault+0x1847/0x5440
[  448.687633][T12816]  ? __pfx___handle_mm_fault+0x10/0x10
[  448.687667][T12816]  ? follow_page_pte+0x7ef/0x13e0
[  448.687699][T12816]  handle_mm_fault+0x40a/0x8e0
[  448.687730][T12816]  __get_user_pages+0x1699/0x2ce0
[  448.687748][T12816]  ? __lock_acquire+0xab9/0xd20
[  448.687811][T12816]  __gup_longterm_locked+0x1249/0x1660
[  448.687840][T12816]  ? __lock_acquire+0xab9/0xd20
[  448.687881][T12816]  pin_user_pages_remote+0xd4/0x120
[  448.687904][T12816]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  448.687930][T12816]  ? down_read+0x1ad/0x2e0
[  448.687959][T12816]  process_vm_rw+0x59e/0xb40
[  448.687979][T12816]  ? get_pid_task+0x20/0x1f0
[  448.688015][T12816]  ? __pfx_process_vm_rw+0x10/0x10
[  448.688032][T12816]  ? rcu_read_lock_any_held+0xb3/0x120
[  448.688081][T12816]  ? __pfx_vfs_write+0x10/0x10
[  448.688127][T12816]  ? ksys_write+0x22a/0x250
[  448.688152][T12816]  ? __pfx_ksys_write+0x10/0x10
[  448.688172][T12816]  ? rcu_is_watching+0x15/0xb0
[  448.688196][T12816]  __x64_sys_process_vm_writev+0xe0/0x100
[  448.688222][T12816]  do_syscall_64+0xfa/0x3b0
[  448.688245][T12816]  ? lockdep_hardirqs_on+0x9c/0x150
[  448.688275][T12816]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.688294][T12816]  ? clear_bhb_loop+0x60/0xb0
[  448.688318][T12816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.688337][T12816] RIP: 0033:0x7fc949b8e929
[  448.688354][T12816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.688371][T12816] RSP: 002b:00007fc94aacc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  448.688392][T12816] RAX: ffffffffffffffda RBX: 00007fc949db5fa0 RCX: 00007fc949b8e929
[  448.688406][T12816] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 0000000000000575
[  448.688419][T12816] RBP: 00007fc94aacc090 R08: 0000000000000001 R09: 0000000000000000
[  448.688432][T12816] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  448.688444][T12816] R13: 0000000000000000 R14: 00007fc949db5fa0 R15: 00007ffdf4fc04a8
[  448.688474][T12816]  </TASK>
[  449.335275][ T5851] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  449.350247][ T5851] Bluetooth: hci2: Injecting HCI hardware error event
[  449.360256][ T5851] Bluetooth: hci2: hardware error 0x00
[  449.520659][T12834] netlink: 'syz.4.2201': attribute type 4 has an invalid length.
[  449.661148][T12840] gfs2: not a GFS2 filesystem
[  449.686677][T12841] gfs2: not a GFS2 filesystem
[  449.827984][ T8804] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  449.923042][T12853] loop3: detected capacity change from 0 to 1
[  449.936492][T12853]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  449.957825][T12853] loop3: p1 start 791543808 is beyond EOD, truncated
[  449.964632][T12853] loop3: p2 start 1633771873 is beyond EOD, truncated
[  449.977811][T12853] loop3: p3 start 1633771873 is beyond EOD, truncated
[  449.997855][T12853] loop3: p4 start 1633771873 is beyond EOD, truncated
[  449.998071][ T8804] usb 7-1: Using ep0 maxpacket: 16
[  450.009299][T12853] loop3: p5 start 1633771873 is beyond EOD, truncated
[  450.017087][T12853] loop3: p6 start 1633771776 is beyond EOD, truncated
[  450.020301][ T8804] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  450.028857][T12853] loop3: p7 start 1633771873 is beyond EOD, truncated
[  450.045373][ T8804] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  450.077177][T12853] loop3: p8 start 1886744434 is beyond EOD, truncated
[  450.082623][ T8804] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  450.109839][ T8804] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  450.119892][T12853] loop3: p9 start 1633771873 is beyond EOD, truncated
[  450.119922][T12853] loop3: p10 start 1633771873 is beyond EOD, truncated
[  450.143713][T12860] kvm: Disabled LAPIC found during irq injection
[  450.152896][ T8804] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  450.190531][ T8804] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  450.200102][ T8804] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  450.230100][ T8804] usb 7-1: Manufacturer: syz
[  450.251602][ T8804] usb 7-1: config 0 descriptor??
[  450.460744][T12865] netlink: 'syz.1.2214': attribute type 4 has an invalid length.
[  450.503542][T12838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.518176][T12838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.632893][T12868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.666084][T12868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.694536][T12873] qnx4: no qnx4 filesystem (no root dir).
[  450.705924][T12838] syzkaller0: entered promiscuous mode
[  450.745220][T12838] syzkaller0: entered allmulticast mode
[  450.897689][ T8804] rc_core: IR keymap rc-hauppauge not found
[  450.904651][ T8804] Registered IR keymap rc-empty
[  450.924752][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  450.957687][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  450.992291][ T8804] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[  451.054942][ T8804] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input56
[  451.118084][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.139497][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.157679][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.192461][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.230267][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.270343][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.293776][T12897] netlink: 'syz.4.2226': attribute type 4 has an invalid length.
[  451.327871][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.357572][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.377612][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.387309][T12903] /dev/rnullb0: Can't open blockdev
[  451.399504][ T8804] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  451.409446][ T5851] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  451.431671][T12903] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  451.446581][ T8804] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  451.455910][ T8804] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  451.547806][ T5941] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  451.647636][ T8784] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  451.698238][ T5941] usb 6-1: device descriptor read/64, error -71
[  451.802061][ T8784] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  451.824508][ T8784] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  451.847640][ T8784] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  451.868224][ T8784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.891351][T12902] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  451.919408][ T8784] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  451.948369][ T5941] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  452.087556][ T5941] usb 6-1: device descriptor read/64, error -71
[  452.197983][ T5941] usb usb6-port1: attempt power cycle
[  452.221969][ T8804] usb 2-1: USB disconnect, device number 87
[  452.547529][ T5941] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  452.570729][ T5941] usb 6-1: device descriptor read/8, error -71
[  452.829099][ T5941] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  452.864911][ T5941] usb 6-1: device descriptor read/8, error -71
[  452.908886][T12920] netlink: 'syz.1.2235': attribute type 1 has an invalid length.
[  452.926967][T12920] netlink: 'syz.1.2235': attribute type 1 has an invalid length.
[  452.998060][ T5941] usb usb6-port1: unable to enumerate USB device
[  453.196005][T12923] /dev/rnullb0: Can't open blockdev
[  453.563478][T12926] netlink: 'syz.4.2237': attribute type 4 has an invalid length.
[  454.672532][T12936] netlink: 160 bytes leftover after parsing attributes in process `syz.5.2240'.
[  455.882445][ T8804] usb 7-1: USB disconnect, device number 6
[  456.346753][T12963] netlink: 'syz.4.2250': attribute type 1 has an invalid length.
[  456.386954][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2250'.
[  456.486586][T12966] netlink: 'syz.1.2252': attribute type 4 has an invalid length.
[  457.238273][T12993] loop3: detected capacity change from 0 to 1
[  457.259150][T12993]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  457.265986][T12993] loop3: p1 start 791543808 is beyond EOD, truncated
[  457.283967][T12993] loop3: p2 start 1633771873 is beyond EOD, truncated
[  457.304938][T12993] loop3: p3 start 1633771873 is beyond EOD, truncated
[  457.317860][T12993] loop3: p4 start 1633771873 is beyond EOD, truncated
[  457.334988][T12993] loop3: p5 start 1633771873 is beyond EOD, truncated
[  457.347733][T12993] loop3: p6 start 1633771776 is beyond EOD, truncated
[  457.354544][T12993] loop3: p7 start 1633771873 is beyond EOD, truncated
[  457.438529][T12993] loop3: p8 start 1886744434 is beyond EOD, truncated
[  457.460221][T12993] loop3: p9 start 1633771873 is beyond EOD, truncated
[  457.493875][T12993] loop3: p10 start 1633771873 is beyond EOD, truncated
[  457.535473][T13005] netlink: 'syz.1.2263': attribute type 4 has an invalid length.
[  457.707723][ T5941] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  457.748221][T13017] NILFS (rnullb0): couldn't find nilfs on the device
[  457.855940][T13020] tipc: Started in network mode
[  457.894332][T13020] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  457.911197][ T5941] usb 6-1: Using ep0 maxpacket: 32
[  457.923087][ T5941] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  457.936314][T13020] tipc: Enabled bearer <udp:syz1>, priority 10
[  457.944882][ T5941] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  457.981927][ T5941] usb 6-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  457.993577][ T5941] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.025201][ T5941] usb 6-1: Product: syz
[  458.038368][ T5941] usb 6-1: Manufacturer: syz
[  458.052518][ T5941] usb 6-1: SerialNumber: syz
[  458.072714][ T5941] usb 6-1: config 0 descriptor??
[  458.092947][ T5941] qmi_wwan 6-1:0.0: probe with driver qmi_wwan failed with error -22
[  458.333095][T13037] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2272'.
[  458.428601][T13039] XFS (rnullb0): Invalid superblock magic number
[  458.478635][T13046] netlink: 'syz.6.2274': attribute type 4 has an invalid length.
[  458.568404][ T8804] usb 6-1: USB disconnect, device number 49
[  458.640657][ T5941] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[  458.812589][ T5941] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  458.833055][ T5941] usb 2-1: config 0 interface 0 has no altsetting 0
[  458.852989][ T5941] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  458.872257][ T5941] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  458.897701][ T5941] usb 2-1: Product: syz
[  458.901956][ T5941] usb 2-1: Manufacturer: syz
[  458.906734][ T5941] usb 2-1: SerialNumber: syz
[  458.928401][ T5941] usb 2-1: config 0 descriptor??
[  458.950106][ T5941] usb 2-1: selecting invalid altsetting 0
[  459.040278][ T5941] tipc: Node number set to 1
[  459.170948][ T5941] usb 2-1: USB disconnect, device number 88
[  459.375671][T13071] netlink: 'syz.4.2284': attribute type 4 has an invalid length.
[  459.527536][ T8804] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  459.620318][T13079] loop3: detected capacity change from 0 to 1
[  459.643092][T13079] Dev loop3: unable to read RDB block 1
[  459.665237][T13079]  loop3: unable to read partition table
[  459.688323][ T8804] usb 7-1: Using ep0 maxpacket: 32
[  459.695504][T13079] loop3: partition table beyond EOD, truncated
[  459.710139][T13079] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  459.881837][T13085] loop3: detected capacity change from 0 to 1
[  459.911217][T13085]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  459.935123][T13085] loop3: p1 start 791543808 is beyond EOD, truncated
[  459.965279][T13085] loop3: p2 start 1633771873 is beyond EOD, truncated
[  459.984387][T13085] loop3: p3 start 1633771873 is beyond EOD, truncated
[  459.993854][T13085] loop3: p4 start 1633771873 is beyond EOD, truncated
[  460.004025][T13085] loop3: p5 start 1633771873 is beyond EOD, truncated
[  460.016287][T13085] loop3: p6 start 1633771776 is beyond EOD, truncated
[  460.027043][T13085] loop3: p7 start 1633771873 is beyond EOD, truncated
[  460.036523][T13085] loop3: p8 start 1886744434 is beyond EOD, truncated
[  460.053316][T13085] loop3: p9 start 1633771873 is beyond EOD, truncated
[  460.062876][T13085] loop3: p10 start 1633771873 is beyond EOD, truncated
[  460.897132][T13099] netlink: 'syz.5.2294': attribute type 4 has an invalid length.
[  461.534832][T13114] /dev/rnullb0: Can't open blockdev
[  462.352644][ T8804] usb 7-1: unable to get BOS descriptor or descriptor too short
[  462.375451][ T8804] usb 7-1: no configurations
[  462.380157][ T8804] usb 7-1: can't read configurations, error -22
[  462.584873][T13131] netlink: 'syz.1.2303': attribute type 4 has an invalid length.
[  462.726141][T13141] hpfs: Bad magic ... probably not HPFS
[  462.896993][T13145] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  462.998642][ T8804] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  463.105264][T13154] syzkaller1: entered promiscuous mode
[  463.119189][T13154] syzkaller1: entered allmulticast mode
[  463.136702][T13157] netlink: 'syz.5.2316': attribute type 4 has an invalid length.
[  463.170646][ T8804] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  463.197550][ T8804] usb 7-1: config 0 interface 0 has no altsetting 0
[  463.219648][ T8804] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  463.248037][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  463.266477][ T8804] usb 7-1: Product: syz
[  463.281014][ T8804] usb 7-1: Manufacturer: syz
[  463.285734][ T8804] usb 7-1: SerialNumber: syz
[  463.301105][ T8804] usb 7-1: config 0 descriptor??
[  463.345390][ T8804] usb 7-1: selecting invalid altsetting 0
[  463.405246][T13167] netlink: 'syz.1.2320': attribute type 28 has an invalid length.
[  463.543637][T13137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  463.563506][T13169] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2321'.
[  463.578104][T13137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  463.607260][T13172] syz.4.2322: attempt to access beyond end of device
[  463.607260][T13172] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  463.633567][T13137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  463.642742][T13137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  463.661769][ T5928] usb 7-1: USB disconnect, device number 8
[  463.677552][T13172] SQUASHFS error: Failed to read block 0x0: -5
[  463.716142][T13172] unable to read squashfs_super_block
[  464.293181][T13185] netlink: 'syz.5.2326': attribute type 4 has an invalid length.
[  464.656554][T13193] loop3: detected capacity change from 0 to 1
[  464.679473][T13193] Dev loop3: unable to read RDB block 1
[  464.690758][T13193]  loop3: unable to read partition table
[  464.696640][T13193] loop3: partition table beyond EOD, truncated
[  464.714705][T13193] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  464.868426][   T30] audit: type=1800 audit(1751360589.844:114): pid=13199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2333" name="bus" dev="tmpfs" ino=2822 res=0 errno=0
[  464.870962][T13199] FAULT_INJECTION: forcing a failure.
[  464.870962][T13199] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  464.988060][T13199] CPU: 0 UID: 0 PID: 13199 Comm: syz.4.2333 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  464.988090][T13199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  464.988103][T13199] Call Trace:
[  464.988110][T13199]  <TASK>
[  464.988119][T13199]  dump_stack_lvl+0x189/0x250
[  464.988146][T13199]  ? __pfx____ratelimit+0x10/0x10
[  464.988171][T13199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.988192][T13199]  ? __pfx__printk+0x10/0x10
[  464.988214][T13199]  ? fs_reclaim_acquire+0x7d/0x100
[  464.988248][T13199]  should_fail_ex+0x414/0x560
[  464.988283][T13199]  prepare_alloc_pages+0x213/0x610
[  464.988317][T13199]  __alloc_frozen_pages_noprof+0x123/0x370
[  464.988348][T13199]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  464.988373][T13199]  ? css_rstat_updated+0x24f/0x4e0
[  464.988399][T13199]  ? policy_nodemask+0x27c/0x720
[  464.988426][T13199]  alloc_pages_mpol+0x232/0x4a0
[  464.988455][T13199]  folio_alloc_mpol_noprof+0x39/0x70
[  464.988480][T13199]  shmem_alloc_and_add_folio+0x447/0xf60
[  464.988505][T13199]  ? filemap_get_entry+0xad/0x2f0
[  464.988531][T13199]  ? filemap_get_entry+0xad/0x2f0
[  464.988552][T13199]  ? filemap_get_entry+0xad/0x2f0
[  464.988581][T13199]  ? shmem_huge_global_enabled+0x174/0x3a0
[  464.988611][T13199]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  464.988636][T13199]  ? shmem_allowable_huge_orders+0x19c/0x420
[  464.988692][T13199]  shmem_get_folio_gfp+0x59d/0x1660
[  464.988733][T13199]  shmem_fault+0x179/0x390
[  464.988765][T13199]  __do_fault+0x135/0x390
[  464.988794][T13199]  __handle_mm_fault+0x1847/0x5440
[  464.988834][T13199]  ? __pfx___handle_mm_fault+0x10/0x10
[  464.988880][T13199]  ? follow_page_pte+0x7ef/0x13e0
[  464.988937][T13199]  handle_mm_fault+0x40a/0x8e0
[  464.988970][T13199]  __get_user_pages+0x1699/0x2ce0
[  464.988988][T13199]  ? __lock_acquire+0xab9/0xd20
[  464.989056][T13199]  __gup_longterm_locked+0x1249/0x1660
[  464.989087][T13199]  ? __lock_acquire+0xab9/0xd20
[  464.989132][T13199]  pin_user_pages_remote+0xd4/0x120
[  464.989157][T13199]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  464.989184][T13199]  ? down_read+0x1ad/0x2e0
[  464.989215][T13199]  process_vm_rw+0x59e/0xb40
[  464.989236][T13199]  ? get_pid_task+0x20/0x1f0
[  464.989273][T13199]  ? __pfx_process_vm_rw+0x10/0x10
[  464.989292][T13199]  ? rcu_read_lock_any_held+0xb3/0x120
[  464.989344][T13199]  ? __pfx_vfs_write+0x10/0x10
[  464.989392][T13199]  ? ksys_write+0x22a/0x250
[  464.989419][T13199]  ? __pfx_ksys_write+0x10/0x10
[  464.989441][T13199]  ? rcu_is_watching+0x15/0xb0
[  464.989465][T13199]  __x64_sys_process_vm_writev+0xe0/0x100
[  464.989493][T13199]  do_syscall_64+0xfa/0x3b0
[  464.989542][T13199]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.989568][T13199]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.989588][T13199]  ? clear_bhb_loop+0x60/0xb0
[  464.989614][T13199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.989634][T13199] RIP: 0033:0x7fc95b58e929
[  464.989653][T13199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.989670][T13199] RSP: 002b:00007fc95c383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  464.989692][T13199] RAX: ffffffffffffffda RBX: 00007fc95b7b5fa0 RCX: 00007fc95b58e929
[  464.989708][T13199] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 0000000000000547
[  464.989740][T13199] RBP: 00007fc95c383090 R08: 0000000000000001 R09: 0000000000000000
[  464.989753][T13199] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  464.989767][T13199] R13: 0000000000000000 R14: 00007fc95b7b5fa0 R15: 00007ffc66e50c78
[  464.989799][T13199]  </TASK>
[  465.736913][T13206] netlink: 'syz.6.2334': attribute type 12 has an invalid length.
[  465.745368][T13206] netlink: 9472 bytes leftover after parsing attributes in process `syz.6.2334'.
[  465.821870][T13209] FAT-fs (rnullb0): bogus number of reserved sectors
[  465.857153][T13209] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  465.954359][T13211] netlink: 'syz.5.2336': attribute type 4 has an invalid length.
[  466.136557][T13216] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  466.649813][T13232] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2346'.
[  466.739260][T13237] netlink: 'syz.6.2347': attribute type 4 has an invalid length.
[  466.942079][T13239] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2348'.
[  467.853091][T13262] netlink: 'syz.5.2357': attribute type 4 has an invalid length.
[  468.047846][T13269] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2359'.
[  468.284457][   T30] audit: type=1800 audit(1751360593.274:115): pid=13276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2362" name="bus" dev="tmpfs" ino=426 res=0 errno=0
[  468.291204][T13276] FAULT_INJECTION: forcing a failure.
[  468.291204][T13276] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  468.325952][T13277] loop3: detected capacity change from 0 to 1
[  468.337043][T13276] CPU: 1 UID: 0 PID: 13276 Comm: syz.6.2362 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  468.337070][T13276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.337082][T13276] Call Trace:
[  468.337090][T13276]  <TASK>
[  468.337099][T13276]  dump_stack_lvl+0x189/0x250
[  468.337127][T13276]  ? __pfx____ratelimit+0x10/0x10
[  468.337152][T13276]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.337174][T13276]  ? __pfx__printk+0x10/0x10
[  468.337197][T13276]  ? fs_reclaim_acquire+0x7d/0x100
[  468.337231][T13276]  should_fail_ex+0x414/0x560
[  468.337265][T13276]  prepare_alloc_pages+0x213/0x610
[  468.337299][T13276]  __alloc_frozen_pages_noprof+0x123/0x370
[  468.337330][T13276]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  468.337356][T13276]  ? css_rstat_updated+0x24f/0x4e0
[  468.337386][T13276]  ? policy_nodemask+0x27c/0x720
[  468.337414][T13276]  alloc_pages_mpol+0x232/0x4a0
[  468.337441][T13276]  folio_alloc_mpol_noprof+0x39/0x70
[  468.337466][T13276]  shmem_alloc_and_add_folio+0x447/0xf60
[  468.337491][T13276]  ? filemap_get_entry+0xad/0x2f0
[  468.337516][T13276]  ? filemap_get_entry+0xad/0x2f0
[  468.337538][T13276]  ? filemap_get_entry+0xad/0x2f0
[  468.337567][T13276]  ? shmem_huge_global_enabled+0x174/0x3a0
[  468.337604][T13276]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  468.337630][T13276]  ? shmem_allowable_huge_orders+0x19c/0x420
[  468.337668][T13276]  shmem_get_folio_gfp+0x59d/0x1660
[  468.337707][T13276]  shmem_fault+0x179/0x390
[  468.337737][T13276]  __do_fault+0x135/0x390
[  468.337763][T13276]  __handle_mm_fault+0x1847/0x5440
[  468.337800][T13276]  ? __pfx___handle_mm_fault+0x10/0x10
[  468.337834][T13276]  ? follow_page_pte+0x7ef/0x13e0
[  468.337865][T13276]  handle_mm_fault+0x40a/0x8e0
[  468.337896][T13276]  __get_user_pages+0x1699/0x2ce0
[  468.337913][T13276]  ? __lock_acquire+0xab9/0xd20
[  468.337975][T13276]  __gup_longterm_locked+0x1249/0x1660
[  468.338004][T13276]  ? __lock_acquire+0xab9/0xd20
[  468.338044][T13276]  pin_user_pages_remote+0xd4/0x120
[  468.338067][T13276]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  468.338093][T13276]  ? down_read+0x1ad/0x2e0
[  468.338121][T13276]  process_vm_rw+0x59e/0xb40
[  468.338140][T13276]  ? get_pid_task+0x20/0x1f0
[  468.338177][T13276]  ? __pfx_process_vm_rw+0x10/0x10
[  468.338194][T13276]  ? rcu_read_lock_any_held+0xb3/0x120
[  468.338242][T13276]  ? __pfx_vfs_write+0x10/0x10
[  468.338307][T13276]  ? ksys_write+0x22a/0x250
[  468.338333][T13276]  ? __pfx_ksys_write+0x10/0x10
[  468.338355][T13276]  ? rcu_is_watching+0x15/0xb0
[  468.338380][T13276]  __x64_sys_process_vm_writev+0xe0/0x100
[  468.338408][T13276]  do_syscall_64+0xfa/0x3b0
[  468.338432][T13276]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.338457][T13276]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.338478][T13276]  ? clear_bhb_loop+0x60/0xb0
[  468.338502][T13276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.338522][T13276] RIP: 0033:0x7f2f6dd8e929
[  468.338541][T13276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.338559][T13276] RSP: 002b:00007f2f6ebfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  468.338589][T13276] RAX: ffffffffffffffda RBX: 00007f2f6dfb5fa0 RCX: 00007f2f6dd8e929
[  468.338605][T13276] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000000c3
[  468.338618][T13276] RBP: 00007f2f6ebfc090 R08: 0000000000000001 R09: 0000000000000000
[  468.338631][T13276] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  468.338643][T13276] R13: 0000000000000000 R14: 00007f2f6dfb5fa0 R15: 00007ffe0400dbf8
[  468.338675][T13276]  </TASK>
[  468.689006][T13277]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  468.696142][T13277] loop3: p1 start 791543808 is beyond EOD, truncated
[  468.703033][T13277] loop3: p2 start 1633771873 is beyond EOD, truncated
[  468.709911][T13277] loop3: p3 start 1633771873 is beyond EOD, truncated
[  468.717000][T13277] loop3: p4 start 1633771873 is beyond EOD, truncated
[  468.724055][T13277] loop3: p5 start 1633771873 is beyond EOD, truncated
[  468.731379][T13277] loop3: p6 start 1633771776 is beyond EOD, truncated
[  468.738282][T13277] loop3: p7 start 1633771873 is beyond EOD, truncated
[  468.745733][T13277] loop3: p8 start 1886744434 is beyond EOD, truncated
[  468.752866][T13277] loop3: p9 start 1633771873 is beyond EOD, truncated
[  468.759816][T13277] loop3: p10 start 1633771873 is beyond EOD, truncated
[  469.161752][T13289] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  469.404145][T13295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2369'.
[  469.701116][T13306] netlink: 'syz.4.2374': attribute type 4 has an invalid length.
[  469.720110][T13308] loop3: detected capacity change from 0 to 1
[  469.739502][T13308] Dev loop3: unable to read RDB block 1
[  469.745126][T13308]  loop3: unable to read partition table
[  469.769469][T13308] loop3: partition table beyond EOD, truncated
[  469.775911][T13308] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  469.927679][ T8784] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  470.027857][    T9] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[  470.099932][ T8784] usb 6-1: Using ep0 maxpacket: 32
[  470.147772][ T8804] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  470.187637][    T9] usb 2-1: Using ep0 maxpacket: 32
[  470.213911][    T9] usb 2-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.c7
[  470.240330][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.302097][    T9] usb 2-1: config 0 descriptor??
[  470.312246][ T8804] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  470.335712][    T9] usb 2-1: dvb_usb_v2: found a 'Anysee' in warm state
[  470.356608][ T8804] usb 7-1: config 0 interface 0 has no altsetting 0
[  470.374893][    T9] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  470.399401][ T8804] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  470.423916][    T9] dvb_usb_anysee 2-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  470.438792][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  470.481253][ T8804] usb 7-1: Product: syz
[  470.495824][ T8804] usb 7-1: Manufacturer: syz
[  470.514610][T13310] vxfs: WRONG superblock magic 00000000 at 1
[  470.528705][ T8804] usb 7-1: SerialNumber: syz
[  470.542992][T13310] vxfs: WRONG superblock magic 00000000 at 8
[  470.573524][ T8804] usb 7-1: config 0 descriptor??
[  470.582989][T13310] vxfs: can't find superblock.
[  470.618060][    T9] usb 2-1: USB disconnect, device number 89
[  470.638293][ T8804] usb 7-1: selecting invalid altsetting 0
[  470.890072][T13314] sp0: Synchronizing with TNC
[  471.023106][T13328] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2378'.
[  471.191398][T13313] [U] è
[  471.296696][ T8804] usb 7-1: USB disconnect, device number 9
[  471.820663][T13337] netlink: 'syz.1.2385': attribute type 4 has an invalid length.
[  472.208535][T13341] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2386'.
[  472.759194][ T8784] usb 6-1: unable to get BOS descriptor or descriptor too short
[  472.766967][ T8784] usb 6-1: no configurations
[  472.772688][ T8784] usb 6-1: can't read configurations, error -22
[  472.977492][T13360] netlink: 'syz.4.2395': attribute type 4 has an invalid length.
[  473.165450][T13367] /dev/rnullb0: Can't open blockdev
[  473.338713][T13373] loop3: detected capacity change from 0 to 1
[  473.373420][T13373] Dev loop3: unable to read RDB block 1
[  473.393707][T13373]  loop3: unable to read partition table
[  473.430569][T13373] loop3: partition table beyond EOD, truncated
[  473.449654][T13373] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  474.060125][T13387] netlink: 'syz.6.2406': attribute type 4 has an invalid length.
[  474.777704][ T8795] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  474.849223][ T8804] usb 6-1: new full-speed USB device number 52 using dummy_hcd
[  474.931322][ T8795] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  474.952016][ T8795] usb 7-1: config 0 interface 0 has no altsetting 0
[  474.974535][ T8795] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  474.994294][ T8795] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  475.011698][ T8804] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  475.015353][ T8795] usb 7-1: Product: syz
[  475.033290][ T8804] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  475.043756][ T8795] usb 7-1: Manufacturer: syz
[  475.059636][ T8795] usb 7-1: SerialNumber: syz
[  475.078556][ T8795] usb 7-1: config 0 descriptor??
[  475.086535][ T8804] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  475.093223][ T8795] usb 7-1: selecting invalid altsetting 0
[  475.129880][ T8804] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.151339][ T8804] usb 6-1: Product: syz
[  475.155556][ T8804] usb 6-1: Manufacturer: syz
[  475.193035][ T8804] usb 6-1: SerialNumber: syz
[  475.225662][T13399] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  475.313316][ T8795] usb 7-1: USB disconnect, device number 10
[  475.386275][ T5856] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  475.402781][ T5856] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  475.412401][ T5856] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  475.421634][ T5856] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  475.430406][ T5856] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  475.903456][ T3476] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.092448][ T3476] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.119466][T13414] netlink: 'syz.6.2416': attribute type 4 has an invalid length.
[  476.129446][T13406] chnl_net:caif_netlink_parms(): no params data found
[  476.183836][ T3476] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.247384][ T8804] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42
[  476.273142][ T8804] cdc_ncm 6-1:1.0: dwNtbInMaxSize=4 is too small. Using 2048
[  476.285169][ T8804] cdc_ncm 6-1:1.0: setting rx_max = 2048
[  476.324951][T13417] qnx4: no qnx4 filesystem (no root dir).
[  476.358692][ T3476] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.447030][ T8804] cdc_ncm 6-1:1.0: setting tx_max = 36
[  476.586678][T13406] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.603904][T13406] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.614609][T13406] bridge_slave_0: entered allmulticast mode
[  476.630283][T13406] bridge_slave_0: entered promiscuous mode
[  476.682308][T13406] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.692180][T13406] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.705861][T13406] bridge_slave_1: entered allmulticast mode
[  476.716572][T13406] bridge_slave_1: entered promiscuous mode
[  476.767498][   T30] audit: type=1800 audit(1751360601.754:116): pid=13425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2420" name="bus" dev="tmpfs" ino=545 res=0 errno=0
[  476.794233][T13425] FAULT_INJECTION: forcing a failure.
[  476.794233][T13425] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  476.818943][T13425] CPU: 1 UID: 0 PID: 13425 Comm: syz.6.2420 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  476.818974][T13425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  476.818987][T13425] Call Trace:
[  476.818996][T13425]  <TASK>
[  476.819005][T13425]  dump_stack_lvl+0x189/0x250
[  476.819044][T13425]  ? __pfx____ratelimit+0x10/0x10
[  476.819069][T13425]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.819090][T13425]  ? __pfx__printk+0x10/0x10
[  476.819115][T13425]  ? fs_reclaim_acquire+0x7d/0x100
[  476.819148][T13425]  should_fail_ex+0x414/0x560
[  476.819181][T13425]  prepare_alloc_pages+0x213/0x610
[  476.819214][T13425]  __alloc_frozen_pages_noprof+0x123/0x370
[  476.819246][T13425]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  476.819270][T13425]  ? css_rstat_updated+0x24f/0x4e0
[  476.819296][T13425]  ? policy_nodemask+0x27c/0x720
[  476.819324][T13425]  alloc_pages_mpol+0x232/0x4a0
[  476.819352][T13425]  folio_alloc_mpol_noprof+0x39/0x70
[  476.819377][T13425]  shmem_alloc_and_add_folio+0x447/0xf60
[  476.819402][T13425]  ? filemap_get_entry+0xad/0x2f0
[  476.819427][T13425]  ? filemap_get_entry+0xad/0x2f0
[  476.819448][T13425]  ? filemap_get_entry+0xad/0x2f0
[  476.819476][T13425]  ? shmem_huge_global_enabled+0x174/0x3a0
[  476.819524][T13425]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  476.819551][T13425]  ? shmem_allowable_huge_orders+0x19c/0x420
[  476.819591][T13425]  shmem_get_folio_gfp+0x59d/0x1660
[  476.819628][T13425]  shmem_fault+0x179/0x390
[  476.819659][T13425]  __do_fault+0x135/0x390
[  476.819688][T13425]  __handle_mm_fault+0x1847/0x5440
[  476.819743][T13425]  ? __pfx___handle_mm_fault+0x10/0x10
[  476.819779][T13425]  ? follow_page_pte+0x7ef/0x13e0
[  476.819819][T13425]  handle_mm_fault+0x40a/0x8e0
[  476.819854][T13425]  __get_user_pages+0x1699/0x2ce0
[  476.819873][T13425]  ? __lock_acquire+0xab9/0xd20
[  476.819942][T13425]  __gup_longterm_locked+0x1249/0x1660
[  476.819974][T13425]  ? __lock_acquire+0xab9/0xd20
[  476.820019][T13425]  pin_user_pages_remote+0xd4/0x120
[  476.820044][T13425]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  476.820072][T13425]  ? down_read+0x1ad/0x2e0
[  476.820102][T13425]  process_vm_rw+0x59e/0xb40
[  476.820124][T13425]  ? get_pid_task+0x20/0x1f0
[  476.820162][T13425]  ? __pfx_process_vm_rw+0x10/0x10
[  476.820181][T13425]  ? rcu_read_lock_any_held+0xb3/0x120
[  476.820234][T13425]  ? __pfx_vfs_write+0x10/0x10
[  476.820283][T13425]  ? ksys_write+0x22a/0x250
[  476.820311][T13425]  ? __pfx_ksys_write+0x10/0x10
[  476.820332][T13425]  ? rcu_is_watching+0x15/0xb0
[  476.820357][T13425]  __x64_sys_process_vm_writev+0xe0/0x100
[  476.820384][T13425]  do_syscall_64+0xfa/0x3b0
[  476.820410][T13425]  ? lockdep_hardirqs_on+0x9c/0x150
[  476.820433][T13425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.820452][T13425]  ? clear_bhb_loop+0x60/0xb0
[  476.820474][T13425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.820494][T13425] RIP: 0033:0x7f2f6dd8e929
[  476.820513][T13425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.820532][T13425] RSP: 002b:00007f2f6ebfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  476.820554][T13425] RAX: ffffffffffffffda RBX: 00007f2f6dfb5fa0 RCX: 00007f2f6dd8e929
[  476.820571][T13425] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000000f0
[  476.820584][T13425] RBP: 00007f2f6ebfc090 R08: 0000000000000001 R09: 0000000000000000
[  476.820596][T13425] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  476.820608][T13425] R13: 0000000000000000 R14: 00007f2f6dfb5fa0 R15: 00007ffe0400dbf8
[  476.820640][T13425]  </TASK>
[  477.239275][T13406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.348349][ T8804] cdc_ncm 6-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  477.428856][T13406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.461684][ T8804] usb 6-1: USB disconnect, device number 52
[  477.484689][ T8804] cdc_ncm 6-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP)
[  477.497690][ T5851] Bluetooth: hci5: command tx timeout
[  477.551809][ T3476] bridge_slave_1: left allmulticast mode
[  477.560064][ T3476] bridge_slave_1: left promiscuous mode
[  477.565867][ T3476] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.621767][ T3476] bridge_slave_0: left allmulticast mode
[  477.634878][ T3476] bridge_slave_0: left promiscuous mode
[  477.660735][ T3476] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.803443][T13438] netlink: 'syz.6.2424': attribute type 4 has an invalid length.
[  478.411119][T13456] loop3: detected capacity change from 0 to 1
[  478.419354][T13456] Dev loop3: unable to read RDB block 1
[  478.425057][T13456]  loop3: unable to read partition table
[  478.449836][T13456] loop3: partition table beyond EOD, truncated
[  478.456415][T13456] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  478.638981][ T3476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  478.661836][ T3476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.683563][ T3476] bond0 (unregistering): Released all slaves
[  478.833904][ T3476] tipc: Disabling bearer <udp:syz0>
[  478.840184][ T3476] tipc: Disabling bearer <udp:syz1>
[  478.849586][ T3476] tipc: Left network mode
[  478.939325][T13406] team0: Port device team_slave_0 added
[  478.960509][T13406] team0: Port device team_slave_1 added
[  479.155676][T13406] batman_adv: batadv0: Adding interface: batadv_slave_0
[  479.177664][T13406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.220790][T13406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.380255][T13406] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.387339][T13406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.415101][T13406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.479079][ T3476] hsr_slave_0: left promiscuous mode
[  479.497693][ T3476] hsr_slave_1: left promiscuous mode
[  479.503913][ T3476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  479.536170][ T3476] batman_adv: batadv0: Removing interface: batadv_slave_0
[  479.549011][ T3476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  479.556547][ T3476] batman_adv: batadv0: Removing interface: batadv_slave_1
[  479.568309][ T5851] Bluetooth: hci5: command tx timeout
[  479.596774][ T3476] veth1_macvtap: left promiscuous mode
[  479.604677][ T3476] veth0_macvtap: left promiscuous mode
[  479.613712][ T3476] veth1_vlan: left promiscuous mode
[  479.621657][ T3476] veth0_vlan: left promiscuous mode
[  479.785213][ T5910] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  479.883379][T13480] netlink: 'syz.6.2440': attribute type 4 has an invalid length.
[  479.947601][ T5910] usb 6-1: Using ep0 maxpacket: 8
[  479.968213][ T5910] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  479.983507][ T5910] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  480.012144][ T5910] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  480.052057][ T5910] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  480.064439][ T5910] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.089113][ T5910] hub 6-1:1.0: bad descriptor, ignoring hub
[  480.096393][ T5910] hub 6-1:1.0: probe with driver hub failed with error -5
[  480.116536][ T5910] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  480.453642][ T3476] team0 (unregistering): Port device team_slave_1 removed
[  480.488575][ T8795] usb 6-1: USB disconnect, device number 53
[  480.515857][ T3476] team0 (unregistering): Port device team_slave_0 removed
[  481.326083][T13406] hsr_slave_0: entered promiscuous mode
[  481.349409][T13406] hsr_slave_1: entered promiscuous mode
[  481.366048][T13406] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  481.380005][T13406] Cannot create hsr debugfs directory
[  481.627612][T13491] gfs2: not a GFS2 filesystem
[  481.647966][ T5851] Bluetooth: hci5: command tx timeout
[  482.117702][ T8804] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  482.213960][T13507] netlink: 'syz.5.2450': attribute type 4 has an invalid length.
[  482.245001][T13406] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  482.265768][T13406] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  482.283144][T13406] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  482.299400][ T8804] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  482.320495][T13406] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  482.327616][ T8804] usb 7-1: config 0 interface 0 has no altsetting 0
[  482.341637][ T8804] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  482.359110][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  482.367302][ T8804] usb 7-1: Product: syz
[  482.386860][ T8804] usb 7-1: Manufacturer: syz
[  482.393564][ T8804] usb 7-1: SerialNumber: syz
[  482.406697][ T8804] usb 7-1: config 0 descriptor??
[  482.425602][ T8804] usb 7-1: selecting invalid altsetting 0
[  482.564666][T13406] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.634253][ T8622] usb 7-1: USB disconnect, device number 11
[  482.653843][   T30] audit: type=1326 audit(1751360607.644:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13517 comm="syz.5.2452" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6c118e929 code=0x0
[  482.671064][T13406] 8021q: adding VLAN 0 to HW filter on device team0
[  482.708448][ T3476] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.715624][ T3476] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.749762][ T1157] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.756978][ T1157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.005301][T13526] NILFS (rnullb0): couldn't find nilfs on the device
[  483.302438][T13406] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.343328][T13535] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2457'.
[  483.476633][T13406] veth0_vlan: entered promiscuous mode
[  483.490456][T13537] netlink: 'syz.5.2458': attribute type 4 has an invalid length.
[  483.501069][T13406] veth1_vlan: entered promiscuous mode
[  483.574404][T13406] veth0_macvtap: entered promiscuous mode
[  483.608146][T13406] veth1_macvtap: entered promiscuous mode
[  483.655832][T13406] batman_adv: batadv0: Interface activated: batadv_slave_0
[  483.686595][T13406] batman_adv: batadv0: Interface activated: batadv_slave_1
[  483.712231][ T3476] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.730805][ T5851] Bluetooth: hci5: command tx timeout
[  483.746885][ T3476] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  483.770837][ T3476] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  483.794698][T13540] IPVS: Scheduler module ip_vs_sip not found
[  483.827831][ T3476] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.017819][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.025681][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.144967][T13549] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  484.165904][ T3476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.192385][ T3476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.356138][T13555] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2466'.
[  484.442282][T13558] fuse: blksize only supported for fuseblk
[  484.465346][T13560] netlink: 'syz.5.2467': attribute type 4 has an invalid length.
[  484.604786][T13563] autofs4:pid:13563:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e)
[  485.033220][T13577] loop3: detected capacity change from 0 to 1
[  485.062114][T13577]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  485.080785][T13577] loop3: p1 start 791543808 is beyond EOD, truncated
[  485.104173][T13577] loop3: p2 start 1633771873 is beyond EOD, truncated
[  485.132753][T13577] loop3: p3 start 1633771873 is beyond EOD, truncated
[  485.150038][T13577] loop3: p4 start 1633771873 is beyond EOD, truncated
[  485.181360][T13577] loop3: p5 start 1633771873 is beyond EOD, truncated
[  485.202740][T13577] loop3: p6 start 1633771776 is beyond EOD, truncated
[  485.231371][T13577] loop3: p7 start 1633771873 is beyond EOD, truncated
[  485.264214][T13577] loop3: p8 start 1886744434 is beyond EOD, truncated
[  485.327723][T13577] loop3: p9 start 1633771873 is beyond EOD, truncated
[  485.452058][T13577] loop3: p10 start 1633771873 is beyond EOD, truncated
[  485.496966][T13584] netlink: 'syz.1.2477': attribute type 4 has an invalid length.
[  486.077546][ T8804] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  486.118870][T13604] /dev/rnullb0: Can't open blockdev
[  486.239964][ T8804] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  486.251522][ T8804] usb 7-1: config 0 interface 0 has no altsetting 0
[  486.261789][ T8804] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  486.271225][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  486.279931][ T8804] usb 7-1: Product: syz
[  486.284318][ T8804] usb 7-1: Manufacturer: syz
[  486.289512][ T8804] usb 7-1: SerialNumber: syz
[  486.297675][ T8804] usb 7-1: config 0 descriptor??
[  486.310371][ T8804] usb 7-1: selecting invalid altsetting 0
[  486.513699][T13595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  486.526794][T13595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  486.538872][ T8804] usb 7-1: USB disconnect, device number 12
[  486.974705][T13608] netlink: 'syz.5.2489': attribute type 4 has an invalid length.
[  487.015084][T13610] loop3: detected capacity change from 0 to 1
[  487.045096][T13610] Dev loop3: unable to read RDB block 1
[  487.078363][T13610]  loop3: unable to read partition table
[  487.084407][T13610] loop3: partition table beyond EOD, truncated
[  487.104186][T13610] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  487.568188][ T8795] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  487.747829][ T8795] usb 6-1: Using ep0 maxpacket: 32
[  488.151368][T13638] netlink: 'syz.6.2499': attribute type 4 has an invalid length.
[  489.188606][ T8804] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  489.407648][ T8804] usb 7-1: Using ep0 maxpacket: 32
[  489.439809][ T8804] usb 7-1: config 0 has an invalid interface number: 202 but max is 0
[  489.486530][T13653] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2506'.
[  489.507046][ T8804] usb 7-1: config 0 has no interface number 0
[  489.521791][ T8804] usb 7-1: config 0 interface 202 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  489.588871][ T8804] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  489.637778][ T8804] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.679084][ T8804] usb 7-1: Product: syz
[  489.701309][ T8804] usb 7-1: Manufacturer: syz
[  489.721610][ T8804] usb 7-1: SerialNumber: syz
[  489.771275][ T8804] usb 7-1: config 0 descriptor??
[  489.873940][ T8804] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  490.271552][   T49] usb 7-1: Failed to submit usb control message: -71
[  490.322788][   T49] usb 7-1: unable to send the bmi data to the device: -71
[  490.357579][   T49] usb 7-1: unable to get target info from device
[  490.358880][ T8804] usb 7-1: USB disconnect, device number 13
[  490.364052][   T49] usb 7-1: could not get target info (-71)
[  490.378349][   T49] usb 7-1: could not probe fw (-71)
[  490.395645][ T8795] usb 6-1: unable to get BOS descriptor or descriptor too short
[  490.404595][ T8795] usb 6-1: no configurations
[  490.409485][ T8795] usb 6-1: can't read configurations, error -22
[  490.509431][T13667] netlink: 'syz.5.2509': attribute type 4 has an invalid length.
[  490.754662][T13671] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  490.781066][T13671] overlayfs: missing 'lowerdir'
[  490.925081][T13678] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2513'.
[  491.138647][T13688] loop3: detected capacity change from 0 to 1
[  491.146455][T13688]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  491.161900][T13688] loop3: p1 start 791543808 is beyond EOD, truncated
[  491.175795][T13688] loop3: p2 start 1633771873 is beyond EOD, truncated
[  491.183901][T13688] loop3: p3 start 1633771873 is beyond EOD, truncated
[  491.194037][T13688] loop3: p4 start 1633771873 is beyond EOD, truncated
[  491.202519][T13688] loop3: p5 start 1633771873 is beyond EOD, truncated
[  491.212568][T13688] loop3: p6 start 1633771776 is beyond EOD, truncated
[  491.221485][T13688] loop3: p7 start 1633771873 is beyond EOD, truncated
[  491.231432][T13688] loop3: p8 start 1886744434 is beyond EOD, truncated
[  491.239239][T13688] loop3: p9 start 1633771873 is beyond EOD, truncated
[  491.252620][T13688] loop3: p10 start 1633771873 is beyond EOD, truncated
[  491.257561][ T5941] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  491.422404][ T5941] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  491.437496][ T5941] usb 2-1: config 0 interface 0 has no altsetting 0
[  491.470921][ T5941] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  491.494107][ T5941] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  491.512794][ T5941] usb 2-1: Product: syz
[  491.517008][ T5941] usb 2-1: Manufacturer: syz
[  491.534195][ T5941] usb 2-1: SerialNumber: syz
[  491.557716][ T5941] usb 2-1: config 0 descriptor??
[  491.573724][ T5941] usb 2-1: selecting invalid altsetting 0
[  491.614786][T13694] netlink: 'syz.6.2519': attribute type 4 has an invalid length.
[  491.783861][ T5941] usb 2-1: USB disconnect, device number 90
[  492.062047][T13707] program syz.6.2524 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  492.315152][   T30] audit: type=1800 audit(1751360617.294:118): pid=13716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2529" name="bus" dev="tmpfs" ino=3041 res=0 errno=0
[  492.355319][T13716] FAULT_INJECTION: forcing a failure.
[  492.355319][T13716] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  492.375318][T13716] CPU: 0 UID: 0 PID: 13716 Comm: syz.4.2529 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  492.375348][T13716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.375362][T13716] Call Trace:
[  492.375371][T13716]  <TASK>
[  492.375380][T13716]  dump_stack_lvl+0x189/0x250
[  492.375409][T13716]  ? __pfx____ratelimit+0x10/0x10
[  492.375435][T13716]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.375458][T13716]  ? __pfx__printk+0x10/0x10
[  492.375484][T13716]  ? fs_reclaim_acquire+0x7d/0x100
[  492.375520][T13716]  should_fail_ex+0x414/0x560
[  492.375556][T13716]  prepare_alloc_pages+0x213/0x610
[  492.375592][T13716]  __alloc_frozen_pages_noprof+0x123/0x370
[  492.375627][T13716]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  492.375654][T13716]  ? css_rstat_updated+0x24f/0x4e0
[  492.375681][T13716]  ? policy_nodemask+0x27c/0x720
[  492.375711][T13716]  alloc_pages_mpol+0x232/0x4a0
[  492.375741][T13716]  folio_alloc_mpol_noprof+0x39/0x70
[  492.375769][T13716]  shmem_alloc_and_add_folio+0x447/0xf60
[  492.375799][T13716]  ? filemap_get_entry+0xad/0x2f0
[  492.375826][T13716]  ? filemap_get_entry+0xad/0x2f0
[  492.375851][T13716]  ? filemap_get_entry+0xad/0x2f0
[  492.375883][T13716]  ? shmem_huge_global_enabled+0x174/0x3a0
[  492.375917][T13716]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  492.375945][T13716]  ? shmem_allowable_huge_orders+0x19c/0x420
[  492.375986][T13716]  shmem_get_folio_gfp+0x59d/0x1660
[  492.376028][T13716]  shmem_fault+0x179/0x390
[  492.376061][T13716]  __do_fault+0x135/0x390
[  492.376091][T13716]  __handle_mm_fault+0x1847/0x5440
[  492.376131][T13716]  ? __pfx___handle_mm_fault+0x10/0x10
[  492.376169][T13716]  ? follow_page_pte+0x7ef/0x13e0
[  492.376203][T13716]  handle_mm_fault+0x40a/0x8e0
[  492.376248][T13716]  __get_user_pages+0x1699/0x2ce0
[  492.376267][T13716]  ? __lock_acquire+0xab9/0xd20
[  492.376342][T13716]  __gup_longterm_locked+0x1249/0x1660
[  492.376372][T13716]  ? __lock_acquire+0xab9/0xd20
[  492.376412][T13716]  pin_user_pages_remote+0xd4/0x120
[  492.376435][T13716]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  492.376461][T13716]  ? down_read+0x1ad/0x2e0
[  492.376491][T13716]  process_vm_rw+0x59e/0xb40
[  492.376510][T13716]  ? get_pid_task+0x20/0x1f0
[  492.376546][T13716]  ? __pfx_process_vm_rw+0x10/0x10
[  492.376564][T13716]  ? rcu_read_lock_any_held+0xb3/0x120
[  492.376613][T13716]  ? __pfx_vfs_write+0x10/0x10
[  492.376659][T13716]  ? ksys_write+0x22a/0x250
[  492.376684][T13716]  ? __pfx_ksys_write+0x10/0x10
[  492.376704][T13716]  ? rcu_is_watching+0x15/0xb0
[  492.376728][T13716]  __x64_sys_process_vm_writev+0xe0/0x100
[  492.376754][T13716]  do_syscall_64+0xfa/0x3b0
[  492.376777][T13716]  ? lockdep_hardirqs_on+0x9c/0x150
[  492.376800][T13716]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.376819][T13716]  ? clear_bhb_loop+0x60/0xb0
[  492.376843][T13716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.376861][T13716] RIP: 0033:0x7fc95b58e929
[  492.376878][T13716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.376894][T13716] RSP: 002b:00007fc95c383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  492.376914][T13716] RAX: ffffffffffffffda RBX: 00007fc95b7b5fa0 RCX: 00007fc95b58e929
[  492.376927][T13716] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000005ae
[  492.376939][T13716] RBP: 00007fc95c383090 R08: 0000000000000001 R09: 0000000000000000
[  492.376950][T13716] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  492.376962][T13716] R13: 0000000000000000 R14: 00007fc95b7b5fa0 R15: 00007ffc66e50c78
[  492.376990][T13716]  </TASK>
[  493.206483][T13733] tipc: Started in network mode
[  493.216043][T13733] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  493.238453][T13733] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  493.419625][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.446868][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.462915][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.486633][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.504049][T13743] bond0: entered promiscuous mode
[  493.518603][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.522561][T13743] bond_slave_0: entered promiscuous mode
[  493.534032][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.555590][T13743] bond_slave_1: entered promiscuous mode
[  493.561067][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.575608][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.584875][T13746] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2540'.
[  493.593438][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.605763][ T8784] hid-generic 0008:0002:000B.001F: unknown main item tag 0x0
[  493.666312][ T8784] hid-generic 0008:0002:000B.001F: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz0
[  493.866882][T13756] /dev/rnullb0: Can't open blockdev
[  493.897571][ T5941] usb 6-1: new low-speed USB device number 56 using dummy_hcd
[  493.956441][T13760] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  494.027553][ T5941] usb 6-1: device descriptor read/64, error -71
[  494.049310][T13765] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2547'.
[  494.268001][ T5941] usb 6-1: new low-speed USB device number 57 using dummy_hcd
[  494.407850][ T5941] usb 6-1: device descriptor read/64, error -71
[  494.517968][ T5941] usb usb6-port1: attempt power cycle
[  494.532682][T13779] openvswitch: netlink: Missing key (keys=400040, expected=80)
[  494.684164][T13782] tmpfs: Bad value for 'mpol'
[  494.707345][T13782] /dev/rnullb0: Can't open blockdev
[  494.857529][ T5941] usb 6-1: new low-speed USB device number 58 using dummy_hcd
[  494.889224][ T5941] usb 6-1: device descriptor read/8, error -71
[  494.972498][T13794] netlink: 'syz.4.2559': attribute type 4 has an invalid length.
[  495.048044][T13796] loop3: detected capacity change from 0 to 1
[  495.056445][T13796] Dev loop3: unable to read RDB block 1
[  495.067511][T13796]  loop3: unable to read partition table
[  495.073469][T13796] loop3: partition table beyond EOD, truncated
[  495.080037][ T8622] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  495.092682][T13796] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  495.130066][ T5941] usb 6-1: new low-speed USB device number 59 using dummy_hcd
[  495.168297][ T5941] usb 6-1: device descriptor read/8, error -71
[  495.251327][ T8622] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  495.264949][   T30] audit: type=1800 audit(1751360620.254:119): pid=13800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2562" name="bus" dev="tmpfs" ino=3122 res=0 errno=0
[  495.272890][T13800] FAULT_INJECTION: forcing a failure.
[  495.272890][T13800] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  495.296416][ T8622] usb 7-1: config 0 interface 0 has no altsetting 0
[  495.307599][ T5941] usb usb6-port1: unable to enumerate USB device
[  495.315965][T13800] CPU: 1 UID: 0 PID: 13800 Comm: syz.4.2562 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  495.315993][T13800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.316006][T13800] Call Trace:
[  495.316014][T13800]  <TASK>
[  495.316023][T13800]  dump_stack_lvl+0x189/0x250
[  495.316050][T13800]  ? __pfx____ratelimit+0x10/0x10
[  495.316074][T13800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  495.316095][T13800]  ? __pfx__printk+0x10/0x10
[  495.316119][T13800]  ? fs_reclaim_acquire+0x7d/0x100
[  495.316154][T13800]  should_fail_ex+0x414/0x560
[  495.316188][T13800]  prepare_alloc_pages+0x213/0x610
[  495.316221][T13800]  __alloc_frozen_pages_noprof+0x123/0x370
[  495.316256][T13800]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  495.316282][T13800]  ? css_rstat_updated+0x24f/0x4e0
[  495.316307][T13800]  ? policy_nodemask+0x27c/0x720
[  495.316334][T13800]  alloc_pages_mpol+0x232/0x4a0
[  495.316362][T13800]  folio_alloc_mpol_noprof+0x39/0x70
[  495.316386][T13800]  shmem_alloc_and_add_folio+0x447/0xf60
[  495.316413][T13800]  ? filemap_get_entry+0xad/0x2f0
[  495.316438][T13800]  ? filemap_get_entry+0xad/0x2f0
[  495.316460][T13800]  ? filemap_get_entry+0xad/0x2f0
[  495.316488][T13800]  ? shmem_huge_global_enabled+0x174/0x3a0
[  495.316518][T13800]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  495.316543][T13800]  ? shmem_allowable_huge_orders+0x19c/0x420
[  495.316580][T13800]  shmem_get_folio_gfp+0x59d/0x1660
[  495.316618][T13800]  shmem_fault+0x179/0x390
[  495.316648][T13800]  __do_fault+0x135/0x390
[  495.316676][T13800]  __handle_mm_fault+0x1847/0x5440
[  495.316715][T13800]  ? __pfx___handle_mm_fault+0x10/0x10
[  495.316749][T13800]  ? follow_page_pte+0x7ef/0x13e0
[  495.316781][T13800]  handle_mm_fault+0x40a/0x8e0
[  495.316811][T13800]  __get_user_pages+0x1699/0x2ce0
[  495.316829][T13800]  ? __lock_acquire+0xab9/0xd20
[  495.316891][T13800]  __gup_longterm_locked+0x1249/0x1660
[  495.316919][T13800]  ? __lock_acquire+0xab9/0xd20
[  495.316967][T13800]  pin_user_pages_remote+0xd4/0x120
[  495.316991][T13800]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  495.317016][T13800]  ? down_read+0x1ad/0x2e0
[  495.317044][T13800]  process_vm_rw+0x59e/0xb40
[  495.317063][T13800]  ? get_pid_task+0x20/0x1f0
[  495.317099][T13800]  ? __pfx_process_vm_rw+0x10/0x10
[  495.317117][T13800]  ? rcu_read_lock_any_held+0xb3/0x120
[  495.317166][T13800]  ? __pfx_vfs_write+0x10/0x10
[  495.317211][T13800]  ? ksys_write+0x22a/0x250
[  495.317236][T13800]  ? __pfx_ksys_write+0x10/0x10
[  495.317256][T13800]  ? rcu_is_watching+0x15/0xb0
[  495.317280][T13800]  __x64_sys_process_vm_writev+0xe0/0x100
[  495.317305][T13800]  do_syscall_64+0xfa/0x3b0
[  495.317328][T13800]  ? lockdep_hardirqs_on+0x9c/0x150
[  495.317351][T13800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.317370][T13800]  ? clear_bhb_loop+0x60/0xb0
[  495.317394][T13800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.317411][T13800] RIP: 0033:0x7fc95b58e929
[  495.317429][T13800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.317445][T13800] RSP: 002b:00007fc95c383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  495.317471][T13800] RAX: ffffffffffffffda RBX: 00007fc95b7b5fa0 RCX: 00007fc95b58e929
[  495.317485][T13800] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000005cd
[  495.317496][T13800] RBP: 00007fc95c383090 R08: 0000000000000001 R09: 0000000000000000
[  495.317508][T13800] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  495.317539][T13800] R13: 0000000000000000 R14: 00007fc95b7b5fa0 R15: 00007ffc66e50c78
[  495.317567][T13800]  </TASK>
[  495.330282][ T8622] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  495.684296][ T8622] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  495.692583][ T8622] usb 7-1: Product: syz
[  495.696773][ T8622] usb 7-1: Manufacturer: syz
[  495.703244][ T8622] usb 7-1: SerialNumber: syz
[  495.710845][ T8622] usb 7-1: config 0 descriptor??
[  495.732406][ T8622] usb 7-1: selecting invalid altsetting 0
[  495.983854][ T8622] usb 7-1: USB disconnect, device number 14
[  496.132113][T13814] netlink: 'syz.1.2568': attribute type 4 has an invalid length.
[  496.336667][T13819] /dev/rnullb0: Can't open blockdev
[  496.706234][T13826] dvmrp1: entered allmulticast mode
[  496.795144][T13826] dvmrp1: left allmulticast mode
[  496.947132][T13835] netlink: 'syz.6.2577': attribute type 4 has an invalid length.
[  497.417603][ T8795] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[  497.579218][ T8795] usb 2-1: Using ep0 maxpacket: 8
[  497.593609][ T8795] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  497.603392][ T8795] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.611624][ T8795] usb 2-1: Product: syz
[  497.615873][ T8795] usb 2-1: Manufacturer: syz
[  497.620844][ T8784] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  497.629363][ T8795] usb 2-1: SerialNumber: syz
[  497.638235][ T8795] usb 2-1: config 0 descriptor??
[  497.759141][ T8784] usb 7-1: device descriptor read/64, error -71
[  497.859549][ T8795] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  497.912222][T13860] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  497.997517][ T8784] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  498.138086][ T8784] usb 7-1: device descriptor read/64, error -71
[  498.248076][ T8784] usb usb7-port1: attempt power cycle
[  498.330244][T13871] omfs: Invalid superblock (0)
[  498.394619][T13873] netlink: 'syz.5.2590': attribute type 4 has an invalid length.
[  498.608891][ T8784] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[  498.648360][ T8784] usb 7-1: device descriptor read/8, error -71
[  498.897723][ T8784] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  498.928170][ T8784] usb 7-1: device descriptor read/8, error -71
[  499.042856][ T8784] usb usb7-port1: unable to enumerate USB device
[  499.602965][T13902] netlink: 'syz.5.2599': attribute type 4 has an invalid length.
[  500.138287][ T8795] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  501.014062][T13926] netlink: 'syz.1.2609': attribute type 4 has an invalid length.
[  501.171995][T13931] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2611'.
[  501.333209][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  501.343389][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  501.419424][T13935] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  501.426593][T13935] VFS: Can't find a romfs filesystem on dev rnullb0.
[  501.426593][T13935] 
[  501.858702][T13954] loop3: detected capacity change from 0 to 1
[  501.876701][T13954]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  501.884202][T13954] loop3: p1 start 791543808 is beyond EOD, truncated
[  501.894847][T13955] netlink: 'syz.1.2619': attribute type 4 has an invalid length.
[  501.918442][T13954] loop3: p2 start 1633771873 is beyond EOD, truncated
[  501.925501][T13954] loop3: p3 start 1633771873 is beyond EOD, truncated
[  501.971375][T13954] loop3: p4 start 1633771873 is beyond EOD, truncated
[  501.994221][T13954] loop3: p5 start 1633771873 is beyond EOD, truncated
[  502.015259][T13954] loop3: p6 start 1633771776 is beyond EOD, truncated
[  502.032407][T13954] loop3: p7 start 1633771873 is beyond EOD, truncated
[  502.042508][T13954] loop3: p8 start 1886744434 is beyond EOD, truncated
[  502.053300][T13954] loop3: p9 start 1633771873 is beyond EOD, truncated
[  502.062867][T13954] loop3: p10 start 1633771873 is beyond EOD, truncated
[  502.169740][T13961] (syz.5.2621,13961,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  502.200193][T13961] (syz.5.2621,13961,1):ocfs2_fill_super:1177 ERROR: status = -22
[  502.669207][ T8795] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  502.851535][ T8795] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  502.870906][ T8795] usb 7-1: config 0 interface 0 has no altsetting 0
[  502.898566][ T8795] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  502.917549][ T8795] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  502.946302][ T8795] usb 7-1: Product: syz
[  502.953949][ T8795] usb 7-1: Manufacturer: syz
[  502.981689][ T8795] usb 7-1: SerialNumber: syz
[  503.000896][ T8795] usb 7-1: config 0 descriptor??
[  503.021318][ T8795] usb 7-1: selecting invalid altsetting 0
[  503.278641][ T5941] usb 7-1: USB disconnect, device number 19
[  503.548365][T13980] netlink: 'syz.1.2630': attribute type 4 has an invalid length.
[  503.700148][T13984] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  504.111610][T13997] loop3: detected capacity change from 0 to 1
[  504.147161][T13997] Dev loop3: unable to read RDB block 1
[  504.153070][T13997]  loop3: unable to read partition table
[  504.159259][T13997] loop3: partition table beyond EOD, truncated
[  504.166708][T13997] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  504.277591][T14003] fuse: Bad value for 'fd'
[  504.298504][T14004] netlink: 'syz.5.2640': attribute type 4 has an invalid length.
[  504.651405][T14016] input: syz1 as /devices/virtual/input/input61
[  504.948535][ T5910] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  505.119520][ T5910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.157454][ T5910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.189552][ T5910] usb 6-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  505.218504][ T5910] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.252595][ T5910] usb 6-1: config 0 descriptor??
[  505.558440][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  505.576789][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  505.597947][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  505.611377][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  505.619859][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  505.698976][ T5910] stadia 0003:18D1:9400.0020: hidraw0: USB HID v0.00 Device [HID 18d1:9400] on usb-dummy_hcd.5-1/input0
[  505.718478][ T5910] stadia 0003:18D1:9400.0020: no inputs found
[  505.724935][ T5910] stadia 0003:18D1:9400.0020: force feedback init failed
[  506.096138][ T5910] usb 6-1: USB disconnect, device number 60
[  506.274386][ T3476] bridge_slave_1: left allmulticast mode
[  506.280493][ T3476] bridge_slave_1: left promiscuous mode
[  506.286370][ T3476] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.337926][ T3476] bridge_slave_0: left allmulticast mode
[  506.357553][ T3476] bridge_slave_0: left promiscuous mode
[  506.374193][ T3476] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.423927][T14045] loop3: detected capacity change from 0 to 1
[  506.435511][T14045]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  506.453290][T14045] loop3: p1 start 791543808 is beyond EOD, truncated
[  506.475013][T14045] loop3: p2 start 1633771873 is beyond EOD, truncated
[  506.482371][T14045] loop3: p3 start 1633771873 is beyond EOD, truncated
[  506.489772][T14045] loop3: p4 start 1633771873 is beyond EOD, truncated
[  506.512586][T14045] loop3: p5 start 1633771873 is beyond EOD, truncated
[  506.520138][T14045] loop3: p6 start 1633771776 is beyond EOD, truncated
[  506.539064][T14045] loop3: p7 start 1633771873 is beyond EOD, truncated
[  506.546131][T14045] loop3: p8 start 1886744434 is beyond EOD, truncated
[  506.567987][T14045] loop3: p9 start 1633771873 is beyond EOD, truncated
[  506.574941][T14045] loop3: p10 start 1633771873 is beyond EOD, truncated
[  506.774120][   T30] audit: type=1800 audit(1751360631.764:120): pid=14049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2655" name="bus" dev="tmpfs" ino=3059 res=0 errno=0
[  506.811282][T14049] FAULT_INJECTION: forcing a failure.
[  506.811282][T14049] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  506.829412][T14049] CPU: 1 UID: 0 PID: 14049 Comm: syz.5.2655 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  506.829441][T14049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  506.829453][T14049] Call Trace:
[  506.829462][T14049]  <TASK>
[  506.829470][T14049]  dump_stack_lvl+0x189/0x250
[  506.829497][T14049]  ? __pfx____ratelimit+0x10/0x10
[  506.829520][T14049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  506.829541][T14049]  ? __pfx__printk+0x10/0x10
[  506.829564][T14049]  ? fs_reclaim_acquire+0x7d/0x100
[  506.829596][T14049]  should_fail_ex+0x414/0x560
[  506.829629][T14049]  prepare_alloc_pages+0x213/0x610
[  506.829661][T14049]  __alloc_frozen_pages_noprof+0x123/0x370
[  506.829697][T14049]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  506.829740][T14049]  ? css_rstat_updated+0x24f/0x4e0
[  506.829788][T14049]  ? policy_nodemask+0x27c/0x720
[  506.829828][T14049]  alloc_pages_mpol+0x232/0x4a0
[  506.829859][T14049]  folio_alloc_mpol_noprof+0x39/0x70
[  506.829886][T14049]  shmem_alloc_and_add_folio+0x447/0xf60
[  506.829915][T14049]  ? filemap_get_entry+0xad/0x2f0
[  506.829941][T14049]  ? filemap_get_entry+0xad/0x2f0
[  506.829965][T14049]  ? filemap_get_entry+0xad/0x2f0
[  506.829997][T14049]  ? shmem_huge_global_enabled+0x174/0x3a0
[  506.830030][T14049]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  506.830059][T14049]  ? shmem_allowable_huge_orders+0x19c/0x420
[  506.830100][T14049]  shmem_get_folio_gfp+0x59d/0x1660
[  506.830143][T14049]  shmem_fault+0x179/0x390
[  506.830176][T14049]  __do_fault+0x135/0x390
[  506.830207][T14049]  __handle_mm_fault+0x1847/0x5440
[  506.830247][T14049]  ? __pfx___handle_mm_fault+0x10/0x10
[  506.830285][T14049]  ? follow_page_pte+0x7ef/0x13e0
[  506.830321][T14049]  handle_mm_fault+0x40a/0x8e0
[  506.830355][T14049]  __get_user_pages+0x1699/0x2ce0
[  506.830374][T14049]  ? __lock_acquire+0xab9/0xd20
[  506.830443][T14049]  __gup_longterm_locked+0x1249/0x1660
[  506.830475][T14049]  ? __lock_acquire+0xab9/0xd20
[  506.830521][T14049]  pin_user_pages_remote+0xd4/0x120
[  506.830547][T14049]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  506.830576][T14049]  ? down_read+0x1ad/0x2e0
[  506.830607][T14049]  process_vm_rw+0x59e/0xb40
[  506.830629][T14049]  ? get_pid_task+0x20/0x1f0
[  506.830670][T14049]  ? __pfx_process_vm_rw+0x10/0x10
[  506.830690][T14049]  ? rcu_read_lock_any_held+0xb3/0x120
[  506.830745][T14049]  ? __pfx_vfs_write+0x10/0x10
[  506.830796][T14049]  ? ksys_write+0x22a/0x250
[  506.830831][T14049]  ? __pfx_ksys_write+0x10/0x10
[  506.830853][T14049]  ? rcu_is_watching+0x15/0xb0
[  506.830879][T14049]  __x64_sys_process_vm_writev+0xe0/0x100
[  506.830907][T14049]  do_syscall_64+0xfa/0x3b0
[  506.830934][T14049]  ? lockdep_hardirqs_on+0x9c/0x150
[  506.830970][T14049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.830990][T14049]  ? clear_bhb_loop+0x60/0xb0
[  506.831016][T14049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.831036][T14049] RIP: 0033:0x7fe6c118e929
[  506.831055][T14049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  506.831072][T14049] RSP: 002b:00007fe6c2001038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  506.831095][T14049] RAX: ffffffffffffffda RBX: 00007fe6c13b5fa0 RCX: 00007fe6c118e929
[  506.831111][T14049] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000005af
[  506.831125][T14049] RBP: 00007fe6c2001090 R08: 0000000000000001 R09: 0000000000000000
[  506.831139][T14049] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  506.831151][T14049] R13: 0000000000000000 R14: 00007fe6c13b5fa0 R15: 00007ffdc94a76f8
[  506.831183][T14049]  </TASK>
[  507.658869][ T3476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  507.693499][ T3476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  507.730623][ T5856] Bluetooth: hci0: command tx timeout
[  507.738546][ T3476] bond0 (unregistering): Released all slaves
[  507.969870][ T3476] tipc: Disabling bearer <udp:syz0>
[  507.977007][ T3476] tipc: Disabling bearer <udp:syz1>
[  507.986627][ T3476] tipc: Left network mode
[  508.101093][T14027] chnl_net:caif_netlink_parms(): no params data found
[  508.281945][T14079] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2663'.
[  508.518023][ T3476] hsr_slave_0: left promiscuous mode
[  508.545495][ T3476] hsr_slave_1: left promiscuous mode
[  508.566150][ T3476] batman_adv: batadv0: Removing interface: batadv_slave_0
[  508.579373][T14090] exFAT-fs (rnullb0): invalid boot record signature
[  508.586153][T14090] exFAT-fs (rnullb0): failed to read boot sector
[  508.593634][ T3476] batman_adv: batadv0: Removing interface: batadv_slave_1
[  508.637482][T14090] exFAT-fs (rnullb0): failed to recognize exfat type
[  508.707328][T14090] netlink: 5128 bytes leftover after parsing attributes in process `syz.6.2666'.
[  508.737983][T14090] netlink: 5128 bytes leftover after parsing attributes in process `syz.6.2666'.
[  508.747159][T14090] netlink: 584 bytes leftover after parsing attributes in process `syz.6.2666'.
[  508.771149][T14096] netlink: 'syz.1.2668': attribute type 4 has an invalid length.
[  508.822365][T14100] netlink: 'syz.1.2668': attribute type 4 has an invalid length.
[  508.862093][T14102] ./cgroup: Can't lookup blockdev
[  509.027822][ T8795] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  509.187867][ T5941] usb 6-1: new full-speed USB device number 61 using dummy_hcd
[  509.202372][ T8795] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  509.233152][ T8795] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  509.265345][ T8795] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  509.288421][ T8795] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  509.313378][ T8795] usb 7-1: SerialNumber: syz
[  509.393386][ T3476] team0 (unregistering): Port device team_slave_1 removed
[  509.402523][ T5941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.413414][ T5941] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  509.439965][ T5941] usb 6-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  509.449361][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.475994][ T5941] usb 6-1: config 0 descriptor??
[  509.508111][ T3476] team0 (unregistering): Port device team_slave_0 removed
[  509.575461][ T8795] usb 7-1: 0:2 : does not exist
[  509.593810][ T8795] usb 7-1: unit 255 not found!
[  509.622034][ T8795] usb 7-1: 5:0: cannot get min/max values for control 2 (id 5)
[  509.665849][ T8795] usb 7-1: USB disconnect, device number 20
[  509.814886][ T5856] Bluetooth: hci0: command tx timeout
[  510.113660][T14106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  510.151119][T14106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  510.241175][ T5941] usbhid 6-1:0.0: can't add hid device: -71
[  510.261904][ T5941] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  510.307857][ T5941] usb 6-1: USB disconnect, device number 61
[  510.316317][T14114] loop3: detected capacity change from 0 to 1
[  510.342659][T14116] hpfs: Bad magic ... probably not HPFS
[  510.348729][T14114] Dev loop3: unable to read RDB block 1
[  510.354340][T14114]  loop3: unable to read partition table
[  510.368430][T14114] loop3: partition table beyond EOD, truncated
[  510.406871][T14114] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  510.895661][T14127] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  510.929507][T14027] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.936790][T14027] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.982359][T14027] bridge_slave_0: entered allmulticast mode
[  511.003342][T14027] bridge_slave_0: entered promiscuous mode
[  511.030449][T14027] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.046263][T14027] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.067628][T14027] bridge_slave_1: entered allmulticast mode
[  511.075404][T14027] bridge_slave_1: entered promiscuous mode
[  511.249499][T14140] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2683'.
[  511.285619][T14027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  511.326497][T14027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  511.506340][T14146] tmpfs: Unknown parameter 'smackfsfloor'
[  511.543599][T14027] team0: Port device team_slave_0 added
[  511.561216][T14027] team0: Port device team_slave_1 added
[  511.667890][ T8795] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  511.717634][T14027] batman_adv: batadv0: Adding interface: batadv_slave_0
[  511.725353][T14027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  511.800750][T14027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  511.814626][T14152] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  511.827786][T14155] netlink: 'syz.6.2687': attribute type 4 has an invalid length.
[  511.834345][ T8795] usb 6-1: Using ep0 maxpacket: 16
[  511.844885][T14152] tipc: Enabled bearer <udp:syz0>, priority 10
[  511.851291][ T8795] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  511.851329][ T8795] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  511.874125][ T8795] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  511.883718][T14156] netlink: 'syz.6.2687': attribute type 4 has an invalid length.
[  511.893768][ T5856] Bluetooth: hci0: command tx timeout
[  511.903525][ T8795] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.923016][ T8795] usb 6-1: Product: syz
[  511.925997][T14027] batman_adv: batadv0: Adding interface: batadv_slave_1
[  511.928067][ T8795] usb 6-1: Manufacturer: syz
[  511.939677][ T8795] usb 6-1: SerialNumber: syz
[  511.967610][T14027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.029928][T14027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.252742][T14027] hsr_slave_0: entered promiscuous mode
[  512.278620][T14027] hsr_slave_1: entered promiscuous mode
[  512.284997][T14027] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  512.318616][T14027] Cannot create hsr debugfs directory
[  512.476805][T14166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  512.516778][T14166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  512.578467][T14166] vxcan0: tx address claim with different name
[  512.731010][ T8795] usb 6-1: cannot find UAC_HEADER
[  512.861148][ T8795] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  512.914260][T14171] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2692'.
[  512.930230][ T8795] usb 6-1: USB disconnect, device number 62
[  512.977564][ T8622] tipc: Node number set to 1
[  513.044455][T14173] netlink: 'syz.1.2693': attribute type 1 has an invalid length.
[  513.055859][T14173] netlink: 'syz.1.2693': attribute type 1 has an invalid length.
[  513.150337][T14175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.163691][T14175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.279251][T14027] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  513.291978][T14027] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  513.303418][T14027] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  513.327842][T14027] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  513.418015][T14175] XFS (rnullb0): Invalid superblock magic number
[  513.548627][T14190] netlink: 'syz.5.2696': attribute type 4 has an invalid length.
[  513.577612][T14190] netlink: 'syz.5.2696': attribute type 4 has an invalid length.
[  513.642521][T14027] 8021q: adding VLAN 0 to HW filter on device bond0
[  513.691756][T14027] 8021q: adding VLAN 0 to HW filter on device team0
[  513.713928][ T1013] bridge0: port 1(bridge_slave_0) entered blocking state
[  513.721195][ T1013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  513.754658][ T3442] bridge0: port 2(bridge_slave_1) entered blocking state
[  513.761876][ T3442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  513.873044][T14027] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  513.907911][    T9] usb 7-1: new full-speed USB device number 21 using dummy_hcd
[  513.968488][ T5856] Bluetooth: hci0: command tx timeout
[  514.120481][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  514.149419][    T9] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  514.164860][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  514.212971][    T9] usb 7-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  514.227529][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.235568][    T9] usb 7-1: Product: syz
[  514.251022][    T9] usb 7-1: Manufacturer: syz
[  514.255671][    T9] usb 7-1: SerialNumber: syz
[  514.280291][    T9] usb 7-1: config 0 descriptor??
[  514.286843][T14193] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  514.307636][T14193] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  514.328971][    T9] usb 7-1: ucan: probing device on interface #0
[  514.392870][T14027] 8021q: adding VLAN 0 to HW filter on device batadv0
[  514.743003][    T9] usb 7-1: ucan: device reported invalid tx-fifo size
[  514.766089][    T9] usb 7-1: ucan: probe failed; try to update the device firmware
[  514.774694][ T8804] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  514.847033][T14223] netlink: 'syz.1.2705': attribute type 4 has an invalid length.
[  514.870122][T14223] netlink: 'syz.1.2705': attribute type 4 has an invalid length.
[  514.947974][ T8795] usb 7-1: USB disconnect, device number 21
[  514.957642][ T8804] usb 6-1: Using ep0 maxpacket: 32
[  514.965826][ T8804] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  514.997469][ T8804] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  515.007048][ T8804] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.046614][ T8804] usb 6-1: config 0 descriptor??
[  515.075197][T14027] veth0_vlan: entered promiscuous mode
[  515.101987][T14027] veth1_vlan: entered promiscuous mode
[  515.153621][T14027] veth0_macvtap: entered promiscuous mode
[  515.166827][T14027] veth1_macvtap: entered promiscuous mode
[  515.232105][T14027] batman_adv: batadv0: Interface activated: batadv_slave_0
[  515.266133][T14027] batman_adv: batadv0: Interface activated: batadv_slave_1
[  515.290912][T14227] FAT-fs (rnullb0): bogus number of reserved sectors
[  515.295285][ T8804] hid_parser_main: 176 callbacks suppressed
[  515.295308][ T8804] arvo 0003:1E7D:30D4.0021: unknown main item tag 0x0
[  515.301615][T14227] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  515.313282][ T8804] arvo 0003:1E7D:30D4.0021: unknown main item tag 0x0
[  515.342436][ T8804] arvo 0003:1E7D:30D4.0021: unknown main item tag 0x0
[  515.350226][ T1157] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  515.369770][ T8804] arvo 0003:1E7D:30D4.0021: unknown main item tag 0x0
[  515.376602][ T8804] arvo 0003:1E7D:30D4.0021: unknown main item tag 0x0
[  515.377807][ T3476] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  515.400722][ T8804] arvo 0003:1E7D:30D4.0021: hidraw0: USB HID v0.05 Device [HID 1e7d:30d4] on usb-dummy_hcd.5-1/input0
[  515.442713][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  515.463409][T14230] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  515.483281][ T8804] arvo 0003:1E7D:30D4.0021: couldn't init struct arvo_device
[  515.502154][ T1013] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  515.511557][ T8804] arvo 0003:1E7D:30D4.0021: couldn't install keyboard
[  515.558604][ T8804] arvo 0003:1E7D:30D4.0021: probe with driver arvo failed with error -32
[  515.635769][ T1013] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.674958][ T1013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.769565][ T1013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.797123][ T1013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.859897][T14236] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  515.871824][T14235] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  516.065879][ T5928] usb 6-1: USB disconnect, device number 63
[  516.213790][T14252] netlink: 'syz.4.2714': attribute type 1 has an invalid length.
[  516.231923][T14251] netlink: 'syz.1.2713': attribute type 4 has an invalid length.
[  516.259426][T14252] netlink: 'syz.4.2714': attribute type 101 has an invalid length.
[  516.277195][T14251] netlink: 'syz.1.2713': attribute type 4 has an invalid length.
[  516.287741][T14252] netlink: 552 bytes leftover after parsing attributes in process `syz.4.2714'.
[  516.419173][T14261] loop3: detected capacity change from 0 to 1
[  516.427794][T14261]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  516.440476][T14261] loop3: p1 start 791543808 is beyond EOD, truncated
[  516.447210][T14261] loop3: p2 start 1633771873 is beyond EOD, truncated
[  516.462122][T14261] loop3: p3 start 1633771873 is beyond EOD, truncated
[  516.470441][T14261] loop3: p4 start 1633771873 is beyond EOD, truncated
[  516.478937][T14261] loop3: p5 start 1633771873 is beyond EOD, truncated
[  516.485829][T14261] loop3: p6 start 1633771776 is beyond EOD, truncated
[  516.494189][T14261] loop3: p7 start 1633771873 is beyond EOD, truncated
[  516.503907][T14261] loop3: p8 start 1886744434 is beyond EOD, truncated
[  516.513281][T14261] loop3: p9 start 1633771873 is beyond EOD, truncated
[  516.522804][T14261] loop3: p10 start 1633771873 is beyond EOD, truncated
[  516.840430][T14271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  516.855077][T14274] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2725'.
[  516.874405][T14274] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2725'.
[  516.879870][T14271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.897305][   T30] audit: type=1800 audit(1751360641.884:121): pid=14277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2724" name="bus" dev="tmpfs" ino=3176 res=0 errno=0
[  516.904466][T14277] FAULT_INJECTION: forcing a failure.
[  516.904466][T14277] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  516.989764][T14277] CPU: 0 UID: 0 PID: 14277 Comm: syz.5.2724 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  516.989820][T14277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.989835][T14277] Call Trace:
[  516.989844][T14277]  <TASK>
[  516.989854][T14277]  dump_stack_lvl+0x189/0x250
[  516.989884][T14277]  ? __pfx____ratelimit+0x10/0x10
[  516.989911][T14277]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.989935][T14277]  ? __pfx__printk+0x10/0x10
[  516.989961][T14277]  ? fs_reclaim_acquire+0x7d/0x100
[  516.989999][T14277]  should_fail_ex+0x414/0x560
[  516.990035][T14277]  prepare_alloc_pages+0x213/0x610
[  516.990072][T14277]  __alloc_frozen_pages_noprof+0x123/0x370
[  516.990105][T14277]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  516.990133][T14277]  ? css_rstat_updated+0x24f/0x4e0
[  516.990161][T14277]  ? policy_nodemask+0x27c/0x720
[  516.990192][T14277]  alloc_pages_mpol+0x232/0x4a0
[  516.990222][T14277]  folio_alloc_mpol_noprof+0x39/0x70
[  516.990250][T14277]  shmem_alloc_and_add_folio+0x447/0xf60
[  516.990278][T14277]  ? filemap_get_entry+0xad/0x2f0
[  516.990305][T14277]  ? filemap_get_entry+0xad/0x2f0
[  516.990330][T14277]  ? filemap_get_entry+0xad/0x2f0
[  516.990362][T14277]  ? shmem_huge_global_enabled+0x174/0x3a0
[  516.990394][T14277]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  516.990422][T14277]  ? shmem_allowable_huge_orders+0x19c/0x420
[  516.990464][T14277]  shmem_get_folio_gfp+0x59d/0x1660
[  516.990506][T14277]  shmem_fault+0x179/0x390
[  516.990538][T14277]  __do_fault+0x135/0x390
[  516.990568][T14277]  __handle_mm_fault+0x1847/0x5440
[  516.990608][T14277]  ? __pfx___handle_mm_fault+0x10/0x10
[  516.990645][T14277]  ? follow_page_pte+0x7ef/0x13e0
[  516.990679][T14277]  handle_mm_fault+0x40a/0x8e0
[  516.990713][T14277]  __get_user_pages+0x1699/0x2ce0
[  516.990731][T14277]  ? __lock_acquire+0xab9/0xd20
[  516.990806][T14277]  __gup_longterm_locked+0x1249/0x1660
[  516.990837][T14277]  ? __lock_acquire+0xab9/0xd20
[  516.990893][T14277]  pin_user_pages_remote+0xd4/0x120
[  516.990917][T14277]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  516.990944][T14277]  ? down_read+0x1ad/0x2e0
[  516.990974][T14277]  process_vm_rw+0x59e/0xb40
[  516.990994][T14277]  ? get_pid_task+0x20/0x1f0
[  516.991032][T14277]  ? __pfx_process_vm_rw+0x10/0x10
[  516.991051][T14277]  ? rcu_read_lock_any_held+0xb3/0x120
[  516.991103][T14277]  ? __pfx_vfs_write+0x10/0x10
[  516.991153][T14277]  ? ksys_write+0x22a/0x250
[  516.991179][T14277]  ? __pfx_ksys_write+0x10/0x10
[  516.991200][T14277]  ? rcu_is_watching+0x15/0xb0
[  516.991224][T14277]  __x64_sys_process_vm_writev+0xe0/0x100
[  516.991251][T14277]  do_syscall_64+0xfa/0x3b0
[  516.991275][T14277]  ? lockdep_hardirqs_on+0x9c/0x150
[  516.991299][T14277]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.991319][T14277]  ? clear_bhb_loop+0x60/0xb0
[  516.991344][T14277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.991363][T14277] RIP: 0033:0x7fe6c118e929
[  516.991381][T14277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.991398][T14277] RSP: 002b:00007fe6c2001038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  516.991419][T14277] RAX: ffffffffffffffda RBX: 00007fe6c13b5fa0 RCX: 00007fe6c118e929
[  516.991434][T14277] RDX: 000000000000002b RSI: 0000200000c22000 RDI: 00000000000005ed
[  516.991446][T14277] RBP: 00007fe6c2001090 R08: 0000000000000001 R09: 0000000000000000
[  516.991458][T14277] R10: 0000200000c22fa0 R11: 0000000000000246 R12: 0000000000000002
[  516.991469][T14277] R13: 0000000000000000 R14: 00007fe6c13b5fa0 R15: 00007ffdc94a76f8
[  516.991497][T14277]  </TASK>
[  517.649215][ T5941] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  517.861876][ T5941] usb 7-1: Using ep0 maxpacket: 8
[  517.927790][ T5941] usb 7-1: unable to get BOS descriptor or descriptor too short
[  517.952138][ T5941] usb 7-1: unable to read config index 0 descriptor/start: -61
[  517.966303][ T5941] usb 7-1: can't read configurations, error -61
[  518.038606][T14284] netlink: 'syz.1.2727': attribute type 4 has an invalid length.
[  518.117576][ T5941] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  518.128579][T14285] netlink: 'syz.1.2727': attribute type 4 has an invalid length.
[  518.289291][ T5941] usb 7-1: Using ep0 maxpacket: 8
[  518.305947][ T5941] usb 7-1: unable to get BOS descriptor or descriptor too short
[  518.353031][ T5941] usb 7-1: unable to read config index 0 descriptor/start: -61
[  518.380435][ T5941] usb 7-1: can't read configurations, error -61
[  518.407813][ T5941] usb usb7-port1: attempt power cycle
[  518.644105][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  518.658290][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  518.670322][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  518.679554][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  518.690946][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  518.758196][ T5941] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  518.782355][ T5941] usb 7-1: Using ep0 maxpacket: 8
[  518.800790][ T5941] usb 7-1: unable to get BOS descriptor or descriptor too short
[  518.819331][ T5941] usb 7-1: unable to read config index 0 descriptor/start: -61
[  518.827101][ T5941] usb 7-1: can't read configurations, error -61
[  518.976383][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.998045][ T5941] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  519.038208][ T5941] usb 7-1: Using ep0 maxpacket: 8
[  519.045604][ T5941] usb 7-1: unable to get BOS descriptor or descriptor too short
[  519.059387][ T5941] usb 7-1: unable to read config index 0 descriptor/start: -61
[  519.066996][ T5941] usb 7-1: can't read configurations, error -61
[  519.091365][ T5941] usb usb7-port1: unable to enumerate USB device
[  519.159338][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.247190][T14295] loop3: detected capacity change from 0 to 1
[  519.319744][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.332130][T14295] Dev loop3: unable to read RDB block 1
[  519.338029][T14295]  loop3: unable to read partition table
[  519.343936][T14295] loop3: partition table beyond EOD, truncated
[  519.350275][T14295] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  519.437979][T14297] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2730'.
[  519.548505][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.715431][T14289] chnl_net:caif_netlink_parms(): no params data found
[  520.139976][   T13] bridge_slave_1: left allmulticast mode
[  520.147308][T14314] netlink: 'syz.4.2735': attribute type 4 has an invalid length.
[  520.163704][   T13] bridge_slave_1: left promiscuous mode
[  520.180380][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.198485][T14315] netlink: 'syz.4.2735': attribute type 4 has an invalid length.
[  520.218612][   T13] bridge_slave_0: left allmulticast mode
[  520.231856][   T13] bridge_slave_0: left promiscuous mode
[  520.246859][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  520.768617][ T5856] Bluetooth: hci1: command tx timeout
[  521.292860][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  521.320464][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  521.366946][   T13] bond0 (unregistering): Released all slaves
[  521.550012][T14319] tipc: Enabled bearer <udp:syz1>, priority 10
[  521.597592][T14289] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.604797][T14289] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.632694][T14289] bridge_slave_0: entered allmulticast mode
[  521.655074][T14289] bridge_slave_0: entered promiscuous mode
[  521.693119][T14289] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.706898][T14321] gfs2: not a GFS2 filesystem
[  521.711872][T14289] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.736393][T14289] bridge_slave_1: entered allmulticast mode
[  521.759347][T14289] bridge_slave_1: entered promiscuous mode
[  521.782575][   T13] tipc: Disabling bearer <udp:syz1>
[  521.789064][   T13] tipc: Disabling bearer <udp:syz0>
[  521.814747][   T13] tipc: Left network mode
[  521.851476][T14325] loop3: detected capacity change from 0 to 1
[  521.930347][T14289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  521.952406][T14325]  loop3: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[  521.976177][T14289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  522.007745][T14325] loop3: p1 start 791543808 is beyond EOD, truncated
[  522.014581][T14325] loop3: p2 start 1633771873 is beyond EOD, truncated
[  522.072353][T14325] loop3: p3 start 1633771873 is beyond EOD, truncated
[  522.085238][T14325] loop3: p4 start 1633771873 is beyond EOD, truncated
[  522.102176][T14325] loop3: p5 start 1633771873 is beyond EOD, truncated
[  522.110791][T14325] loop3: p6 start 1633771776 is beyond EOD, truncated
[  522.121495][T14325] loop3: p7 start 1633771873 is beyond EOD, truncated
[  522.132288][T14325] loop3: p8 start 1886744434 is beyond EOD, truncated
[  522.143471][T14325] loop3: p9 start 1633771873 is beyond EOD, truncated
[  522.151237][T14325] loop3: p10 start 1633771873 is beyond EOD, truncated
[  522.272707][T14289] team0: Port device team_slave_0 added
[  522.352856][T14289] team0: Port device team_slave_1 added
[  522.443880][   T13] hsr_slave_0: left promiscuous mode
[  522.476040][   T13] hsr_slave_1: left promiscuous mode
[  522.482560][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  522.499388][T14343] netlink: 'syz.4.2744': attribute type 4 has an invalid length.
[  522.501823][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  522.534575][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  522.544819][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  522.552661][T14346] netlink: 'syz.4.2744': attribute type 4 has an invalid length.
[  522.591136][   T13] veth1_macvtap: left promiscuous mode
[  522.602220][   T13] veth0_macvtap: left promiscuous mode
[  522.609276][T14342] Can't find a SQUASHFS superblock on rnullb0
[  522.611770][   T13] veth1_vlan: left promiscuous mode
[  522.629247][   T13] veth0_vlan: left promiscuous mode
[  522.859517][ T5856] Bluetooth: hci1: command tx timeout
[  523.460396][   T13] team0 (unregistering): Port device team_slave_1 removed
[  523.558258][   T13] team0 (unregistering): Port device team_slave_0 removed
[  524.363863][T14357] Mount JFS Failure: -22
[  524.549032][T14289] batman_adv: batadv0: Adding interface: batadv_slave_0
[  524.556109][T14289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  524.592439][T14289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  524.605450][T14289] batman_adv: batadv0: Adding interface: batadv_slave_1
[  524.633902][T14361] Bluetooth: MGMT ver 1.23
[  524.651475][T14289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  524.684936][T14289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  524.923911][T14289] hsr_slave_0: entered promiscuous mode
[  524.930643][ T5856] Bluetooth: hci1: command tx timeout
[  524.954803][T14289] hsr_slave_1: entered promiscuous mode
[  524.990673][T14289] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  525.036707][T14289] Cannot create hsr debugfs directory
[  525.488282][   T13] IPVS: stop unused estimator thread 0...
[  525.769189][T14382] netlink: 'syz.1.2760': attribute type 4 has an invalid length.
[  525.819688][T14381] netlink: 'syz.1.2760': attribute type 4 has an invalid length.
[  526.148354][ T8804] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  526.291440][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  526.503218][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  526.515143][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  526.957939][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  526.977485][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  526.986354][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  527.017937][ T5856] Bluetooth: hci1: command tx timeout
[  527.030343][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  527.043346][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  527.052009][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  527.066340][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  527.427386][T14289] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  527.493660][T14289] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  527.886940][T14398] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2763'.
[  527.931278][T14289] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  527.961980][T14289] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  528.216264][T14289] 8021q: adding VLAN 0 to HW filter on device bond0
[  528.256126][T14289] 8021q: adding VLAN 0 to HW filter on device team0
[  528.274441][ T1157] bridge0: port 1(bridge_slave_0) entered blocking state
[  528.281662][ T1157] bridge0: port 1(bridge_slave_0) entered forwarding state
[  528.337680][ T1157] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.344845][ T1157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  528.376549][T14412] syzkaller1: entered promiscuous mode
[  528.385466][T14412] syzkaller1: entered allmulticast mode
[  528.700572][T14420] netlink: 'syz.1.2769': attribute type 4 has an invalid length.
[  528.743706][T14420] netlink: 'syz.1.2769': attribute type 4 has an invalid length.
[  528.908520][T14289] 8021q: adding VLAN 0 to HW filter on device batadv0
[  529.107504][ T8804] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  529.307042][ T8804] usb 7-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  529.320333][ T8804] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.349518][ T8804] usb 7-1: config 0 descriptor??
[  529.371532][ T8804] gspca_main: sunplus-2.14.0 probing 055f:c420
[  529.589928][T14289] veth0_vlan: entered promiscuous mode
[  529.619530][T14289] veth1_vlan: entered promiscuous mode
[  529.680692][T14289] veth0_macvtap: entered promiscuous mode
[  529.693845][T14289] veth1_macvtap: entered promiscuous mode
[  529.743643][T14289] batman_adv: batadv0: Interface activated: batadv_slave_0
[  529.778746][T14289] batman_adv: batadv0: Interface activated: batadv_slave_1
[  529.816803][ T1157] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  529.839940][ T1157] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  529.871625][ T1157] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  529.907801][ T1013] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  530.029960][ T1013] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.038340][ T1013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.063760][T14424] 9pnet_fd: Insufficient options for proto=fd
[  530.111649][ T3442] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.122743][ T3442] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.267803][ T8804] gspca_sunplus: reg_w_riv err -110
[  530.273150][ T8804] sunplus 7-1:0.0: probe with driver sunplus failed with error -110
[  530.454997][T14447] loop3: detected capacity change from 0 to 1
[  530.469383][T14447] Dev loop3: unable to read RDB block 1
[  530.475076][T14447]  loop3: unable to read partition table
[  530.485396][T14447] loop3: partition table beyond EOD, truncated
[  530.492755][T14447] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  530.633300][ T5941] usb 7-1: USB disconnect, device number 27
[  530.646677][T14451] netlink: 'syz.1.2778': attribute type 4 has an invalid length.
[  530.700712][T14451] netlink: 'syz.1.2778': attribute type 4 has an invalid length.
[  530.897365][T14459] /dev/rnullb0: Can't open blockdev
[  530.911589][T14457] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2781'.
[  531.048352][T14465] binder: 14464:14465 ioctl 4018620d 0 returned -22
[  531.215059][T14473] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2787'.
[  531.261253][T14475] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2788'.
[  531.341440][T14477] netlink: 'syz.5.2789': attribute type 4 has an invalid length.
[  531.364138][T14477] netlink: 'syz.5.2789': attribute type 4 has an invalid length.
[  532.077244][T14494] netlink: 'syz.6.2796': attribute type 4 has an invalid length.
[  532.103501][T14494] netlink: 'syz.6.2796': attribute type 4 has an invalid length.
[  532.126614][T14496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.171912][T14496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.310889][T14498] netlink: 'syz.6.2798': attribute type 4 has an invalid length.
[  532.332958][T14498] netlink: 'syz.6.2798': attribute type 4 has an invalid length.
[  532.539314][T14505] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  532.555610][T14505] tipc: Enabled bearer <udp:syz0>, priority 10
[  533.190288][T14522] netlink: 'syz.1.2808': attribute type 4 has an invalid length.
[  533.210283][T14525] netlink: 'syz.4.2807': attribute type 4 has an invalid length.
[  533.238844][T14522] netlink: 'syz.1.2808': attribute type 4 has an invalid length.
[  533.253982][T14525] netlink: 'syz.4.2807': attribute type 4 has an invalid length.
[  533.327881][   T31] INFO: task kworker/0:1:10 blocked for more than 143 seconds.
[  533.347855][   T31]       Not tainted 6.16.0-rc4-next-20250630-syzkaller #0
[  533.355015][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  533.429213][   T31] task:kworker/0:1     state:D stack:22056 pid:10    tgid:10    ppid:2      task_flags:0x4288060 flags:0x00004000
[  533.525997][   T31] Workqueue: usb_hub_wq hub_event
[  533.537470][   T31] Call Trace:
[  533.540800][   T31]  <TASK>
[  533.543764][   T31]  __schedule+0x16f5/0x4d00
[  533.604783][   T31]  ? schedule+0x165/0x360
[  533.609579][   T31]  ? __pfx___schedule+0x10/0x10
[  533.614510][   T31]  ? preempt_schedule_common+0x83/0xd0
[  533.620980][   T31]  ? __pfx_preempt_schedule+0x10/0x10
[  533.626413][   T31]  ? schedule+0x91/0x360
[  533.633953][   T31]  schedule+0x165/0x360
[  533.641854][   T31]  schedule_timeout+0x9a/0x270
[  533.646660][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  533.657821][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  533.663074][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.686215][   T31]  ? wait_for_completion+0x267/0x5d0
[  533.697499][   T31]  wait_for_completion+0x2bf/0x5d0
[  533.702673][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  533.717797][   T31]  ? __flush_work+0xd2/0xbc0
[  533.722546][   T31]  ? __flush_work+0xd2/0xbc0
[  533.727160][   T31]  __flush_work+0x9b9/0xbc0
[  533.736999][   T31]  ? __flush_work+0xd2/0xbc0
[  533.743130][   T31]  ? __pfx___flush_work+0x10/0x10
[  533.748433][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  533.753765][   T31]  ? __queue_work+0xc56/0xfb0
[  533.758843][   T31]  ? flush_delayed_work+0x11d/0x190
[  533.764104][   T31]  flush_delayed_work+0x13e/0x190
[  533.769559][   T31]  ? __pfx_flush_delayed_work+0x10/0x10
[  533.775133][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.780909][   T31]  ? usb_hcd_flush_endpoint+0x3e9/0x400
[  533.786514][   T31]  hub_quiesce+0x1f0/0x330
[  533.791366][   T31]  hub_disconnect+0xc8/0x470
[  533.795998][   T31]  usb_unbind_interface+0x26b/0x910
[  533.801624][   T31]  ? __pfx_usb_unbind_interface+0x10/0x10
[  533.807378][   T31]  device_release_driver_internal+0x4d6/0x7c0
[  533.815582][   T31]  bus_remove_device+0x34d/0x410
[  533.820894][   T31]  device_del+0x511/0x8e0
[  533.825275][   T31]  ? kfree+0x18e/0x440
[  533.829748][   T31]  ? __pfx_device_del+0x10/0x10
[  533.834650][   T31]  ? kobject_put+0x446/0x480
[  533.839698][   T31]  usb_disable_device+0x3e9/0x8a0
[  533.846033][   T31]  usb_disconnect+0x330/0x950
[  533.852655][   T31]  hub_event+0x1cdb/0x4a00
[  533.857158][   T31]  ? do_raw_spin_lock+0x121/0x290
[  533.864648][   T31]  ? register_lock_class+0x51/0x320
[  533.871207][   T31]  ? __pfx_hub_event+0x10/0x10
[  533.876014][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  533.882249][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  533.887837][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  533.893900][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  533.900077][   T31]  process_scheduled_works+0xae1/0x17b0
[  533.905701][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  533.913122][   T31]  worker_thread+0x8a0/0xda0
[  533.918003][   T31]  kthread+0x70e/0x8a0
[  533.922125][   T31]  ? __pfx_worker_thread+0x10/0x10
[  533.927263][   T31]  ? __pfx_kthread+0x10/0x10
[  533.932406][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  533.937968][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  533.944703][   T31]  ? __pfx_kthread+0x10/0x10
[  533.952585][   T31]  ret_from_fork+0x3fc/0x770
[  533.957233][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  533.962781][   T31]  ? __switch_to_asm+0x39/0x70
[  533.972801][   T31]  ? __switch_to_asm+0x33/0x70
[  533.978869][   T31]  ? __pfx_kthread+0x10/0x10
[  533.983503][   T31]  ret_from_fork_asm+0x1a/0x30
[  533.992920][   T31]  </TASK>
[  533.997107][   T31] INFO: task kworker/0:5:5909 blocked for more than 144 seconds.
[  534.013936][   T31]       Not tainted 6.16.0-rc4-next-20250630-syzkaller #0
[  534.021375][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  534.030544][   T31] task:kworker/0:5     state:D stack:20472 pid:5909  tgid:5909  ppid:2      task_flags:0x4208060 flags:0x00004000
[  534.042947][   T31] Workqueue: events_power_efficient hub_init_func2
[  534.051276][   T31] Call Trace:
[  534.054589][   T31]  <TASK>
[  534.057940][   T31]  __schedule+0x16f5/0x4d00
[  534.062502][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  534.068302][   T31]  ? schedule+0x165/0x360
[  534.072668][   T31]  ? __pfx___schedule+0x10/0x10
[  534.078024][   T31]  ? schedule+0x91/0x360
[  534.082302][   T31]  schedule+0x165/0x360
[  534.086492][   T31]  schedule_preempt_disabled+0x13/0x30
[  534.092546][   T31]  __mutex_lock+0x724/0xe80
[  534.097079][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  534.102741][   T31]  ? __mutex_lock+0x51b/0xe80
[  534.107764][   T31]  ? hub_activate+0xb7/0x1ea0
[  534.112495][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  534.119991][   T31]  ? do_raw_spin_lock+0x121/0x290
[  534.125181][   T31]  ? __lock_acquire+0xab9/0xd20
[  534.131555][   T31]  hub_activate+0xb7/0x1ea0
[  534.136103][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  534.151969][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  534.157213][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  534.163768][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  534.173494][   T31]  process_scheduled_works+0xae1/0x17b0
[  534.179376][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  534.185408][   T31]  worker_thread+0x8a0/0xda0
[  534.194021][   T31]  kthread+0x70e/0x8a0
[  534.198639][   T31]  ? __pfx_worker_thread+0x10/0x10
[  534.203787][   T31]  ? __pfx_kthread+0x10/0x10
[  534.215593][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  534.221175][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  534.226408][   T31]  ? __pfx_kthread+0x10/0x10
[  534.231628][   T31]  ret_from_fork+0x3fc/0x770
[  534.236286][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  534.243080][   T31]  ? __switch_to_asm+0x39/0x70
[  534.249035][   T31]  ? __switch_to_asm+0x33/0x70
[  534.255253][   T31]  ? __pfx_kthread+0x10/0x10
[  534.260545][   T31]  ret_from_fork_asm+0x1a/0x30
[  534.265372][   T31]  </TASK>
[  534.268927][   T31] 
[  534.268927][   T31] Showing all locks held in the system:
[  534.280270][   T31] 5 locks held by kworker/0:1/10:
[  534.285347][   T31]  #0: ffff8880216d1948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  534.333182][   T31]  #1: ffffc900000f7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  534.400866][   T31]  #2: ffff8880285f3198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00
[  534.449629][   T31]  #3: ffff88806bfa3198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950
[  534.477704][   T31]  #4: ffff88807e1c5160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0
[  534.501050][   T31] 1 lock held by khungtaskd/31:
[  534.505951][   T31]  #0: ffffffff8e33bee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  534.547510][   T31] 3 locks held by kworker/u8:7/3442:
[  534.552850][   T31]  #0: ffff88801a889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  534.597533][   T31]  #1: ffffc9000be8fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  534.637507][   T31]  #2: ffffffff8f728f88 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  534.646572][   T31] 3 locks held by udevd/5207:
[  534.697450][   T31] 2 locks held by getty/5599:
[  534.702196][   T31]  #0: ffff88814d1d50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  534.737445][   T31]  #1: ffffc9000331b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  534.768147][   T31] 3 locks held by kworker/0:5/5909:
[  534.773417][   T31]  #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  534.814217][   T31]  #1: ffffc90004e0fbc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  534.833478][   T31]  #2: ffff88806bfa3198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0
[  534.844030][   T31] 3 locks held by kworker/1:6/5941:
[  534.853082][   T31]  #0: ffff88801a880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  534.866698][   T31]  #1: ffffc90004edfbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  534.881088][   T31]  #2: ffffffff8e3419f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  534.892359][   T31] 1 lock held by syz.3.1825/11829:
[  534.901893][   T31]  #0: ffff8880285f3198 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x16e/0x760
[  534.911418][   T31] 4 locks held by syz.1.2580/13895:
[  534.916641][   T31]  #0: ffff888058878dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  534.936084][   T31]  #1: ffff8880588780b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  534.952024][   T31]  #2: ffffffff8f88ff68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  534.962494][   T31]  #3: ffff88806efa7338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  534.978263][   T31] 3 locks held by syz-executor/14027:
[  534.983685][   T31]  #0: ffff88807c390dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  534.997345][   T31]  #1: ffff88807c3900b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  535.011743][   T31]  #2: ffffffff8f88ff68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  535.023098][   T31] 2 locks held by syz.6.2810/14528:
[  535.031508][   T31]  #0: ffffffff8f728f88 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  535.045109][   T31]  #1: ffffffff8e3419f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  535.063815][   T31] 
[  535.066186][   T31] =============================================
[  535.066186][   T31] 
[  535.086491][   T31] NMI backtrace for cpu 1
[  535.086514][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  535.086539][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  535.086553][   T31] Call Trace:
[  535.086562][   T31]  <TASK>
[  535.086572][   T31]  dump_stack_lvl+0x189/0x250
[  535.086599][   T31]  ? __wake_up_klogd+0xd9/0x110
[  535.086628][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  535.086651][   T31]  ? __pfx__printk+0x10/0x10
[  535.086687][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  535.086711][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  535.086730][   T31]  ? _printk+0xcf/0x120
[  535.086757][   T31]  ? __pfx__printk+0x10/0x10
[  535.086789][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  535.086822][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  535.086847][   T31]  watchdog+0xfee/0x1030
[  535.086878][   T31]  ? watchdog+0x1de/0x1030
[  535.086914][   T31]  kthread+0x70e/0x8a0
[  535.086942][   T31]  ? __pfx_watchdog+0x10/0x10
[  535.086968][   T31]  ? __pfx_kthread+0x10/0x10
[  535.086995][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  535.087017][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  535.087041][   T31]  ? __pfx_kthread+0x10/0x10
[  535.087066][   T31]  ret_from_fork+0x3fc/0x770
[  535.087100][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  535.087138][   T31]  ? __switch_to_asm+0x39/0x70
[  535.087162][   T31]  ? __switch_to_asm+0x33/0x70
[  535.087186][   T31]  ? __pfx_kthread+0x10/0x10
[  535.087212][   T31]  ret_from_fork_asm+0x1a/0x30
[  535.087251][   T31]  </TASK>
[  535.087259][   T31] Sending NMI from CPU 1 to CPUs 0:
[  535.246474][    C0] NMI backtrace for cpu 0
[  535.246492][    C0] CPU: 0 UID: 0 PID: 5207 Comm: udevd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  535.246512][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  535.246523][    C0] RIP: 0010:unwind_next_frame+0x374/0x2390
[  535.246545][    C0] Code: ea 48 01 d2 48 01 f2 48 bd 00 00 00 00 00 fc ff df 0f 84 37 01 00 00 4c 8d 62 04 4c 8d 6a 05 4c 89 e0 48 c1 e8 03 0f b6 04 28 <84> c0 0f 85 6d 19 00 00 4c 89 e8 48 c1 e8 03 0f b6 04 28 84 c0 0f
[  535.246560][    C0] RSP: 0018:ffffc90003407978 EFLAGS: 00000a03
[  535.246575][    C0] RAX: 0000000000000000 RBX: ffffffff8fd65db0 RCX: ffffffff8fd65db4
[  535.246587][    C0] RDX: ffffffff90529ad8 RSI: ffffffff90529ad8 RDI: ffffffff8be4a960
[  535.246599][    C0] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffffff8172dc65
[  535.246610][    C0] R10: ffffc90003407aa8 R11: fffff52000680f61 R12: ffffffff90529adc
[  535.246622][    C0] R13: ffffffff90529add R14: ffffc90003407aa8 R15: ffffffff8fd65db0
[  535.246634][    C0] FS:  00007f58936b5880(0000) GS:ffff8881259e4000(0000) knlGS:0000000000000000
[  535.246648][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  535.246659][    C0] CR2: 000056050c3ca000 CR3: 00000000332fe000 CR4: 00000000003526f0
[  535.246673][    C0] Call Trace:
[  535.246679][    C0]  <TASK>
[  535.246689][    C0]  ? unwind_next_frame+0xa5/0x2390
[  535.246706][    C0]  ? __unwind_start+0xf8/0x760
[  535.246724][    C0]  __unwind_start+0x5b9/0x760
[  535.246742][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  535.246762][    C0]  arch_stack_walk+0xe4/0x150
[  535.246801][    C0]  ? __unwind_start+0xf8/0x760
[  535.246819][    C0]  stack_trace_save+0x9c/0xe0
[  535.246838][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  535.246863][    C0]  kasan_save_track+0x3e/0x80
[  535.246906][    C0]  __kasan_slab_alloc+0x6c/0x80
[  535.246925][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  535.246943][    C0]  ? getname_flags+0xb8/0x540
[  535.246969][    C0]  getname_flags+0xb8/0x540
[  535.246995][    C0]  __x64_sys_unlink+0x3a/0x50
[  535.247024][    C0]  do_syscall_64+0xfa/0x3b0
[  535.247046][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.247062][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  535.247079][    C0]  ? clear_bhb_loop+0x60/0xb0
[  535.247098][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.247114][    C0] RIP: 0033:0x7f5892f15937
[  535.247128][    C0] Code: 00 00 e9 a9 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 5f 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 57 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 91 b4 0d 00 f7 d8 64 89 02 b8
[  535.247143][    C0] RSP: 002b:00007fffadd36d68 EFLAGS: 00000202 ORIG_RAX: 0000000000000057
[  535.247160][    C0] RAX: ffffffffffffffda RBX: 0000000000000bb8 RCX: 00007f5892f15937
[  535.247172][    C0] RDX: 0000000000000000 RSI: 000000001fe373c0 RDI: 0000558c825cb02e
[  535.247183][    C0] RBP: 0000000000000000 R08: 000000001fe6cb89 R09: 7fffffffffffffff
[  535.247195][    C0] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000000000
[  535.247206][    C0] R13: 0000558c825e6100 R14: 0000000000000001 R15: 0000000000000000
[  535.247225][    C0]  </TASK>
[  535.627781][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  535.634691][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  535.646012][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  535.656097][   T31] Call Trace:
[  535.659402][   T31]  <TASK>
[  535.662345][   T31]  dump_stack_lvl+0x99/0x250
[  535.666966][   T31]  ? __asan_memcpy+0x40/0x70
[  535.671593][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  535.676822][   T31]  ? __pfx__printk+0x10/0x10
[  535.681458][   T31]  panic+0x2db/0x790
[  535.685384][   T31]  ? __pfx_panic+0x10/0x10
[  535.689838][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  535.694626][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  535.700456][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  535.705863][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  535.712045][   T31]  watchdog+0x102d/0x1030
[  535.716427][   T31]  ? watchdog+0x1de/0x1030
[  535.720888][   T31]  kthread+0x70e/0x8a0
[  535.724990][   T31]  ? __pfx_watchdog+0x10/0x10
[  535.729695][   T31]  ? __pfx_kthread+0x10/0x10
[  535.734327][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  535.739561][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  535.744782][   T31]  ? __pfx_kthread+0x10/0x10
[  535.749398][   T31]  ret_from_fork+0x3fc/0x770
[  535.754019][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  535.759188][   T31]  ? __switch_to_asm+0x39/0x70
[  535.763978][   T31]  ? __switch_to_asm+0x33/0x70
[  535.768798][   T31]  ? __pfx_kthread+0x10/0x10
[  535.773424][   T31]  ret_from_fork_asm+0x1a/0x30
[  535.778242][   T31]  </TASK>
[  535.781628][   T31] Kernel Offset: disabled
[  535.785953][   T31] Rebooting in 86400 seconds..