last executing test programs:

17.373882575s ago: executing program 2 (id=1473):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
read$FUSE(0xffffffffffffffff, &(0x7f0000000900)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
ptrace$ARCH_MAP_VDSO_64(0x1e, r3, 0x4, 0x2003)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="90000000210008002cbd7000fedbdf250a108003020000080100010014000100000000000000000000000000af3f11d0da0000000108000e00051600001400010000000000000000000000ffffac1414aa14000100fe8000000036680000000000000000bb08000400030000001400f5470100fe8800000000000000000000000001011400110070696d72656700"/151], 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_open_dev$dri(&(0x7f0000000380), 0x1ff, 0x80800)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f0000000340)=[{&(0x7f0000002940)="6e5d9b889fe0680a3302907a3c98c6ca73f360de19337b6ff6f4a3430b087bff951d4a26d3b7da425a6a542a34cb9b66107f3b8f5ee5753b46792f795657342f9791917dafa12fd3e583231696d566383797a61b5eefc3c0339f585721af444f7b18d59e74255959777181fec61ef11355b8fdf45f1c0a30a8a912297df35d4e175efd4c7ecc183d2f8bd6cf563442eec233edf91a5cdef2b0a10fd9e999ec7dad7e311e396e813ec1d7535eacbb03846fb0dffe6a5d81ed9d776880543a0ffc021e01d9a5feffba8291da0d14ae2eceac910e686b29adae9665822e0f69ad8f02b16a2610cc3c360f4f16f61aefea0070aa2b5bec1b06c036ba53c2ba7d9e020287c929548c3a0d36782428a4d7dad9474601d6264ce0b7179ebb897cafeba8dfdacbab88e14a1a5a0d9e2c0455c3fda0ce5d32f995186769be9081747b42d401c1a0cd7d43de0925e16d48ef823953dffdeb2e8617375fb75a729bf362e95b37dd931f1ae2ad685367b85701a1f284b9b5d33d9d17a0f854e5b55815ddbf44aaf6ece0a50190f57686ec41f54a4ebdc7c8bf4478fb9cf96c222db4fcac71399b1f9468ca329af4bb8c4f7286665e81c1051bbb18f8fde07cc033d9838c654a3323c5b51c1317db28fe23695a30dc95f86e3345ce3e39329f3aecc2303399773b97e3133d2d49ce1810cdb276dd81a8c8a424347d9eee9e6e2bd5603d561c143d56a337a443a23048deee4c845bef3441b34e8a708ac6bd524328643a74b1fd3d3927cfa8a8b8e1650de5e5cc0e7b9aa0d68244f8aa0b01dc8d69266bd4da33e0aa5388340acf6fdfa0fefca4f1005e435953e872c95f50766d34a6876996a7b07a858b0eee226b6148d4af33ba2d5c4e97bbac529551a35cf6abc35f7ca187a204dca7f4775afa62a90fe923b043d0c3e6864ac61a3dd66ea6ff4298297ae54e59466ee6a8ce817c8f38c38a63e5a8d1413af3578df2cd9414e47021cbb5da9997a38fe072527452febff9f8749fba03311824d22644bf853b27a15cb77ff4f3f6bab112e77b68be750942f672225caa2991fd701b1ff97028e9b64b625a2e27fac35da2fedcaf76c18a811c41db8cc51d550e9426303fa8b15e43879457f252428df4887044484e2c503c1368435e8f4ba192f955574e47e73bf54f7a9e7e4c0afd921135e01b51f384841555d54bde0c0640a33bcb06293362b97942f302e50c82a774add795c99a96d87e6142deeeb150acd7eea639091dd2515e1f620c371a42438e9db0abb1fb22b018227a4155ff36d53d0ddfc3b8f32b83656584459263b3048ea42462b7dceeeec5d27c59e23a87cc861d0786dbee2b2c2673be1c85656155d504f646354c6be512134f6f8f6dd441a7806aa7590756d4d7b8b84ab1f011bd26621bbb46717d1cecab7547bcb33b33adafe0e88beb2a06ef67abbd7c3f915c2f0a10db86c09a701daae41c3342b6dc56a0df5970aa9b0d0e818c0faf8ad27221ab02593dcc1ab8736329506086885c32c1a3e4833aee816fade07ff6725fdebf42246f5e1499b2d2d0236722713f7b31ffd34f462753c1da316a12a28243ab83466b13e51780e714697735b63496f3323b6a29d9f1fed04d305f7f171581f9548fd00b46ee029f5fdaba02e3b95f3bee9a9e8d391a218e84f3565aeba9886be00d7cbf64b7efcf7565c3c89ee54b26ceedf49acfeb8275575b7a2cd368c595baa88869cfb09d5fe753d00db44112b3eb26a8523ce010cb61b39bf2736c15c9b9017bcc5069f07a851a887b30373ad7d763388a6146b315466690c4a0032121db7b305c78c4afb469d4107dfeb732e9e922d8a5f06a30bc3bd3847db3d7d2964ea815315730a39482ad3b8f40c7afa498656b8795656d7770f3571d461a389b43ad2a61598c7ce5f3910a8ba98770cffadf3c949748cbe5152cff4b62e6cee17a0eaf4a11d0a97002b5bd2f2ff790d7d1b48514c4445a077b6c5bc97844281f637784b956292d1239918eeecbb9a87a4eacde18f282e35219fe59070de14c7070cfb5f080bd9e37e4593e3467f2ea2ca6ab13a6f2c77069126868a9d4218dc0d4a583bd3565c400d79a3968de24149d8460e29286a101fc7f49600727f685a0519cd2594d5f9029eedbf5f1f1aa4152d698c533bf7cec56df0a601adfe43cc97cfbc5f066503478e7c2bf73fe28cfa83fe3020c4ba3f0d52828f096e2600c08eee0680df15c4f42d08b4214eb88187a17b84f6f38ae047a4c3bf7ed7f5285d507b420b2f813825a22e63b14d0814de54a2496b54c83936b4d9f4e86ca3ae3a0da0bbbc25432b8e88ff949328d18c22481596720f4addeb7f18fc46dba0269b183d30ec3e0dffdce6ba5bcbc5001a05ae1065b07f344aa9dbf1a1185612a9867bd721b3d2c8c35b6233d667c784c5c7e70441efb17d47f79694e6ce0b6aa9d6e7212bef9be72ae85d2899e1ede6b14bffc3fcf5cae34361230361a517d601d692d556c2980894061d7394c43c18632733af0290b736fee151c4436e19a7a15215f535729ebaf4c61bba3d2fe002b0b0ab7709694dce9c68cd462ef93dcc4be8950c84cd1bce902d728f935a5d7f414f82f9632a5ed0227b1f66b7db6800051d17b9384a0d829288a95d4b72824ba295d393f3f82f8ab28c8c0b3abdc17f2a329617b800e7afc38fc3f5e1c4d3dfc23cdc3b2b0ab2d85eff4bc1477fd0960af10cd978bbf50984161642d1e053569a70217ef5aa4284e566dc2c3c203d7899ce4080b68b493702a9e2ec9a5ba0cd2fa9347fa07b385f8714ae32288c862472ed68c208f30ccc044822f277e9cd846826e22f726833d187a2af12e531663078b783680f82586dc466fa3bf24e60b26db6c150b6d5eab64db5a60304159250ef7a342efe0a9c912a6d26e5b799ed384a6bccc73f94af05b185fca244da7208debdfaf3b2ecbfaa0ea9d270dcaceb8f16142ea325ad372bde5812188005c9c5d95659401ef80057e2b168deb5c6f61c252286a41c7441cc4800894f5ef960d6084a559fe30a6d32d24108b8026aa04e79ae20d6387ccb16ad1612530f4ffae4a0511ad2cc0a2077cc8bf80fe29628522dbc7c81d06c36e55138d9c5c1a9e57ba3faeb738a253b7aaa87854fdd79284246ee7089ec1b43827dc773d7d4f6ff4f072d49e02bc5be63ee100442c5416e0246cb030f44084deab773511f394389e41f8064131ba07623ae7e5cfadeaa41804626c7f9287ec6a31790589b4448611a48e98df31489aebe11afe97c6acbaa6818c67e861ebf77d498b1021db3b304870f218ce8b6cb7bd9fe1ebe968432c13344de71e7f97ddff30b21bd4415f482ed65a8f98565bda5cb31fbdbb6ecbc2e2ced0d055be0d63eff493485bc3ccf7e977e3b27bc26ab2f469263bac67f4efc1186b3b16ef930c8f99b9f8737b13036ec270ebaa593543b5b442f95a5ad5ccf4c24334a8e0d2ada42f2ebe2afeb5a962d6f4565a4dbddeed97e0a96253853f59811778eef6bb9affe073682bffd9ef85274ed06389ad3cb071241cd55acb8d6c18be36864eaee9e0d5339d15bb295e778f353947bbb3911d1f0cdc6330f8c9a2454410f69cd5e355b8a8aaa891b0c22db5e86a78e7471a5c94cfa8ce2f6e51580b37d592e6e5ce935c2cfd20208e0f01d45818887791b8b8c2cbba379f771377cbde1510f50faad038c9d21a3c7fa6339ead846716a41eb946a056daf9286b6e0942709b05b5073f380d7feefcc7f1d0da7212bf3567d77596c602a3d4629f7c8f33b025750d5b0e0cc8f05ffa0e147cadf71b7645bb8dad7a37e1063d4accf4d0055b1d052da8019b3664815bb671298a27d7359760d82cd045bba9876d166cb5ff5f972192daa26da0759f51e992a0dd2670771e9c8ec723f1fee952a9ded61f0a5b34ea555fa682d2494dca5a79d7712a6c6246f0b666a994b39c3e1daf815256fd564d7f21e730ada8397dce4f84e2f4fb4998ef8d8efd31fca7802435e69c9df0093a9c7f42390b0d251e9e6342cadfd5d84f42cb0d745d702a75366f346d84880cc9fc6f6330f8ddaecbd8165570d22047cbfc72e4b81d998005e197aa950b2c16ee020e50334b2a0a1f7f390ffca221a2e4a0a0e85a36a5459bb76e725c415a74ab2de52001a6e7dddf05aa106fa8013c922dcafbeff7b159a2262149ca95169a0e22babe5f950b23668678a24f609db179e0895b2158f2d24d1d9940fa5a7c9543fa50ccbf18a17f767e578d50677a2102d48644c9a94cdc9341abaa0b183d600a2a2c28811c647afd5618a1470ab4b5692e0b13e97b2da322964e3b1aa5d24c35f494e59567bfb151e8808575a9b14b142b6cb9c7da10fcbebd27d09c5ae2f20433ee6d01665cfc8170a95d356c007ab6764df16655e167f1ab0b7c00016623863923a04011722b54d4aefe69a7cc43c05a198f700d5b0da7957b5c9a81c8bd1cae522b8c62c62b30c70e4c920083135d095fa21fdb1a597971d74546d2350888b233fc145857c5d4aab842cb75cad20564e6a7ebbcdd8755f27c76ee84b8f74b3cfe02c5c211eed9495ac0f74efd2c3e2ddc005eb570054bd1f582e4c0fba366801fc169a047ee9a3eee73b20d1ab2fd1a70e692c2bb76e116fae7c0008cf02e5ee2930cb90947eaa8be59a2268f831b98d7a65f6222a1c4c94ae9a6a228bae21130a64a4dfc885a94c0d863f2db6aad0d21652b5011461f67543585d441d3deefceda593c7962e6505d05f70cd2008f93fa125e0050afa66046c96790a1ebd0151dcfc3afa2abc26a837ca76d64ad143c9fcc35f4adb1490355005567fe19c2e2424a3d1846d9dcf71a5d5095ca61adaa3c505c890a474f66aeabe9830abeafdd4c98ae2d0139f8ddb3a2251caa854a53bfa75a8582cdfc43de26c7538193cf75c7169fc96aa9606c48ed480fcb83f3be20b6205e4217cf71f3f0cb2364ec2f4d7d104c88c08f8484e1f2250662df44076979f80ee6e2a608b14ab50d81c5e0e23a718c7a9f9a7b8c26698fc23d1e1df95ad28bbd13ac6e0cf288eeb8c09ea5d557373c6b8588283c6b9a494454a19a6c6d51ff3c2049a6f4d5ba33e0881e65fdd9e07dccd087c577f5a49c00f644a764339783a5190da391fb691e356cdd2bbcbb7c2ec27a4d05bf018ed31c460b1adb29074af053c54211a69e227aba99a2a9223433f5a6fe99c989caaa07b313452f9b0a244d14059603c8b6b83288cf949c183eb6b9868cb7f9c3e318eafec135fcceb2ed8f95f2e40359b4a38b4031be6df4ffb9cdb0d6a1aa4248cd939742eee8053723fbd6123edbc9e26e11cce83245e9ad19e78a73dedebe86f14f37c2f68ef09ceb67e23a005bc928c45b0eea9178047ed150d4bb8c5e4b7cc07fe08629c68a262d6a02f58df80315ee48b9895a1bfb1f949cacecf5c9cde9d6ece5ffcb82d6b5edac70d15a1dbf505a44e8bb22b92ed6f1462bba87946788c74d928538d5e46ba23943b29ebf5eb6a529f024a38af83f518ced04b661eb9d90adb8877602621bdf51643e1650a8a730fcd6281d4a8173554679ad5a02ea0991fde467a6c30e4e85453cc566eeff0e9febda91021409f4469db0fb55f409c0c38a3317628fae773e07692decfec22b74b9d5ced752cb9262903a575c688001210739546e5e392af4667efad9f6ab98afccad5a24303342506ad4b2095838197838727a936f954637232fd9d98c89a809fb0de69f42279ecaeca0da17b4feef446fe0583e511f5e03541dd0fe6b8513d04213affcf1dd2aef98136261d6e5", 0x1000}], 0x1, &(0x7f0000000480)=[@ip_retopts={{0x34, 0x0, 0x7, {[@noop, @timestamp={0x44, 0x20, 0xa3, 0x0, 0x0, [0x4, 0x401, 0x5, 0xce9, 0x5, 0x51, 0x51775335]}, @end]}}}], 0x38}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0), 0x492492492492627, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r6, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000040)={0x2})
setresuid(0x0, 0x0, 0x0)

13.606563693s ago: executing program 2 (id=1486):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r7 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0)
syz_usb_control_io$hid(r7, 0x0, &(0x7f0000000dc0)={0x2c, &(0x7f0000000ac0)=ANY=[@ANYBLOB="000900e800022f"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r7, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r7, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000001800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000000c0)="440f20c03507000000440f22c067420f8f04000000c443ad68b60080000095c4828947b600000000b99d090000b82f624a48baf4e055500f30263636f3430fc73636f2360fa5a10050aa37f39066b817018ec8c4c1795a5100", 0x59}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000140)={0xbfec, 0x15, [{0xf, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x5, 0x1}, {0x4}, {0xf, 0x1}, {0x4}, {0x8}, {0x2, 0x1}, {0xe, 0x1}, {0xc, 0x1}, {}, {0x5, 0x1}, {0x2}, {0xe, 0x1}, {0xb, 0x1}, {0x1}, {0x4, 0x1}, {0x6}, {0xd, 0x1}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0xd, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

12.35308317s ago: executing program 0 (id=1489):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x1, &(0x7f00000000c0), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = syz_io_uring_setup(0xbda, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x118, &(0x7f0000000000), 0x0, 0x4)
r5 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r5, &(0x7f0000000480)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x38)

11.698910172s ago: executing program 0 (id=1493):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0xffffffffffffff7f, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x40, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, 0x0, {0xfff1}, {0xffff, 0xffff}, {0x7}}, [@qdisc_kind_options=@q_hhf={{}, {0x0, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x0, 0x6, 0x1}, @TCA_HHF_EVICT_TIMEOUT, @TCA_HHF_ADMIT_BYTES={0x0, 0x5, 0x1}]}}]}, 0x40}}, 0x24004051)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007ce7c810d804300a47ce0102030109022400010000000009040000020de67a0009050402ecffffffff08058102"], 0x0)
syz_usb_control_io$uac1(r1, &(0x7f00000001c0)={0x14, &(0x7f0000000040)={0x60, 0x23, 0x101, {0x101, 0x21, "017538c1a8adf36cfd1d7d13d51c529368e6f633c4d6009d9de19de6288add5a7aed78afeca489cf613cd9088cb302d687c8cf72be1651575c7a5c10f8696df3593d8527e20f3b80135ab8a83d6183e3b8822c36b015c7d54c2146cb91e0a65e9302fd1928d72d9405dd0b39ef91e30541b445784687461842a703efe308aff5085304ccfcdc656b58bda2948f3f3dabd93a6a8efe4f5fd1c5b0e453651e8a8352612e92bc73d573832ea20c2f367a5fd0d732324c1401bea7970fc446cf711a6dddaff91cc83f6a13dc0716ae8b1c1e5f371298a455c97957030f3dab6fcaff28834be48f62f7d1ba7c1e384bcca17714bd5fd2b5bf6e116ff64d1b57443d"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x439}}}, &(0x7f0000000480)={0x44, &(0x7f0000000200)={0x40, 0x30, 0xba, "e622536690e8d0d55ada71629d20b05e1fa00453b19c125bd8682bfb815b1a88c8a87e066599fee3507c91f6e1daad4a97bb58e7fb69f5c24acf0e696084d637b542cbd58735e5437635182a7a66a86c8980cad14bda07cd978acafc977091a5736acb8e5decaa9b044abc6da12f4c911fecd0b4bdcf195d17279e41c2daf5dfda5c27e3537fdd0743a106a50203102d3b33faf68503e35dcf1114722588da4731059ce0bf4d342bc16a19d26cc2091d61745c0f285627ad9fd5"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000000300)={0x0, 0x8, 0x1}, &(0x7f0000000340)={0x20, 0x81, 0x1, '%'}, &(0x7f0000000380)={0x20, 0x82, 0x3, "a96c4e"}, &(0x7f00000003c0)={0x20, 0x83, 0x2, "d330"}, &(0x7f0000000400)={0x20, 0x84, 0x4, "f8c43661"}, &(0x7f0000000440)={0x20, 0x85, 0x3, "1426fa"}})
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0xffffffffffffff7f, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x40, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, 0x0, {0xfff1}, {0xffff, 0xffff}, {0x7}}, [@qdisc_kind_options=@q_hhf={{}, {0x0, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x0, 0x6, 0x1}, @TCA_HHF_EVICT_TIMEOUT, @TCA_HHF_ADMIT_BYTES={0x0, 0x5, 0x1}]}}]}, 0x40}}, 0x24004051) (async)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007ce7c810d804300a47ce0102030109022400010000000009040000020de67a0009050402ecffffffff08058102"], 0x0) (async)
syz_usb_control_io$uac1(r1, &(0x7f00000001c0)={0x14, &(0x7f0000000040)={0x60, 0x23, 0x101, {0x101, 0x21, "017538c1a8adf36cfd1d7d13d51c529368e6f633c4d6009d9de19de6288add5a7aed78afeca489cf613cd9088cb302d687c8cf72be1651575c7a5c10f8696df3593d8527e20f3b80135ab8a83d6183e3b8822c36b015c7d54c2146cb91e0a65e9302fd1928d72d9405dd0b39ef91e30541b445784687461842a703efe308aff5085304ccfcdc656b58bda2948f3f3dabd93a6a8efe4f5fd1c5b0e453651e8a8352612e92bc73d573832ea20c2f367a5fd0d732324c1401bea7970fc446cf711a6dddaff91cc83f6a13dc0716ae8b1c1e5f371298a455c97957030f3dab6fcaff28834be48f62f7d1ba7c1e384bcca17714bd5fd2b5bf6e116ff64d1b57443d"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x439}}}, &(0x7f0000000480)={0x44, &(0x7f0000000200)={0x40, 0x30, 0xba, "e622536690e8d0d55ada71629d20b05e1fa00453b19c125bd8682bfb815b1a88c8a87e066599fee3507c91f6e1daad4a97bb58e7fb69f5c24acf0e696084d637b542cbd58735e5437635182a7a66a86c8980cad14bda07cd978acafc977091a5736acb8e5decaa9b044abc6da12f4c911fecd0b4bdcf195d17279e41c2daf5dfda5c27e3537fdd0743a106a50203102d3b33faf68503e35dcf1114722588da4731059ce0bf4d342bc16a19d26cc2091d61745c0f285627ad9fd5"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000000300)={0x0, 0x8, 0x1}, &(0x7f0000000340)={0x20, 0x81, 0x1, '%'}, &(0x7f0000000380)={0x20, 0x82, 0x3, "a96c4e"}, &(0x7f00000003c0)={0x20, 0x83, 0x2, "d330"}, &(0x7f0000000400)={0x20, 0x84, 0x4, "f8c43661"}, &(0x7f0000000440)={0x20, 0x85, 0x3, "1426fa"}}) (async)

10.283976904s ago: executing program 2 (id=1497):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
read$FUSE(0xffffffffffffffff, &(0x7f0000000900)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
ptrace$ARCH_MAP_VDSO_64(0x1e, r3, 0x4, 0x2003)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="90000000210008002cbd7000fedbdf250a108003020000080100010014000100000000000000000000000000af3f11d0da0000000108000e00051600001400010000000000000000000000ffffac1414aa14000100fe8000000036680000000000000000bb08000400030000001400f5470100fe8800000000000000000000000001011400110070696d72656700"/151], 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_open_dev$dri(&(0x7f0000000380), 0x1ff, 0x80800)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f0000000340)=[{&(0x7f0000002940)="6e5d9b889fe0680a3302907a3c98c6ca73f360de19337b6ff6f4a3430b087bff951d4a26d3b7da425a6a542a34cb9b66107f3b8f5ee5753b46792f795657342f9791917dafa12fd3e583231696d566383797a61b5eefc3c0339f585721af444f7b18d59e74255959777181fec61ef11355b8fdf45f1c0a30a8a912297df35d4e175efd4c7ecc183d2f8bd6cf563442eec233edf91a5cdef2b0a10fd9e999ec7dad7e311e396e813ec1d7535eacbb03846fb0dffe6a5d81ed9d776880543a0ffc021e01d9a5feffba8291da0d14ae2eceac910e686b29adae9665822e0f69ad8f02b16a2610cc3c360f4f16f61aefea0070aa2b5bec1b06c036ba53c2ba7d9e020287c929548c3a0d36782428a4d7dad9474601d6264ce0b7179ebb897cafeba8dfdacbab88e14a1a5a0d9e2c0455c3fda0ce5d32f995186769be9081747b42d401c1a0cd7d43de0925e16d48ef823953dffdeb2e8617375fb75a729bf362e95b37dd931f1ae2ad685367b85701a1f284b9b5d33d9d17a0f854e5b55815ddbf44aaf6ece0a50190f57686ec41f54a4ebdc7c8bf4478fb9cf96c222db4fcac71399b1f9468ca329af4bb8c4f7286665e81c1051bbb18f8fde07cc033d9838c654a3323c5b51c1317db28fe23695a30dc95f86e3345ce3e39329f3aecc2303399773b97e3133d2d49ce1810cdb276dd81a8c8a424347d9eee9e6e2bd5603d561c143d56a337a443a23048deee4c845bef3441b34e8a708ac6bd524328643a74b1fd3d3927cfa8a8b8e1650de5e5cc0e7b9aa0d68244f8aa0b01dc8d69266bd4da33e0aa5388340acf6fdfa0fefca4f1005e435953e872c95f50766d34a6876996a7b07a858b0eee226b6148d4af33ba2d5c4e97bbac529551a35cf6abc35f7ca187a204dca7f4775afa62a90fe923b043d0c3e6864ac61a3dd66ea6ff4298297ae54e59466ee6a8ce817c8f38c38a63e5a8d1413af3578df2cd9414e47021cbb5da9997a38fe072527452febff9f8749fba03311824d22644bf853b27a15cb77ff4f3f6bab112e77b68be750942f672225caa2991fd701b1ff97028e9b64b625a2e27fac35da2fedcaf76c18a811c41db8cc51d550e9426303fa8b15e43879457f252428df4887044484e2c503c1368435e8f4ba192f955574e47e73bf54f7a9e7e4c0afd921135e01b51f384841555d54bde0c0640a33bcb06293362b97942f302e50c82a774add795c99a96d87e6142deeeb150acd7eea639091dd2515e1f620c371a42438e9db0abb1fb22b018227a4155ff36d53d0ddfc3b8f32b83656584459263b3048ea42462b7dceeeec5d27c59e23a87cc861d0786dbee2b2c2673be1c85656155d504f646354c6be512134f6f8f6dd441a7806aa7590756d4d7b8b84ab1f011bd26621bbb46717d1cecab7547bcb33b33adafe0e88beb2a06ef67abbd7c3f915c2f0a10db86c09a701daae41c3342b6dc56a0df5970aa9b0d0e818c0faf8ad27221ab02593dcc1ab8736329506086885c32c1a3e4833aee816fade07ff6725fdebf42246f5e1499b2d2d0236722713f7b31ffd34f462753c1da316a12a28243ab83466b13e51780e714697735b63496f3323b6a29d9f1fed04d305f7f171581f9548fd00b46ee029f5fdaba02e3b95f3bee9a9e8d391a218e84f3565aeba9886be00d7cbf64b7efcf7565c3c89ee54b26ceedf49acfeb8275575b7a2cd368c595baa88869cfb09d5fe753d00db44112b3eb26a8523ce010cb61b39bf2736c15c9b9017bcc5069f07a851a887b30373ad7d763388a6146b315466690c4a0032121db7b305c78c4afb469d4107dfeb732e9e922d8a5f06a30bc3bd3847db3d7d2964ea815315730a39482ad3b8f40c7afa498656b8795656d7770f3571d461a389b43ad2a61598c7ce5f3910a8ba98770cffadf3c949748cbe5152cff4b62e6cee17a0eaf4a11d0a97002b5bd2f2ff790d7d1b48514c4445a077b6c5bc97844281f637784b956292d1239918eeecbb9a87a4eacde18f282e35219fe59070de14c7070cfb5f080bd9e37e4593e3467f2ea2ca6ab13a6f2c77069126868a9d4218dc0d4a583bd3565c400d79a3968de24149d8460e29286a101fc7f49600727f685a0519cd2594d5f9029eedbf5f1f1aa4152d698c533bf7cec56df0a601adfe43cc97cfbc5f066503478e7c2bf73fe28cfa83fe3020c4ba3f0d52828f096e2600c08eee0680df15c4f42d08b4214eb88187a17b84f6f38ae047a4c3bf7ed7f5285d507b420b2f813825a22e63b14d0814de54a2496b54c83936b4d9f4e86ca3ae3a0da0bbbc25432b8e88ff949328d18c22481596720f4addeb7f18fc46dba0269b183d30ec3e0dffdce6ba5bcbc5001a05ae1065b07f344aa9dbf1a1185612a9867bd721b3d2c8c35b6233d667c784c5c7e70441efb17d47f79694e6ce0b6aa9d6e7212bef9be72ae85d2899e1ede6b14bffc3fcf5cae34361230361a517d601d692d556c2980894061d7394c43c18632733af0290b736fee151c4436e19a7a15215f535729ebaf4c61bba3d2fe002b0b0ab7709694dce9c68cd462ef93dcc4be8950c84cd1bce902d728f935a5d7f414f82f9632a5ed0227b1f66b7db6800051d17b9384a0d829288a95d4b72824ba295d393f3f82f8ab28c8c0b3abdc17f2a329617b800e7afc38fc3f5e1c4d3dfc23cdc3b2b0ab2d85eff4bc1477fd0960af10cd978bbf50984161642d1e053569a70217ef5aa4284e566dc2c3c203d7899ce4080b68b493702a9e2ec9a5ba0cd2fa9347fa07b385f8714ae32288c862472ed68c208f30ccc044822f277e9cd846826e22f726833d187a2af12e531663078b783680f82586dc466fa3bf24e60b26db6c150b6d5eab64db5a60304159250ef7a342efe0a9c912a6d26e5b799ed384a6bccc73f94af05b185fca244da7208debdfaf3b2ecbfaa0ea9d270dcaceb8f16142ea325ad372bde5812188005c9c5d95659401ef80057e2b168deb5c6f61c252286a41c7441cc4800894f5ef960d6084a559fe30a6d32d24108b8026aa04e79ae20d6387ccb16ad1612530f4ffae4a0511ad2cc0a2077cc8bf80fe29628522dbc7c81d06c36e55138d9c5c1a9e57ba3faeb738a253b7aaa87854fdd79284246ee7089ec1b43827dc773d7d4f6ff4f072d49e02bc5be63ee100442c5416e0246cb030f44084deab773511f394389e41f8064131ba07623ae7e5cfadeaa41804626c7f9287ec6a31790589b4448611a48e98df31489aebe11afe97c6acbaa6818c67e861ebf77d498b1021db3b304870f218ce8b6cb7bd9fe1ebe968432c13344de71e7f97ddff30b21bd4415f482ed65a8f98565bda5cb31fbdbb6ecbc2e2ced0d055be0d63eff493485bc3ccf7e977e3b27bc26ab2f469263bac67f4efc1186b3b16ef930c8f99b9f8737b13036ec270ebaa593543b5b442f95a5ad5ccf4c24334a8e0d2ada42f2ebe2afeb5a962d6f4565a4dbddeed97e0a96253853f59811778eef6bb9affe073682bffd9ef85274ed06389ad3cb071241cd55acb8d6c18be36864eaee9e0d5339d15bb295e778f353947bbb3911d1f0cdc6330f8c9a2454410f69cd5e355b8a8aaa891b0c22db5e86a78e7471a5c94cfa8ce2f6e51580b37d592e6e5ce935c2cfd20208e0f01d45818887791b8b8c2cbba379f771377cbde1510f50faad038c9d21a3c7fa6339ead846716a41eb946a056daf9286b6e0942709b05b5073f380d7feefcc7f1d0da7212bf3567d77596c602a3d4629f7c8f33b025750d5b0e0cc8f05ffa0e147cadf71b7645bb8dad7a37e1063d4accf4d0055b1d052da8019b3664815bb671298a27d7359760d82cd045bba9876d166cb5ff5f972192daa26da0759f51e992a0dd2670771e9c8ec723f1fee952a9ded61f0a5b34ea555fa682d2494dca5a79d7712a6c6246f0b666a994b39c3e1daf815256fd564d7f21e730ada8397dce4f84e2f4fb4998ef8d8efd31fca7802435e69c9df0093a9c7f42390b0d251e9e6342cadfd5d84f42cb0d745d702a75366f346d84880cc9fc6f6330f8ddaecbd8165570d22047cbfc72e4b81d998005e197aa950b2c16ee020e50334b2a0a1f7f390ffca221a2e4a0a0e85a36a5459bb76e725c415a74ab2de52001a6e7dddf05aa106fa8013c922dcafbeff7b159a2262149ca95169a0e22babe5f950b23668678a24f609db179e0895b2158f2d24d1d9940fa5a7c9543fa50ccbf18a17f767e578d50677a2102d48644c9a94cdc9341abaa0b183d600a2a2c28811c647afd5618a1470ab4b5692e0b13e97b2da322964e3b1aa5d24c35f494e59567bfb151e8808575a9b14b142b6cb9c7da10fcbebd27d09c5ae2f20433ee6d01665cfc8170a95d356c007ab6764df16655e167f1ab0b7c00016623863923a04011722b54d4aefe69a7cc43c05a198f700d5b0da7957b5c9a81c8bd1cae522b8c62c62b30c70e4c920083135d095fa21fdb1a597971d74546d2350888b233fc145857c5d4aab842cb75cad20564e6a7ebbcdd8755f27c76ee84b8f74b3cfe02c5c211eed9495ac0f74efd2c3e2ddc005eb570054bd1f582e4c0fba366801fc169a047ee9a3eee73b20d1ab2fd1a70e692c2bb76e116fae7c0008cf02e5ee2930cb90947eaa8be59a2268f831b98d7a65f6222a1c4c94ae9a6a228bae21130a64a4dfc885a94c0d863f2db6aad0d21652b5011461f67543585d441d3deefceda593c7962e6505d05f70cd2008f93fa125e0050afa66046c96790a1ebd0151dcfc3afa2abc26a837ca76d64ad143c9fcc35f4adb1490355005567fe19c2e2424a3d1846d9dcf71a5d5095ca61adaa3c505c890a474f66aeabe9830abeafdd4c98ae2d0139f8ddb3a2251caa854a53bfa75a8582cdfc43de26c7538193cf75c7169fc96aa9606c48ed480fcb83f3be20b6205e4217cf71f3f0cb2364ec2f4d7d104c88c08f8484e1f2250662df44076979f80ee6e2a608b14ab50d81c5e0e23a718c7a9f9a7b8c26698fc23d1e1df95ad28bbd13ac6e0cf288eeb8c09ea5d557373c6b8588283c6b9a494454a19a6c6d51ff3c2049a6f4d5ba33e0881e65fdd9e07dccd087c577f5a49c00f644a764339783a5190da391fb691e356cdd2bbcbb7c2ec27a4d05bf018ed31c460b1adb29074af053c54211a69e227aba99a2a9223433f5a6fe99c989caaa07b313452f9b0a244d14059603c8b6b83288cf949c183eb6b9868cb7f9c3e318eafec135fcceb2ed8f95f2e40359b4a38b4031be6df4ffb9cdb0d6a1aa4248cd939742eee8053723fbd6123edbc9e26e11cce83245e9ad19e78a73dedebe86f14f37c2f68ef09ceb67e23a005bc928c45b0eea9178047ed150d4bb8c5e4b7cc07fe08629c68a262d6a02f58df80315ee48b9895a1bfb1f949cacecf5c9cde9d6ece5ffcb82d6b5edac70d15a1dbf505a44e8bb22b92ed6f1462bba87946788c74d928538d5e46ba23943b29ebf5eb6a529f024a38af83f518ced04b661eb9d90adb8877602621bdf51643e1650a8a730fcd6281d4a8173554679ad5a02ea0991fde467a6c30e4e85453cc566eeff0e9febda91021409f4469db0fb55f409c0c38a3317628fae773e07692decfec22b74b9d5ced752cb9262903a575c688001210739546e5e392af4667efad9f6ab98afccad5a24303342506ad4b2095838197838727a936f954637232fd9d98c89a809fb0de69f42279ecaeca0da17b4feef446fe0583e511f5e03541dd0fe6b8513d04213affcf1dd2aef98136261d6e5", 0x1000}], 0x1, &(0x7f0000000480)=[@ip_retopts={{0x34, 0x0, 0x7, {[@noop, @timestamp={0x44, 0x20, 0xa3, 0x0, 0x0, [0x4, 0x401, 0x5, 0xce9, 0x5, 0x51, 0x51775335]}, @end]}}}], 0x38}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0), 0x492492492492627, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r6, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000040)={0x2})
setresuid(0x0, 0x0, 0x0)

8.73909673s ago: executing program 3 (id=1502):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0xe7bf, 0x0, 0x0)

7.82987028s ago: executing program 1 (id=1504):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000080)={{0x0, 0x7fffffff}, {0x0, 0x109003ff}, 0x6, 0x2})
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000002c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r4, r5, 0x3b, 0x6, 0x7, 0x5b, {0xabac, 0x0, 0x2, 0x3, 0xffff, 0x8, 0x5, 0x100, 0xf, 0x4, 0x8000, 0x4, 0x0, 0x1, "3c07653f7bc421b2e2bd166b8459a3fcded06e494223aa5db3e5e050b399d71c"}})
r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x14, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x3938700}})
io_uring_enter(r6, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x40000)
write$sndseq(r9, &(0x7f0000000480)=[{0x5f, 0x40, 0x9, 0x10, @time={0x6, 0xfffffffc}, {0x4, 0x1}, {0x80}, @ext={0x6c, &(0x7f0000000340)="3089f3f612b4270f64380f4cf6cf4439e40886a7ef1c5152f9b1dfda6cf1b4a67b76b5d0a820aa902718db70d0248cf211a6743a3d101a228f9b661f950047224206d74e677d50a7af7a5feef5f056ffa48b1bbef69b1e6a55e73c86b0f4a86b7f73b553e13a1574a424672b"}}, {0x3, 0x6, 0x6, 0x3, @time={0x5, 0x3}, {0xa0}, {0x0, 0x1}, @queue={0x1, {0x1, 0x1}}}, {0x0, 0x2, 0x5, 0x7, @time={0xfffffbff, 0xa02}, {0x2, 0xf2}, {0xf, 0x1}, @time=@tick=0x7}, {0x3, 0xff, 0x4, 0x2, @time={0x8001, 0x10}, {0xac, 0xc}, {0xd, 0x3}, @queue={0x0, {0x77, 0x8}}}, {0xf7, 0x7f, 0x3, 0x2, @tick, {0x8, 0x81}, {0x9, 0x4}, @queue={0xc, {0x6, 0x9}}}, {0x3, 0x23, 0xb1, 0x81, @time={0x200, 0x94}, {0x7, 0x2}, {0x3, 0x2}, @control={0x8, 0x3, 0x800}}, {0x2, 0xd2, 0x1, 0x81, @time={0xc, 0x9}, {0x7f, 0x7}, {0x71, 0x5}, @ext={0xab, &(0x7f00000003c0)="9f1649d426853a1268c49b5a523726b9e0054be466a95ca18d5b6daee5eda6cf897d69df5db91731bf1dae441a67914f83f05973d548766c240ba32c99230f55c7ee667504e68a52c089c7ac3737fd9de08cd23c4470ba3c0329ed32c52a3761c84f717488dd7b5ac71843442b166f262670b5b8d65277ee4f00bb932c32593392364bb0bb19eacfc9c9468475068220c569765adbd996674ee8038a608b03b5ed561a9d35425a1301d6ee"}}, {0x1, 0x5, 0x3, 0x7, @tick=0x5, {0xff, 0x26}, {0x5, 0x4}, @queue={0x3, {0x80, 0x3}}}, {0xf6, 0x5, 0x0, 0x5d, @time={0x2, 0x3}, {0xf, 0x7}, {0x0, 0x5}, @connect={{0xff, 0x1}, {0x1, 0x9}}}], 0xfc)

7.720567191s ago: executing program 3 (id=1505):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
accept4(r1, &(0x7f00000001c0)=@un=@abs, &(0x7f0000000340)=0x80, 0x800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000000)={r3, 0xffffffffffffffff, 0x24, 0x7, @val=@uprobe_multi={&(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x8, 0x0, 0x1}}, 0x40)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000e40), 0x40040, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
socket$unix(0x1, 0xc17a9ab45fe0440f, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40880}, 0x24000800)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@local, @remote, @void, {@llc={0x8864, {@snap={0x0, 0x0, '~', "3fab95", 0x892f}}}}}, 0x0)
ppoll(&(0x7f0000000040)=[{r4, 0x8080}], 0x1, 0x0, 0x0, 0x0)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001d00)=ANY=[@ANYBLOB="a41300003e0007010000000000400000047c00000400fc800c0001800600df00800a0000140007000000000000000000000000000000a605ffc4e038d20a76e6e6e711b5978aea893d56487c8c3900fba73f575ab4bcad3ba62e718e71f35b0bdab4e47a9947be913176854bef8421d7137df166d740a93e8a3eebaefa672b2ecdff5adab0cad8077a1ecb757cc8c06dec7226f94a43c8b36a98cd5cac9b2485567a36fa258e2e5c411f3f7e5025dbb38a33f7d961ad673a44eb6b26c2c4f38500d7cbb7224e138f08002d00", @ANYRES16=r0, @ANYBLOB="d40137801000568008000f005200000004001e80040085006001db48f0b5dc53f6af2e17b947fd96d5a1dcbb2032dc7390286f749f5a265b10fb28815307e65d60b0f02367bd6bee5bdb230d3497677fd1022dc614449032bdf87ea9a0c928b706d3fff8405680a176006250a1d20383b313536d8d6ceef204e1ac0f494e410280e4fafa3c77802b96e8095c41088454e234a77ff865f520bda0f5f52f4bff16aa355904fece2a2c701c59f21962dc49ab93237efb376b75eac9e78fac1d728d54fc627d131e0b9b5b6fccfdd8a87fc7bcc8135f0d1492cd981f349abbddd14b21725cd04db1058967564e2a557e9acd90f00f16630f47fb20482ca2fe88e91fffaafaec7648fdb3deae651de5d8edbcee94b69bb07f328579558c3fc8badc8b13c8bd5672c225aadf7ab4ea09fb9b26ffe9e5460b5e841c10c3e07cd646f64d108264287c9f2e41494270f62152b485bb9bd1ac6b3d29ef8b07ca910a88b0a1f8b3596a86c9488c1dbf9b13cba79e4388832d7c62ea079ad4305253128fccaf152f433de9c43fea3c1be542855d36e65374462e2977d2afaa4bd317b584d9b0430f43e87e0bd59424d52e1165118aca38ba25dccd00d06500f5013843557f49874d0c6534ec8649c21ae51654410edf852c100ab3e19e0f7b7cc0692f514595b1dc90b0c491ca586d48654b4d274b6f7e43551f1a50509e8b826493167dacb75ecc0f8fbed01836c8eb029d3ac32830cce723dbefff031c32d4d79b7bfaaea1bf52d52fc8e51d96fdff074150293a8470d75303ecef74d58425e2675897b02b2feff9fe2141883adb360a4fa734e1e8636ad08fd4222f2dc91844e9c7030bc8e0da799fc2df5e28e7f3f2dba8397c5d21669bf7c00931223802630906a073eae128c29ac649eb13bafe641c837845ba0539393f1d510420205042d0ab83fc876c0f150e8a727fdafe634d870d9184837cf17eeb68d8d945ea12bfb30d21356884fb16c62221bcc7f3467d0db52d2ed1792e0812ee3b18a95f055f716214266e0115ea2beb048e07fbcca5ff74906e210e687bfa61e8df6cb8d1a638679b1aaa0edbd32e2a585c7b52645ea6bf26df6ff07bfe6290db2a23cfdefa6f1e83fe958a713dd80d84eb5cffe2b7cb8226da3ff9bbcf53aa577c06019ffdcb0d6631f64f544efdcf2a92e5d1a056d4074f1ab5e102d41a5671b5a863be7564f6bda4d15fa6f4fa8c634f3a1120b7fb8ca3eed9e8a7a7a809401da86b6b2229c5b856a10d426e08056ca2c97db77fad91b6170f3c29d58b770b25387fb237140d7e4b0d93693aefc26ae1a21082929781ca6c4706a2ac6db2e0ab2441575cc662c2b9d390034bf7d750be07a911ea0f9227f5c2345013c0dd4cac0ab689527c5660c1514f74657388d904ff390b22d2feb61188ec1533f5c746735b04d37524c7315882801c7c0d9fdfaeb49a895c9681ff60d377a7fb08c8e5362ec673d6ba770dd8e5f857d24c8de55ac5f05fcf0a8682924691abb9697b0b0cd57cff8db1b7f86ed8f3d86934708f2f6ac2f033b367bde6637cc9aadb3d98e56f71e469132b79123f60c17c88045f6d50ce62a85bab021b29ed6f69d47762a9468822a21b2409421c1a31e9189e2b93d22d2607f4d531f58091984938990ff4526b756bd81718805f9c59e8719f42b2c37b083564906f6853a7679a8d43d5faae5225b1d5d46a8eac3243be91b0373de1af039c431ad708e8fd08d5faa12224d5bd2deb9a52a26ade413f25a7e5b37bbe6fc8131cb510869e1f5045cb737eda3d438e8b6c594cc276bdd99b7cb8e22b89af46e255aaf342636782d30f2cb1938f53aa05d857ea2eb1180d58d79878aaa51e66818ce7a5de5113006ac088a58eb9ca50d1311eacf1935b7bd6a46d0a1207a121fe0242261a7c416ed2ca1d50fbe83b69289a4e8167f43f4ff7d433991337d3cf8b293a0ae802bb5e230c632f823c2fc9d2c7deaa98a69a2b47775962bfa8293fed2441fe483cd8e985946f1b3195722af1145a062744d4e09519632cf5c6f3c249732831cd616170733fe254ea1582f16d2c223541c7f99b6226f0930f0bce09213e79c2447753daecc7d2cee0a84cd22c62fc7078162a6b10da6744eca18d3dda7c516ab1a70717cb9cb30becfa70a6dc209a011e19075a4008355520ebbfd5250c36c694c91969474e5d63066de00c0d451764c7d266b37aaa5febb93ca13db997004cad62012bce36244582602e70e3d7eca9f72ec67873f39a8da5c7c5ed22d0e82f35dda88e709debe06517db1646c6339aa89b99bd7c71aacb0496719800aa9aaf55de9b3b57c0ba6ac8d9aaaa89023612efe05a8dabb1f2bef5739cffd3594a71f029525494c28265383ba7b6f1a51db0d73c14411ef5249f86f485a5de58d1406aa40e7ebbd2b1499b66aa5cd575ec3a712e23ddf9789e50a5b9782a4d182f3e5f2f376370da899ad9982e70244547bcdf5ea93df28af366a00ecf54c60193f1f10aae74a4aaea5b975717f916f295d2c94d00f0886bdf65ce6703a60b6d900354c581a2e784dd2f04731171abfa77c573c70cd7fbf7859b45b5707d50271c204cc4da3cae1ccd83c0766a8cd80c3a6b2befa227d3b4eaa003f228418c98e87347177f0b44e77274cae95650597c1caaa6f2b7440b287f176a145ebe6bf0b976fe101d6ccca8223e5b584177715794c9606decf413f039640fe6402c3671a8156303e0c54e33578177bfc46e31f2053b054ba428f901cc946dd95ca6b833cc372d18abe60c3b462087c15dae402cda3835aaf30552ef6cc4806e363585107fd43d2d8c47ea5da7218cd5834bf22cc3c7e4f95a7edac93d484302d81b95664490f8b8482ed262a625fb1339c1682107bb36c5ea448e07d6e0218b19616c3e2463342bbe732f6bc0c97b505970d22da3d2cb4e61e4c9d817ed3bd27c32b024bcbc3cc7a1f89fcec5664491889cdf4c9895367730eb171560b9254eb444082976eb1233066ec486bfd69b749905622799068d4f71c013793d93608abf7b5d8f43b174bf5cfe93688c86844b216b038355814865c497172c93db7bfc95fa0f71a4422b6299ba2b3836bcc43e562303231aa0442a7c54b9e8c0fc483dade73e19213b19aed915c6e4e232ac49f0a26cecce75d2c6d62858b7074bb6f9595d58dadb3017d0e54bc60c59349e2b19c038bc226fb597bb37f8dc1b9c9529d457a43c9db3f1374eee415c2f7583ebb9c9c1b2161bcc0cfa6724f6022c1981b8171a3962715f4543a6163f507246cce7efd6587996915709b7eccebb6682f47ba689026c020202b1d2be5273f1856943a177f8e19c1be50594839234667513e64e9e723d899fe5ecd4950171f8113c48ca379efb403912238fdaa3ec8d3e9e1aa473f32aeecc0ff15944f1a9410671fc6a75d554b678809657f61903d13cf5c871921fa4a24623a173b3e4af5452e5886e0749dccf31ce8a6d6e15d839aeed80e3bcec9661b7c336c03c2b5d8be69f8e06645ac3c72dd1f3e53d46fb4c470a085c932662cc86ef32a3d07bf662a3f770cab4eda33c9e04c5f93bff70691ade574f31e1d28673955d096a4f5d935c5a970549aa78a3ff955f47f00ef19d4fe09171fd8ee9443478f306a36a1689ee772ff944f472971c534a96958204d1e17d026dff562db6c31d9ef31493ef483b053f6dd24dc951fc5d818c9bfc9ab6f45e85d808bc88d9546314d7f72ab83079aed44e70a52d744e8a297adb6ce193832b9db4095b012f6bf78652fb9a6c67dd980fecd216c6f63c2ef3ba325cdee41482a3ac8f3291917e19793625bc7f4762c491a8bd2bb4da1a760fb889149ed4a3072a91977d35ee02373d4ef32dec73ad47f3e30b56f324b12983493979bebd15a51aeb96a70c37878acf864dc9cc809868750bdfe9a7ab324b874acf6457715e39f27f3c592fcf9f37bef03172bb35a771025b724c8216b0efea16f22a4ca6d00941d61f6ae59151d9aa262cd3409de73f83fe5dcc03bb0a0aa04cbeaab6cd8248d587d41f258a68019e11a2efb7a3fdfa3d3b2a22c5e34e7e5596d02f2f8572105de4aa7001ba884a4cc3e9cb711ea1ad27468a1fd755e54ecb38cef956d1b232c6ee87d2178db9923140ba2cde285f6b1b730d82f1928674af7220b600ef5c593e99ee3f18c8f8ed00b20ca54e644d57241ba470ceac7783adfdc85a23f45a49122f1bfbb454c0064aa5bafa0db011ebd1612f93be6e0125c617f1e0bb2b11c8ec66d63644c033a282c83be3bbc42e12108fc0ea5e84b81ee2c69f519a087560d9082b848beecfd3be3b2e7fb9a957e7a7fac81928609e29a42d0609ab69232754be4809ae39dae6af26414fb532455f10a530e232136245bee86c282088a8ef9c1725bf998aab3dae71c7b40d5ac5f2138a74785cc38e2dfada101358d18254496f1cfca93979ab88bfe62dc28cdf0a15a68f23140050e7923cd1da68c0ff331f25d474630ccdd9556fa3e5824449e12b0ae3fa6933e00428c6c2bffebfa661d91bc93b39b4b02568c30510ff3cf59cc611e6b89014257a7a9cafa75b42c2d2302cd72d4a23108b5ba527808b9da32f9783d5487003dee98026119c8e90dbaea0dbbc31c329668778c1b15e4899c321b4bf7c9d2c80ef275cb42519c7cf47d2bfa0c2527cdc9d325407821e99fdcc07099733df5ea664de8c484fcd545db181783f78fd072b98db78985bf27c59b1160a60153b2d5f635d30e9a0000dcbd8604aa64d3c1aba9e32cb0cb239a8b8f01dfb7c00cd6bcbd533877dd51e266b93b8714fe3a447fcfa4d1d2b4ccb49004284b0bcbb9e13592863c27aea32d4939520e0341175b465d9fb0ebe0f12784f0082327cf1d8306d176d25141a5ab3048d1e69ff2a0884d2357f15cbb67a62fbb9e39c033d8f1e873305bb38f33595724c52807182e773185f713d636720c6fdf0ea19ba4baf832f72dbc42a9e7e523dcf6a1d1f55edd629950f293b53efc5edfcf722ad5daec34a9e16fa9878b24ea4f202baa3fe9566256eefda695a737e15276bee641191fef3604b301c62a613f446df362492e7331facae8346435c7d654882e3a8d3366c09505ef26a78161d8e219d7ce19659fc6001e5266bcc5bc53cdee8f00b91abc1d3d880f86a5d4d421d19ca2626008cbb3a9e946eb6fd8fc87d533bb239680b04e5269f7a2335f8356c279743f8c56ad8ed40d78a04ca9f651af2a6c61117448817ab98e37ae72f9a203f9c99573c8a62dbabc5deedc827b478f7a0a8de7787cb13ff305926df0f4be4500353b900e6c89733bbc4a166b6c2757c61f90f9496e8c300f1ae0f3ed0e1c5310f0fee2eaebc5009c74b680f20c39b1efb740119bf20b62ebed6ecfa51af6b4fd512ece99662736f07d900a978ee4440b913a15c8eaa8c9fe88c8911b5b540e85798c6925bb40e7fbbf0579ded43b723de630c6d02ea12082dd595e3d1ed5913e85da0d99660d391c820a4c9c0afe1afd65df97ec2d9eb885e9a4b85942b0c0e9d88b25d0d885f062c887b89f64b0e24226159055f321f182bddbe8351ec79ffcc7a2a3770369cc19e38d616b152e68232f75834f3c93c4b71c12a04d76b3d7a3d4c134e32fe264a76a596b38fe88a3e3a189924a755380f3343b40cee93473169f08b82bf83c6601d5ca6f2280f8e6900bf0f581340f1fbf536aed43a4a58965d960a8449fcc2be0eb0be21b620e148638c01c65e1cd3be2edc65c2c22550ba88fb9f099e91563644898d665d4c684fecd9507b081e96782b3fcd363fea3a96c12a9689cfa709fedd4bf4a9d8b3a62b0112e376158b26ea44e58ed6f02b132141fdb8f9432c802232682885a8bfea503596bb4e9de1fee98b6199561765a2e3697a5c8ee4e847db62c8f4be03a95278fd0199435b01e8aa3649ea219dea92ee5b46f441397edfce9c72201b00b635fce2744d61a37987fbb308b1ed343f7384ff138eb23054cb2171dd8e86c91349266a48ddbf0f06d6a743e102e3f5ad015465601826dfe2f4cd7ee94044d56be682e3a2589787a5a966db40919e27943726adf98479310181c985f9004e3a553cfe5c6fae4e0d61a75ba28897eebbd75f7de1bbc98b293ac8999d1ca48d773b1df162667226d5b191868f6a689cb2419d6ba2a5da37449f51523dcda683f8b4679c90d1bf2c7193a7fbacec89c48a9de4b53bf04192326694ee35acf5af998c490e964217781afa5a3ef91f637934140ebf63218052b1105005c28b0a11455ca55bf70bd6ea3970882f67ecdaaa744491a910c393f5f86a80a49b8ee7d865550e705268b3f62c4c870ca33155f10959c91e5a834ee4c1760a501c57d2729d15ee4ae2f892508b1bdc2abcbd6322b1d622e6ae1da6eb486e0c032fbf6bf92e04d123b6be667758fffa1faa3d6c92304e6bb2fd0edac9cd2466479eb15742f00e16691e052e78436d4cf38ab0fed7b977cf7a4a70bde04c34ac1e00383c27d646169a967bdf70e1614afbdc52289320bf6c86e1ede932aa9c11aee2365c90ab41ab9e2bb2feee78359b4788eca1e1cd514ac5339a5608293452b5ac6a0d40e46ce648423cb69faf0624c3ca9b6fb8d5ea46d209364bb50a71309fc88686c0c69d63fa99b39d887048897c4590c149fc7ff367858d94a691436e657b5c96b25d1a6f93bbf43aa9801f54c5892a64d70378764f6d0a61f723ac6eb975ccb6fdb0f3aaffb516d2ebc5c05f96b1b5aee9d73ff958c43e877739d3f73ff3b17c66cc044f1fe8486002ec3119434c19e108e4c1f32d6aaa00a000"], 0x13a4}, 0x1, 0x0, 0x0, 0x400c080}, 0x4004050)

7.496823811s ago: executing program 2 (id=1507):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2123, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000000000001"], 0x40}, 0x4008000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000640)={'erspan0\x00', &(0x7f0000000840)={'erspan0\x00', <r3=>0x0, 0x8000, 0x20, 0x6, 0x10001, {{0x31, 0x4, 0x2, 0x21, 0xc4, 0x66, 0x0, 0xcb, 0x2f, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0xc, 0xd4, 0x3, 0xa, [{@dev={0xac, 0x14, 0x14, 0x28}, 0x1}]}, @timestamp_prespec={0x44, 0x34, 0xfe, 0x3, 0x3, [{@rand_addr=0x64010100, 0xe}, {@remote}, {@private=0xa010100, 0x4}, {@local, 0x1}, {@multicast1, 0x2f38}, {@broadcast, 0xfffffff5}]}, @timestamp={0x44, 0x2c, 0x24, 0x0, 0x8, [0x5, 0x4, 0x5, 0x5, 0x3, 0x1, 0x3, 0x2, 0x4, 0x3]}, @end, @cipso={0x86, 0x2e, 0x0, [{0x1, 0x11, "a72b8ec946443a34a47dce2ca81083"}, {0x6, 0x3, '9'}, {0x6, 0xd, "5ccdf24933f29a5a7dbb31"}, {0x7, 0x7, "958e4187c3"}]}, @ssrr={0x89, 0x13, 0xd9, [@broadcast, @loopback, @private=0xa010101, @local]}]}}}}})
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000740)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r3, @ANYRES32, @ANYBLOB='\x00', @ANYRES32, @ANYRES32=r4, @ANYBLOB, @ANYRES64=0x0], 0x20)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r5, &(0x7f0000000580)='1\x00', 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000180)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r6}, 0x4)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000008f000000000000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70200005672a12c5b6e034900e240c4d7e114000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001d7a030000000000bf91000000000000b7020000020000008500000085001700b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x9}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2b}, 0x94)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086d040ec20000000000010902"], 0x0)
r8 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r9=>0x0, &(0x7f0000000100)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000009c0)=@IORING_OP_STATX={0x15, 0x15, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x20, 0x4000, 0x0, {0x0, r11}})
r12 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
r13 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r13, &(0x7f0000000240)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0xfffffffe, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}}, 0x24)
ioctl$I2C_SMBUS(r12, 0x720, &(0x7f00000000c0)={0x0, 0x0, 0x5, &(0x7f0000000000)={0x21, "a3dd982d0ba2d984c335f78f76704978a2f62f39d29c31372205cd39c53f80d4be"}})
io_uring_enter(r8, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r14 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_QUERYMENU(r14, 0xc02c5625, &(0x7f0000000040)={0x98f904, 0x0, @name="d822ae766e0e986f1f4d8818dab67f44be3825474f87ff32744b52cda2cfa4a7"})
write$sysctl(r5, &(0x7f0000000000)='2\x00', 0x2)

7.43407304s ago: executing program 0 (id=1508):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={0x0, r2, r2}, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)

7.289864449s ago: executing program 4 (id=1509):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x5, &(0x7f0000000080)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x24}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])

6.519080237s ago: executing program 4 (id=1510):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0xb7e2, @none, 0x76, 0x2}, 0xe)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x8, 0x40007e, &(0x7f0000000600)="1a0000000b0000006af2302a51037bd236a4721354be22ecc49ca6ba1ea0d36b7b762fbe166200574e216367029eb70431e50d7cbf98e5e2c70f74d48ddca9c73f11771721b45ddcf0d986b6576538397869b8241355204be5bb78bab82beecb8f190dd87115438c00a520bf20ab74152650c3d45e4ace78e7b52466d61198e0be033c7204", 0x85)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={0x0, 0x18c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1900000004000000040000000900000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000005070e60627d67af1c53f7c432517ad3a66f284575a5bc2c32b1c9bd8178d2068d8eddb4954afd3b1e66655366824753859095115e34d1eae7ed708fba5083a684a41087402a1ba3c28571a79f08315d5fe3467a5a147c88a59312876901feefa4d1831c811fc9d98f63ca0df4580ba9670b2ccad979e94748c2ee65402daec5bf737d3b935c2a8ec8f3de5fd50b466aaba7e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000240)={r4})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000580)=0x90, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000040000000240000002400000002000900000000000100008b040000000000000002000000000000010000000000000006020002000000"], 0x0, 0x3e}, 0x20)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="01012cbd7000fcdbdf250300000008000b"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)

6.476439362s ago: executing program 3 (id=1511):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
r1 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x6, &(0x7f0000000140)={0x21, {{0x29, 0x3, 0x2000000, @empty, 0x8000005}}}, 0xefd1081208756ae9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x1)

5.987751903s ago: executing program 4 (id=1512):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0xb7e2, @none, 0x76, 0x2}, 0xe)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x8, 0x40007e, &(0x7f0000000600)="1a0000000b0000006af2302a51037bd236a4721354be22ecc49ca6ba1ea0d36b7b762fbe166200574e216367029eb70431e50d7cbf98e5e2c70f74d48ddca9c73f11771721b45ddcf0d986b6576538397869b8241355204be5bb78bab82beecb8f190dd87115438c00a520bf20ab74152650c3d45e4ace78e7b52466d61198e0be033c7204", 0x85)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={0x0, 0x18c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1900000004000000040000000900000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000005070e60627d67af1c53f7c432517ad3a66f284575a5bc2c32b1c9bd8178d2068d8eddb4954afd3b1e66655366824753859095115e34d1eae7ed708fba5083a684a41087402a1ba3c28571a79f08315d5fe3467a5a147c88a59312876901feefa4d1831c811fc9d98f63ca0df4580ba9670b2ccad979e94748c2ee65402daec5bf737d3b935c2a8ec8f3de5fd50b466aaba7e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000240)={r3})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r4, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000580)=0x90, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000040000000240000002400000002000900000000000100008b040000000000000002000000000000010000000000000006020002000000"], 0x0, 0x3e}, 0x20)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x4)

5.516995543s ago: executing program 3 (id=1513):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000561ced00"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@gettaction={0x14, 0x32, 0x605, 0x70bd25, 0x25dfdbfd}, 0x14}}, 0x8080)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r2, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="1400000000000000100100000d00000001000000000000201400000000000000100100000200000000000019"], 0x30}, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000300), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={<r7=>0xffffffffffffffff})
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f00000004c0)={0x1, <r8=>r3, 'id0\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r9=>0xffffffffffffffff})
sendmsg$NBD_CMD_RECONFIGURE(r5, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="06082cbd7000fddbdf25030000000c000400e30000000000000008000a002929292d340007800c00018008000100", @ANYRES32=r7, @ANYBLOB="0c00018008000100", @ANYRES32=r8, @ANYBLOB="18000180080001002fe752b073f5d2da03f952071ac4a68d8f67d4f156b347e871d6fef5568ff2e784e23a8405f477a9710c49c1230f7280393ca94fccb0a84e05e5d5e70253cc65642622be", @ANYRES32=r9, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB], 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x60008890)
ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7)
r10 = socket$packet(0x11, 0x3, 0x300)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r12 = socket$l2tp(0x2, 0x2, 0x73)
connect$inet(r12, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10)
ioctl$VHOST_SET_OWNER(r11, 0xaf01, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a1d8ff20f20c50624246030203010902240001000410000904361002c703e80809050602ff03000000090582020800000000"], 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f00000003c0)="5d7908b9d8a08caba4fc05421aab8ccc1d22be865f2bac803112b5a01dc6fffad9e070111b0ae6bc73d846527b87704c59096980f0a0cd6e3665e9cde9d7ee6603bd1a0ae062f0df7d48ed55eb01f9e1a56b776a162f4c62dad5789cc0b0d934a5f4cb49cf5a97527cd805ccb9016283afc3fc21186d56ce1d8796c9fce15fffa21862a0abdfc0661adc28cb96cd4f8405675324c8a6cfcb5c2d4af4256e2c5cf15674c20b3d3366770254582c93258b9bdff0142bbea165aa5c7c81bda7446f5f", 0xc1}], 0x1)
r13 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
r14 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r13, r14, r14}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={'sha1-generic\x00'}})
ioctl$VHOST_SET_VRING_ADDR(r11, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000000)=""/24, 0x0, 0x5000})
ioctl$VHOST_SET_MEM_TABLE(r11, 0x4008af03, &(0x7f00000002c0))
r15 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00')
dup3(r10, r15, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r11, 0x4008af30, &(0x7f00000000c0)={0x0, r15})

4.993896716s ago: executing program 1 (id=1514):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x28, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000340)=ANY=[], 0x18)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000000), 0x4)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)
r2 = syz_open_dev$sndctrl(&(0x7f0000000400), 0x0, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev}}, 0x1e)
openat(0xffffffffffffff9c, 0x0, 0x80101, 0x18)
connect$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r4, &(0x7f00000002c0)=ANY=[], 0x13)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000000)={{0x0, 0x0, 0x81, 0xfffffffe, 'syz0\x00', 0x5}, 0x3, 0x20, 0x5, 0x0, 0x1, 0x8, 'syz1\x00', &(0x7f0000000140)=[':#,\x00'], 0x4})
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000340)={0x1f, 0x406, @any, 0x0, 0x1}, 0x1a)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)

4.950619484s ago: executing program 0 (id=1515):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)

4.915680678s ago: executing program 4 (id=1516):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
accept4(r1, &(0x7f00000001c0)=@un=@abs, &(0x7f0000000340)=0x80, 0x800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000000)={r3, 0xffffffffffffffff, 0x24, 0x7, @val=@uprobe_multi={&(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x8, 0x0, 0x1}}, 0x40)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000e40), 0x40040, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
socket$unix(0x1, 0xc17a9ab45fe0440f, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40880}, 0x24000800)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@local, @remote, @void, {@llc={0x8864, {@snap={0x0, 0x0, '~', "3fab95", 0x892f}}}}}, 0x0)
ppoll(&(0x7f0000000040)=[{r4, 0x8080}], 0x1, 0x0, 0x0, 0x0)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001d00)=ANY=[@ANYBLOB="a41300003e0007010000000000400000047c00000400fc800c0001800600df00800a0000140007000000000000000000000000000000a605ffc4e038d20a76e6e6e711b5978aea893d56487c8c3900fba73f575ab4bcad3ba62e718e71f35b0bdab4e47a9947be913176854bef8421d7137df166d740a93e8a3eebaefa672b2ecdff5adab0cad8077a1ecb757cc8c06dec7226f94a43c8b36a98cd5cac9b2485567a36fa258e2e5c411f3f7e5025dbb38a33f7d961ad673a44eb6b26c2c4f38500d7cbb7224e138f08002d00", @ANYRES16=r0, @ANYBLOB="d40137801000568008000f005200000004001e80040085006001db48f0b5dc53f6af2e17b947fd96d5a1dcbb2032dc7390286f749f5a265b10fb28815307e65d60b0f02367bd6bee5bdb230d3497677fd1022dc614449032bdf87ea9a0c928b706d3fff8405680a176006250a1d20383b313536d8d6ceef204e1ac0f494e410280e4fafa3c77802b96e8095c41088454e234a77ff865f520bda0f5f52f4bff16aa355904fece2a2c701c59f21962dc49ab93237efb376b75eac9e78fac1d728d54fc627d131e0b9b5b6fccfdd8a87fc7bcc8135f0d1492cd981f349abbddd14b21725cd04db1058967564e2a557e9acd90f00f16630f47fb20482ca2fe88e91fffaafaec7648fdb3deae651de5d8edbcee94b69bb07f328579558c3fc8badc8b13c8bd5672c225aadf7ab4ea09fb9b26ffe9e5460b5e841c10c3e07cd646f64d108264287c9f2e41494270f62152b485bb9bd1ac6b3d29ef8b07ca910a88b0a1f8b3596a86c9488c1dbf9b13cba79e4388832d7c62ea079ad4305253128fccaf152f433de9c43fea3c1be542855d36e65374462e2977d2afaa4bd317b584d9b0430f43e87e0bd59424d52e1165118aca38ba25dccd00d06500f5013843557f49874d0c6534ec8649c21ae51654410edf852c100ab3e19e0f7b7cc0692f514595b1dc90b0c491ca586d48654b4d274b6f7e43551f1a50509e8b826493167dacb75ecc0f8fbed01836c8eb029d3ac32830cce723dbefff031c32d4d79b7bfaaea1bf52d52fc8e51d96fdff074150293a8470d75303ecef74d58425e2675897b02b2feff9fe2141883adb360a4fa734e1e8636ad08fd4222f2dc91844e9c7030bc8e0da799fc2df5e28e7f3f2dba8397c5d21669bf7c00931223802630906a073eae128c29ac649eb13bafe641c837845ba0539393f1d510420205042d0ab83fc876c0f150e8a727fdafe634d870d9184837cf17eeb68d8d945ea12bfb30d21356884fb16c62221bcc7f3467d0db52d2ed1792e0812ee3b18a95f055f716214266e0115ea2beb048e07fbcca5ff74906e210e687bfa61e8df6cb8d1a638679b1aaa0edbd32e2a585c7b52645ea6bf26df6ff07bfe6290db2a23cfdefa6f1e83fe958a713dd80d84eb5cffe2b7cb8226da3ff9bbcf53aa577c06019ffdcb0d6631f64f544efdcf2a92e5d1a056d4074f1ab5e102d41a5671b5a863be7564f6bda4d15fa6f4fa8c634f3a1120b7fb8ca3eed9e8a7a7a809401da86b6b2229c5b856a10d426e08056ca2c97db77fad91b6170f3c29d58b770b25387fb237140d7e4b0d93693aefc26ae1a21082929781ca6c4706a2ac6db2e0ab2441575cc662c2b9d390034bf7d750be07a911ea0f9227f5c2345013c0dd4cac0ab689527c5660c1514f74657388d904ff390b22d2feb61188ec1533f5c746735b04d37524c7315882801c7c0d9fdfaeb49a895c9681ff60d377a7fb08c8e5362ec673d6ba770dd8e5f857d24c8de55ac5f05fcf0a8682924691abb9697b0b0cd57cff8db1b7f86ed8f3d86934708f2f6ac2f033b367bde6637cc9aadb3d98e56f71e469132b79123f60c17c88045f6d50ce62a85bab021b29ed6f69d47762a9468822a21b2409421c1a31e9189e2b93d22d2607f4d531f58091984938990ff4526b756bd81718805f9c59e8719f42b2c37b083564906f6853a7679a8d43d5faae5225b1d5d46a8eac3243be91b0373de1af039c431ad708e8fd08d5faa12224d5bd2deb9a52a26ade413f25a7e5b37bbe6fc8131cb510869e1f5045cb737eda3d438e8b6c594cc276bdd99b7cb8e22b89af46e255aaf342636782d30f2cb1938f53aa05d857ea2eb1180d58d79878aaa51e66818ce7a5de5113006ac088a58eb9ca50d1311eacf1935b7bd6a46d0a1207a121fe0242261a7c416ed2ca1d50fbe83b69289a4e8167f43f4ff7d433991337d3cf8b293a0ae802bb5e230c632f823c2fc9d2c7deaa98a69a2b47775962bfa8293fed2441fe483cd8e985946f1b3195722af1145a062744d4e09519632cf5c6f3c249732831cd616170733fe254ea1582f16d2c223541c7f99b6226f0930f0bce09213e79c2447753daecc7d2cee0a84cd22c62fc7078162a6b10da6744eca18d3dda7c516ab1a70717cb9cb30becfa70a6dc209a011e19075a4008355520ebbfd5250c36c694c91969474e5d63066de00c0d451764c7d266b37aaa5febb93ca13db997004cad62012bce36244582602e70e3d7eca9f72ec67873f39a8da5c7c5ed22d0e82f35dda88e709debe06517db1646c6339aa89b99bd7c71aacb0496719800aa9aaf55de9b3b57c0ba6ac8d9aaaa89023612efe05a8dabb1f2bef5739cffd3594a71f029525494c28265383ba7b6f1a51db0d73c14411ef5249f86f485a5de58d1406aa40e7ebbd2b1499b66aa5cd575ec3a712e23ddf9789e50a5b9782a4d182f3e5f2f376370da899ad9982e70244547bcdf5ea93df28af366a00ecf54c60193f1f10aae74a4aaea5b975717f916f295d2c94d00f0886bdf65ce6703a60b6d900354c581a2e784dd2f04731171abfa77c573c70cd7fbf7859b45b5707d50271c204cc4da3cae1ccd83c0766a8cd80c3a6b2befa227d3b4eaa003f228418c98e87347177f0b44e77274cae95650597c1caaa6f2b7440b287f176a145ebe6bf0b976fe101d6ccca8223e5b584177715794c9606decf413f039640fe6402c3671a8156303e0c54e33578177bfc46e31f2053b054ba428f901cc946dd95ca6b833cc372d18abe60c3b462087c15dae402cda3835aaf30552ef6cc4806e363585107fd43d2d8c47ea5da7218cd5834bf22cc3c7e4f95a7edac93d484302d81b95664490f8b8482ed262a625fb1339c1682107bb36c5ea448e07d6e0218b19616c3e2463342bbe732f6bc0c97b505970d22da3d2cb4e61e4c9d817ed3bd27c32b024bcbc3cc7a1f89fcec5664491889cdf4c9895367730eb171560b9254eb444082976eb1233066ec486bfd69b749905622799068d4f71c013793d93608abf7b5d8f43b174bf5cfe93688c86844b216b038355814865c497172c93db7bfc95fa0f71a4422b6299ba2b3836bcc43e562303231aa0442a7c54b9e8c0fc483dade73e19213b19aed915c6e4e232ac49f0a26cecce75d2c6d62858b7074bb6f9595d58dadb3017d0e54bc60c59349e2b19c038bc226fb597bb37f8dc1b9c9529d457a43c9db3f1374eee415c2f7583ebb9c9c1b2161bcc0cfa6724f6022c1981b8171a3962715f4543a6163f507246cce7efd6587996915709b7eccebb6682f47ba689026c020202b1d2be5273f1856943a177f8e19c1be50594839234667513e64e9e723d899fe5ecd4950171f8113c48ca379efb403912238fdaa3ec8d3e9e1aa473f32aeecc0ff15944f1a9410671fc6a75d554b678809657f61903d13cf5c871921fa4a24623a173b3e4af5452e5886e0749dccf31ce8a6d6e15d839aeed80e3bcec9661b7c336c03c2b5d8be69f8e06645ac3c72dd1f3e53d46fb4c470a085c932662cc86ef32a3d07bf662a3f770cab4eda33c9e04c5f93bff70691ade574f31e1d28673955d096a4f5d935c5a970549aa78a3ff955f47f00ef19d4fe09171fd8ee9443478f306a36a1689ee772ff944f472971c534a96958204d1e17d026dff562db6c31d9ef31493ef483b053f6dd24dc951fc5d818c9bfc9ab6f45e85d808bc88d9546314d7f72ab83079aed44e70a52d744e8a297adb6ce193832b9db4095b012f6bf78652fb9a6c67dd980fecd216c6f63c2ef3ba325cdee41482a3ac8f3291917e19793625bc7f4762c491a8bd2bb4da1a760fb889149ed4a3072a91977d35ee02373d4ef32dec73ad47f3e30b56f324b12983493979bebd15a51aeb96a70c37878acf864dc9cc809868750bdfe9a7ab324b874acf6457715e39f27f3c592fcf9f37bef03172bb35a771025b724c8216b0efea16f22a4ca6d00941d61f6ae59151d9aa262cd3409de73f83fe5dcc03bb0a0aa04cbeaab6cd8248d587d41f258a68019e11a2efb7a3fdfa3d3b2a22c5e34e7e5596d02f2f8572105de4aa7001ba884a4cc3e9cb711ea1ad27468a1fd755e54ecb38cef956d1b232c6ee87d2178db9923140ba2cde285f6b1b730d82f1928674af7220b600ef5c593e99ee3f18c8f8ed00b20ca54e644d57241ba470ceac7783adfdc85a23f45a49122f1bfbb454c0064aa5bafa0db011ebd1612f93be6e0125c617f1e0bb2b11c8ec66d63644c033a282c83be3bbc42e12108fc0ea5e84b81ee2c69f519a087560d9082b848beecfd3be3b2e7fb9a957e7a7fac81928609e29a42d0609ab69232754be4809ae39dae6af26414fb532455f10a530e232136245bee86c282088a8ef9c1725bf998aab3dae71c7b40d5ac5f2138a74785cc38e2dfada101358d18254496f1cfca93979ab88bfe62dc28cdf0a15a68f23140050e7923cd1da68c0ff331f25d474630ccdd9556fa3e5824449e12b0ae3fa6933e00428c6c2bffebfa661d91bc93b39b4b02568c30510ff3cf59cc611e6b89014257a7a9cafa75b42c2d2302cd72d4a23108b5ba527808b9da32f9783d5487003dee98026119c8e90dbaea0dbbc31c329668778c1b15e4899c321b4bf7c9d2c80ef275cb42519c7cf47d2bfa0c2527cdc9d325407821e99fdcc07099733df5ea664de8c484fcd545db181783f78fd072b98db78985bf27c59b1160a60153b2d5f635d30e9a0000dcbd8604aa64d3c1aba9e32cb0cb239a8b8f01dfb7c00cd6bcbd533877dd51e266b93b8714fe3a447fcfa4d1d2b4ccb49004284b0bcbb9e13592863c27aea32d4939520e0341175b465d9fb0ebe0f12784f0082327cf1d8306d176d25141a5ab3048d1e69ff2a0884d2357f15cbb67a62fbb9e39c033d8f1e873305bb38f33595724c52807182e773185f713d636720c6fdf0ea19ba4baf832f72dbc42a9e7e523dcf6a1d1f55edd629950f293b53efc5edfcf722ad5daec34a9e16fa9878b24ea4f202baa3fe9566256eefda695a737e15276bee641191fef3604b301c62a613f446df362492e7331facae8346435c7d654882e3a8d3366c09505ef26a78161d8e219d7ce19659fc6001e5266bcc5bc53cdee8f00b91abc1d3d880f86a5d4d421d19ca2626008cbb3a9e946eb6fd8fc87d533bb239680b04e5269f7a2335f8356c279743f8c56ad8ed40d78a04ca9f651af2a6c61117448817ab98e37ae72f9a203f9c99573c8a62dbabc5deedc827b478f7a0a8de7787cb13ff305926df0f4be4500353b900e6c89733bbc4a166b6c2757c61f90f9496e8c300f1ae0f3ed0e1c5310f0fee2eaebc5009c74b680f20c39b1efb740119bf20b62ebed6ecfa51af6b4fd512ece99662736f07d900a978ee4440b913a15c8eaa8c9fe88c8911b5b540e85798c6925bb40e7fbbf0579ded43b723de630c6d02ea12082dd595e3d1ed5913e85da0d99660d391c820a4c9c0afe1afd65df97ec2d9eb885e9a4b85942b0c0e9d88b25d0d885f062c887b89f64b0e24226159055f321f182bddbe8351ec79ffcc7a2a3770369cc19e38d616b152e68232f75834f3c93c4b71c12a04d76b3d7a3d4c134e32fe264a76a596b38fe88a3e3a189924a755380f3343b40cee93473169f08b82bf83c6601d5ca6f2280f8e6900bf0f581340f1fbf536aed43a4a58965d960a8449fcc2be0eb0be21b620e148638c01c65e1cd3be2edc65c2c22550ba88fb9f099e91563644898d665d4c684fecd9507b081e96782b3fcd363fea3a96c12a9689cfa709fedd4bf4a9d8b3a62b0112e376158b26ea44e58ed6f02b132141fdb8f9432c802232682885a8bfea503596bb4e9de1fee98b6199561765a2e3697a5c8ee4e847db62c8f4be03a95278fd0199435b01e8aa3649ea219dea92ee5b46f441397edfce9c72201b00b635fce2744d61a37987fbb308b1ed343f7384ff138eb23054cb2171dd8e86c91349266a48ddbf0f06d6a743e102e3f5ad015465601826dfe2f4cd7ee94044d56be682e3a2589787a5a966db40919e27943726adf98479310181c985f9004e3a553cfe5c6fae4e0d61a75ba28897eebbd75f7de1bbc98b293ac8999d1ca48d773b1df162667226d5b191868f6a689cb2419d6ba2a5da37449f51523dcda683f8b4679c90d1bf2c7193a7fbacec89c48a9de4b53bf04192326694ee35acf5af998c490e964217781afa5a3ef91f637934140ebf63218052b1105005c28b0a11455ca55bf70bd6ea3970882f67ecdaaa744491a910c393f5f86a80a49b8ee7d865550e705268b3f62c4c870ca33155f10959c91e5a834ee4c1760a501c57d2729d15ee4ae2f892508b1bdc2abcbd6322b1d622e6ae1da6eb486e0c032fbf6bf92e04d123b6be667758fffa1faa3d6c92304e6bb2fd0edac9cd2466479eb15742f00e16691e052e78436d4cf38ab0fed7b977cf7a4a70bde04c34ac1e00383c27d646169a967bdf70e1614afbdc52289320bf6c86e1ede932aa9c11aee2365c90ab41ab9e2bb2feee78359b4788eca1e1cd514ac5339a5608293452b5ac6a0d40e46ce648423cb69faf0624c3ca9b6fb8d5ea46d209364bb50a71309fc88686c0c69d63fa99b39d887048897c4590c149fc7ff367858d94a691436e657b5c96b25d1a6f93bbf43aa9801f54c5892a64d70378764f6d0a61f723ac6eb975ccb6fdb0f3aaffb516d2ebc5c05f96b1b5aee9d73ff958c43e877739d3f73ff3b17c66cc044f1fe8486002ec3119434c19e108e4c1f32d6aaa00a000"], 0x13a4}, 0x1, 0x0, 0x0, 0x400c080}, 0x4004050)

4.050030839s ago: executing program 1 (id=1517):
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket(0x2b, 0x80801, 0x1)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x4000010)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'dummy0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0) (fail_nth: 3)

3.911777744s ago: executing program 2 (id=1518):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
read$FUSE(0xffffffffffffffff, &(0x7f0000000900)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
ptrace$ARCH_MAP_VDSO_64(0x1e, r3, 0x4, 0x2003)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="90000000210008002cbd7000fedbdf250a108003020000080100010014000100000000000000000000000000af3f11d0da0000000108000e00051600001400010000000000000000000000ffffac1414aa14000100fe8000000036680000000000000000bb08000400030000001400f5470100fe8800000000000000000000000001011400110070696d72656700"/151], 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_open_dev$dri(&(0x7f0000000380), 0x1ff, 0x80800)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f0000000340)=[{&(0x7f0000002940)="6e5d9b889fe0680a3302907a3c98c6ca73f360de19337b6ff6f4a3430b087bff951d4a26d3b7da425a6a542a34cb9b66107f3b8f5ee5753b46792f795657342f9791917dafa12fd3e583231696d566383797a61b5eefc3c0339f585721af444f7b18d59e74255959777181fec61ef11355b8fdf45f1c0a30a8a912297df35d4e175efd4c7ecc183d2f8bd6cf563442eec233edf91a5cdef2b0a10fd9e999ec7dad7e311e396e813ec1d7535eacbb03846fb0dffe6a5d81ed9d776880543a0ffc021e01d9a5feffba8291da0d14ae2eceac910e686b29adae9665822e0f69ad8f02b16a2610cc3c360f4f16f61aefea0070aa2b5bec1b06c036ba53c2ba7d9e020287c929548c3a0d36782428a4d7dad9474601d6264ce0b7179ebb897cafeba8dfdacbab88e14a1a5a0d9e2c0455c3fda0ce5d32f995186769be9081747b42d401c1a0cd7d43de0925e16d48ef823953dffdeb2e8617375fb75a729bf362e95b37dd931f1ae2ad685367b85701a1f284b9b5d33d9d17a0f854e5b55815ddbf44aaf6ece0a50190f57686ec41f54a4ebdc7c8bf4478fb9cf96c222db4fcac71399b1f9468ca329af4bb8c4f7286665e81c1051bbb18f8fde07cc033d9838c654a3323c5b51c1317db28fe23695a30dc95f86e3345ce3e39329f3aecc2303399773b97e3133d2d49ce1810cdb276dd81a8c8a424347d9eee9e6e2bd5603d561c143d56a337a443a23048deee4c845bef3441b34e8a708ac6bd524328643a74b1fd3d3927cfa8a8b8e1650de5e5cc0e7b9aa0d68244f8aa0b01dc8d69266bd4da33e0aa5388340acf6fdfa0fefca4f1005e435953e872c95f50766d34a6876996a7b07a858b0eee226b6148d4af33ba2d5c4e97bbac529551a35cf6abc35f7ca187a204dca7f4775afa62a90fe923b043d0c3e6864ac61a3dd66ea6ff4298297ae54e59466ee6a8ce817c8f38c38a63e5a8d1413af3578df2cd9414e47021cbb5da9997a38fe072527452febff9f8749fba03311824d22644bf853b27a15cb77ff4f3f6bab112e77b68be750942f672225caa2991fd701b1ff97028e9b64b625a2e27fac35da2fedcaf76c18a811c41db8cc51d550e9426303fa8b15e43879457f252428df4887044484e2c503c1368435e8f4ba192f955574e47e73bf54f7a9e7e4c0afd921135e01b51f384841555d54bde0c0640a33bcb06293362b97942f302e50c82a774add795c99a96d87e6142deeeb150acd7eea639091dd2515e1f620c371a42438e9db0abb1fb22b018227a4155ff36d53d0ddfc3b8f32b83656584459263b3048ea42462b7dceeeec5d27c59e23a87cc861d0786dbee2b2c2673be1c85656155d504f646354c6be512134f6f8f6dd441a7806aa7590756d4d7b8b84ab1f011bd26621bbb46717d1cecab7547bcb33b33adafe0e88beb2a06ef67abbd7c3f915c2f0a10db86c09a701daae41c3342b6dc56a0df5970aa9b0d0e818c0faf8ad27221ab02593dcc1ab8736329506086885c32c1a3e4833aee816fade07ff6725fdebf42246f5e1499b2d2d0236722713f7b31ffd34f462753c1da316a12a28243ab83466b13e51780e714697735b63496f3323b6a29d9f1fed04d305f7f171581f9548fd00b46ee029f5fdaba02e3b95f3bee9a9e8d391a218e84f3565aeba9886be00d7cbf64b7efcf7565c3c89ee54b26ceedf49acfeb8275575b7a2cd368c595baa88869cfb09d5fe753d00db44112b3eb26a8523ce010cb61b39bf2736c15c9b9017bcc5069f07a851a887b30373ad7d763388a6146b315466690c4a0032121db7b305c78c4afb469d4107dfeb732e9e922d8a5f06a30bc3bd3847db3d7d2964ea815315730a39482ad3b8f40c7afa498656b8795656d7770f3571d461a389b43ad2a61598c7ce5f3910a8ba98770cffadf3c949748cbe5152cff4b62e6cee17a0eaf4a11d0a97002b5bd2f2ff790d7d1b48514c4445a077b6c5bc97844281f637784b956292d1239918eeecbb9a87a4eacde18f282e35219fe59070de14c7070cfb5f080bd9e37e4593e3467f2ea2ca6ab13a6f2c77069126868a9d4218dc0d4a583bd3565c400d79a3968de24149d8460e29286a101fc7f49600727f685a0519cd2594d5f9029eedbf5f1f1aa4152d698c533bf7cec56df0a601adfe43cc97cfbc5f066503478e7c2bf73fe28cfa83fe3020c4ba3f0d52828f096e2600c08eee0680df15c4f42d08b4214eb88187a17b84f6f38ae047a4c3bf7ed7f5285d507b420b2f813825a22e63b14d0814de54a2496b54c83936b4d9f4e86ca3ae3a0da0bbbc25432b8e88ff949328d18c22481596720f4addeb7f18fc46dba0269b183d30ec3e0dffdce6ba5bcbc5001a05ae1065b07f344aa9dbf1a1185612a9867bd721b3d2c8c35b6233d667c784c5c7e70441efb17d47f79694e6ce0b6aa9d6e7212bef9be72ae85d2899e1ede6b14bffc3fcf5cae34361230361a517d601d692d556c2980894061d7394c43c18632733af0290b736fee151c4436e19a7a15215f535729ebaf4c61bba3d2fe002b0b0ab7709694dce9c68cd462ef93dcc4be8950c84cd1bce902d728f935a5d7f414f82f9632a5ed0227b1f66b7db6800051d17b9384a0d829288a95d4b72824ba295d393f3f82f8ab28c8c0b3abdc17f2a329617b800e7afc38fc3f5e1c4d3dfc23cdc3b2b0ab2d85eff4bc1477fd0960af10cd978bbf50984161642d1e053569a70217ef5aa4284e566dc2c3c203d7899ce4080b68b493702a9e2ec9a5ba0cd2fa9347fa07b385f8714ae32288c862472ed68c208f30ccc044822f277e9cd846826e22f726833d187a2af12e531663078b783680f82586dc466fa3bf24e60b26db6c150b6d5eab64db5a60304159250ef7a342efe0a9c912a6d26e5b799ed384a6bccc73f94af05b185fca244da7208debdfaf3b2ecbfaa0ea9d270dcaceb8f16142ea325ad372bde5812188005c9c5d95659401ef80057e2b168deb5c6f61c252286a41c7441cc4800894f5ef960d6084a559fe30a6d32d24108b8026aa04e79ae20d6387ccb16ad1612530f4ffae4a0511ad2cc0a2077cc8bf80fe29628522dbc7c81d06c36e55138d9c5c1a9e57ba3faeb738a253b7aaa87854fdd79284246ee7089ec1b43827dc773d7d4f6ff4f072d49e02bc5be63ee100442c5416e0246cb030f44084deab773511f394389e41f8064131ba07623ae7e5cfadeaa41804626c7f9287ec6a31790589b4448611a48e98df31489aebe11afe97c6acbaa6818c67e861ebf77d498b1021db3b304870f218ce8b6cb7bd9fe1ebe968432c13344de71e7f97ddff30b21bd4415f482ed65a8f98565bda5cb31fbdbb6ecbc2e2ced0d055be0d63eff493485bc3ccf7e977e3b27bc26ab2f469263bac67f4efc1186b3b16ef930c8f99b9f8737b13036ec270ebaa593543b5b442f95a5ad5ccf4c24334a8e0d2ada42f2ebe2afeb5a962d6f4565a4dbddeed97e0a96253853f59811778eef6bb9affe073682bffd9ef85274ed06389ad3cb071241cd55acb8d6c18be36864eaee9e0d5339d15bb295e778f353947bbb3911d1f0cdc6330f8c9a2454410f69cd5e355b8a8aaa891b0c22db5e86a78e7471a5c94cfa8ce2f6e51580b37d592e6e5ce935c2cfd20208e0f01d45818887791b8b8c2cbba379f771377cbde1510f50faad038c9d21a3c7fa6339ead846716a41eb946a056daf9286b6e0942709b05b5073f380d7feefcc7f1d0da7212bf3567d77596c602a3d4629f7c8f33b025750d5b0e0cc8f05ffa0e147cadf71b7645bb8dad7a37e1063d4accf4d0055b1d052da8019b3664815bb671298a27d7359760d82cd045bba9876d166cb5ff5f972192daa26da0759f51e992a0dd2670771e9c8ec723f1fee952a9ded61f0a5b34ea555fa682d2494dca5a79d7712a6c6246f0b666a994b39c3e1daf815256fd564d7f21e730ada8397dce4f84e2f4fb4998ef8d8efd31fca7802435e69c9df0093a9c7f42390b0d251e9e6342cadfd5d84f42cb0d745d702a75366f346d84880cc9fc6f6330f8ddaecbd8165570d22047cbfc72e4b81d998005e197aa950b2c16ee020e50334b2a0a1f7f390ffca221a2e4a0a0e85a36a5459bb76e725c415a74ab2de52001a6e7dddf05aa106fa8013c922dcafbeff7b159a2262149ca95169a0e22babe5f950b23668678a24f609db179e0895b2158f2d24d1d9940fa5a7c9543fa50ccbf18a17f767e578d50677a2102d48644c9a94cdc9341abaa0b183d600a2a2c28811c647afd5618a1470ab4b5692e0b13e97b2da322964e3b1aa5d24c35f494e59567bfb151e8808575a9b14b142b6cb9c7da10fcbebd27d09c5ae2f20433ee6d01665cfc8170a95d356c007ab6764df16655e167f1ab0b7c00016623863923a04011722b54d4aefe69a7cc43c05a198f700d5b0da7957b5c9a81c8bd1cae522b8c62c62b30c70e4c920083135d095fa21fdb1a597971d74546d2350888b233fc145857c5d4aab842cb75cad20564e6a7ebbcdd8755f27c76ee84b8f74b3cfe02c5c211eed9495ac0f74efd2c3e2ddc005eb570054bd1f582e4c0fba366801fc169a047ee9a3eee73b20d1ab2fd1a70e692c2bb76e116fae7c0008cf02e5ee2930cb90947eaa8be59a2268f831b98d7a65f6222a1c4c94ae9a6a228bae21130a64a4dfc885a94c0d863f2db6aad0d21652b5011461f67543585d441d3deefceda593c7962e6505d05f70cd2008f93fa125e0050afa66046c96790a1ebd0151dcfc3afa2abc26a837ca76d64ad143c9fcc35f4adb1490355005567fe19c2e2424a3d1846d9dcf71a5d5095ca61adaa3c505c890a474f66aeabe9830abeafdd4c98ae2d0139f8ddb3a2251caa854a53bfa75a8582cdfc43de26c7538193cf75c7169fc96aa9606c48ed480fcb83f3be20b6205e4217cf71f3f0cb2364ec2f4d7d104c88c08f8484e1f2250662df44076979f80ee6e2a608b14ab50d81c5e0e23a718c7a9f9a7b8c26698fc23d1e1df95ad28bbd13ac6e0cf288eeb8c09ea5d557373c6b8588283c6b9a494454a19a6c6d51ff3c2049a6f4d5ba33e0881e65fdd9e07dccd087c577f5a49c00f644a764339783a5190da391fb691e356cdd2bbcbb7c2ec27a4d05bf018ed31c460b1adb29074af053c54211a69e227aba99a2a9223433f5a6fe99c989caaa07b313452f9b0a244d14059603c8b6b83288cf949c183eb6b9868cb7f9c3e318eafec135fcceb2ed8f95f2e40359b4a38b4031be6df4ffb9cdb0d6a1aa4248cd939742eee8053723fbd6123edbc9e26e11cce83245e9ad19e78a73dedebe86f14f37c2f68ef09ceb67e23a005bc928c45b0eea9178047ed150d4bb8c5e4b7cc07fe08629c68a262d6a02f58df80315ee48b9895a1bfb1f949cacecf5c9cde9d6ece5ffcb82d6b5edac70d15a1dbf505a44e8bb22b92ed6f1462bba87946788c74d928538d5e46ba23943b29ebf5eb6a529f024a38af83f518ced04b661eb9d90adb8877602621bdf51643e1650a8a730fcd6281d4a8173554679ad5a02ea0991fde467a6c30e4e85453cc566eeff0e9febda91021409f4469db0fb55f409c0c38a3317628fae773e07692decfec22b74b9d5ced752cb9262903a575c688001210739546e5e392af4667efad9f6ab98afccad5a24303342506ad4b2095838197838727a936f954637232fd9d98c89a809fb0de69f42279ecaeca0da17b4feef446fe0583e511f5e03541dd0fe6b8513d04213affcf1dd2aef98136261d6e5", 0x1000}], 0x1, &(0x7f0000000480)=[@ip_retopts={{0x34, 0x0, 0x7, {[@noop, @timestamp={0x44, 0x20, 0xa3, 0x0, 0x0, [0x4, 0x401, 0x5, 0xce9, 0x5, 0x51, 0x51775335]}, @end]}}}], 0x38}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0), 0x492492492492627, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r6, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000040)={0x2})
setresuid(0x0, 0x0, 0x0)

3.779175074s ago: executing program 4 (id=1519):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f00000004c0)='./file0\x00', 0x80000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
shutdown(r4, 0x2)
eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, 0x0, &(0x7f0000000480)=""/70, 0x100000})
inotify_add_watch(r1, &(0x7f00000001c0)='./file0\x00', 0x10000110)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000040), 0x4)

3.760501177s ago: executing program 1 (id=1520):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000f40000140000028100000000000000", @ANYRES32, @ANYBLOB='\a\x00\x00@\x00'/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00 \x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x14, 0x6, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x5, '\x00', 0x0, @fallback=0x35}, 0x94)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r5)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000a40)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

3.589952279s ago: executing program 0 (id=1521):
r0 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f00007b1000/0x1000)=nil)
write$smackfs_label(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x80000000000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000003e0007012dbd7000fcdbdf25047c000004006e001c00018006000600800a0000100007"], 0x34}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
unshare(0x22020600)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
r3 = socket(0x2, 0x3, 0xff)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, 0x0, 0x0)
r4 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x3e80, 0x2, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

2.829014729s ago: executing program 1 (id=1522):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0xb7e2, @none, 0x76, 0x2}, 0xe)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x8, 0x40007e, &(0x7f0000000600)="1a0000000b0000006af2302a51037bd236a4721354be22ecc49ca6ba1ea0d36b7b762fbe166200574e216367029eb70431e50d7cbf98e5e2c70f74d48ddca9c73f11771721b45ddcf0d986b6576538397869b8241355204be5bb78bab82beecb8f190dd87115438c00a520bf20ab74152650c3d45e4ace78e7b52466d61198e0be033c7204", 0x85)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={0x0, 0x18c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1900000004000000040000000900000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000005070e60627d67af1c53f7c432517ad3a66f284575a5bc2c32b1c9bd8178d2068d8eddb4954afd3b1e66655366824753859095115e34d1eae7ed708fba5083a684a41087402a1ba3c28571a79f08315d5fe3467a5a147c88a59312876901feefa4d1831c811fc9d98f63ca0df4580ba9670b2ccad979e94748c2ee65402daec5bf737d3b935c2a8ec8f3de5fd50b466aaba7e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000240)={r4})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000580)=0x90, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000040000000240000002400000002000900000000000100008b040000000000000002000000000000010000000000000006020002000000"], 0x0, 0x3e}, 0x20)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="01012cbd7000fcdbdf250300000008000b"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)

1.112829936s ago: executing program 3 (id=1523):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0xb7e2, @none, 0x76, 0x2}, 0xe)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x8, 0x40007e, &(0x7f0000000600)="1a0000000b0000006af2302a51037bd236a4721354be22ecc49ca6ba1ea0d36b7b762fbe166200574e216367029eb70431e50d7cbf98e5e2c70f74d48ddca9c73f11771721b45ddcf0d986b6576538397869b8241355204be5bb78bab82beecb8f190dd87115438c00a520bf20ab74152650c3d45e4ace78e7b52466d61198e0be033c7204", 0x85)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={0x0, 0x18c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1900000004000000040000000900000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000005070e60627d67af1c53f7c432517ad3a66f284575a5bc2c32b1c9bd8178d2068d8eddb4954afd3b1e66655366824753859095115e34d1eae7ed708fba5083a684a41087402a1ba3c28571a79f08315d5fe3467a5a147c88a59312876901feefa4d1831c811fc9d98f63ca0df4580ba9670b2ccad979e94748c2ee65402daec5bf737d3b935c2a8ec8f3de5fd50b466aaba7e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000240)={r4})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000580)=0x90, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000040000000240000002400000002000900000000000100008b040000000000000002000000000000010000000000000006020002000000"], 0x0, 0x3e}, 0x20)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000001dc0), r7)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01012cbd7000fcdbdf250300000008000b"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)

773.899763ms ago: executing program 4 (id=1524):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1038, 0x12b6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x145)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000080), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x3f96, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x39b}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0x0, &(0x7f0000000600)=[{&(0x7f0000001080)=""/216, 0xd8}], 0x1, 0x10})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
socket(0x1d, 0x2, 0x6)
syz_usb_control_io$hid(r0, 0x0, 0x0)
pipe(0x0)
io_submit(0x0, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0)

705.77818ms ago: executing program 2 (id=1525):
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket(0x2b, 0x80801, 0x1)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x4000010)
r0 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newtfilter={0x438, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x4, 0x8}, {}, {0xfff2, 0xfff1}}, [@filter_kind_options=@f_bpf={{0x8}, {0x40c, 0x2, [@TCA_BPF_POLICE={0x408, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x4, 0x9, 0x10, 0x1, 0x9, 0x5, 0x4, 0x5, 0x10, 0x22, 0x80, 0x8001, 0x1000, 0xe, 0x58, 0x3, 0x7, 0x800, 0x1ad, 0x81, 0x40, 0xa67c, 0xa3d, 0xff, 0x5, 0x81, 0xfffff801, 0x8, 0x401, 0x0, 0x6, 0x6, 0x7, 0x180, 0x4, 0x80000000, 0x0, 0x80, 0x800, 0x22d7, 0x6c1d, 0xd0b, 0x5, 0x9, 0x10000, 0x7, 0x3, 0x0, 0x2, 0x4ed, 0x7, 0xfffffe01, 0x6, 0x40800000, 0x1b18, 0x4, 0x4, 0x4, 0x8, 0x0, 0x2, 0x9, 0x7, 0x10000, 0x8, 0x8, 0x1, 0x5, 0x7fff, 0x80000001, 0x9, 0x5, 0x1, 0x1, 0x2, 0x9, 0xd, 0xe751, 0x2, 0x0, 0x4, 0x0, 0x9, 0x3, 0xffffff26, 0x80000001, 0x0, 0x4, 0x5, 0x0, 0x6, 0x6, 0xd, 0xf, 0x3, 0x6, 0xfb1c, 0xffff, 0x8, 0x7, 0xb5a, 0x6, 0xd31c, 0x2, 0x8001, 0x4, 0x9, 0x8af, 0xffffffde, 0x10000, 0x10, 0x10000, 0x2, 0x5, 0x9, 0x1fe2, 0x2, 0x5, 0x7fff, 0xdf, 0x20, 0xa9f, 0x2, 0x2, 0x2, 0x3afb85ec, 0x5000000, 0xfffff000, 0x8, 0x8, 0x99d, 0x3, 0x3, 0xfffff7ec, 0xfffffff9, 0x4, 0x6, 0x0, 0x5, 0xe, 0x81, 0x2, 0x6, 0x7, 0xb6b, 0x5, 0x8, 0x1, 0x40, 0x9, 0x7, 0x8, 0x3, 0x81, 0x6, 0x0, 0x8, 0x5, 0x1, 0x1, 0x9a, 0x7f, 0xf, 0x1, 0x4, 0x7ff, 0x800, 0x7, 0xff, 0x9, 0x9, 0x7e, 0x0, 0x3, 0x8, 0x8, 0x4, 0x3860, 0x2, 0xe, 0x7, 0x8, 0x7f, 0x693e, 0x1, 0x4, 0xfff, 0x8000, 0x71af, 0x5, 0x0, 0xcf, 0x6, 0x9, 0x400, 0x169e, 0x8, 0x6, 0x7, 0x10001, 0x2, 0xffff, 0x6, 0xa, 0x6faf, 0x6, 0x8, 0x617f, 0x4, 0xc9c, 0x88, 0x10001, 0x2, 0xfffffff9, 0x7, 0xc4, 0x9, 0x80, 0x8, 0x8001, 0x1, 0x8000000, 0x8, 0x3, 0x6f, 0x5, 0x1, 0x8, 0xd6, 0x8, 0x6, 0x6, 0x3, 0xf5, 0x7, 0x8, 0x5, 0x7, 0x4, 0x9, 0x5c7, 0x2, 0x2, 0x3, 0x101, 0x1, 0xd, 0x958, 0x80000001, 0xfffffff9, 0x5, 0x1, 0x200, 0xfffffff6, 0x3]}]}]}}]}, 0x438}, 0x1, 0x0, 0x0, 0x4008848}, 0x20004804)
r1 = syz_io_uring_setup(0x45b4, &(0x7f00000035c0)={0x0, 0x0, 0x10100, 0x200000}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000580)=@sco})
io_uring_enter(r1, 0x291c, 0x0, 0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x80})
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r6=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r6}, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'dummy0\x00', <r8=>0x0})
r9 = fsopen(&(0x7f0000000800)='mqueue\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f00000000c0)='test_dumm^_encryption', &(0x7f0000000180)='auto_da_alloc', 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@getchain={0x2c, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xfff1}}, [{0x8, 0xb, 0x5cf7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000091}, 0x0)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_async', 0x80c0, 0x19)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r14=>0x0})
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r13, @ANYBLOB="010703000000000000000000000000000400b05954cef5b1e97ec408f4babd0f23d0ec8c9688761e200a", @ANYRES32=r14, @ANYBLOB], 0x1c}}, 0x0)
sendmsg$NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000008c0)={&(0x7f0000000940)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000125bd7000fcdbdf250d000000080001000200000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r14, @ANYBLOB="c86d545fc0ac61deeffc552d451e7be47ca0b7c15f842c4e981eb1bb4307bd3d8f4f7c092986083abb3731df595db076c4ca1b3e7423290bac2edcfff5de9ebcfc03ce1e8c863adef16b098b2483ca49311db7b50904dd1ce14629d5d0d4a05134afa75c55a3da90b9c95a9938ffa6e0"], 0x2c}, 0x1, 0x0, 0x0, 0x20004040}, 0x44810)
ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f0000000740)={[0x85b3, 0xffffffff, 0xb, 0x6, 0x2, 0x3, 0x9, 0x81, 0x10, 0x7ff, 0x8, 0x24, 0x8, 0xc, 0xf3, 0xffffffffffffff7f], 0xeeee0000, 0x26080})

236.001412ms ago: executing program 1 (id=1526):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000480)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000a00)=""/4096, 0x1000}], 0x2}, 0x4}], 0x1, 0x40000002, 0x0) (fail_nth: 3)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000400)=0x8, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x1, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)

117.211433ms ago: executing program 0 (id=1527):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket(0x25, 0x5, 0x0)
setresuid(0x0, 0x0, 0xffffffffffffffff)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x100)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x4, 0xfffffffffffffffd, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x1, 0x0, 0x8, 0xfffffffffffffffe, 0x0, 0x2, 0x7}, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
pread64(0xffffffffffffffff, &(0x7f0000000180)=""/15, 0xfffffe9c, 0xb6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000005100000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

0s ago: executing program 3 (id=1528):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095", @ANYRES16, @ANYRESDEC], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
r1 = socket(0x1e, 0x80004, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
bind$qrtr(r3, &(0x7f00000000c0)={0x2a, 0x1, 0x4001}, 0xc)
r4 = dup3(r2, r1, 0x0)
recvmmsg(r4, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
ioctl$UI_SET_SNDBIT(r4, 0x4004556a, 0x5)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x121400, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="d74adc0032f61e", @ANYRES64=r5])
shmctl$SHM_STAT_ANY(0x0, 0xf, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0), 0x10082, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x430, &(0x7f0000000140)='noswap')

kernel console output (not intermixed with test programs):

B device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  412.091023][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.104204][ T5923] usb 1-1: config 0 descriptor??
[  412.120129][ T9923] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  412.144349][ T5923] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  412.299004][ T9948] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1062'.
[  412.435222][ T5923] usb 1-1: USB disconnect, device number 18
[  413.296341][ T9953] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1060'.
[  413.391256][ T9958] FAULT_INJECTION: forcing a failure.
[  413.391256][ T9958] name failslab, interval 1, probability 0, space 0, times 0
[  413.408892][ T9958] CPU: 0 UID: 0 PID: 9958 Comm: syz.3.1064 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  413.408919][ T9958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  413.408929][ T9958] Call Trace:
[  413.408936][ T9958]  <TASK>
[  413.408944][ T9958]  dump_stack_lvl+0x189/0x250
[  413.408967][ T9958]  ? __pfx____ratelimit+0x10/0x10
[  413.408990][ T9958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.409006][ T9958]  ? __pfx__printk+0x10/0x10
[  413.409031][ T9958]  ? __pfx___might_resched+0x10/0x10
[  413.409047][ T9958]  ? fs_reclaim_acquire+0x7d/0x100
[  413.409068][ T9958]  should_fail_ex+0x414/0x560
[  413.409097][ T9958]  should_failslab+0xa8/0x100
[  413.409122][ T9958]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  413.409146][ T9958]  ? dh_data_from_key+0x15e/0x280
[  413.409172][ T9958]  kmemdup_noprof+0x2b/0x70
[  413.409191][ T9958]  dh_data_from_key+0x15e/0x280
[  413.409215][ T9958]  __keyctl_dh_compute+0x295/0xca0
[  413.409238][ T9958]  ? __might_fault+0xb0/0x130
[  413.409263][ T9958]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  413.409291][ T9958]  ? __lock_acquire+0xab9/0xd20
[  413.409339][ T9958]  keyctl_dh_compute+0x109/0x160
[  413.409367][ T9958]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  413.409388][ T9958]  ? __pfx_keyctl_dh_compute+0x10/0x10
[  413.409408][ T9958]  ? vfs_write+0x8d8/0xa90
[  413.409445][ T9958]  __se_sys_keyctl+0x423/0x910
[  413.409463][ T9958]  ? __pfx___se_sys_keyctl+0x10/0x10
[  413.409483][ T9958]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  413.409506][ T9958]  ? __fget_files+0x3a0/0x420
[  413.409529][ T9958]  ? fput+0xa0/0xd0
[  413.409546][ T9958]  ? ksys_write+0x22a/0x250
[  413.409573][ T9958]  ? __pfx_ksys_write+0x10/0x10
[  413.409600][ T9958]  ? do_syscall_64+0xbe/0x3b0
[  413.409614][ T9958]  ? __x64_sys_keyctl+0x20/0xc0
[  413.409633][ T9958]  do_syscall_64+0xfa/0x3b0
[  413.409651][ T9958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.409667][ T9958]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  413.409684][ T9958]  ? clear_bhb_loop+0x60/0xb0
[  413.409703][ T9958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.409720][ T9958] RIP: 0033:0x7fb26718e929
[  413.409736][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.409750][ T9958] RSP: 002b:00007fb267f31038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  413.409769][ T9958] RAX: ffffffffffffffda RBX: 00007fb2673b6080 RCX: 00007fb26718e929
[  413.409781][ T9958] RDX: 0000200000001380 RSI: 0000200000001340 RDI: 0000000000000017
[  413.409793][ T9958] RBP: 00007fb267f31090 R08: 0000000000000000 R09: 0000000000000000
[  413.409804][ T9958] R10: 000000000000100c R11: 0000000000000246 R12: 0000000000000001
[  413.409814][ T9958] R13: 0000000000000000 R14: 00007fb2673b6080 R15: 00007fff94c5da18
[  413.409843][ T9958]  </TASK>
[  413.949116][ T5909] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  414.052380][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.093148][ T5909] usb 3-1: device descriptor read/64, error -71
[  414.127032][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.158222][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.254636][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.279990][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.307691][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.337393][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.351573][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.370891][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.382291][ T5909] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  414.393268][ T9965] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  414.589157][ T5909] usb 3-1: device descriptor read/64, error -71
[  414.956432][ T5909] usb usb3-port1: attempt power cycle
[  415.309115][ T5909] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  415.344067][ T5909] usb 3-1: device descriptor read/8, error -71
[  415.808940][ T5909] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  415.842585][ T9984] sctp: [Deprecated]: syz.1.1073 (pid 9984) Use of int in maxseg socket option.
[  415.842585][ T9984] Use struct sctp_assoc_value instead
[  415.890039][ T5909] usb 3-1: device descriptor read/8, error -71
[  416.341499][ T5909] usb usb3-port1: unable to enumerate USB device
[  416.468670][ T5909] IPVS: starting estimator thread 0...
[  416.689119][ T9990] IPVS: using max 33 ests per chain, 79200 per kthread
[  417.160123][   T30] audit: type=1326 audit(1752683854.592:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.270972][   T30] audit: type=1326 audit(1752683854.592:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.298711][T10008] sctp: [Deprecated]: syz.4.1075 (pid 10008) Use of int in maxseg socket option.
[  417.298711][T10008] Use struct sctp_assoc_value instead
[  417.330860][T10008] FAULT_INJECTION: forcing a failure.
[  417.330860][T10008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.348578][   T30] audit: type=1326 audit(1752683854.622:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.380320][T10008] CPU: 1 UID: 0 PID: 10008 Comm: syz.4.1075 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  417.380345][T10008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  417.380355][T10008] Call Trace:
[  417.380362][T10008]  <TASK>
[  417.380369][T10008]  dump_stack_lvl+0x189/0x250
[  417.380394][T10008]  ? __pfx____ratelimit+0x10/0x10
[  417.380418][T10008]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.380437][T10008]  ? __pfx__printk+0x10/0x10
[  417.380471][T10008]  should_fail_ex+0x414/0x560
[  417.380501][T10008]  _copy_to_user+0x31/0xb0
[  417.380524][T10008]  sctp_getsockopt_maxseg+0x522/0x6c0
[  417.380548][T10008]  ? __pfx_sctp_getsockopt_maxseg+0x10/0x10
[  417.380578][T10008]  sctp_getsockopt+0x933/0xb60
[  417.380602][T10008]  do_sock_getsockopt+0x35d/0x650
[  417.380626][T10008]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  417.380645][T10008]  ? do_syscall_64+0x20/0x3b0
[  417.380661][T10008]  ? __fget_files+0x3a0/0x420
[  417.380677][T10008]  ? __fget_files+0x2a/0x420
[  417.380700][T10008]  __x64_sys_getsockopt+0x1a5/0x250
[  417.380720][T10008]  ? do_syscall_64+0x20/0x3b0
[  417.380738][T10008]  ? do_syscall_64+0x20/0x3b0
[  417.380758][T10008]  do_syscall_64+0xfa/0x3b0
[  417.380772][T10008]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.380796][T10008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.380813][T10008]  ? clear_bhb_loop+0x60/0xb0
[  417.380834][T10008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.380850][T10008] RIP: 0033:0x7f1ca098e929
[  417.380864][T10008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.380875][T10008] RSP: 002b:00007f1ca1787038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  417.380892][T10008] RAX: ffffffffffffffda RBX: 00007f1ca0bb6080 RCX: 00007f1ca098e929
[  417.380904][T10008] RDX: 000000000000000d RSI: 0000000000000084 RDI: 0000000000000003
[  417.380912][T10008] RBP: 00007f1ca1787090 R08: 0000200000000140 R09: 0000000000000000
[  417.380922][T10008] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  417.380933][T10008] R13: 0000000000000001 R14: 00007f1ca0bb6080 R15: 00007ffe042fa8f8
[  417.380956][T10008]  </TASK>
[  417.599048][   T30] audit: type=1326 audit(1752683854.622:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.623491][   T30] audit: type=1326 audit(1752683854.622:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.650919][ T5895] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[  417.678494][   T30] audit: type=1326 audit(1752683854.622:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.703448][   T30] audit: type=1326 audit(1752683854.622:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.725015][   T30] audit: type=1326 audit(1752683854.622:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.748146][   T30] audit: type=1326 audit(1752683854.622:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.769900][   T30] audit: type=1326 audit(1752683854.622:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9998 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb2c58e929 code=0x7ffc0000
[  417.830992][ T5895] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  417.869529][ T5895] usb 4-1: config 0 has no interface number 0
[  417.885423][ T5895] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  417.930329][ T5895] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  417.966270][ T5895] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  417.988583][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.014316][ T5895] usb 4-1: config 0 descriptor??
[  418.022398][T10023] FAULT_INJECTION: forcing a failure.
[  418.022398][T10023] name failslab, interval 1, probability 0, space 0, times 0
[  418.024997][T10005] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  418.490655][ T5895] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  418.601052][T10023] CPU: 0 UID: 0 PID: 10023 Comm: syz.0.1087 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  418.601078][T10023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  418.601088][T10023] Call Trace:
[  418.601096][T10023]  <TASK>
[  418.601103][T10023]  dump_stack_lvl+0x189/0x250
[  418.601128][T10023]  ? __pfx____ratelimit+0x10/0x10
[  418.601163][T10023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  418.601181][T10023]  ? __pfx__printk+0x10/0x10
[  418.601207][T10023]  ? __pfx___might_resched+0x10/0x10
[  418.601231][T10023]  should_fail_ex+0x414/0x560
[  418.601259][T10023]  should_failslab+0xa8/0x100
[  418.601284][T10023]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  418.601307][T10023]  ? __alloc_skb+0x112/0x2d0
[  418.601330][T10023]  __alloc_skb+0x112/0x2d0
[  418.601353][T10023]  netlink_sendmsg+0x5c6/0xb30
[  418.601383][T10023]  ? __pfx_netlink_sendmsg+0x10/0x10
[  418.601410][T10023]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  418.601432][T10023]  ? __pfx_netlink_sendmsg+0x10/0x10
[  418.601452][T10023]  __sock_sendmsg+0x219/0x270
[  418.601481][T10023]  ____sys_sendmsg+0x505/0x830
[  418.601507][T10023]  ? __pfx_____sys_sendmsg+0x10/0x10
[  418.601537][T10023]  ? import_iovec+0x74/0xa0
[  418.601561][T10023]  ___sys_sendmsg+0x21f/0x2a0
[  418.601584][T10023]  ? __pfx____sys_sendmsg+0x10/0x10
[  418.601638][T10023]  ? __fget_files+0x2a/0x420
[  418.601653][T10023]  ? __fget_files+0x3a0/0x420
[  418.601680][T10023]  __x64_sys_sendmsg+0x19b/0x260
[  418.601704][T10023]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  418.601734][T10023]  ? __pfx_ksys_write+0x10/0x10
[  418.601754][T10023]  ? rcu_is_watching+0x15/0xb0
[  418.601779][T10023]  ? do_syscall_64+0xbe/0x3b0
[  418.601799][T10023]  do_syscall_64+0xfa/0x3b0
[  418.601814][T10023]  ? lockdep_hardirqs_on+0x9c/0x150
[  418.601835][T10023]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.601852][T10023]  ? clear_bhb_loop+0x60/0xb0
[  418.601872][T10023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.601887][T10023] RIP: 0033:0x7fdb2c58e929
[  418.601903][T10023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.601917][T10023] RSP: 002b:00007fdb2d4e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  418.601935][T10023] RAX: ffffffffffffffda RBX: 00007fdb2c7b5fa0 RCX: 00007fdb2c58e929
[  418.601948][T10023] RDX: 0000000020008800 RSI: 0000200000000100 RDI: 0000000000000003
[  418.601959][T10023] RBP: 00007fdb2d4e2090 R08: 0000000000000000 R09: 0000000000000000
[  418.601970][T10023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.601980][T10023] R13: 0000000000000000 R14: 00007fdb2c7b5fa0 R15: 00007ffdbe997008
[  418.602009][T10023]  </TASK>
[  418.997344][ T5923] usb 4-1: USB disconnect, device number 22
[  419.209307][ T5895] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  419.339095][ T5895] usb 1-1: device descriptor read/64, error -71
[  419.371159][T10036] FAULT_INJECTION: forcing a failure.
[  419.371159][T10036] name failslab, interval 1, probability 0, space 0, times 0
[  419.400945][T10036] CPU: 0 UID: 0 PID: 10036 Comm: syz.2.1089 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  419.400963][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  419.400970][T10036] Call Trace:
[  419.400975][T10036]  <TASK>
[  419.400980][T10036]  dump_stack_lvl+0x189/0x250
[  419.400995][T10036]  ? __pfx____ratelimit+0x10/0x10
[  419.401010][T10036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  419.401020][T10036]  ? __pfx__printk+0x10/0x10
[  419.401035][T10036]  ? __pfx___might_resched+0x10/0x10
[  419.401049][T10036]  should_fail_ex+0x414/0x560
[  419.401065][T10036]  should_failslab+0xa8/0x100
[  419.401086][T10036]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  419.401101][T10036]  ? __alloc_skb+0x112/0x2d0
[  419.401115][T10036]  __alloc_skb+0x112/0x2d0
[  419.401127][T10036]  netlink_sendmsg+0x5c6/0xb30
[  419.401144][T10036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.401164][T10036]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  419.401177][T10036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.401188][T10036]  __sock_sendmsg+0x219/0x270
[  419.401203][T10036]  ____sys_sendmsg+0x505/0x830
[  419.401218][T10036]  ? __pfx_____sys_sendmsg+0x10/0x10
[  419.401234][T10036]  ? import_iovec+0x74/0xa0
[  419.401247][T10036]  ___sys_sendmsg+0x21f/0x2a0
[  419.401260][T10036]  ? __pfx____sys_sendmsg+0x10/0x10
[  419.401293][T10036]  ? __fget_files+0x2a/0x420
[  419.401302][T10036]  ? __fget_files+0x3a0/0x420
[  419.401315][T10036]  __x64_sys_sendmsg+0x19b/0x260
[  419.401328][T10036]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  419.401345][T10036]  ? __pfx_ksys_write+0x10/0x10
[  419.401357][T10036]  ? rcu_is_watching+0x15/0xb0
[  419.401374][T10036]  ? do_syscall_64+0xbe/0x3b0
[  419.401386][T10036]  do_syscall_64+0xfa/0x3b0
[  419.401395][T10036]  ? lockdep_hardirqs_on+0x9c/0x150
[  419.401407][T10036]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.401417][T10036]  ? clear_bhb_loop+0x60/0xb0
[  419.401428][T10036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.401437][T10036] RIP: 0033:0x7ff44678e929
[  419.401447][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.401455][T10036] RSP: 002b:00007ff447587038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.401466][T10036] RAX: ffffffffffffffda RBX: 00007ff4469b5fa0 RCX: 00007ff44678e929
[  419.401473][T10036] RDX: 0000000004008000 RSI: 0000200000000200 RDI: 0000000000000003
[  419.401480][T10036] RBP: 00007ff447587090 R08: 0000000000000000 R09: 0000000000000000
[  419.401486][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.401492][T10036] R13: 0000000000000000 R14: 00007ff4469b5fa0 R15: 00007fff3de75278
[  419.401506][T10036]  </TASK>
[  419.952644][ T5895] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  420.089044][ T5895] usb 1-1: device descriptor read/64, error -71
[  420.265844][ T5895] usb usb1-port1: attempt power cycle
[  420.829069][ T5895] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  421.429833][ T5895] usb 1-1: device descriptor read/8, error -71
[  422.179252][ T5895] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  422.381262][T10069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1098'.
[  422.409447][ T5895] usb 1-1: device not accepting address 22, error -71
[  422.431893][ T5895] usb usb1-port1: unable to enumerate USB device
[  422.521099][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  422.521115][   T30] audit: type=1326 audit(1752683859.962:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10070 comm="syz.2.1100" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff44678e929 code=0x0
[  422.548404][    C0] vkms_vblank_simulate: vblank timer overrun
[  422.798938][ T5895] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  423.119139][ T5909] usb 5-1: new low-speed USB device number 21 using dummy_hcd
[  423.399450][ T5909] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  423.603951][ T5909] usb 5-1: config 0 has no interface number 0
[  423.757734][ T5909] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  423.823511][ T5909] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  423.908480][ T5909] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  423.919007][ T5895] usb 1-1: device descriptor read/64, error -71
[  424.019465][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.093519][T10090] netlink: 4972 bytes leftover after parsing attributes in process `syz.3.1105'.
[  424.096772][ T5909] usb 5-1: config 0 descriptor??
[  424.109682][T10090] openvswitch: netlink: Key type 223 is out of range max 32
[  424.199680][T10073] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  424.263273][ T5895] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  424.505638][ T5909] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  424.659718][ T5895] usb 1-1: device descriptor read/64, error -71
[  424.705572][ T5909] usb 5-1: USB disconnect, device number 21
[  424.769374][ T5895] usb usb1-port1: attempt power cycle
[  425.139674][ T5895] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  425.159047][ T5902] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  425.180486][ T5895] usb 1-1: device descriptor read/8, error -71
[  425.350547][ T5902] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  425.470051][ T5902] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.542700][ T5902] usb 2-1: Product: syz
[  425.585017][ T5902] usb 2-1: Manufacturer: syz
[  425.629589][ T5902] usb 2-1: SerialNumber: syz
[  425.821873][ T5902] usb 2-1: config 0 descriptor??
[  426.973282][ T5902] ch341 2-1:0.0: ch341-uart converter detected
[  427.523118][ T5902] usb 2-1: failed to receive control message: -121
[  427.562863][ T5902] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121
[  428.769442][ T5902] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  428.979372][ T5932] usb 2-1: USB disconnect, device number 13
[  428.997959][ T5932] ch341 2-1:0.0: device disconnected
[  429.361411][ T5902] usb 4-1: Using ep0 maxpacket: 16
[  429.401828][ T5902] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  429.427920][ T5902] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  429.457914][ T5902] usb 4-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  429.475179][ T5902] usb 4-1: config 1 interface 0 has no altsetting 0
[  429.714841][ T5902] usb 4-1: New USB device found, idVendor=0825, idProduct=0000, bcdDevice= 0.00
[  429.760476][ T5866] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  429.999746][T10138] syz.0.1117: attempt to access beyond end of device
[  429.999746][T10138] nbd0: rw=0, sector=2, nr_sectors = 1 limit=0
[  430.013140][T10138] hfs: can't find a HFS filesystem on dev nbd0
[  430.119185][ T5866] usb 5-1: config 0 has an invalid interface number: 200 but max is 0
[  430.171390][ T5902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.224593][ T5866] usb 5-1: config 0 has no interface number 0
[  430.328414][ T5902] usb 4-1: Product: syz
[  430.333741][ T5866] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=91.6f
[  430.355136][ T5902] usb 4-1: Manufacturer: syz
[  430.361865][ T5902] usb 4-1: SerialNumber: syz
[  430.367063][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.654433][ T5866] usb 5-1: config 0 descriptor??
[  430.659978][ T5866] usb 5-1: can't set config #0, error -71
[  430.761237][ T5866] usb 5-1: USB disconnect, device number 22
[  430.840847][ T5902] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 255 proto 1 vid 0x0825 pid 0x0000
[  431.529130][T10149] syz.1.1120: attempt to access beyond end of device
[  431.529130][T10149] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0
[  431.542819][T10149] hfs: can't find a HFS filesystem on dev nbd1
[  431.644485][ T5902] usb 4-1: USB disconnect, device number 23
[  431.657976][ T5902] usblp0: removed
[  432.127164][T10163] binder: 10154:10163 ioctl 4018620d 0 returned -22
[  432.142555][T10163] overlayfs: missing 'lowerdir'
[  433.099364][   T10] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  433.475556][   T10] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  433.613635][   T10] usb 5-1: config 0 has no interface number 0
[  433.641093][   T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  433.854115][   T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  434.232363][   T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  434.264997][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.753369][   T10] usb 5-1: config 0 descriptor??
[  434.880465][T10159] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  434.952010][   T10] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  435.023148][   T10] usb 5-1: USB disconnect, device number 23
[  435.033221][T10189] usb usb8: usbfs: process 10189 (syz.0.1131) did not claim interface 0 before use
[  435.241432][T10196] FAULT_INJECTION: forcing a failure.
[  435.241432][T10196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.275023][T10196] CPU: 0 UID: 0 PID: 10196 Comm: syz.1.1132 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  435.275041][T10196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.275048][T10196] Call Trace:
[  435.275052][T10196]  <TASK>
[  435.275057][T10196]  dump_stack_lvl+0x189/0x250
[  435.275073][T10196]  ? __pfx____ratelimit+0x10/0x10
[  435.275088][T10196]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.275098][T10196]  ? __pfx__printk+0x10/0x10
[  435.275117][T10196]  should_fail_ex+0x414/0x560
[  435.275135][T10196]  _copy_to_user+0x31/0xb0
[  435.275147][T10196]  simple_read_from_buffer+0xe1/0x170
[  435.275164][T10196]  proc_fail_nth_read+0x1df/0x250
[  435.275177][T10196]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  435.275188][T10196]  ? rw_verify_area+0x258/0x650
[  435.275200][T10196]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  435.275211][T10196]  vfs_read+0x200/0x980
[  435.275225][T10196]  ? __pfx___mutex_lock+0x10/0x10
[  435.275236][T10196]  ? __pfx_vfs_read+0x10/0x10
[  435.275248][T10196]  ? __fget_files+0x2a/0x420
[  435.275260][T10196]  ? __fget_files+0x3a0/0x420
[  435.275268][T10196]  ? __fget_files+0x2a/0x420
[  435.275281][T10196]  ksys_read+0x145/0x250
[  435.275302][T10196]  ? __pfx_ksys_read+0x10/0x10
[  435.275312][T10196]  ? rcu_is_watching+0x15/0xb0
[  435.275326][T10196]  ? do_syscall_64+0xbe/0x3b0
[  435.275338][T10196]  do_syscall_64+0xfa/0x3b0
[  435.275346][T10196]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.275359][T10196]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.275369][T10196]  ? clear_bhb_loop+0x60/0xb0
[  435.275381][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.275390][T10196] RIP: 0033:0x7f9465d8d33c
[  435.275403][T10196] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  435.275412][T10196] RSP: 002b:00007f9466bb1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  435.275424][T10196] RAX: ffffffffffffffda RBX: 00007f9465fb5fa0 RCX: 00007f9465d8d33c
[  435.275431][T10196] RDX: 000000000000000f RSI: 00007f9466bb10a0 RDI: 0000000000000010
[  435.275438][T10196] RBP: 00007f9466bb1090 R08: 0000000000000000 R09: 0000000000000000
[  435.275444][T10196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.275449][T10196] R13: 0000000000000000 R14: 00007f9465fb5fa0 R15: 00007ffca1b13c08
[  435.275465][T10196]  </TASK>
[  435.664902][T10205] FAULT_INJECTION: forcing a failure.
[  435.664902][T10205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.665154][T10203] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1134'.
[  435.678160][T10205] CPU: 0 UID: 0 PID: 10205 Comm: syz.4.1135 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  435.678186][T10205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.678197][T10205] Call Trace:
[  435.678207][T10205]  <TASK>
[  435.678227][T10205]  dump_stack_lvl+0x189/0x250
[  435.678252][T10205]  ? __pfx____ratelimit+0x10/0x10
[  435.678275][T10205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.678293][T10205]  ? __pfx__printk+0x10/0x10
[  435.678327][T10205]  should_fail_ex+0x414/0x560
[  435.678355][T10205]  _copy_from_user+0x2d/0xb0
[  435.678375][T10205]  bpf_test_init+0xf8/0x170
[  435.678403][T10205]  bpf_prog_test_run_skb+0x1e9/0x1560
[  435.678420][T10205]  ? __fget_files+0x2a/0x420
[  435.678440][T10205]  ? __fget_files+0x2a/0x420
[  435.678462][T10205]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  435.678480][T10205]  bpf_prog_test_run+0x2c7/0x340
[  435.678509][T10205]  __sys_bpf+0x4a4/0x860
[  435.678533][T10205]  ? __pfx___sys_bpf+0x10/0x10
[  435.678568][T10205]  ? ksys_write+0x22a/0x250
[  435.678592][T10205]  ? __pfx_ksys_write+0x10/0x10
[  435.678610][T10205]  ? rcu_is_watching+0x15/0xb0
[  435.678636][T10205]  __x64_sys_bpf+0x7c/0x90
[  435.678663][T10205]  do_syscall_64+0xfa/0x3b0
[  435.678679][T10205]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.678701][T10205]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.678718][T10205]  ? clear_bhb_loop+0x60/0xb0
[  435.678738][T10205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.678754][T10205] RIP: 0033:0x7f1ca098e929
[  435.678770][T10205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.678782][T10205] RSP: 002b:00007f1ca17a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  435.678804][T10205] RAX: ffffffffffffffda RBX: 00007f1ca0bb5fa0 RCX: 00007f1ca098e929
[  435.678820][T10205] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  435.678831][T10205] RBP: 00007f1ca17a8090 R08: 0000000000000000 R09: 0000000000000000
[  435.678841][T10205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.678850][T10205] R13: 0000000000000000 R14: 00007f1ca0bb5fa0 R15: 00007ffe042fa8f8
[  435.678877][T10205]  </TASK>
[  435.839161][ T5932] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  436.213381][T10214] binder: 10210:10214 ioctl 4018620d 0 returned -22
[  436.799481][ T5932] usb 2-1: Using ep0 maxpacket: 16
[  436.834060][T10207] delete_channel: no stack
[  436.920722][ T5932] usb 2-1: New USB device found, idVendor=061d, idProduct=c160, bcdDevice=a8.f7
[  436.930204][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.939542][ T5932] usb 2-1: Product: syz
[  436.943889][ T5932] usb 2-1: Manufacturer: syz
[  436.991737][ T5932] usb 2-1: SerialNumber: syz
[  437.017868][ T5932] usb 2-1: config 0 descriptor??
[  437.036849][ T5932] quatech2 2-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  437.273553][ T5932] usb 2-1: qt2_attach - failed to power on unit: -71
[  437.282102][ T5932] quatech2 2-1:0.0: probe with driver quatech2 failed with error -71
[  437.297712][ T5932] usb 2-1: USB disconnect, device number 14
[  437.309590][ T5902] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  437.518984][   T24] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  437.549060][ T5902] usb 5-1: Using ep0 maxpacket: 32
[  437.642947][ T5902] usb 5-1: config 0 interface 0 has no altsetting 0
[  437.785402][ T5902] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  437.837088][   T24] usb 4-1: Using ep0 maxpacket: 8
[  437.859994][ T5902] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.868515][ T5902] usb 5-1: Product: syz
[  437.874306][ T5902] usb 5-1: Manufacturer: syz
[  437.879402][ T5902] usb 5-1: SerialNumber: syz
[  437.897093][   T24] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  437.906966][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.916183][ T5902] usb 5-1: config 0 descriptor??
[  437.924137][   T24] usb 4-1: Product: syz
[  437.928379][   T24] usb 4-1: Manufacturer: syz
[  437.936799][   T24] usb 4-1: SerialNumber: syz
[  437.990021][   T24] usb 4-1: config 0 descriptor??
[  438.008616][   T24] gspca_main: se401-2.14.0 probing 047d:5003
[  438.225312][T10230] FAULT_INJECTION: forcing a failure.
[  438.225312][T10230] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  438.238805][T10230] CPU: 0 UID: 0 PID: 10230 Comm: syz.0.1144 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  438.238832][T10230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  438.238843][T10230] Call Trace:
[  438.238850][T10230]  <TASK>
[  438.238857][T10230]  dump_stack_lvl+0x189/0x250
[  438.238881][T10230]  ? __pfx____ratelimit+0x10/0x10
[  438.238904][T10230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.238922][T10230]  ? __pfx__printk+0x10/0x10
[  438.238945][T10230]  ? fs_reclaim_acquire+0x7d/0x100
[  438.238969][T10230]  should_fail_ex+0x414/0x560
[  438.238996][T10230]  prepare_alloc_pages+0x213/0x610
[  438.239020][T10230]  __alloc_frozen_pages_noprof+0x123/0x370
[  438.239041][T10230]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  438.239067][T10230]  ? policy_nodemask+0x27c/0x720
[  438.239097][T10230]  alloc_pages_mpol+0x232/0x4a0
[  438.239125][T10230]  alloc_pages_noprof+0xa9/0x190
[  438.239151][T10230]  get_free_pages_noprof+0xf/0x80
[  438.239168][T10230]  __pollwait+0x27b/0x460
[  438.239192][T10230]  ? __pfx___pollwait+0x10/0x10
[  438.239213][T10230]  datagram_poll+0x7f/0x420
[  438.239240][T10230]  sock_poll+0x32c/0x3e0
[  438.239265][T10230]  ? __pfx_sock_poll+0x10/0x10
[  438.239296][T10230]  do_select+0x105b/0x17e0
[  438.239317][T10230]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  438.239349][T10230]  ? do_select+0x8b1/0x17e0
[  438.239393][T10230]  ? __pfx_do_select+0x10/0x10
[  438.239415][T10230]  ? __lock_acquire+0xab9/0xd20
[  438.239436][T10230]  ? __pfx___pollwait+0x10/0x10
[  438.239462][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239489][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239515][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239541][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239566][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239592][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239618][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239644][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239669][T10230]  ? __pfx_pollwake+0x10/0x10
[  438.239714][T10230]  core_sys_select+0x6dd/0xa20
[  438.239748][T10230]  ? __pfx_core_sys_select+0x10/0x10
[  438.239797][T10230]  ? __pfx_set_user_sigmask+0x10/0x10
[  438.239826][T10230]  __se_sys_pselect6+0x27a/0x300
[  438.239855][T10230]  ? __pfx___se_sys_pselect6+0x10/0x10
[  438.239878][T10230]  ? __pfx_ksys_write+0x10/0x10
[  438.239905][T10230]  ? __x64_sys_pselect6+0x21/0xf0
[  438.239931][T10230]  do_syscall_64+0xfa/0x3b0
[  438.239946][T10230]  ? lockdep_hardirqs_on+0x9c/0x150
[  438.239969][T10230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.239985][T10230]  ? clear_bhb_loop+0x60/0xb0
[  438.240006][T10230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.240022][T10230] RIP: 0033:0x7fdb2c58e929
[  438.240037][T10230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.240051][T10230] RSP: 002b:00007fdb2d4e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  438.240071][T10230] RAX: ffffffffffffffda RBX: 00007fdb2c7b5fa0 RCX: 00007fdb2c58e929
[  438.240084][T10230] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  438.240095][T10230] RBP: 00007fdb2d4e2090 R08: 0000000000000000 R09: 0000000000000000
[  438.240105][T10230] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  438.240116][T10230] R13: 0000000000000000 R14: 00007fdb2c7b5fa0 R15: 00007ffdbe997008
[  438.240144][T10230]  </TASK>
[  438.566038][    C0] vkms_vblank_simulate: vblank timer overrun
[  438.589143][ T5902] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  438.640175][T10234] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  438.869683][T10226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.934303][   T24] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input7
[  438.964069][T10226] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.009361][ T5895] usb 1-1: new low-speed USB device number 27 using dummy_hcd
[  440.293624][T10226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.343541][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  440.349335][T10226] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.350911][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.373499][ T5895] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  440.384611][ T5895] usb 1-1: config 0 has no interface number 0
[  440.402447][ T5895] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  440.428174][ T5902] usb 5-1: USB disconnect, device number 24
[  440.433352][ T5895] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  440.455491][ T5895] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  440.494396][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.512586][ T5866] usb 4-1: USB disconnect, device number 24
[  440.765785][ T5895] usb 1-1: config 0 descriptor??
[  440.787781][T10241] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  440.869847][ T5895] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  441.450314][ T5895] usb 1-1: USB disconnect, device number 27
[  442.068125][T10264] binder: 10262:10264 ioctl 4018620d 0 returned -22
[  442.254344][T10272] loop6: detected capacity change from 0 to 2098
[  442.349323][T10272] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1155'.
[  442.637474][T10282] ALSA: mixer_oss: invalid OSS volume 'w'
[  443.037152][T10295] FAULT_INJECTION: forcing a failure.
[  443.037152][T10295] name failslab, interval 1, probability 0, space 0, times 0
[  443.073837][T10294] tipc: Started in network mode
[  443.078736][T10294] tipc: Node identity , cluster identity 4711
[  443.101034][T10295] CPU: 1 UID: 0 PID: 10295 Comm: syz.4.1159 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  443.101061][T10295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  443.101072][T10295] Call Trace:
[  443.101080][T10295]  <TASK>
[  443.101088][T10295]  dump_stack_lvl+0x189/0x250
[  443.101114][T10295]  ? __pfx____ratelimit+0x10/0x10
[  443.101139][T10295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  443.101157][T10295]  ? __pfx__printk+0x10/0x10
[  443.101182][T10295]  ? __pfx___might_resched+0x10/0x10
[  443.101204][T10295]  should_fail_ex+0x414/0x560
[  443.101233][T10295]  should_failslab+0xa8/0x100
[  443.101259][T10295]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  443.101282][T10295]  ? __alloc_skb+0x112/0x2d0
[  443.101306][T10295]  __alloc_skb+0x112/0x2d0
[  443.101328][T10295]  netlink_sendmsg+0x5c6/0xb30
[  443.101358][T10295]  ? __pfx_netlink_sendmsg+0x10/0x10
[  443.101386][T10295]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  443.101408][T10295]  ? __pfx_netlink_sendmsg+0x10/0x10
[  443.101429][T10295]  __sock_sendmsg+0x219/0x270
[  443.101457][T10295]  ____sys_sendmsg+0x505/0x830
[  443.101484][T10295]  ? __pfx_____sys_sendmsg+0x10/0x10
[  443.101513][T10295]  ? import_iovec+0x74/0xa0
[  443.101537][T10295]  ___sys_sendmsg+0x21f/0x2a0
[  443.101559][T10295]  ? __pfx____sys_sendmsg+0x10/0x10
[  443.101616][T10295]  ? __fget_files+0x2a/0x420
[  443.101631][T10295]  ? __fget_files+0x3a0/0x420
[  443.101657][T10295]  __x64_sys_sendmsg+0x19b/0x260
[  443.101680][T10295]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  443.101710][T10295]  ? __pfx_ksys_write+0x10/0x10
[  443.101730][T10295]  ? rcu_is_watching+0x15/0xb0
[  443.101754][T10295]  ? do_syscall_64+0xbe/0x3b0
[  443.101775][T10295]  do_syscall_64+0xfa/0x3b0
[  443.101790][T10295]  ? lockdep_hardirqs_on+0x9c/0x150
[  443.101823][T10295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.101840][T10295]  ? clear_bhb_loop+0x60/0xb0
[  443.101861][T10295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.101877][T10295] RIP: 0033:0x7f1ca098e929
[  443.101892][T10295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.101907][T10295] RSP: 002b:00007f1ca17a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  443.101926][T10295] RAX: ffffffffffffffda RBX: 00007f1ca0bb5fa0 RCX: 00007f1ca098e929
[  443.101939][T10295] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  443.101950][T10295] RBP: 00007f1ca17a8090 R08: 0000000000000000 R09: 0000000000000000
[  443.101960][T10295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.101971][T10295] R13: 0000000000000000 R14: 00007f1ca0bb5fa0 R15: 00007ffe042fa8f8
[  443.101999][T10295]  </TASK>
[  443.374563][T10294] tipc: Failed to set node id, please configure manually
[  443.381789][T10294] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  444.254696][T10310] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1162'.
[  444.269172][T10310] 0ªX¹¦D: renamed from macvtap0 (while UP)
[  444.299318][T10307] ALSA: mixer_oss: invalid OSS volume 'w'
[  444.344201][T10313] syz.0.1162 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  444.375063][T10310] 0ªX¹¦D: entered allmulticast mode
[  444.398791][T10316] binder: 10314:10316 ioctl 4018620d 0 returned -22
[  444.512322][T10310] veth0_macvtap: entered allmulticast mode
[  444.892182][T10310] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  445.625789][   T10] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  446.093973][   T10] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  446.120919][   T10] usb 5-1: config 0 has no interface number 0
[  446.165007][   T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  446.270508][ T5895] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  446.347852][   T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  446.437407][T10342] delete_channel: no stack
[  446.454827][   T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  446.487373][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.513777][   T10] usb 5-1: config 0 descriptor??
[  446.565519][T10336] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  446.591193][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.616437][   T10] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  446.637127][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.644096][T10350] input: syz1 as /devices/virtual/input/input8
[  446.651508][ T5895] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  446.787828][ T5923] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  447.106366][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.120343][   T10] usb 5-1: USB disconnect, device number 25
[  447.150046][ T5895] usb 2-1: config 0 descriptor??
[  447.258984][ T5923] usb 1-1: Using ep0 maxpacket: 8
[  447.274189][ T5923] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2
[  447.289940][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.308269][ T5923] usb 1-1: Product: syz
[  447.328500][ T5923] usb 1-1: Manufacturer: syz
[  447.345432][ T5923] usb 1-1: SerialNumber: syz
[  447.356456][T10359] binder: 10358:10359 ioctl 4018620d 0 returned -22
[  447.397789][ T5923] usb 1-1: config 0 descriptor??
[  447.590156][T10340] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1169'.
[  447.610873][ T5895] cp2112 0003:10C4:EA90.000A: item fetching failed at offset 5/7
[  447.635318][ T5895] cp2112 0003:10C4:EA90.000A: parse failed
[  447.641498][ T5895] cp2112 0003:10C4:EA90.000A: probe with driver cp2112 failed with error -22
[  448.264226][   T24] usb 2-1: USB disconnect, device number 15
[  448.741574][T10384] xt_nat: multiple ranges no longer supported
[  449.245696][   T24] libceph: connect (1)[c::]:6789 error -101
[  449.253617][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  449.264286][   T24] libceph: connect (1)[c::]:6789 error -101
[  449.273041][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  449.519220][T10383] ceph: No mds server is up or the cluster is laggy
[  449.542894][   T24] libceph: connect (1)[c::]:6789 error -101
[  449.559074][T10397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  449.567616][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  449.615598][T10397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  449.776484][T10397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  449.879477][T10397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.751911][T10413] binder: 10411:10413 ioctl 4018620d 0 returned -22
[  450.899350][T10419] netlink: 'syz.2.1191': attribute type 1 has an invalid length.
[  451.697218][T10419] 8021q: adding VLAN 0 to HW filter on device bond3
[  451.831419][T10419] trusted_key: encrypted_key: insufficient parameters specified
[  452.063792][T10420] 8021q: adding VLAN 0 to HW filter on device bond3
[  452.071182][T10420] bond3: (slave vxcan5): The slave device specified does not support setting the MAC address
[  452.083377][T10420] bond3: (slave vxcan5): Error -95 calling set_mac_address
[  452.311974][T10437] binder: 10432:10437 ioctl c0306201 200000000640 returned -22
[  453.884300][ T5923] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  453.938247][ T5923] gspca_sunplus: reg_w_riv err -32
[  453.944014][ T5923] sunplus 1-1:0.0: probe with driver sunplus failed with error -32
[  454.095286][T10460] binder: 10458:10460 ioctl 4018620d 0 returned -22
[  454.388911][ T5923] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  454.448287][T10469] mkiss: ax0: crc mode is auto.
[  454.616383][   T30] audit: type=1326 audit(1752683892.022:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.2.1204" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff44678e929 code=0x0
[  454.821940][ T5923] usb 2-1: Using ep0 maxpacket: 8
[  455.000070][ T5923] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  455.128929][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.175405][ T5923] usb 2-1: Product: syz
[  455.186211][ T5923] usb 2-1: Manufacturer: syz
[  455.209997][ T5923] usb 2-1: SerialNumber: syz
[  455.226910][ T5923] usb 2-1: config 0 descriptor??
[  455.261644][ T5923] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  455.318791][ T5923] usb 2-1: setting power ON
[  455.341052][ T5923] dvb-usb: bulk message failed: -22 (2/0)
[  455.390614][ T5923] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  455.418480][ T5923] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  455.455464][ T5923] usb 2-1: media controller created
[  455.471750][T10468] dvb-usb: bulk message failed: -22 (3/0)
[  455.477814][T10468] cxusb: i2c rd: len=138 is too big!
[  455.477814][T10468] 
[  455.564808][ T5923] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  455.713274][ T5923] usb 2-1: selecting invalid altsetting 6
[  455.729939][ T5923] usb 2-1: digital interface selection failed (-22)
[  455.756734][ T5923] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  455.779858][ T5923] usb 2-1: setting power OFF
[  455.784899][ T5923] dvb-usb: bulk message failed: -22 (2/0)
[  455.821825][ T5923] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  455.868905][ T5923] (NULL device *): no alternate interface
[  456.403053][ T5923] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  456.442614][ T5923] usb 2-1: USB disconnect, device number 16
[  456.742947][T10505] binder: 10504:10505 ioctl 4018620d 0 returned -22
[  456.783821][T10503] genirq: Flags mismatch irq 9. 00200000 (pcmmio) vs. 00002080 (acpi)
[  456.937300][T10509] FAULT_INJECTION: forcing a failure.
[  456.937300][T10509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.991100][T10509] CPU: 0 UID: 0 PID: 10509 Comm: syz.3.1218 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  456.991128][T10509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  456.991139][T10509] Call Trace:
[  456.991147][T10509]  <TASK>
[  456.991155][T10509]  dump_stack_lvl+0x189/0x250
[  456.991181][T10509]  ? __pfx____ratelimit+0x10/0x10
[  456.991206][T10509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  456.991225][T10509]  ? __pfx__printk+0x10/0x10
[  456.991268][T10509]  should_fail_ex+0x414/0x560
[  456.991297][T10509]  _copy_to_user+0x31/0xb0
[  456.991319][T10509]  simple_read_from_buffer+0xe1/0x170
[  456.991349][T10509]  proc_fail_nth_read+0x1df/0x250
[  456.991371][T10509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.991392][T10509]  ? rw_verify_area+0x258/0x650
[  456.991413][T10509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.991432][T10509]  vfs_read+0x200/0x980
[  456.991459][T10509]  ? __pfx___mutex_lock+0x10/0x10
[  456.991477][T10509]  ? __pfx_vfs_read+0x10/0x10
[  456.991499][T10509]  ? __fget_files+0x2a/0x420
[  456.991520][T10509]  ? __fget_files+0x3a0/0x420
[  456.991535][T10509]  ? __fget_files+0x2a/0x420
[  456.991560][T10509]  ksys_read+0x145/0x250
[  456.991585][T10509]  ? __pfx_ksys_read+0x10/0x10
[  456.991604][T10509]  ? rcu_is_watching+0x15/0xb0
[  456.991628][T10509]  ? do_syscall_64+0xbe/0x3b0
[  456.991648][T10509]  do_syscall_64+0xfa/0x3b0
[  456.991664][T10509]  ? lockdep_hardirqs_on+0x9c/0x150
[  456.991687][T10509]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.991704][T10509]  ? clear_bhb_loop+0x60/0xb0
[  456.991725][T10509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.991741][T10509] RIP: 0033:0x7fb26718d33c
[  456.991757][T10509] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  456.991772][T10509] RSP: 002b:00007fb267f52030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  456.991791][T10509] RAX: ffffffffffffffda RBX: 00007fb2673b5fa0 RCX: 00007fb26718d33c
[  456.991803][T10509] RDX: 000000000000000f RSI: 00007fb267f520a0 RDI: 0000000000000005
[  456.991814][T10509] RBP: 00007fb267f52090 R08: 0000000000000000 R09: 0000000000000000
[  456.991824][T10509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  456.991835][T10509] R13: 0000000000000000 R14: 00007fb2673b5fa0 R15: 00007fff94c5da18
[  456.991864][T10509]  </TASK>
[  457.229679][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.293212][ T5923] usb 1-1: USB disconnect, device number 28
[  459.370497][ T5170] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  459.551901][ T5170] usb 4-1: Using ep0 maxpacket: 16
[  459.639122][ T5170] usb 4-1: New USB device found, idVendor=0282, idProduct=00e6, bcdDevice=4e.06
[  459.668719][T10549] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  459.678708][ T5170] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.710623][ T5170] usb 4-1: Product: syz
[  459.714842][ T5170] usb 4-1: Manufacturer: syz
[  459.738882][ T5170] usb 4-1: SerialNumber: syz
[  459.844704][T10549] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  459.925941][ T5170] usb 4-1: config 0 descriptor??
[  460.143916][T10556] syz.1.1232: attempt to access beyond end of device
[  460.143916][T10556] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0
[  460.157236][T10556] hfs: can't find a HFS filesystem on dev nbd1
[  460.997011][T10565] syz.4.1233: attempt to access beyond end of device
[  460.997011][T10565] nbd4: rw=0, sector=2, nr_sectors = 1 limit=0
[  461.010302][T10565] hfs: can't find a HFS filesystem on dev nbd4
[  461.534471][ T5170] usb 4-1: USB disconnect, device number 25
[  467.075024][T10608] FAULT_INJECTION: forcing a failure.
[  467.075024][T10608] name failslab, interval 1, probability 0, space 0, times 0
[  467.088011][T10608] CPU: 0 UID: 0 PID: 10608 Comm: syz.1.1248 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  467.088035][T10608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  467.088045][T10608] Call Trace:
[  467.088051][T10608]  <TASK>
[  467.088055][T10608]  dump_stack_lvl+0x189/0x250
[  467.088073][T10608]  ? __pfx_dump_stack_lvl+0x10/0x10
[  467.088094][T10608]  should_fail_ex+0x414/0x560
[  467.088111][T10608]  should_failslab+0xa8/0x100
[  467.088125][T10608]  __kmalloc_noprof+0xcb/0x4f0
[  467.088138][T10608]  ? kfree+0x4d/0x440
[  467.088148][T10608]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  467.088161][T10608]  tomoyo_realpath_from_path+0xe3/0x5d0
[  467.088172][T10608]  ? tomoyo_domain+0xda/0x130
[  467.088185][T10608]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  467.088205][T10608]  tomoyo_path_number_perm+0x1e8/0x5a0
[  467.088219][T10608]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  467.088234][T10608]  ? __pfx___schedule+0x10/0x10
[  467.088247][T10608]  ? irqentry_exit+0x74/0x90
[  467.088265][T10608]  ? __lock_acquire+0xab9/0xd20
[  467.088285][T10608]  ? __fget_files+0x2a/0x420
[  467.088296][T10608]  ? __fget_files+0x2a/0x420
[  467.088304][T10608]  ? __fget_files+0x3a0/0x420
[  467.088312][T10608]  ? __fget_files+0x2a/0x420
[  467.088322][T10608]  security_file_ioctl+0xcb/0x2d0
[  467.088338][T10608]  __se_sys_ioctl+0x47/0x170
[  467.088351][T10608]  do_syscall_64+0xfa/0x3b0
[  467.088361][T10608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.088370][T10608]  ? asm_sysvec_call_function_single+0x1a/0x20
[  467.088380][T10608]  ? clear_bhb_loop+0x60/0xb0
[  467.088391][T10608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.088400][T10608] RIP: 0033:0x7f9465d8e929
[  467.088410][T10608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.088419][T10608] RSP: 002b:00007f9466b90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  467.088430][T10608] RAX: ffffffffffffffda RBX: 00007f9465fb6080 RCX: 00007f9465d8e929
[  467.088438][T10608] RDX: 0000200000000080 RSI: 0000000000005423 RDI: 0000000000000005
[  467.088444][T10608] RBP: 00007f9466b90090 R08: 0000000000000000 R09: 0000000000000000
[  467.088452][T10608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.088458][T10608] R13: 0000000000000000 R14: 00007f9465fb6080 R15: 00007ffca1b13c08
[  467.088474][T10608]  </TASK>
[  467.088497][T10608] ERROR: Out of memory at tomoyo_realpath_from_path.
[  467.531319][T10608] Falling back ldisc for ttyS3.
[  467.769359][   T24] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  467.978211][T10621] netlink: 4972 bytes leftover after parsing attributes in process `syz.2.1251'.
[  467.987802][T10621] openvswitch: netlink: Key type 223 is out of range max 32
[  468.393065][T10626] FAULT_INJECTION: forcing a failure.
[  468.393065][T10626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  468.437958][T10626] CPU: 1 UID: 0 PID: 10626 Comm: syz.4.1253 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  468.437984][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.437995][T10626] Call Trace:
[  468.438002][T10626]  <TASK>
[  468.438010][T10626]  dump_stack_lvl+0x189/0x250
[  468.438032][T10626]  ? __pfx____ratelimit+0x10/0x10
[  468.438055][T10626]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.438072][T10626]  ? __pfx__printk+0x10/0x10
[  468.438104][T10626]  should_fail_ex+0x414/0x560
[  468.438133][T10626]  _copy_to_user+0x31/0xb0
[  468.438162][T10626]  simple_read_from_buffer+0xe1/0x170
[  468.438190][T10626]  proc_fail_nth_read+0x1df/0x250
[  468.438210][T10626]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  468.438229][T10626]  ? rw_verify_area+0x258/0x650
[  468.438250][T10626]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  468.438270][T10626]  vfs_read+0x200/0x980
[  468.438296][T10626]  ? __pfx___mutex_lock+0x10/0x10
[  468.438314][T10626]  ? __pfx_vfs_read+0x10/0x10
[  468.438341][T10626]  ? __fget_files+0x2a/0x420
[  468.438363][T10626]  ? __fget_files+0x3a0/0x420
[  468.438377][T10626]  ? __fget_files+0x2a/0x420
[  468.438402][T10626]  ksys_read+0x145/0x250
[  468.438420][T10626]  ? __fget_files+0x3a0/0x420
[  468.438437][T10626]  ? __pfx_ksys_read+0x10/0x10
[  468.438463][T10626]  ? do_syscall_64+0xbe/0x3b0
[  468.438484][T10626]  do_syscall_64+0xfa/0x3b0
[  468.438499][T10626]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.438522][T10626]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.438539][T10626]  ? clear_bhb_loop+0x60/0xb0
[  468.438559][T10626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.438575][T10626] RIP: 0033:0x7f1ca098d33c
[  468.438591][T10626] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  468.438605][T10626] RSP: 002b:00007f1ca17a8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  468.438624][T10626] RAX: ffffffffffffffda RBX: 00007f1ca0bb5fa0 RCX: 00007f1ca098d33c
[  468.438637][T10626] RDX: 000000000000000f RSI: 00007f1ca17a80a0 RDI: 0000000000000005
[  468.438648][T10626] RBP: 00007f1ca17a8090 R08: 0000000000000000 R09: 0000000000000000
[  468.438658][T10626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  468.438668][T10626] R13: 0000000000000000 R14: 00007f1ca0bb5fa0 R15: 00007ffe042fa8f8
[  468.438697][T10626]  </TASK>
[  469.539409][   T24] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  469.700969][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.737348][   T24] usb 4-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  469.778324][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.809802][   T24] usb 4-1: config 0 descriptor??
[  470.162762][T10658] FAULT_INJECTION: forcing a failure.
[  470.162762][T10658] name failslab, interval 1, probability 0, space 0, times 0
[  470.175508][T10658] CPU: 0 UID: 0 PID: 10658 Comm: syz.2.1260 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  470.175533][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.175544][T10658] Call Trace:
[  470.175554][T10658]  <TASK>
[  470.175563][T10658]  dump_stack_lvl+0x189/0x250
[  470.175588][T10658]  ? __pfx____ratelimit+0x10/0x10
[  470.175612][T10658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  470.175631][T10658]  ? __pfx__printk+0x10/0x10
[  470.175655][T10658]  ? __pfx___might_resched+0x10/0x10
[  470.175674][T10658]  ? fs_reclaim_acquire+0x7d/0x100
[  470.175697][T10658]  should_fail_ex+0x414/0x560
[  470.175726][T10658]  should_failslab+0xa8/0x100
[  470.175752][T10658]  __kmalloc_noprof+0xcb/0x4f0
[  470.175775][T10658]  ? tomoyo_encode+0x28b/0x550
[  470.175798][T10658]  tomoyo_encode+0x28b/0x550
[  470.175822][T10658]  tomoyo_realpath_from_path+0x58d/0x5d0
[  470.175843][T10658]  ? tomoyo_domain+0xda/0x130
[  470.175867][T10658]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  470.175890][T10658]  tomoyo_path_number_perm+0x1e8/0x5a0
[  470.175917][T10658]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  470.175939][T10658]  ? rcu_is_watching+0x15/0xb0
[  470.175957][T10658]  ? trace_sched_exit_tp+0x38/0x120
[  470.175981][T10658]  ? __schedule+0x16c0/0x4cb0
[  470.176014][T10658]  ? __lock_acquire+0xab9/0xd20
[  470.176052][T10658]  ? __fget_files+0x2a/0x420
[  470.176071][T10658]  ? __fget_files+0x2a/0x420
[  470.176086][T10658]  ? __fget_files+0x3a0/0x420
[  470.176100][T10658]  ? __fget_files+0x2a/0x420
[  470.176121][T10658]  security_file_ioctl+0xcb/0x2d0
[  470.176148][T10658]  __se_sys_ioctl+0x47/0x170
[  470.176173][T10658]  do_syscall_64+0xfa/0x3b0
[  470.176192][T10658]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.176214][T10658]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  470.176230][T10658]  ? clear_bhb_loop+0x60/0xb0
[  470.176251][T10658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.176268][T10658] RIP: 0033:0x7ff44678e929
[  470.176285][T10658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.176299][T10658] RSP: 002b:00007ff447545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  470.176319][T10658] RAX: ffffffffffffffda RBX: 00007ff4469b6160 RCX: 00007ff44678e929
[  470.176331][T10658] RDX: 0000200000000200 RSI: 0000000000008946 RDI: 0000000000000006
[  470.176343][T10658] RBP: 00007ff447545090 R08: 0000000000000000 R09: 0000000000000000
[  470.176354][T10658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.176365][T10658] R13: 0000000000000000 R14: 00007ff4469b6160 R15: 00007fff3de75278
[  470.176395][T10658]  </TASK>
[  470.176458][T10658] ERROR: Out of memory at tomoyo_realpath_from_path.
[  470.974177][T10622] misc userio: No port type given on /dev/userio
[  471.206626][T10659] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1261'.
[  471.269415][T10631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.300585][T10631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.555605][T10631] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0)
[  472.162958][T10664] block device autoloading is deprecated and will be removed.
[  472.795483][T10689] syz.2.1265: attempt to access beyond end of device
[  472.795483][T10689] nbd2: rw=0, sector=2, nr_sectors = 1 limit=0
[  472.808668][T10689] hfs: can't find a HFS filesystem on dev nbd2
[  473.517518][   T24] razer 0003:1532:010E.000B: failed to enable macro keys: -71
[  473.604216][   T24] razer 0003:1532:010E.000B: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.3-1/input0
[  473.663142][   T24] usb 4-1: USB disconnect, device number 27
[  473.772088][ T1209] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  473.947467][T10705] fido_id[10705]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  474.029098][ T1209] usb 2-1: device descriptor read/64, error -71
[  474.828953][ T1209] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  475.088908][ T1209] usb 2-1: device descriptor read/64, error -71
[  475.230030][ T1209] usb usb2-port1: attempt power cycle
[  475.348546][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1276'.
[  476.181797][ T1209] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  476.449407][ T1209] usb 2-1: device descriptor read/8, error -71
[  476.641433][T10737] netlink: 'syz.4.1280': attribute type 39 has an invalid length.
[  478.371362][T10767] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1289'.
[  478.407204][T10771] FAULT_INJECTION: forcing a failure.
[  478.407204][T10771] name failslab, interval 1, probability 0, space 0, times 0
[  478.469020][T10771] CPU: 0 UID: 0 PID: 10771 Comm: syz.3.1290 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  478.469046][T10771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  478.469055][T10771] Call Trace:
[  478.469063][T10771]  <TASK>
[  478.469070][T10771]  dump_stack_lvl+0x189/0x250
[  478.469094][T10771]  ? __pfx____ratelimit+0x10/0x10
[  478.469121][T10771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  478.469138][T10771]  ? __pfx__printk+0x10/0x10
[  478.469162][T10771]  ? __pfx___might_resched+0x10/0x10
[  478.469188][T10771]  ? fs_reclaim_acquire+0x7d/0x100
[  478.469210][T10771]  should_fail_ex+0x414/0x560
[  478.469238][T10771]  should_failslab+0xa8/0x100
[  478.469263][T10771]  __kmalloc_noprof+0xcb/0x4f0
[  478.469284][T10771]  ? tomoyo_encode+0x28b/0x550
[  478.469306][T10771]  tomoyo_encode+0x28b/0x550
[  478.469330][T10771]  tomoyo_realpath_from_path+0x58d/0x5d0
[  478.469350][T10771]  ? tomoyo_domain+0xda/0x130
[  478.469374][T10771]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  478.469397][T10771]  tomoyo_path_number_perm+0x1e8/0x5a0
[  478.469422][T10771]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  478.469449][T10771]  ? __pfx_css_rstat_updated+0x10/0x10
[  478.469478][T10771]  ? __lock_acquire+0xab9/0xd20
[  478.469516][T10771]  ? __fget_files+0x2a/0x420
[  478.469535][T10771]  ? __fget_files+0x2a/0x420
[  478.469549][T10771]  ? __fget_files+0x3a0/0x420
[  478.469563][T10771]  ? __fget_files+0x2a/0x420
[  478.469580][T10771]  security_file_ioctl+0xcb/0x2d0
[  478.469603][T10771]  __se_sys_ioctl+0x47/0x170
[  478.469627][T10771]  do_syscall_64+0xfa/0x3b0
[  478.469642][T10771]  ? lockdep_hardirqs_on+0x9c/0x150
[  478.469662][T10771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.469678][T10771]  ? clear_bhb_loop+0x60/0xb0
[  478.469698][T10771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.469714][T10771] RIP: 0033:0x7fb26718e52b
[  478.469730][T10771] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  478.469745][T10771] RSP: 002b:00007fb267f50490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  478.469764][T10771] RAX: ffffffffffffffda RBX: 00007fb267f50be0 RCX: 00007fb26718e52b
[  478.469777][T10771] RDX: 00007fb267f50be0 RSI: 000000004020ae46 RDI: 0000000000000004
[  478.469788][T10771] RBP: 0000000000000004 R08: 000000000aaaacb1 R09: 0000000000000000
[  478.469798][T10771] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  478.469808][T10771] R13: 0000200000fe9000 R14: 0000200000fe8000 R15: 00000000fec00000
[  478.469838][T10771]  </TASK>
[  478.469884][T10771] ERROR: Out of memory at tomoyo_realpath_from_path.
[  478.669825][    C0] vkms_vblank_simulate: vblank timer overrun
[  478.753371][T10779] bond0: entered promiscuous mode
[  478.784945][T10779] bond_slave_0: entered promiscuous mode
[  478.815242][T10779] bond_slave_1: entered promiscuous mode
[  478.837209][T10779] bond0: entered allmulticast mode
[  478.842695][T10779] bond_slave_0: entered allmulticast mode
[  478.848534][T10779] bond_slave_1: entered allmulticast mode
[  479.659848][ T5902] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  479.825575][ T5902] usb 1-1: config 160 has an invalid interface number: 200 but max is 0
[  479.859647][ T5902] usb 1-1: config 160 has no interface number 0
[  479.888920][ T5902] usb 1-1: config 160 interface 200 has no altsetting 0
[  479.928554][ T5902] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  479.942980][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.029058][ T5902] usb 1-1: Product: syz
[  480.033279][ T5902] usb 1-1: Manufacturer: syz
[  480.054200][ T5902] usb 1-1: SerialNumber: syz
[  480.118786][T10809] FAULT_INJECTION: forcing a failure.
[  480.118786][T10809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.152110][T10809] CPU: 1 UID: 0 PID: 10809 Comm: syz.1.1299 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  480.152139][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.152150][T10809] Call Trace:
[  480.152157][T10809]  <TASK>
[  480.152165][T10809]  dump_stack_lvl+0x189/0x250
[  480.152188][T10809]  ? __pfx____ratelimit+0x10/0x10
[  480.152211][T10809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  480.152229][T10809]  ? __pfx__printk+0x10/0x10
[  480.152249][T10809]  ? __might_fault+0xb0/0x130
[  480.152281][T10809]  should_fail_ex+0x414/0x560
[  480.152310][T10809]  _copy_from_user+0x2d/0xb0
[  480.152331][T10809]  __snd_timer_user_ioctl+0x565/0x3ff0
[  480.152362][T10809]  ? register_lock_class+0x51/0x320
[  480.152382][T10809]  ? __pfx___snd_timer_user_ioctl+0x10/0x10
[  480.152406][T10809]  ? __lock_acquire+0xab9/0xd20
[  480.152429][T10809]  ? __mutex_trylock_common+0x153/0x260
[  480.152452][T10809]  ? __pfx___mutex_trylock_common+0x10/0x10
[  480.152476][T10809]  ? rcu_is_watching+0x15/0xb0
[  480.152494][T10809]  ? trace_contention_end+0x39/0x120
[  480.152511][T10809]  ? __mutex_lock+0x330/0xe80
[  480.152529][T10809]  ? smk_tskacc+0x2fc/0x370
[  480.152551][T10809]  ? snd_timer_user_ioctl+0x4b/0x80
[  480.152589][T10809]  ? __fget_files+0x2a/0x420
[  480.152603][T10809]  ? __fget_files+0x3a0/0x420
[  480.152617][T10809]  ? __fget_files+0x2a/0x420
[  480.152634][T10809]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  480.152657][T10809]  snd_timer_user_ioctl+0x5a/0x80
[  480.152682][T10809]  __se_sys_ioctl+0xfc/0x170
[  480.152706][T10809]  do_syscall_64+0xfa/0x3b0
[  480.152721][T10809]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.152745][T10809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.152762][T10809]  ? clear_bhb_loop+0x60/0xb0
[  480.152782][T10809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.152798][T10809] RIP: 0033:0x7f9465d8e929
[  480.152815][T10809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.152830][T10809] RSP: 002b:00007f9466bb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  480.152849][T10809] RAX: ffffffffffffffda RBX: 00007f9465fb5fa0 RCX: 00007f9465d8e929
[  480.152862][T10809] RDX: 0000200000000040 RSI: 0000000040485404 RDI: 0000000000000004
[  480.152873][T10809] RBP: 00007f9466bb1090 R08: 0000000000000000 R09: 0000000000000000
[  480.152883][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.152894][T10809] R13: 0000000000000000 R14: 00007f9465fb5fa0 R15: 00007ffca1b13c08
[  480.152923][T10809]  </TASK>
[  480.448591][ T5902] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  480.455708][ T5902] usb 1-1: MIDIStreaming interface descriptor not found
[  480.679188][ T5902] usb 1-1: USB disconnect, device number 29
[  480.755794][ T7598] udevd[7598]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  481.417163][T10820] lo speed is unknown, defaulting to 1000
[  481.538962][ T5902] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  482.251059][ T5902] usb 4-1: config 0 has an invalid interface number: 200 but max is 0
[  482.301837][ T5902] usb 4-1: config 0 has no interface number 0
[  482.308002][ T5902] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=91.6f
[  482.317844][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.372389][ T5902] usb 4-1: config 0 descriptor??
[  483.969247][ T5902] RobotFuzz Open Source InterFace, OSIF 4-1:0.200: failure sending bit rate
[  483.982988][ T5902] RobotFuzz Open Source InterFace, OSIF 4-1:0.200: probe with driver RobotFuzz Open Source InterFace, OSIF failed with error -71
[  484.147972][ T5902] usb 4-1: USB disconnect, device number 28
[  484.468920][ T5923] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  484.739059][ T5923] usb 5-1: Using ep0 maxpacket: 32
[  484.759264][T10849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1307'.
[  485.414079][ T5923] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice= e.22
[  485.429609][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  485.437930][ T5923] usb 5-1: Product: syz
[  485.467063][ T5923] usb 5-1: Manufacturer: syz
[  485.483247][ T5923] usb 5-1: SerialNumber: syz
[  485.667197][ T5923] usb 5-1: config 0 descriptor??
[  486.333319][ T5923] usb 5-1: selecting invalid altsetting 3
[  486.362534][ T5923] comedi comedi5: could not set alternate setting 3 in high speed
[  486.392913][ T5923] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device.
[  486.560129][ T5923] usbdux 5-1:0.0: probe with driver usbdux failed with error -22
[  486.755777][T10872] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1315'.
[  487.193556][ T5866] usb 5-1: USB disconnect, device number 26
[  487.238919][   T10] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  487.264623][T10878] FAULT_INJECTION: forcing a failure.
[  487.264623][T10878] name failslab, interval 1, probability 0, space 0, times 0
[  487.277571][T10880] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1317'.
[  487.277590][T10878] CPU: 0 UID: 0 PID: 10878 Comm: syz.0.1316 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  487.277609][T10878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  487.277618][T10878] Call Trace:
[  487.277625][T10878]  <TASK>
[  487.277633][T10878]  dump_stack_lvl+0x189/0x250
[  487.277657][T10878]  ? __pfx____ratelimit+0x10/0x10
[  487.277681][T10878]  ? __pfx_dump_stack_lvl+0x10/0x10
[  487.277700][T10878]  ? __pfx__printk+0x10/0x10
[  487.277726][T10878]  ? __pfx___might_resched+0x10/0x10
[  487.277742][T10878]  ? fs_reclaim_acquire+0x7d/0x100
[  487.277764][T10878]  should_fail_ex+0x414/0x560
[  487.277791][T10878]  should_failslab+0xa8/0x100
[  487.277816][T10878]  __kmalloc_cache_noprof+0x70/0x3d0
[  487.277838][T10878]  ? __se_sys_mount+0x165/0x410
[  487.277851][T10878]  ? memdup_user+0x99/0xd0
[  487.277873][T10878]  __se_sys_mount+0x165/0x410
[  487.277894][T10878]  ? __pfx___se_sys_mount+0x10/0x10
[  487.277908][T10878]  ? rcu_is_watching+0x15/0xb0
[  487.277940][T10878]  ? do_syscall_64+0xbe/0x3b0
[  487.277955][T10878]  ? __x64_sys_mount+0x20/0xc0
[  487.277972][T10878]  do_syscall_64+0xfa/0x3b0
[  487.277987][T10878]  ? lockdep_hardirqs_on+0x9c/0x150
[  487.278009][T10878]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.278026][T10878]  ? clear_bhb_loop+0x60/0xb0
[  487.278046][T10878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.278062][T10878] RIP: 0033:0x7fdb2c58e929
[  487.278077][T10878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.278091][T10878] RSP: 002b:00007fdb2d4a0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  487.278110][T10878] RAX: ffffffffffffffda RBX: 00007fdb2c7b6160 RCX: 00007fdb2c58e929
[  487.278122][T10878] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[  487.278133][T10878] RBP: 00007fdb2d4a0090 R08: 0000200000000180 R09: 0000000000000000
[  487.278144][T10878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.278154][T10878] R13: 0000000000000000 R14: 00007fdb2c7b6160 R15: 00007ffdbe997008
[  487.278181][T10878]  </TASK>
[  487.399053][   T10] usb 2-1: device descriptor read/64, error -71
[  487.410218][T10882] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1317'.
[  487.649339][   T10] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  487.788964][   T10] usb 2-1: device descriptor read/64, error -71
[  488.068417][   T10] usb usb2-port1: attempt power cycle
[  488.620779][   T10] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  488.654414][   T10] usb 2-1: device descriptor read/8, error -71
[  488.919058][   T10] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  489.161972][   T10] usb 2-1: device descriptor read/8, error -71
[  489.229369][ T5902] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  489.289380][ T5923] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  489.305524][   T10] usb usb2-port1: unable to enumerate USB device
[  489.439188][ T5902] usb 1-1: Using ep0 maxpacket: 8
[  489.551234][ T5923] usb 5-1: config 0 has an invalid interface number: 200 but max is 0
[  489.556520][ T5902] usb 1-1: config 0 has an invalid interface number: 200 but max is 0
[  489.578935][ T5902] usb 1-1: config 0 has no interface number 0
[  489.585136][ T5902] usb 1-1: config 0 interface 200 has no altsetting 0
[  489.607332][ T5923] usb 5-1: config 0 has no interface number 0
[  489.613784][ T5902] usb 1-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  489.637760][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.667956][ T5923] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=91.6f
[  489.680311][ T5902] usb 1-1: Product: syz
[  489.684540][ T5902] usb 1-1: Manufacturer: syz
[  489.693269][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.720596][ T5923] usb 5-1: config 0 descriptor??
[  489.728911][ T5902] usb 1-1: SerialNumber: syz
[  489.740653][ T5902] usb 1-1: config 0 descriptor??
[  490.093903][T10901] bridge1: the hash_elasticity option has been deprecated and is always 16
[  490.148899][T10914] binder: 10913:10914 ioctl 4018620d 0 returned -22
[  490.172210][T10901] bridge1: entered promiscuous mode
[  490.194009][T10901] bridge1: entered allmulticast mode
[  490.337019][ T5902] input: Hanwang Art Master III 0906 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.200/input/input9
[  490.577511][ T5902] usb 1-1: USB disconnect, device number 30
[  490.626882][T10924] openvswitch: netlink: IP tunnel dst address not specified
[  490.845298][T10927] sctp: [Deprecated]: syz.1.1331 (pid 10927) Use of int in max_burst socket option.
[  490.845298][T10927] Use struct sctp_assoc_value instead
[  490.922719][T10927] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1331'.
[  491.543525][ T5923] RobotFuzz Open Source InterFace, OSIF 5-1:0.200: failure sending bit rate
[  491.553432][ T5923] RobotFuzz Open Source InterFace, OSIF 5-1:0.200: probe with driver RobotFuzz Open Source InterFace, OSIF failed with error -71
[  491.573893][ T5923] usb 5-1: USB disconnect, device number 27
[  494.623251][T10982] FAULT_INJECTION: forcing a failure.
[  494.623251][T10982] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  494.636795][T10982] CPU: 1 UID: 0 PID: 10982 Comm: syz.4.1345 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  494.636818][T10982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  494.636829][T10982] Call Trace:
[  494.636836][T10982]  <TASK>
[  494.636844][T10982]  dump_stack_lvl+0x189/0x250
[  494.636868][T10982]  ? __pfx____ratelimit+0x10/0x10
[  494.636892][T10982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  494.636911][T10982]  ? __pfx__printk+0x10/0x10
[  494.636934][T10982]  ? fs_reclaim_acquire+0x7d/0x100
[  494.636960][T10982]  should_fail_ex+0x414/0x560
[  494.636989][T10982]  prepare_alloc_pages+0x213/0x610
[  494.637014][T10982]  __alloc_frozen_pages_noprof+0x123/0x370
[  494.637037][T10982]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  494.637072][T10982]  alloc_pages_mpol+0x232/0x4a0
[  494.637103][T10982]  alloc_pages_noprof+0xa9/0x190
[  494.637128][T10982]  folio_alloc_noprof+0x1e/0x30
[  494.637151][T10982]  filemap_alloc_folio_noprof+0xdf/0x470
[  494.637175][T10982]  ? filemap_get_read_batch+0xc4/0x7b0
[  494.637192][T10982]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  494.637218][T10982]  ? page_cache_sync_ra+0x2d6/0xae0
[  494.637247][T10982]  filemap_get_pages+0xa90/0x1ea0
[  494.637297][T10982]  ? __pfx_filemap_get_pages+0x10/0x10
[  494.637320][T10982]  ? stack_trace_save+0x9c/0xe0
[  494.637344][T10982]  ? __pfx___might_resched+0x10/0x10
[  494.637379][T10982]  filemap_splice_read+0x4fc/0xbc0
[  494.637423][T10982]  ? __pfx_filemap_splice_read+0x10/0x10
[  494.637470][T10982]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  494.637500][T10982]  ? alloc_pipe_info+0x374/0x4d0
[  494.637523][T10982]  ? __pfx_filemap_splice_read+0x10/0x10
[  494.637561][T10982]  splice_direct_to_actor+0x4a6/0xcc0
[  494.637604][T10982]  ? __pfx_direct_splice_actor+0x10/0x10
[  494.637625][T10982]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  494.637667][T10982]  do_splice_direct+0x181/0x270
[  494.637693][T10982]  ? __pfx_do_splice_direct+0x10/0x10
[  494.637717][T10982]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  494.637740][T10982]  ? rw_verify_area+0x258/0x650
[  494.637766][T10982]  do_sendfile+0x4da/0x7e0
[  494.637784][T10982]  ? __pfx_vfs_write+0x10/0x10
[  494.637810][T10982]  ? __pfx_do_sendfile+0x10/0x10
[  494.637828][T10982]  ? __fget_files+0x3a0/0x420
[  494.637854][T10982]  __se_sys_sendfile64+0x13e/0x190
[  494.637873][T10982]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  494.637888][T10982]  ? rcu_is_watching+0x15/0xb0
[  494.637910][T10982]  ? do_syscall_64+0xbe/0x3b0
[  494.637931][T10982]  do_syscall_64+0xfa/0x3b0
[  494.637946][T10982]  ? lockdep_hardirqs_on+0x9c/0x150
[  494.637969][T10982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.637985][T10982]  ? clear_bhb_loop+0x60/0xb0
[  494.638006][T10982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.638022][T10982] RIP: 0033:0x7f1ca098e929
[  494.638038][T10982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.638052][T10982] RSP: 002b:00007f1ca1766038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  494.638071][T10982] RAX: ffffffffffffffda RBX: 00007f1ca0bb6160 RCX: 00007f1ca098e929
[  494.638083][T10982] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  494.638093][T10982] RBP: 00007f1ca1766090 R08: 0000000000000000 R09: 0000000000000000
[  494.638103][T10982] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  494.638114][T10982] R13: 0000000000000000 R14: 00007f1ca0bb6160 R15: 00007ffe042fa8f8
[  494.638143][T10982]  </TASK>
[  496.359032][ T5895] usb 4-1: new low-speed USB device number 29 using dummy_hcd
[  496.680867][ T5895] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  496.695411][ T5895] usb 4-1: config 0 has no interface number 0
[  496.702869][ T5895] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  496.753827][ T5895] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  497.474795][ T5895] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  497.494293][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.530176][ T5895] usb 4-1: config 0 descriptor??
[  497.746328][T10989] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  497.791221][ T5895] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  497.793576][T11015] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1357'.
[  498.434156][ T5866] usb 4-1: USB disconnect, device number 29
[  498.497938][T11017] delete_channel: no stack
[  499.578975][ T5866] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  499.748974][ T5866] usb 4-1: Using ep0 maxpacket: 16
[  499.768933][ T5866] usb 4-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice= 6.8a
[  499.801560][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.834201][ T5866] usb 4-1: Product: syz
[  499.921147][ T5866] usb 4-1: Manufacturer: syz
[  499.925767][ T5866] usb 4-1: SerialNumber: syz
[  500.340759][ T5866] usb 4-1: config 0 descriptor??
[  500.564101][ T5866] mcba_usb 4-1:0.0: Can't find endpoints
[  500.592902][ T5866] usb 4-1: USB disconnect, device number 30
[  501.472359][T11071] 9pnet: p9_errstr2errno: server reported unknown error 18446
[  501.545700][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.552245][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  501.669438][T11073] kernel read not supported for file / 
œÏüÔ¢W)ëS“§Ç-ë (pid: 11073 comm: syz.0.1374)
[  501.849094][   T30] audit: type=1800 audit(1752683939.272:137): pid=11073 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1374" name=20019CCFFCD4A25729EB5393A7C72DEB dev="mqueue" ino=29892 res=0 errno=0
[  503.170921][ T5895] usb 2-1: new low-speed USB device number 25 using dummy_hcd
[  503.445091][ T5895] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  503.468924][ T5895] usb 2-1: config 0 has no interface number 0
[  503.495511][ T5895] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  503.547935][ T5895] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  503.592645][ T5895] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  503.629156][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.662468][ T5895] usb 2-1: config 0 descriptor??
[  503.668492][T11085] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  503.700090][ T5895] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  503.953458][ T5923] usb 2-1: USB disconnect, device number 25
[  504.246960][T11104] FAULT_INJECTION: forcing a failure.
[  504.246960][T11104] name failslab, interval 1, probability 0, space 0, times 0
[  504.259847][T11104] CPU: 1 UID: 0 PID: 11104 Comm: syz.2.1385 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  504.259872][T11104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  504.259883][T11104] Call Trace:
[  504.259891][T11104]  <TASK>
[  504.259899][T11104]  dump_stack_lvl+0x189/0x250
[  504.259925][T11104]  ? __pfx____ratelimit+0x10/0x10
[  504.259950][T11104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.259970][T11104]  ? __pfx__printk+0x10/0x10
[  504.260005][T11104]  ? __pfx___might_resched+0x10/0x10
[  504.260023][T11104]  ? fs_reclaim_acquire+0x7d/0x100
[  504.260046][T11104]  should_fail_ex+0x414/0x560
[  504.260075][T11104]  should_failslab+0xa8/0x100
[  504.260100][T11104]  __kmalloc_cache_noprof+0x70/0x3d0
[  504.260123][T11104]  ? __request_module+0x2b5/0x5e0
[  504.260146][T11104]  __request_module+0x2b5/0x5e0
[  504.260166][T11104]  ? inet6_create+0x71/0x12a0
[  504.260184][T11104]  ? __pfx___request_module+0x10/0x10
[  504.260217][T11104]  ? inet6_create+0x71/0x12a0
[  504.260238][T11104]  inet6_create+0x459/0x12a0
[  504.260254][T11104]  ? inet6_create+0x71/0x12a0
[  504.260277][T11104]  __sock_create+0x4b0/0x9f0
[  504.260303][T11104]  __sys_socket+0xd7/0x1b0
[  504.260323][T11104]  __x64_sys_socket+0x7a/0x90
[  504.260341][T11104]  do_syscall_64+0xfa/0x3b0
[  504.260357][T11104]  ? lockdep_hardirqs_on+0x9c/0x150
[  504.260381][T11104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.260399][T11104]  ? clear_bhb_loop+0x60/0xb0
[  504.260419][T11104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.260436][T11104] RIP: 0033:0x7ff44678e929
[  504.260452][T11104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.260466][T11104] RSP: 002b:00007ff447587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  504.260485][T11104] RAX: ffffffffffffffda RBX: 00007ff4469b5fa0 RCX: 00007ff44678e929
[  504.260498][T11104] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 000000000000000a
[  504.260508][T11104] RBP: 00007ff447587090 R08: 0000000000000000 R09: 0000000000000000
[  504.260519][T11104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.260531][T11104] R13: 0000000000000000 R14: 00007ff4469b5fa0 R15: 00007fff3de75278
[  504.260560][T11104]  </TASK>
[  504.490177][    C1] vkms_vblank_simulate: vblank timer overrun
[  504.504874][T11113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1385'.
[  504.979260][ T5923] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  505.189114][ T5923] usb 5-1: Using ep0 maxpacket: 8
[  505.214219][ T5923] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  505.253446][ T5923] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  505.274976][T11131] FAULT_INJECTION: forcing a failure.
[  505.274976][T11131] name failslab, interval 1, probability 0, space 0, times 0
[  505.298173][ T5923] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  505.325109][T11131] CPU: 0 UID: 0 PID: 11131 Comm: syz.0.1391 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  505.325136][T11131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.325146][T11131] Call Trace:
[  505.325153][T11131]  <TASK>
[  505.325162][T11131]  dump_stack_lvl+0x189/0x250
[  505.325187][T11131]  ? __pfx____ratelimit+0x10/0x10
[  505.325212][T11131]  ? __pfx_dump_stack_lvl+0x10/0x10
[  505.325232][T11131]  ? __pfx__printk+0x10/0x10
[  505.325256][T11131]  ? __pfx___might_resched+0x10/0x10
[  505.325276][T11131]  ? fs_reclaim_acquire+0x7d/0x100
[  505.325299][T11131]  should_fail_ex+0x414/0x560
[  505.325328][T11131]  should_failslab+0xa8/0x100
[  505.325354][T11131]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  505.325377][T11131]  ? uinput_write+0x539/0xfc0
[  505.325400][T11131]  ? uinput_write+0x54d/0xfc0
[  505.325421][T11131]  ? rcu_is_watching+0x15/0xb0
[  505.325444][T11131]  kstrndup+0x80/0x160
[  505.325465][T11131]  uinput_write+0x54d/0xfc0
[  505.325498][T11131]  ? __pfx_uinput_write+0x10/0x10
[  505.325524][T11131]  ? bpf_lsm_file_permission+0x9/0x20
[  505.325540][T11131]  ? security_file_permission+0x75/0x290
[  505.325565][T11131]  ? rw_verify_area+0x258/0x650
[  505.325586][T11131]  ? __pfx_uinput_write+0x10/0x10
[  505.325612][T11131]  vfs_write+0x27e/0xa90
[  505.325642][T11131]  ? __pfx_vfs_write+0x10/0x10
[  505.325667][T11131]  ? __fget_files+0x2a/0x420
[  505.325686][T11131]  ? __fget_files+0x2a/0x420
[  505.325701][T11131]  ? __fget_files+0x3a0/0x420
[  505.325715][T11131]  ? __fget_files+0x2a/0x420
[  505.325741][T11131]  ksys_write+0x145/0x250
[  505.325766][T11131]  ? __pfx_ksys_write+0x10/0x10
[  505.325785][T11131]  ? rcu_is_watching+0x15/0xb0
[  505.325809][T11131]  ? do_syscall_64+0xbe/0x3b0
[  505.325831][T11131]  do_syscall_64+0xfa/0x3b0
[  505.325846][T11131]  ? lockdep_hardirqs_on+0x9c/0x150
[  505.325869][T11131]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.325892][T11131]  ? clear_bhb_loop+0x60/0xb0
[  505.325913][T11131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.325930][T11131] RIP: 0033:0x7fdb2c58e929
[  505.325945][T11131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.325960][T11131] RSP: 002b:00007fdb2d4e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  505.325980][T11131] RAX: ffffffffffffffda RBX: 00007fdb2c7b5fa0 RCX: 00007fdb2c58e929
[  505.325993][T11131] RDX: 000000000000045c RSI: 0000200000000380 RDI: 0000000000000003
[  505.326004][T11131] RBP: 00007fdb2d4e2090 R08: 0000000000000000 R09: 0000000000000000
[  505.326014][T11131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.326024][T11131] R13: 0000000000000000 R14: 00007fdb2c7b5fa0 R15: 00007ffdbe997008
[  505.326055][T11131]  </TASK>
[  505.848948][ T5923] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  505.861239][ T5923] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  505.878919][ T5923] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  505.888890][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.423244][ T5923] usb 5-1: usb_control_msg returned -32
[  506.435861][ T5923] usbtmc 5-1:16.0: can't read capabilities
[  506.529628][T11142] sctp: [Deprecated]: syz.1.1392 (pid 11142) Use of int in max_burst socket option.
[  506.529628][T11142] Use struct sctp_assoc_value instead
[  507.905590][ T5170] usb 5-1: USB disconnect, device number 28
[  508.278967][ T5923] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  508.439139][ T5923] usb 1-1: Using ep0 maxpacket: 32
[  508.456542][ T5923] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  508.475228][ T5923] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  508.489033][ T5895] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  508.517253][ T5923] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  508.548869][ T5923] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  508.573468][ T5170] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  508.579770][ T5923] usb 1-1: config 0 interface 0 has no altsetting 0
[  508.702231][ T5923] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  508.719019][ T5923] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  508.739898][ T5170] usb 2-1: Using ep0 maxpacket: 16
[  508.746128][ T5895] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  508.755996][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.764509][ T5923] usb 1-1: Product: syz
[  508.767567][ T5170] usb 2-1: config 5 has an invalid interface number: 206 but max is 0
[  508.769196][ T5923] usb 1-1: Manufacturer: syz
[  508.785547][ T5895] usb 5-1: config 0 descriptor??
[  508.803016][ T5170] usb 2-1: config 5 has no interface number 0
[  508.807193][ T5923] usb 1-1: SerialNumber: syz
[  508.824958][ T5170] usb 2-1: config 5 interface 206 has no altsetting 0
[  508.828379][ T5923] usb 1-1: config 0 descriptor??
[  508.846575][ T5923] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  508.854379][ T5170] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=60.44
[  508.865221][ T5923] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  508.882117][ T5170] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.899258][ T5170] usb 2-1: Product: syz
[  508.908870][ T5170] usb 2-1: Manufacturer: syz
[  508.913518][ T5170] usb 2-1: SerialNumber: syz
[  509.002147][ T5895] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  509.156811][ T5170] usb_ehset_test 2-1:5.206: probe with driver usb_ehset_test failed with error -32
[  509.235778][ T5170] usb 2-1: USB disconnect, device number 26
[  509.272282][T11156] ldusb 1-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  509.276378][ T5895] [drm:udl_init] *ERROR* Selecting channel failed
[  509.323957][   T24] usb 1-1: USB disconnect, device number 31
[  509.324011][    C1] ldusb 1-1:0.0: usb_submit_urb failed (-19)
[  509.369955][   T24] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  509.374569][ T5895] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  509.395625][ T5895] [drm] Initialized udl on minor 2
[  509.413407][ T5895] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  509.454994][ T5895] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  509.487440][ T5923] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  509.512788][ T5895] usb 5-1: USB disconnect, device number 29
[  509.519629][ T5923] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  509.758056][T11187] sctp: [Deprecated]: syz.2.1408 (pid 11187) Use of int in max_burst socket option.
[  509.758056][T11187] Use struct sctp_assoc_value instead
[  510.318923][ T5895] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  510.972398][ T5895] usb 5-1: Using ep0 maxpacket: 16
[  511.334978][ T5895] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  511.788870][ T5895] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  511.816232][ T5895] usb 5-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  511.882466][ T5895] usb 5-1: config 0 interface 0 has no altsetting 0
[  511.912916][ T5895] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  512.042675][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.240623][ T5895] usb 5-1: config 0 descriptor??
[  512.662095][ T5895] hid (null): bogus close delimiter
[  512.697413][ T5895] hid (null): unknown global tag 0xc
[  512.697436][ T5895] hid (null): report_id 0 is invalid
[  512.851185][T11188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  512.880271][T11188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  512.948595][ T5923] usb 5-1: USB disconnect, device number 30
[  514.140843][   T24] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  514.440272][   T24] usb 1-1: Using ep0 maxpacket: 32
[  514.448491][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  514.456236][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=c603, bcdDevice= 1.8e
[  514.465996][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.075531][   T24] usb 1-1: config 0 descriptor??
[  515.114160][   T24] usb 1-1: dvb_usb_v2: found a 'Hauppauge 126xxx ATSC+' in warm state
[  515.151912][   T24] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  515.170038][   T24] dvbdev: DVB: registering new adapter (Hauppauge 126xxx ATSC+)
[  515.194134][   T24] usb 1-1: media controller created
[  515.296472][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  515.334307][   T24] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  515.342246][   T24] error writing reg: 0xff, val: 0x00
[  515.370383][T11260] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1433'.
[  515.386287][T11260] fuse: Unknown parameter 'vd<0xffffffffffffffff'
[  515.403792][T11261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1432'.
[  515.428005][T11261] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  515.437209][T11261] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  515.446000][T11261] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  515.454812][T11261] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  515.493705][T11261] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  515.502997][T11261] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  515.512051][T11261] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  515.521004][T11261] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  515.572132][   T24] dvb_usb_mxl111sf 1-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  515.614069][   T24] usb 1-1: USB disconnect, device number 32
[  515.676692][T11264] FAULT_INJECTION: forcing a failure.
[  515.676692][T11264] name failslab, interval 1, probability 0, space 0, times 0
[  515.721374][T11264] CPU: 1 UID: 0 PID: 11264 Comm: syz.2.1434 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  515.721396][T11264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.721403][T11264] Call Trace:
[  515.721409][T11264]  <TASK>
[  515.721414][T11264]  dump_stack_lvl+0x189/0x250
[  515.721431][T11264]  ? __pfx____ratelimit+0x10/0x10
[  515.721446][T11264]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.721456][T11264]  ? __pfx__printk+0x10/0x10
[  515.721467][T11264]  ? __local_bh_enable_ip+0x12d/0x1c0
[  515.721482][T11264]  ? sctp_get_port_local+0xe4c/0x1610
[  515.721497][T11264]  should_fail_ex+0x414/0x560
[  515.721514][T11264]  should_failslab+0xa8/0x100
[  515.721529][T11264]  __kmalloc_cache_noprof+0x70/0x3d0
[  515.721543][T11264]  ? sctp_add_bind_addr+0x8c/0x370
[  515.721554][T11264]  sctp_add_bind_addr+0x8c/0x370
[  515.721563][T11264]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  515.721577][T11264]  sctp_do_bind+0x5ab/0x940
[  515.721598][T11264]  sctp_connect_new_asoc+0x25c/0x690
[  515.721615][T11264]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  515.721626][T11264]  ? __local_bh_enable_ip+0x12d/0x1c0
[  515.721639][T11264]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  515.721648][T11264]  ? security_sctp_bind_connect+0x7e/0x2e0
[  515.721663][T11264]  sctp_sendmsg+0x155c/0x2810
[  515.721682][T11264]  ? __pfx_sctp_sendmsg+0x10/0x10
[  515.721693][T11264]  ? __lock_acquire+0xab9/0xd20
[  515.721711][T11264]  ? sock_rps_record_flow+0x19/0x410
[  515.721723][T11264]  ? inet_sendmsg+0x2f4/0x370
[  515.721734][T11264]  __sock_sendmsg+0x19c/0x270
[  515.721751][T11264]  __sys_sendto+0x3bd/0x520
[  515.721763][T11264]  ? __pfx___sys_sendto+0x10/0x10
[  515.721772][T11264]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  515.721789][T11264]  ? __fget_files+0x3a0/0x420
[  515.721804][T11264]  ? ksys_write+0x22a/0x250
[  515.721818][T11264]  ? __pfx_ksys_write+0x10/0x10
[  515.721834][T11264]  ? rcu_is_watching+0x15/0xb0
[  515.721847][T11264]  __x64_sys_sendto+0xde/0x100
[  515.721860][T11264]  do_syscall_64+0xfa/0x3b0
[  515.721868][T11264]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.721882][T11264]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.721891][T11264]  ? clear_bhb_loop+0x60/0xb0
[  515.721903][T11264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.721913][T11264] RIP: 0033:0x7ff44678e929
[  515.721923][T11264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.721932][T11264] RSP: 002b:00007ff447587038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  515.721944][T11264] RAX: ffffffffffffffda RBX: 00007ff4469b5fa0 RCX: 00007ff44678e929
[  515.721951][T11264] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  515.721957][T11264] RBP: 00007ff447587090 R08: 0000200000000080 R09: 000000000000001c
[  515.721964][T11264] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000001
[  515.721970][T11264] R13: 0000000000000000 R14: 00007ff4469b5fa0 R15: 00007fff3de75278
[  515.721985][T11264]  </TASK>
[  516.019644][    C1] vkms_vblank_simulate: vblank timer overrun
[  516.322625][T11268] FAULT_INJECTION: forcing a failure.
[  516.322625][T11268] name failslab, interval 1, probability 0, space 0, times 0
[  516.335391][T11268] CPU: 1 UID: 0 PID: 11268 Comm: syz.2.1435 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  516.335415][T11268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.335426][T11268] Call Trace:
[  516.335437][T11268]  <TASK>
[  516.335445][T11268]  dump_stack_lvl+0x189/0x250
[  516.335488][T11268]  ? __pfx____ratelimit+0x10/0x10
[  516.335519][T11268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.335538][T11268]  ? __pfx__printk+0x10/0x10
[  516.335566][T11268]  ? __pfx___might_resched+0x10/0x10
[  516.335584][T11268]  ? fs_reclaim_acquire+0x7d/0x100
[  516.335606][T11268]  should_fail_ex+0x414/0x560
[  516.335634][T11268]  ? xt_alloc_table_info+0x3b/0xa0
[  516.335655][T11268]  should_failslab+0xa8/0x100
[  516.335681][T11268]  __kvmalloc_node_noprof+0x161/0x5f0
[  516.335705][T11268]  ? xt_alloc_table_info+0x3b/0xa0
[  516.335732][T11268]  xt_alloc_table_info+0x3b/0xa0
[  516.335754][T11268]  do_ip6t_set_ctl+0x88a/0xce0
[  516.335781][T11268]  ? preempt_schedule_thunk+0x16/0x30
[  516.335806][T11268]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  516.335847][T11268]  ? __pfx___mutex_lock+0x10/0x10
[  516.335865][T11268]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  516.335892][T11268]  ? __pfx_ipv6_setsockopt+0x10/0x10
[  516.335921][T11268]  nf_setsockopt+0x26c/0x290
[  516.335944][T11268]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  516.335965][T11268]  do_sock_setsockopt+0x25a/0x3e0
[  516.335988][T11268]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  516.336013][T11268]  ? __fget_files+0x2a/0x420
[  516.336037][T11268]  __x64_sys_setsockopt+0x18b/0x220
[  516.336064][T11268]  do_syscall_64+0xfa/0x3b0
[  516.336083][T11268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.336098][T11268]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  516.336115][T11268]  ? clear_bhb_loop+0x60/0xb0
[  516.336135][T11268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.336152][T11268] RIP: 0033:0x7ff44678e929
[  516.336168][T11268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.336183][T11268] RSP: 002b:00007ff447545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  516.336202][T11268] RAX: ffffffffffffffda RBX: 00007ff4469b6160 RCX: 00007ff44678e929
[  516.336215][T11268] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  516.336226][T11268] RBP: 00007ff447545090 R08: 0000000000000520 R09: 0000000000000000
[  516.336237][T11268] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  516.336248][T11268] R13: 0000000000000000 R14: 00007ff4469b6160 R15: 00007fff3de75278
[  516.336277][T11268]  </TASK>
[  516.592341][    C1] vkms_vblank_simulate: vblank timer overrun
[  516.803223][T11270] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  517.109020][   T24] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  517.267708][   T24] usb 1-1: Using ep0 maxpacket: 32
[  517.337580][   T24] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[  517.360824][   T24] usb 1-1: config 0 has no interface number 0
[  517.369783][T11282] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1440'.
[  517.379093][   T24] usb 1-1: config 0 interface 29 has no altsetting 0
[  517.399012][   T24] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  517.413638][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.417524][T11283] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  517.442202][   T24] usb 1-1: Product: syz
[  517.450499][   T24] usb 1-1: Manufacturer: syz
[  517.559799][   T24] usb 1-1: SerialNumber: syz
[  517.569105][   T24] usb 1-1: config 0 descriptor??
[  518.633034][   T24] peak_usb 1-1:0.29 can0: unable to request usb[type=0 value=1] err=-71
[  518.661921][   T24] peak_usb 1-1:0.29: unable to read PCAN-USB X6 firmware info (err -71)
[  518.786804][T11300] FAULT_INJECTION: forcing a failure.
[  518.786804][T11300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.826494][   T24] peak_usb 1-1:0.29: probe with driver peak_usb failed with error -71
[  518.841331][T11300] CPU: 0 UID: 0 PID: 11300 Comm: syz.4.1445 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  518.841367][T11300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.841377][T11300] Call Trace:
[  518.841385][T11300]  <TASK>
[  518.841392][T11300]  dump_stack_lvl+0x189/0x250
[  518.841415][T11300]  ? __pfx____ratelimit+0x10/0x10
[  518.841439][T11300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.841455][T11300]  ? __pfx__printk+0x10/0x10
[  518.841476][T11300]  ? __might_fault+0xb0/0x130
[  518.841510][T11300]  should_fail_ex+0x414/0x560
[  518.841538][T11300]  _copy_from_user+0x2d/0xb0
[  518.841558][T11300]  ___sys_sendmsg+0x158/0x2a0
[  518.841581][T11300]  ? __pfx____sys_sendmsg+0x10/0x10
[  518.841637][T11300]  ? __fget_files+0x2a/0x420
[  518.841652][T11300]  ? __fget_files+0x3a0/0x420
[  518.841677][T11300]  __x64_sys_sendmsg+0x19b/0x260
[  518.841700][T11300]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  518.841730][T11300]  ? __pfx_ksys_write+0x10/0x10
[  518.841750][T11300]  ? rcu_is_watching+0x15/0xb0
[  518.841773][T11300]  ? do_syscall_64+0xbe/0x3b0
[  518.841794][T11300]  do_syscall_64+0xfa/0x3b0
[  518.841808][T11300]  ? lockdep_hardirqs_on+0x9c/0x150
[  518.841829][T11300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.841846][T11300]  ? clear_bhb_loop+0x60/0xb0
[  518.841867][T11300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.841884][T11300] RIP: 0033:0x7f1ca098e929
[  518.841898][T11300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.841910][T11300] RSP: 002b:00007f1ca17a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  518.841928][T11300] RAX: ffffffffffffffda RBX: 00007f1ca0bb5fa0 RCX: 00007f1ca098e929
[  518.841940][T11300] RDX: 0000000000000814 RSI: 0000200000000240 RDI: 0000000000000003
[  518.841951][T11300] RBP: 00007f1ca17a8090 R08: 0000000000000000 R09: 0000000000000000
[  518.841962][T11300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.841972][T11300] R13: 0000000000000000 R14: 00007f1ca0bb5fa0 R15: 00007ffe042fa8f8
[  518.841996][T11300]  </TASK>
[  518.879087][   T24] usb 1-1: USB disconnect, device number 33
[  519.049103][ T5895] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  519.338581][T11306] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  519.378953][ T5895] usb 2-1: Using ep0 maxpacket: 16
[  519.931031][ T5895] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06
[  519.941265][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  519.949457][ T5895] usb 2-1: Product: syz
[  519.953647][ T5895] usb 2-1: Manufacturer: syz
[  519.958281][ T5895] usb 2-1: SerialNumber: syz
[  520.052401][ T5895] r8152-cfgselector 2-1: Unknown version 0x0000
[  520.066546][ T5895] r8152-cfgselector 2-1: config 0 descriptor??
[  521.936064][ T5170] r8152-cfgselector 2-1: USB disconnect, device number 27
[  523.467731][T11345] FAULT_INJECTION: forcing a failure.
[  523.467731][T11345] name failslab, interval 1, probability 0, space 0, times 0
[  523.489594][T11345] CPU: 0 UID: 0 PID: 11345 Comm: syz.4.1458 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  523.489621][T11345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  523.489630][T11345] Call Trace:
[  523.489636][T11345]  <TASK>
[  523.489641][T11345]  dump_stack_lvl+0x189/0x250
[  523.489658][T11345]  ? __pfx____ratelimit+0x10/0x10
[  523.489673][T11345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.489683][T11345]  ? __pfx__printk+0x10/0x10
[  523.489699][T11345]  ? __pfx___might_resched+0x10/0x10
[  523.489710][T11345]  ? fs_reclaim_acquire+0x7d/0x100
[  523.489723][T11345]  should_fail_ex+0x414/0x560
[  523.489740][T11345]  should_failslab+0xa8/0x100
[  523.489755][T11345]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  523.489769][T11345]  ? dh_data_from_key+0x15e/0x280
[  523.489783][T11345]  kmemdup_noprof+0x2b/0x70
[  523.489795][T11345]  dh_data_from_key+0x15e/0x280
[  523.489808][T11345]  __keyctl_dh_compute+0x2c3/0xca0
[  523.489822][T11345]  ? __might_fault+0xb0/0x130
[  523.489836][T11345]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  523.489854][T11345]  ? __lock_acquire+0xab9/0xd20
[  523.489879][T11345]  keyctl_dh_compute+0x109/0x160
[  523.489891][T11345]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  523.489903][T11345]  ? __pfx_keyctl_dh_compute+0x10/0x10
[  523.489914][T11345]  ? vfs_write+0x8d8/0xa90
[  523.489935][T11345]  __se_sys_keyctl+0x423/0x910
[  523.489946][T11345]  ? __pfx___se_sys_keyctl+0x10/0x10
[  523.489957][T11345]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  523.489970][T11345]  ? __fget_files+0x3a0/0x420
[  523.489982][T11345]  ? fput+0xa0/0xd0
[  523.489992][T11345]  ? ksys_write+0x22a/0x250
[  523.490006][T11345]  ? __pfx_ksys_write+0x10/0x10
[  523.490016][T11345]  ? rcu_is_watching+0x15/0xb0
[  523.490030][T11345]  ? do_syscall_64+0xbe/0x3b0
[  523.490038][T11345]  ? __x64_sys_keyctl+0x20/0xc0
[  523.490048][T11345]  do_syscall_64+0xfa/0x3b0
[  523.490057][T11345]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.490070][T11345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.490079][T11345]  ? clear_bhb_loop+0x60/0xb0
[  523.490096][T11345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.490106][T11345] RIP: 0033:0x7f1ca098e929
[  523.490116][T11345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.490125][T11345] RSP: 002b:00007f1ca17a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  523.490137][T11345] RAX: ffffffffffffffda RBX: 00007f1ca0bb5fa0 RCX: 00007f1ca098e929
[  523.490144][T11345] RDX: 00002000000000c0 RSI: 0000200000000140 RDI: 0000000000000017
[  523.490150][T11345] RBP: 00007f1ca17a8090 R08: 0000000000000000 R09: 0000000000000000
[  523.490156][T11345] R10: fffffffffffffe4f R11: 0000000000000246 R12: 0000000000000001
[  523.490162][T11345] R13: 0000000000000000 R14: 00007f1ca0bb5fa0 R15: 00007ffe042fa8f8
[  523.490178][T11345]  </TASK>
[  523.960961][T11350] sctp: [Deprecated]: syz.4.1461 (pid 11350) Use of int in max_burst socket option.
[  523.960961][T11350] Use struct sctp_assoc_value instead
[  524.417657][T11353] tty tty2: ldisc open failed (-12), clearing slot 1
[  524.465249][T11354] tty tty2: ldisc open failed (-12), clearing slot 1
[  524.635755][T11365] binder: 11360:11365 ioctl 40046205 0 returned -22
[  524.670049][T11365] binder: 11360:11365 ioctl c0306201 0 returned -14
[  524.706935][T11365] FAULT_INJECTION: forcing a failure.
[  524.706935][T11365] name failslab, interval 1, probability 0, space 0, times 0
[  524.719840][T11365] CPU: 0 UID: 0 PID: 11365 Comm: syz.0.1464 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  524.719862][T11365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  524.719871][T11365] Call Trace:
[  524.719878][T11365]  <TASK>
[  524.719886][T11365]  dump_stack_lvl+0x189/0x250
[  524.719910][T11365]  ? __pfx____ratelimit+0x10/0x10
[  524.719933][T11365]  ? __pfx_dump_stack_lvl+0x10/0x10
[  524.719950][T11365]  ? __pfx__printk+0x10/0x10
[  524.719973][T11365]  ? __pfx___might_resched+0x10/0x10
[  524.719995][T11365]  should_fail_ex+0x414/0x560
[  524.720022][T11365]  should_failslab+0xa8/0x100
[  524.720038][T11365]  __kmalloc_noprof+0xcb/0x4f0
[  524.720052][T11365]  ? security_prepare_creds+0x52/0x390
[  524.720064][T11365]  security_prepare_creds+0x52/0x390
[  524.720075][T11365]  prepare_creds+0x497/0x6c0
[  524.720090][T11365]  copy_creds+0x106/0xa10
[  524.720106][T11365]  copy_process+0x95d/0x3b80
[  524.720124][T11365]  ? __pfx___schedule+0x10/0x10
[  524.720138][T11365]  ? lockdep_hardirqs_on+0x9c/0x150
[  524.720156][T11365]  ? __pfx_copy_process+0x10/0x10
[  524.720168][T11365]  ? rcu_is_watching+0x15/0xb0
[  524.720183][T11365]  kernel_clone+0x224/0x7f0
[  524.720196][T11365]  ? __pfx_kernel_clone+0x10/0x10
[  524.720218][T11365]  __x64_sys_clone+0x18b/0x1e0
[  524.720228][T11365]  ? trace_irq_disable+0x37/0x110
[  524.720242][T11365]  ? __pfx___x64_sys_clone+0x10/0x10
[  524.720270][T11365]  do_syscall_64+0xfa/0x3b0
[  524.720279][T11365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.720288][T11365]  ? asm_sysvec_call_function_single+0x1a/0x20
[  524.720298][T11365]  ? clear_bhb_loop+0x60/0xb0
[  524.720309][T11365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.720318][T11365] RIP: 0033:0x7fdb2c58e929
[  524.720328][T11365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.720336][T11365] RSP: 002b:00007fdb2d4c0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  524.720348][T11365] RAX: ffffffffffffffda RBX: 00007fdb2c7b6080 RCX: 00007fdb2c58e929
[  524.720355][T11365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  524.720361][T11365] RBP: 00007fdb2d4c1090 R08: 0000000000000000 R09: 0000000000000000
[  524.720367][T11365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.720372][T11365] R13: 0000000000000000 R14: 00007fdb2c7b6080 R15: 00007ffdbe997008
[  524.720387][T11365]  </TASK>
[  527.474973][T11382] netlink: 4972 bytes leftover after parsing attributes in process `syz.2.1468'.
[  527.484572][T11382] openvswitch: netlink: Key type 223 is out of range max 32
[  527.930368][T11383] overlayfs: failed to resolve './file1': -2
[  528.606285][T11386] netlink: 'syz.1.1470': attribute type 10 has an invalid length.
[  528.899674][T11386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  528.984170][T11386] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  530.069734][ T5895] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  530.229108][ T5895] usb 5-1: Using ep0 maxpacket: 8
[  530.258478][ T5895] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  530.276336][ T5895] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 17
[  530.294766][T11421] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1480'.
[  530.316468][ T5895] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07
[  530.327676][ T5895] usb 5-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60
[  530.339509][ T5895] usb 5-1: Product: syz
[  530.344074][ T5895] usb 5-1: Manufacturer: syz
[  530.349552][ T5895] usb 5-1: SerialNumber: syz
[  530.357313][ T5895] usb 5-1: config 0 descriptor??
[  531.036836][ T5895] usb 5-1: USB disconnect, device number 31
[  531.296804][T11430] FAULT_INJECTION: forcing a failure.
[  531.296804][T11430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.310204][T11430] CPU: 1 UID: 0 PID: 11430 Comm: syz.0.1482 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  531.310229][T11430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.310240][T11430] Call Trace:
[  531.310247][T11430]  <TASK>
[  531.310255][T11430]  dump_stack_lvl+0x189/0x250
[  531.310280][T11430]  ? __pfx____ratelimit+0x10/0x10
[  531.310306][T11430]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.310325][T11430]  ? __pfx__printk+0x10/0x10
[  531.310346][T11430]  ? __might_fault+0xb0/0x130
[  531.310380][T11430]  should_fail_ex+0x414/0x560
[  531.310416][T11430]  _copy_from_user+0x2d/0xb0
[  531.310437][T11430]  memdup_user+0x5e/0xd0
[  531.310456][T11430]  strndup_user+0x68/0xd0
[  531.310475][T11430]  __se_sys_mount+0x9c/0x410
[  531.310498][T11430]  ? __pfx___se_sys_mount+0x10/0x10
[  531.310520][T11430]  ? do_syscall_64+0xbe/0x3b0
[  531.310535][T11430]  ? __x64_sys_mount+0x20/0xc0
[  531.310553][T11430]  do_syscall_64+0xfa/0x3b0
[  531.310571][T11430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.310587][T11430]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  531.310604][T11430]  ? clear_bhb_loop+0x60/0xb0
[  531.310624][T11430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.310641][T11430] RIP: 0033:0x7fdb2c58e929
[  531.310657][T11430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.310670][T11430] RSP: 002b:00007fdb2d4c1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  531.310689][T11430] RAX: ffffffffffffffda RBX: 00007fdb2c7b6080 RCX: 00007fdb2c58e929
[  531.310701][T11430] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000080
[  531.310714][T11430] RBP: 00007fdb2d4c1090 R08: 0000000000000000 R09: 0000000000000000
[  531.310724][T11430] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  531.310734][T11430] R13: 0000000000000000 R14: 00007fdb2c7b6080 R15: 00007ffdbe997008
[  531.310762][T11430]  </TASK>
[  531.511415][    C1] vkms_vblank_simulate: vblank timer overrun
[  533.464308][T11452] netlink: 4972 bytes leftover after parsing attributes in process `syz.0.1485'.
[  533.483568][T11452] openvswitch: netlink: Key type 223 is out of range max 32
[  534.856488][ T5902] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  535.176112][T11475] /dev/nullb0: Can't open blockdev
[  535.758880][ T5902] usb 1-1: Using ep0 maxpacket: 16
[  535.770747][ T5902] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  535.778059][ T5902] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  535.798942][ T5902] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  535.845357][ T5902] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.898943][ T5902] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[  535.942904][ T5902] usb 1-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  535.962320][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.981888][ T5902] usb 1-1: Product: syz
[  535.989177][ T5902] usb 1-1: Manufacturer: syz
[  535.993822][ T5902] usb 1-1: SerialNumber: syz
[  536.435844][ T5902] usb 1-1: config 0 descriptor??
[  536.444902][T11470] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  536.475899][ T5902] mcba_usb 1-1:0.0 can0: couldn't setup read URBs
[  536.488960][ T5902] mcba_usb 1-1:0.0 can0: couldn't start device: -90
[  536.569876][ T5902] mcba_usb 1-1:0.0: probe with driver mcba_usb failed with error -90
[  536.618546][   T30] audit: type=1326 audit(1752683974.052:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11478 comm="syz.4.1496" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1ca098e929 code=0x0
[  537.035302][T11500] netlink: 4972 bytes leftover after parsing attributes in process `syz.3.1500'.
[  537.044762][T11500] openvswitch: netlink: Key type 223 is out of range max 32
[  537.191244][T11501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  537.228165][T11501] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  538.520586][ T5923] usb 1-1: USB disconnect, device number 34
[  538.679854][T11524] syz.4.1506 uses old SIOCAX25GETINFO
[  538.687545][T11524] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  538.880160][T11528] netlink: 4972 bytes leftover after parsing attributes in process `syz.3.1505'.
[  538.889476][T11528] openvswitch: netlink: Key type 223 is out of range max 32
[  539.650545][T11538] sctp: [Deprecated]: syz.4.1510 (pid 11538) Use of int in max_burst socket option.
[  539.650545][T11538] Use struct sctp_assoc_value instead
[  540.526346][T11543] sctp: [Deprecated]: syz.4.1512 (pid 11543) Use of int in max_burst socket option.
[  540.526346][T11543] Use struct sctp_assoc_value instead
[  541.035397][T11545] tc_dump_action: action bad kind
[  541.196371][T11550] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  541.376943][ T5902] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  541.620967][T11556] netlink: 4972 bytes leftover after parsing attributes in process `syz.4.1516'.
[  541.630880][T11556] openvswitch: netlink: Key type 223 is out of range max 32
[  541.716796][ T5902] usb 4-1: Using ep0 maxpacket: 32
[  541.775298][ T5902] usb 4-1: config 0 has an invalid interface number: 54 but max is 0
[  541.987309][ T5902] usb 4-1: config 0 has no interface number 0
[  542.002916][ T5902] usb 4-1: config 0 interface 54 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  542.045414][ T5902] usb 4-1: config 0 interface 54 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  542.086668][ T5902] usb 4-1: config 0 interface 54 has no altsetting 0
[  542.105392][ T5902] usb 4-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=46.42
[  542.121267][ T5902] usb 4-1: New USB device strings: Mfr=3, Product=2, SerialNumber=3
[  542.133575][ T5902] usb 4-1: Product: syz
[  542.137909][ T5902] usb 4-1: Manufacturer: syz
[  542.143504][ T5902] usb 4-1: SerialNumber: syz
[  542.155506][ T5902] usb 4-1: config 0 descriptor??
[  542.167245][T11545] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  542.179714][T11545] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  542.475193][T11569] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  542.497513][ T5902] ums_eneub6250 4-1:0.54: USB Mass Storage device detected
[  543.659346][ T5902] scsi host1: usb-storage 4-1:0.54
[  544.081303][T11580] sctp: [Deprecated]: syz.1.1522 (pid 11580) Use of int in max_burst socket option.
[  544.081303][T11580] Use struct sctp_assoc_value instead
[  545.385179][T11586] sctp: [Deprecated]: syz.3.1523 (pid 11586) Use of int in max_burst socket option.
[  545.385179][T11586] Use struct sctp_assoc_value instead
[  545.508915][T11586] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1523'.
[  545.641500][   T24] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  545.878960][T11587] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1525'.
[  545.935097][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.956613][T11589] FAULT_INJECTION: forcing a failure.
[  545.956613][T11589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  545.994165][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  546.009715][T11589] CPU: 0 UID: 0 PID: 11589 Comm: syz.1.1526 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  546.009748][T11589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.009758][T11589] Call Trace:
[  546.009766][T11589]  <TASK>
[  546.009774][T11589]  dump_stack_lvl+0x189/0x250
[  546.009797][T11589]  ? __pfx____ratelimit+0x10/0x10
[  546.009821][T11589]  ? __pfx_dump_stack_lvl+0x10/0x10
[  546.009840][T11589]  ? __pfx__printk+0x10/0x10
[  546.009874][T11589]  should_fail_ex+0x414/0x560
[  546.009904][T11589]  _copy_to_user+0x31/0xb0
[  546.009925][T11589]  simple_read_from_buffer+0xe1/0x170
[  546.009954][T11589]  proc_fail_nth_read+0x1df/0x250
[  546.009975][T11589]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.009995][T11589]  ? rw_verify_area+0x258/0x650
[  546.010016][T11589]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.010035][T11589]  vfs_read+0x200/0x980
[  546.010062][T11589]  ? __pfx___mutex_lock+0x10/0x10
[  546.010080][T11589]  ? __pfx_vfs_read+0x10/0x10
[  546.010103][T11589]  ? __fget_files+0x2a/0x420
[  546.010123][T11589]  ? __fget_files+0x3a0/0x420
[  546.010138][T11589]  ? __fget_files+0x2a/0x420
[  546.010162][T11589]  ksys_read+0x145/0x250
[  546.010186][T11589]  ? __pfx_ksys_read+0x10/0x10
[  546.010205][T11589]  ? rcu_is_watching+0x15/0xb0
[  546.010229][T11589]  ? do_syscall_64+0xbe/0x3b0
[  546.010249][T11589]  do_syscall_64+0xfa/0x3b0
[  546.010264][T11589]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.010286][T11589]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.010303][T11589]  ? clear_bhb_loop+0x60/0xb0
[  546.010327][T11589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.010343][T11589] RIP: 0033:0x7f9465d8d33c
[  546.010358][T11589] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  546.010374][T11589] RSP: 002b:00007f9466bb1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  546.010393][T11589] RAX: ffffffffffffffda RBX: 00007f9465fb5fa0 RCX: 00007f9465d8d33c
[  546.010405][T11589] RDX: 000000000000000f RSI: 00007f9466bb10a0 RDI: 0000000000000004
[  546.010416][T11589] RBP: 00007f9466bb1090 R08: 0000000000000000 R09: 0000000000000000
[  546.010427][T11589] R10: 0000000040000002 R11: 0000000000000246 R12: 0000000000000001
[  546.010438][T11589] R13: 0000000000000000 R14: 00007f9465fb5fa0 R15: 00007ffca1b13c08
[  546.010466][T11589]  </TASK>
[  546.028966][   T24] usb 5-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  546.209227][T11576] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  546.269049][T11576] #PF: supervisor instruction fetch in kernel mode
[  546.275544][T11576] #PF: error_code(0x0010) - not-present page
[  546.281509][T11576] PGD 800000006256b067 P4D 800000006256b067 PUD 0 
[  546.288006][T11576] Oops: Oops: 0010 [#1] SMP KASAN PTI
[  546.293368][T11576] CPU: 0 UID: 0 PID: 11576 Comm: usb-storage Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  546.305506][T11576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.315555][T11576] RIP: 0010:0x0
[  546.319006][T11576] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  546.326353][T11576] RSP: 0018:ffffc90005427a38 EFLAGS: 00010246
[  546.332432][T11576] RAX: 1ffff1100dcf59c8 RBX: ffff888021f7a108 RCX: 0000000000000000
[  546.340391][T11576] RDX: 0000000000000006 RSI: ffffffff8d98544c RDI: ffff88806e7acd48
[  546.348352][T11576] RBP: ffffc90005427c30 R08: ffffffff8fa0cbf7 R09: 1ffffffff1f4197e
[  546.356312][T11576] R10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92000a84f60
[  546.364270][T11576] R13: ffff88806e7ac070 R14: dffffc0000000000 R15: ffff88806e7acd48
[  546.372240][T11576] FS:  0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
[  546.381240][T11576] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  546.387806][T11576] CR2: ffffffffffffffd6 CR3: 000000003399e000 CR4: 00000000003526f0
[  546.395765][T11576] Call Trace:
[  546.399033][T11576]  <TASK>
[  546.401948][T11576]  usb_stor_invoke_transport+0x541/0x19c0
[  546.407663][T11576]  ? trace_irq_disable+0x37/0x110
[  546.412682][T11576]  ? do_raw_spin_lock+0x121/0x290
[  546.417701][T11576]  ? __pfx_usb_stor_invoke_transport+0x10/0x10
[  546.423843][T11576]  ? irqentry_exit+0x74/0x90
[  546.428416][T11576]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.433605][T11576]  ? usb_stor_pad12_command+0x76/0xe0
[  546.438966][T11576]  usb_stor_control_thread+0x450/0x8e0
[  546.444411][T11576]  ? __pfx_usb_stor_control_thread+0x10/0x10
[  546.450374][T11576]  ? __kthread_parkme+0x7b/0x200
[  546.455295][T11576]  ? __kthread_parkme+0x1a1/0x200
[  546.460710][T11576]  kthread+0x711/0x8a0
[  546.464768][T11576]  ? __pfx_usb_stor_control_thread+0x10/0x10
[  546.470729][T11576]  ? __pfx_kthread+0x10/0x10
[  546.475302][T11576]  ? _raw_spin_unlock_irq+0x23/0x50
[  546.480570][T11576]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.485752][T11576]  ? __pfx_kthread+0x10/0x10
[  546.490331][T11576]  ret_from_fork+0x3fc/0x770
[  546.494903][T11576]  ? __pfx_ret_from_fork+0x10/0x10
[  546.500016][T11576]  ? __switch_to_asm+0x39/0x70
[  546.504766][T11576]  ? __switch_to_asm+0x33/0x70
[  546.509547][T11576]  ? __pfx_kthread+0x10/0x10
[  546.514149][T11576]  ret_from_fork_asm+0x1a/0x30
[  546.518901][T11576]  </TASK>
[  546.521930][T11576] Modules linked in:
[  546.525865][T11576] CR2: 0000000000000000
[  546.530005][T11576] ---[ end trace 0000000000000000 ]---
[  546.535563][T11576] RIP: 0010:0x0
[  546.539014][T11576] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  546.546361][T11576] RSP: 0018:ffffc90005427a38 EFLAGS: 00010246
[  546.552412][T11576] RAX: 1ffff1100dcf59c8 RBX: ffff888021f7a108 RCX: 0000000000000000
[  546.560377][T11576] RDX: 0000000000000006 RSI: ffffffff8d98544c RDI: ffff88806e7acd48
[  546.568332][T11576] RBP: ffffc90005427c30 R08: ffffffff8fa0cbf7 R09: 1ffffffff1f4197e
[  546.576372][T11576] R10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92000a84f60
[  546.584345][T11576] R13: ffff88806e7ac070 R14: dffffc0000000000 R15: ffff88806e7acd48
[  546.592300][T11576] FS:  0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
[  546.601215][T11576] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  546.607793][T11576] CR2: ffffffffffffffd6 CR3: 000000003399e000 CR4: 00000000003526f0
[  546.615768][T11576] Kernel panic - not syncing: Fatal exception
[  546.622080][T11576] Kernel Offset: disabled
[  546.626395][T11576] Rebooting in 86400 seconds..