last executing test programs:

24.904784473s ago: executing program 0 (id=145):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@sack_info={0x0, 0x0, 0x1000}, 0xc) (fail_nth: 3)

24.113553968s ago: executing program 0 (id=146):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r0, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

22.51094789s ago: executing program 2 (id=152):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x40, 0x20, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000140), 0x1003, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, &(0x7f0000000140)=""/83, &(0x7f0000000080), &(0x7f0000000080), 0x6, r1}, 0x38)
getsockopt$inet_int(r0, 0x10d, 0xee, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={<r3=>0x0, 0x7, 0x2, 0x81, 0xfff7, 0x10, 0x5, 0x9, {0x0, @in={{0x2, 0x4e24, @multicast1}}, 0x2bb1, 0x6, 0x3cc9, 0x4, 0x54}}, &(0x7f00000001c0)=0xb0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)={<r4=>r3, 0x3, 0x8, [0x2, 0xffff, 0xe0, 0x40, 0xa403, 0x8, 0x3, 0x8]}, &(0x7f00000000c0)=0x18)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_CPUID2(r6, 0xc008ae09, &(0x7f00000000c0)=ANY=[@ANYRES64])
ioctl$VT_DISALLOCATE(r6, 0x5608)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000100)={r4, 0x4, 0x10, 0x0, 0x4}, &(0x7f0000000140)=0x18)

21.080905411s ago: executing program 2 (id=155):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x19, 0x0, &(0x7f0000000080))

20.067590142s ago: executing program 2 (id=157):
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x7, 0x40)
socket$inet6(0xa, 0x1, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000040)={@my=0x1})
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socket$alg(0x26, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0)

19.6005303s ago: executing program 0 (id=159):
setrlimit(0x2, &(0x7f0000000040)={0x0, 0x2400000})
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)

18.770400864s ago: executing program 4 (id=160):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x11}}}}}}}, 0x0)

18.504711658s ago: executing program 0 (id=161):
syz_mount_image$ocfs2(&(0x7f0000000100), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000001a00)=ANY=[@ANYBLOB="636f6d6d69743d30303030303030303030303030303030303030312c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c61636c2c00d9d123"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x769})
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0)

18.457597046s ago: executing program 2 (id=162):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
readv(r1, &(0x7f0000000240), 0x0)

17.694807499s ago: executing program 4 (id=163):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x8c30}]}}]}, 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

16.792065038s ago: executing program 4 (id=164):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./bus\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYBLOB="00e0c6e4d9182ec69e599fd4d32ba9c5146fbc43a33914b2b1a5ce8843b193dc82dbc512b6fabfe6fbdd2a8bdeeda78e17b18f1b6e80c81cd67046e6a85e7160112d613e4c6dcab2404d58291ec130b9fd2785ce8dd5538f70998f2d50005813ba6c65cd3c25a8e730e1cd7b11cf7f6cc0fba6b670c64374abd09518ffba0c5eb2e602b1a64ac897fc6ce9bee1d70bef22f10c7776c2f5077cb1de63832b1bab15c6caf549a1cd58106494d92d1159033b2e27eceae339414a62aca9cf6a00c07e2a181dd9668a64b5eefc8e5ebc6564442a8d322e89a2fbbade22dc834cff72c09dc653db003038d250e81aee10888e78a3677d68cc60de6f7d361115e53becaa81ee364dd85d11c2e56a01b87e0b194b2a5d3115f3b257fa54acf273f953e6be39e5b67fcd3a564e71fdbdf8b4ef42c07a9525ae4d7c"], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f00000001c0)=""/202, 0xff4)

16.430529952s ago: executing program 1 (id=165):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="1d100000120091ef"], 0xfe33)

15.924080084s ago: executing program 3 (id=166):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000200)=""/52, 0x34)
getdents(r1, 0xfffffffffffffffd, 0x58)

15.256096108s ago: executing program 1 (id=167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd0}}, 0x0)

14.389960521s ago: executing program 3 (id=168):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x2, 0xa, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x9, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x8000000, 0x1, 0x9, 0x0, 0xfd}, {0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2, 0x3, 0x7}, {0x0, 0xeeee8000, 0x0, 0x4, 0x0, 0x8, 0x0, 0x4, 0x4}, {}, {}, 0x5df8ffc2, 0x0, 0x8080000, 0x140030, 0x80000a, 0x0, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})

13.518717631s ago: executing program 2 (id=169):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f0000000f80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000001000)={[{@nls={'nls', 0x3d, 'cp775'}}, {@nobarrier}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {@umask={'umask', 0x3d, 0xffff}}, {@force}, {@nobarrier}]}, 0x43, 0x6ac, &(0x7f0000001980)="$eJzs3U+InGcdB/DvO9nMZiKm2zZNowhdGijaYLKboSaC0CgiOQQJerDXJdk0SyZp2WwlLWImahU8eZIePFQkHnoSEaGexHoWBC+ecg9485CDuvK+887s7Mxks5t/s20/H3j3fZ553ud5fu9v3z/zZ5cJ8Kl15rXs7abImaNnr5f127fandu32lf65SSzSRrJTG+VopUUHyWn01vyufLBerjiXvO8cufDYua9D9q92ky9VNs3tuo3ZuKW3WTfoLInyXyv+J9tDzs2XrVU45zfGO8BFYO4y4Qd6ScOpm19THejsXHf7ts/b4Fd60bvvjlmLtmf3t21fB6Q+upw/yvD9G15beo+uTgAAADgcZn4Wn7YU3dzN9dz4MmEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8MRe87A4t6afTL8yn63//fHPpO/eaUw31I716sVt95atqBAAAAAAAAAMBDeeFu7uZ6DvTr60X1mf+LVeVg9fMzeSvXspzVHMv1LGUta1nNYpK5oYGa15fW1lYXx3v+MmXP9fX1G3XPExN7ntgcV3c00El/aTC2EQAAAAAAAAB8av0oZzY+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN2gSPb0VtVysF+eS2Mmyb4kzWJ+sHlzqsE+An+edgAAAADwGBSbq616faD4X6+wXlSv+Q9Vm+7LW7mataxkLZ0s50LdvXzV3/h7t925fat9pVzG5/n6v3YUVjVieu89TJ55odriuUGPM/lWvpujmc+5rGYl389S1rKc+XyzKi2lyFy9w3O3b7XSj3U83tObaudGY3thqFzGd7iKpJWLWaliO5bzzX7ojXq7w0Oz/bGZjMx4s8xO8Wptmzm6UK/LPfrF+K9yiuaqPd87yMhCnfsyG08P53089zs8TkZnWkxj8B7UwY1ZyuroTA+U8/31usz1Tx9vznf4VtrmTHR/Xtb6R9+hrXOefOkffzl3qXH18qWL147unsPoAY0eE+2hTDy/rUx0ykx0HyIT+x4m/kenWWejdxXd2dXyxarvgazk23kjF7Kck1nIYk5lIV/NibRzYiivz22d1+pca+zsXDvyxbpQ3pN+NnRvemJm79VQ5vXpobwOX+nmqrbhRzay9Mw2slQ0MzlL/5wYyszn60I5x4+H7jjTN5qJxaFMPLt1Jn793/Uk1zpXL69eWnpzm/O9VK/L0/bdzdfm3zySHdq5enfL4+WZ8peV3m1j+Ogo257tt43kq1l/4jJTD7aprZnqfO613e9MLUc6dHPSSL225yfO0q7aDg+1bXqWkzfSGTwLAWAX2//y/mbrTutvrfdbP2ldap3d943ZU7NfaGbvX2f+tOd3jd82vla8nPfzwxyYdqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBJcO3tdy4vdTrLq7uwkMYjHvDmxKZ+KnqPNHfHvn9cC7NbHVG/T7JF9+Y0Ym4l2RWpy8wTmGs2E5rODh5pJY1BPEku75IvuAMeh+NrV948fu3td768cmXp9eXXl6+eOHXy1ZPtryzeOH5xpbO80Ps57SiBx2HjacC0IwEAAAAAAAAAAAC2a1v/PPC9PNT/HozO+dmk6E5ndwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPoTOvZW83RRYXji2U9du32p1y6Zc3tpxJ0khS/CApPkpOp7dkbmi44l7zvHLnw1+99N4H7Y2xZvrbN0b6/eHf6+s73ItuvWQ+yZ56fX+z2xrv/NB43R0G1lMM9rBM2JF+4mDa/h8AAP//I7UHQA==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))

13.176472372s ago: executing program 1 (id=170):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000001400), 0x101)
fcntl$setstatus(r0, 0x4, 0x2000)
write$USERIO_CMD_SEND_INTERRUPT(r0, 0x0, 0x0)

12.753868937s ago: executing program 4 (id=171):
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1d, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/kexec_crash_size', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1f00, 0x12)
socket(0x2a, 0x2, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000380)={0x6, 0x5ac}, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, 0x0)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

12.460081742s ago: executing program 0 (id=172):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x18, "0062ba0700000000ebffffff0000f7ffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "e85e52f25c40d7cb"})
r2 = dup3(r1, r0, 0x0)
read$watch_queue(r2, &(0x7f0000000e00)=""/4096, 0x1000)

12.36866878s ago: executing program 3 (id=173):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r2, 0x0, 0x0}, 0x10)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60040011000a740100053582c137153e37024801", 0x27}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc60100c084002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

12.33067071s ago: executing program 1 (id=174):
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000001940), 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x42, 0x0)

4.475752931s ago: executing program 4 (id=175):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x400000000080803, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x8005, 0x0, 0xbb5f}})
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000280)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
recvmmsg$unix(r0, &(0x7f0000004180), 0x0, 0x40000000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000008500006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
inotify_init1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x278)
ioctl$SG_GET_KEEP_ORPHAN(r6, 0x2288, &(0x7f0000000180))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_emit_ethernet(0x46, &(0x7f00000003c0)=ANY=[@ANYBLOB="ffffffffffffaaaabaaaaabb86dd6000021000103afffe8000000000000000000000000000ba9a88d6bfbbff02000000000000000000000000000186009078001100"/75], 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r7, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006002a17006000000002000020"])
ioctl$USBDEVFS_REAPURBNDELAY(r7, 0x4004550d, &(0x7f00000000c0))

1.680388131s ago: executing program 3 (id=176):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200), 0x40, 0x0)
ioctl$SNDCTL_TMR_STOP(r0, 0x5403)

1.302368005s ago: executing program 0 (id=177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000004c0)='contention_begin\x00', r0, 0x0, 0x4000}, 0x18)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)

1.267818689s ago: executing program 1 (id=178):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
close(r0)
r2 = fanotify_init(0x200, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(r2, 0x101, 0x48001051, r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000))
readv(r3, 0x0, 0x0)

1.020613875s ago: executing program 3 (id=179):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x8cb83, 0x0)

619.955474ms ago: executing program 2 (id=180):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x6c}}, 0x0)

229.573898ms ago: executing program 4 (id=181):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x1e1042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000002a40)={0x2, &(0x7f00000007c0)=[{0x40}, {0x6, 0x0, 0x0, 0x2}]})
write$ppp(r0, &(0x7f0000000900)='\x00\x00', 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, &(0x7f0000000240)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x7, "c3b102", "d5adccee59fd238d69c3f8703e8781f36fea53278ce1f670665f279d8f7b100a6526b058813417ff81f226b745e5139d9a0f9e431f2594f1591e4aeaffabcfccddc63939d586a78c1f04947cf64472f1c39d7cfbf8a2beef4af05f3c8ec1ade330f2a79ee0fa4a296bcdd5229e9fdc4b7b07d4d1df04efeb6e7944014e9408591416fe219bf9baaca413ba6351c01ab31b80a210d0edc16372ddf9e87195cfafacddad5b5139eb175965d5baae80154a376a59b3317664e3e5d0272ab074f43b39c5e29a432c7e3740c037c4769337ae24f8e58218af534027de6f567f6afb0d6c745cff3bb91d5205213f617ce80fb808a4c5db3fa65b3740f5e8edd0e703c2"}}, 0x110)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0xabc, 0x2449})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @any, 0x0, 0x0, 0x9})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x2e}}]}, &(0x7f0000000500)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f00000004c0), &(0x7f0000000240)=0xfe29)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r6, 0x0, 0x486, &(0x7f00000003c0), &(0x7f0000000400)=0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={[], [], 0x2f})

48.83263ms ago: executing program 1 (id=182):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8200, 0x1)
prctl$PR_SET_NAME(0xf, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

0s ago: executing program 3 (id=183):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
read$FUSE(r3, &(0x7f0000000000)={0x2020}, 0x2020)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.103' (ED25519) to the list of known hosts.
[  163.591302][ T5768] cgroup: Unknown subsys name 'net'
[  163.754687][ T5768] cgroup: Unknown subsys name 'cpuset'
[  163.768922][ T5768] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  208.448047][ T5768] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  213.441911][ T5799] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  213.450774][ T5799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  213.462064][ T5799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  213.470511][ T5802] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  213.480076][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  213.493020][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  213.505420][ T5799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  213.506332][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  213.514397][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  213.529052][ T5799] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  213.550516][ T5802] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  213.560981][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  214.148185][ T5797] chnl_net:caif_netlink_parms(): no params data found
[  214.250065][ T5798] chnl_net:caif_netlink_parms(): no params data found
[  214.633054][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.641053][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.648809][ T5797] bridge_slave_0: entered allmulticast mode
[  214.656915][ T5797] bridge_slave_0: entered promiscuous mode
[  214.694105][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.701987][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.709810][ T5797] bridge_slave_1: entered allmulticast mode
[  214.718658][ T5797] bridge_slave_1: entered promiscuous mode
[  214.727319][ T5798] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.735261][ T5798] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.742923][ T5798] bridge_slave_0: entered allmulticast mode
[  214.751848][ T5798] bridge_slave_0: entered promiscuous mode
[  214.793306][ T5798] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.801164][ T5798] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.808756][ T5798] bridge_slave_1: entered allmulticast mode
[  214.817630][ T5798] bridge_slave_1: entered promiscuous mode
[  214.894984][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.936374][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.952772][ T5798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.996679][ T5798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.093742][ T5797] team0: Port device team_slave_0 added
[  215.107223][ T5798] team0: Port device team_slave_0 added
[  215.120406][ T5797] team0: Port device team_slave_1 added
[  215.134268][ T5798] team0: Port device team_slave_1 added
[  215.247030][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.254204][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.281872][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.295898][ T5798] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.303074][ T5798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.331264][ T5798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.345429][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.352629][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.378983][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.394093][ T5798] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.401423][ T5798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.427899][ T5798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.544895][   T51] Bluetooth: hci0: command tx timeout
[  215.570357][ T5797] hsr_slave_0: entered promiscuous mode
[  215.580271][ T5797] hsr_slave_1: entered promiscuous mode
[  215.624793][   T51] Bluetooth: hci1: command tx timeout
[  215.632836][ T5798] hsr_slave_0: entered promiscuous mode
[  215.641748][ T5798] hsr_slave_1: entered promiscuous mode
[  215.650278][ T5798] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.659566][ T5798] Cannot create hsr debugfs directory
[  216.186304][ T5797] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  216.210459][ T5797] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  216.229475][ T5797] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  216.260773][ T5797] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  216.363153][ T5798] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  216.382959][ T5798] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  216.410912][ T5798] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  216.429176][ T5798] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  216.726694][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.792892][ T5797] 8021q: adding VLAN 0 to HW filter on device team0
[  216.821222][ T3523] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.828972][ T3523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.885652][ T1886] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.893324][ T1886] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.070934][ T5798] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.143300][ T5798] 8021q: adding VLAN 0 to HW filter on device team0
[  217.189679][ T3523] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.197550][ T3523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.263405][ T3523] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.271287][ T3523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.625208][   T51] Bluetooth: hci0: command tx timeout
[  217.706039][   T51] Bluetooth: hci1: command tx timeout
[  218.039024][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.128532][ T5798] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.266088][ T5797] veth0_vlan: entered promiscuous mode
[  218.358671][ T5797] veth1_vlan: entered promiscuous mode
[  218.379026][ T5798] veth0_vlan: entered promiscuous mode
[  218.429605][ T5798] veth1_vlan: entered promiscuous mode
[  218.573744][ T5797] veth0_macvtap: entered promiscuous mode
[  218.592556][ T5798] veth0_macvtap: entered promiscuous mode
[  218.616164][ T5798] veth1_macvtap: entered promiscuous mode
[  218.634880][ T5797] veth1_macvtap: entered promiscuous mode
[  218.725306][ T5798] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.769120][ T5797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.779920][ T5797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.794225][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.829777][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.850015][ T5798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.862875][ T5798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.877690][ T5798] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.914274][ T5797] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.923552][ T5797] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.933388][ T5797] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.942465][ T5797] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.962975][ T5798] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.972303][ T5798] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.981497][ T5798] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.991743][ T5798] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.094562][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  219.101348][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  219.707792][   T51] Bluetooth: hci0: command tx timeout
[  219.790994][   T51] Bluetooth: hci1: command tx timeout
[  219.906487][ T5802] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  219.919507][ T5802] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  219.928940][ T5802] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  219.956445][ T5802] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  219.972363][ T5802] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  219.983980][ T5802] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  220.188043][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  220.212500][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  220.255377][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  220.275836][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  220.290167][   T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  220.315475][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  220.336293][ T5799] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  220.348332][ T5802] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  220.389774][ T5802] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  220.438704][ T5802] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  220.481879][ T5802] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  220.501717][ T5802] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  221.117828][ T5836] chnl_net:caif_netlink_parms(): no params data found
[  221.789246][ T5802] Bluetooth: hci0: command tx timeout
[  221.856306][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  221.869017][ T5802] Bluetooth: hci1: command tx timeout
[  222.027222][ T5802] Bluetooth: hci2: command tx timeout
[  222.189013][ T5845] chnl_net:caif_netlink_parms(): no params data found
[  222.297209][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.308945][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.319660][ T5836] bridge_slave_0: entered allmulticast mode
[  222.330282][ T5836] bridge_slave_0: entered promiscuous mode
[  222.388127][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.395910][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.403649][ T5836] bridge_slave_1: entered allmulticast mode
[  222.413063][ T5836] bridge_slave_1: entered promiscuous mode
[  222.455546][ T5802] Bluetooth: hci3: command tx timeout
[  222.619282][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.668982][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.681527][ T5802] Bluetooth: hci4: command tx timeout
[  222.994211][ T5836] team0: Port device team_slave_0 added
[  223.109045][ T5836] team0: Port device team_slave_1 added
[  223.119403][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.127477][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.135302][ T5840] bridge_slave_0: entered allmulticast mode
[  223.144086][ T5840] bridge_slave_0: entered promiscuous mode
[  223.257556][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.266210][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.273943][ T5840] bridge_slave_1: entered allmulticast mode
[  223.284689][ T5840] bridge_slave_1: entered promiscuous mode
[  223.482226][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[  223.489628][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  223.516073][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  223.592256][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  223.615616][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.623308][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.635525][ T5845] bridge_slave_0: entered allmulticast mode
[  223.644396][ T5845] bridge_slave_0: entered promiscuous mode
[  223.664985][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  223.689260][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[  223.696695][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  223.723067][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  223.736090][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.743741][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.752486][ T5845] bridge_slave_1: entered allmulticast mode
[  223.761606][ T5845] bridge_slave_1: entered promiscuous mode
[  223.939756][ T5840] team0: Port device team_slave_0 added
[  224.094153][ T5840] team0: Port device team_slave_1 added
[  224.113423][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  224.123624][ T5802] Bluetooth: hci2: command tx timeout
[  224.230786][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.263686][ T5836] hsr_slave_0: entered promiscuous mode
[  224.285879][ T5836] hsr_slave_1: entered promiscuous mode
[  224.293819][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  224.301667][ T5836] Cannot create hsr debugfs directory
[  224.339792][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  224.348801][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.354785][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.376226][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.382992][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.490047][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.497864][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.526942][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.539795][ T5802] Bluetooth: hci3: command tx timeout
[  224.597131][ T5845] team0: Port device team_slave_0 added
[  224.658238][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.668071][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.708324][ T5845] team0: Port device team_slave_1 added
[  224.749780][ T5802] Bluetooth: hci4: command tx timeout
[  224.920204][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[  224.927689][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.955850][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.992751][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.999995][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.026593][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  225.044238][ T5798] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  225.145762][ T5840] hsr_slave_0: entered promiscuous mode
[  225.156068][ T5840] hsr_slave_1: entered promiscuous mode
[  225.163772][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.172157][ T5840] Cannot create hsr debugfs directory
[  225.201009][ T3523] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.209497][ T3523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.548935][ T5845] hsr_slave_0: entered promiscuous mode
[  225.561330][ T5845] hsr_slave_1: entered promiscuous mode
[  225.572760][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.580745][ T5845] Cannot create hsr debugfs directory
[  225.627887][ T4770] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.636044][ T4770] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.715385][ T5835] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  225.929748][ T5835] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  225.939249][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.947824][ T5835] usb 2-1: Product: syz
[  225.952228][ T5835] usb 2-1: Manufacturer: syz
[  225.957949][ T5835] usb 2-1: SerialNumber: syz
[  226.012914][ T5835] usb 2-1: config 0 descriptor??
[  226.076347][ T5836] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  226.153482][ T5836] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  226.207630][ T5802] Bluetooth: hci2: command tx timeout
[  226.306717][ T5836] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  226.433543][ T5900] FAULT_INJECTION: forcing a failure.
[  226.433543][ T5900] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  226.447781][ T5900] CPU: 0 UID: 0 PID: 5900 Comm: syz.0.6 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  226.458158][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  226.463416][ T5836] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  226.468363][ T5900] Call Trace:
[  226.468420][ T5900]  <TASK>
[  226.468471][ T5900]  dump_stack_lvl+0x216/0x2d0
[  226.468647][ T5900]  dump_stack+0x1e/0x30
[  226.468783][ T5900]  should_fail_ex+0x748/0x7f0
[  226.468968][ T5900]  should_fail+0x2a/0x40
[  226.469132][ T5900]  should_fail_usercopy+0x2e/0x40
[  226.469314][ T5900]  _copy_to_iter+0x621/0x2b30
[  226.469484][ T5900]  ? kmsan_get_metadata+0x13e/0x1c0
[  226.516315][ T5900]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  226.522437][ T5900]  seq_read_iter+0x18b9/0x20e0
[  226.527386][ T5900]  ? __pfx_md_seq_stop+0x10/0x10
[  226.532499][ T5900]  seq_read+0x4ef/0x5d0
[  226.536858][ T5900]  ? __traceiter_f2fs_submit_read_bio+0xd1/0x160
[  226.543507][ T5900]  ? kmsan_get_metadata+0x13e/0x1c0
[  226.548947][ T5900]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  226.555003][ T5900]  ? __pfx_seq_read+0x10/0x10
[  226.559962][ T5900]  ? __pfx_seq_read+0x10/0x10
[  226.564929][ T5900]  proc_reg_read+0x261/0x4b0
[  226.569817][ T5900]  ? __pfx_proc_reg_read+0x10/0x10
[  226.575148][ T5900]  vfs_read+0x29d/0xf50
[  226.579595][ T5900]  ? kmsan_get_metadata+0x13e/0x1c0
[  226.585109][ T5900]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  226.590663][ T5802] Bluetooth: hci3: command tx timeout
[  226.591677][ T5900]  ksys_read+0x240/0x4b0
[  226.601601][ T5900]  ? kmsan_get_metadata+0x13e/0x1c0
[  226.607219][ T5900]  __x64_sys_read+0x93/0xe0
[  226.612114][ T5900]  x64_sys_call+0x314c/0x3c30
[  226.617191][ T5900]  do_syscall_64+0xcd/0x1e0
[  226.621972][ T5900]  ? clear_bhb_loop+0x25/0x80
[  226.626916][ T5900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.633113][ T5900] RIP: 0033:0x7f0dcfb7e819
[  226.637716][ T5900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.657643][ T5900] RSP: 002b:00007f0dd0987038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.666363][ T5900] RAX: ffffffffffffffda RBX: 00007f0dcfd35fa0 RCX: 00007f0dcfb7e819
[  226.674520][ T5900] RDX: 0000000000000008 RSI: 00000000200004c0 RDI: 0000000000000003
[  226.682735][ T5900] RBP: 00007f0dd0987090 R08: 0000000000000000 R09: 0000000000000000
[  226.690907][ T5900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.699064][ T5900] R13: 0000000000000000 R14: 00007f0dcfd35fa0 R15: 00007ffdeece9078
[  226.707276][ T5900]  </TASK>
[  226.855829][ T5802] Bluetooth: hci4: command tx timeout
[  227.124211][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  227.149304][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  227.251863][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  227.292810][ T5845] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  227.316735][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  227.356411][ T5845] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  227.494088][ T5845] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  227.519295][ T5845] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  227.530526][ T5904] loop0: detected capacity change from 0 to 4096
[  227.927008][ T5904] FAULT_INJECTION: forcing a failure.
[  227.927008][ T5904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.940588][ T5904] CPU: 0 UID: 0 PID: 5904 Comm: syz.0.7 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  227.950979][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  227.961275][ T5904] Call Trace:
[  227.964755][ T5904]  <TASK>
[  227.967893][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.967874][ T5904]  dump_stack_lvl+0x216/0x2d0
[  227.968034][ T5904]  dump_stack+0x1e/0x30
[  227.983743][ T5904]  should_fail_ex+0x748/0x7f0
[  227.988757][ T5904]  should_fail+0x2a/0x40
[  227.993298][ T5904]  should_fail_usercopy+0x2e/0x40
[  227.998656][ T5904]  _copy_to_user+0x34/0x120
[  228.003471][ T5904]  simple_read_from_buffer+0x199/0x340
[  228.009260][ T5904]  proc_fail_nth_read+0x1e5/0x2c0
[  228.014636][ T5904]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.020506][ T5904]  vfs_read+0x29d/0xf50
[  228.024962][ T5904]  ? kmsan_get_metadata+0x13e/0x1c0
[  228.030477][ T5904]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  228.037150][ T5904]  ksys_read+0x240/0x4b0
[  228.037745][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.041595][ T5904]  ? kmsan_get_metadata+0x13e/0x1c0
[  228.053737][ T5904]  __x64_sys_read+0x93/0xe0
[  228.058540][ T5904]  x64_sys_call+0x314c/0x3c30
[  228.063534][ T5904]  do_syscall_64+0xcd/0x1e0
[  228.068319][ T5904]  ? clear_bhb_loop+0x25/0x80
[  228.073274][ T5904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.079488][ T5904] RIP: 0033:0x7f0dcfb7d25c
[  228.084139][ T5904] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  228.104042][ T5904] RSP: 002b:00007f0dd0987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  228.112780][ T5904] RAX: ffffffffffffffda RBX: 00007f0dcfd35fa0 RCX: 00007f0dcfb7d25c
[  228.121026][ T5904] RDX: 000000000000000f RSI: 00007f0dd09870a0 RDI: 0000000000000006
[  228.129246][ T5904] RBP: 00007f0dd0987090 R08: 0000000000000000 R09: 0000000000000000
[  228.137466][ T5904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.145688][ T5904] R13: 0000000000000000 R14: 00007f0dcfd35fa0 R15: 00007ffdeece9078
[  228.153936][ T5904]  </TASK>
[  228.268492][ T5802] Bluetooth: hci2: command tx timeout
[  228.300426][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  228.327618][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[  228.416640][ T3437] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.424296][ T3437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.440882][ T3437] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.448662][ T3437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.562303][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.570082][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.585474][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.593260][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.662265][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.676989][ T5802] Bluetooth: hci3: command tx timeout
[  228.717113][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[  228.758193][ T5908] usb 2-1: USB disconnect, device number 2
[  228.820167][ T5845] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  228.832354][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  228.940554][ T5836] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  228.951305][ T5836] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  229.014953][ T5802] Bluetooth: hci4: command tx timeout
[  229.090596][ T3437] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.098486][ T3437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.113548][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.121301][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.533702][ T5917] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  229.632414][ T5918] FAULT_INJECTION: forcing a failure.
[  229.632414][ T5918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.648847][ T5918] CPU: 0 UID: 0 PID: 5918 Comm: syz.1.9 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  229.659229][ T5918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  229.669511][ T5918] Call Trace:
[  229.672976][ T5918]  <TASK>
[  229.676090][ T5918]  dump_stack_lvl+0x216/0x2d0
[  229.681064][ T5918]  dump_stack+0x1e/0x30
[  229.685494][ T5918]  should_fail_ex+0x748/0x7f0
[  229.690505][ T5918]  should_fail+0x2a/0x40
[  229.695050][ T5918]  should_fail_usercopy+0x2e/0x40
[  229.700401][ T5918]  _copy_to_user+0x34/0x120
[  229.705220][ T5918]  simple_read_from_buffer+0x199/0x340
[  229.710988][ T5918]  proc_fail_nth_read+0x1e5/0x2c0
[  229.716356][ T5918]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.722236][ T5918]  vfs_read+0x29d/0xf50
[  229.726684][ T5918]  ? kmsan_get_metadata+0x13e/0x1c0
[  229.732208][ T5918]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  229.738861][ T5918]  ksys_read+0x240/0x4b0
[  229.743387][ T5918]  ? kmsan_get_metadata+0x13e/0x1c0
[  229.748914][ T5918]  __x64_sys_read+0x93/0xe0
[  229.753727][ T5918]  x64_sys_call+0x314c/0x3c30
[  229.758711][ T5918]  do_syscall_64+0xcd/0x1e0
[  229.763489][ T5918]  ? clear_bhb_loop+0x25/0x80
[  229.768427][ T5918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.774634][ T5918] RIP: 0033:0x7f043497d25c
[  229.779282][ T5918] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  229.799272][ T5918] RSP: 002b:00007f04327d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  229.808001][ T5918] RAX: ffffffffffffffda RBX: 00007f0434b36080 RCX: 00007f043497d25c
[  229.816235][ T5918] RDX: 000000000000000f RSI: 00007f04327d50a0 RDI: 0000000000000004
[  229.824440][ T5918] RBP: 00007f04327d5090 R08: 0000000000000000 R09: 0000000000000000
[  229.832642][ T5918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.840850][ T5918] R13: 0000000000000000 R14: 00007f0434b36080 R15: 00007ffee9bcc298
[  229.849091][ T5918]  </TASK>
[  230.687465][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.161601][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.278320][ T5836] veth0_vlan: entered promiscuous mode
[  231.349393][ T5836] veth1_vlan: entered promiscuous mode
[  231.371287][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.488763][ T5836] veth0_macvtap: entered promiscuous mode
[  231.510889][ T5836] veth1_macvtap: entered promiscuous mode
[  231.679608][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.691799][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.703123][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.716856][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.731624][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.762172][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.775029][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.786277][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.797965][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.812350][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.830690][ T5836] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.842009][ T5836] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.851545][ T5836] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.860814][ T5836] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.969605][ T5840] veth0_vlan: entered promiscuous mode
[  231.976920][ T5939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14'.
[  232.001279][ T5840] veth1_vlan: entered promiscuous mode
[  232.084842][ T5908] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  232.138228][ T5840] veth0_macvtap: entered promiscuous mode
[  232.158535][ T5840] veth1_macvtap: entered promiscuous mode
[  232.255078][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.267921][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.278139][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.289124][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.299503][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.311279][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.325992][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.345423][ T5908] usb 1-1: Using ep0 maxpacket: 32
[  232.346859][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.361631][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.371943][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.382710][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.392893][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.403706][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.419459][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.478330][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.487521][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.496711][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.510580][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.593269][ T5908] usb 1-1: config 1 interface 0 altsetting 91 bulk endpoint 0x82 has invalid maxpacket 1023
[  232.605192][ T5908] usb 1-1: config 1 interface 0 altsetting 91 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  232.621108][ T5908] usb 1-1: config 1 interface 0 has no altsetting 0
[  232.736723][ T5908] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  232.747588][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.756736][ T5908] usb 1-1: Product: syz
[  232.761142][ T5908] usb 1-1: Manufacturer: syz
[  232.766050][ T5908] usb 1-1: SerialNumber: syz
[  232.885826][ T5937] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  232.893632][ T5937] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  233.173728][ T5908] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  233.201568][ T5908] usb 1-1: USB disconnect, device number 2
[  233.263972][ T5951] syz.1.15 uses obsolete (PF_INET,SOCK_PACKET)
[  234.384439][ T5845] veth0_vlan: entered promiscuous mode
[  234.470002][ T5964] loop0: detected capacity change from 0 to 256
[  234.515286][ T5845] veth1_vlan: entered promiscuous mode
[  234.914444][ T5845] veth0_macvtap: entered promiscuous mode
[  234.945912][ T5971] loop1: detected capacity change from 0 to 128
[  235.009614][ T5845] veth1_macvtap: entered promiscuous mode
[  235.277655][ T5835] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  235.303944][ T5973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18'.
[  235.316465][ T5973] netlink: 12 bytes leftover after parsing attributes in process `syz.1.18'.
[  235.322202][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.337450][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.347651][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.358422][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.368646][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.382244][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.393927][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.405727][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.419870][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.483244][ T5835] usb 1-1: device descriptor read/64, error -71
[  235.636160][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.648860][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.660398][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.671177][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.681475][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.695107][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.706141][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.716871][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.731087][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.755923][ T5835] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  235.935597][ T5845] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.946082][ T5845] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.955783][ T5845] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.964934][ T5845] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.981999][ T5835] usb 1-1: device descriptor read/64, error -71
[  236.097717][ T5835] usb usb1-port1: attempt power cycle
[  236.718503][ T5835] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  236.748378][ T5835] usb 1-1: device descriptor read/8, error -71
[  236.997515][ T5835] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  237.049065][ T5835] usb 1-1: device descriptor read/8, error -71
[  237.092310][ T5995] netlink: 276 bytes leftover after parsing attributes in process `syz.1.20'.
[  237.168250][ T5835] usb usb1-port1: unable to enumerate USB device
[  238.564030][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.572576][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.799402][ T3413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.807820][ T3413] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.006341][ T5908] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  239.116066][ T4770] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.124139][ T4770] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.168521][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  239.194952][ T5908] usb 2-1: Using ep0 maxpacket: 32
[  239.250813][ T5908] usb 2-1: config 1 interface 0 altsetting 91 bulk endpoint 0x82 has invalid maxpacket 1023
[  239.261507][ T5908] usb 2-1: config 1 interface 0 altsetting 91 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  239.278073][ T5908] usb 2-1: config 1 interface 0 has no altsetting 0
[  239.327952][ T5908] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  239.337521][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.346022][ T5908] usb 2-1: Product: syz
[  239.350437][ T5908] usb 2-1: Manufacturer: syz
[  239.355481][ T5908] usb 2-1: SerialNumber: syz
[  239.399691][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.411157][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  239.422123][   T10] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  239.432088][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.452344][ T6027] FAULT_INJECTION: forcing a failure.
[  239.452344][ T6027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.466299][ T6027] CPU: 1 UID: 0 PID: 6027 Comm: syz.3.4 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  239.476675][ T6027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  239.486965][ T6027] Call Trace:
[  239.490438][ T6027]  <TASK>
[  239.493017][   T10] usb 1-1: config 0 descriptor??
[  239.493467][ T6027]  dump_stack_lvl+0x216/0x2d0
[  239.503458][ T6027]  dump_stack+0x1e/0x30
[  239.504430][ T6023] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  239.507796][ T6027]  should_fail_ex+0x748/0x7f0
[  239.519906][ T6027]  should_fail+0x2a/0x40
[  239.524457][ T6027]  should_fail_usercopy+0x2e/0x40
[  239.524507][ T6023] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  239.537028][ T6027]  _copy_from_user+0x35/0x110
[  239.542045][ T6027]  security_getselfattr+0x20c/0x9d0
[  239.547540][ T6027]  ? kmsan_get_metadata+0x13e/0x1c0
[  239.553066][ T6027]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  239.559739][ T6027]  ? kmsan_get_metadata+0x13e/0x1c0
[  239.565272][ T6027]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  239.571426][ T6027]  __x64_sys_lsm_get_self_attr+0xb8/0x120
[  239.577477][ T6027]  x64_sys_call+0x2d08/0x3c30
[  239.582475][ T6027]  do_syscall_64+0xcd/0x1e0
[  239.587275][ T6027]  ? clear_bhb_loop+0x25/0x80
[  239.591564][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.592140][ T6027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.600349][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.606011][ T6027] RIP: 0033:0x7eff8977e819
[  239.606133][ T6027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.606258][ T6027] RSP: 002b:00007eff8a64a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  239.647064][ T6027] RAX: ffffffffffffffda RBX: 00007eff89935fa0 RCX: 00007eff8977e819
[  239.655308][ T6027] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000064
[  239.663543][ T6027] RBP: 00007eff8a64a090 R08: 0000000000000000 R09: 0000000000000000
[  239.671769][ T6027] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  239.679986][ T6027] R13: 0000000000000000 R14: 00007eff89935fa0 R15: 00007ffee4c3a508
[  239.688295][ T6027]  </TASK>
[  239.758521][ T5908] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  239.843320][ T5908] usb 2-1: USB disconnect, device number 3
[  240.435855][ T6034] FAULT_INJECTION: forcing a failure.
[  240.435855][ T6034] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  240.450049][ T6034] CPU: 1 UID: 0 PID: 6034 Comm: syz.3.25 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  240.460516][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  240.470818][ T6034] Call Trace:
[  240.474282][ T6034]  <TASK>
[  240.477396][ T6034]  dump_stack_lvl+0x216/0x2d0
[  240.482365][ T6034]  dump_stack+0x1e/0x30
[  240.486792][ T6034]  should_fail_ex+0x748/0x7f0
[  240.491796][ T6034]  should_fail_alloc_page+0x235/0x2b0
[  240.497599][ T6034]  __alloc_pages_noprof+0x343/0xe00
[  240.503117][ T6034]  alloc_pages_mpol_noprof+0x299/0x990
[  240.508869][ T6034]  ? kmsan_get_metadata+0x13e/0x1c0
[  240.514408][ T6034]  vma_alloc_folio_noprof+0x454/0x7f0
[  240.520098][ T6034]  handle_mm_fault+0xa40e/0xdcc0
[  240.525352][ T6034]  ? kmsan_get_metadata+0x13e/0x1c0
[  240.530928][ T6034]  exc_page_fault+0x41b/0x700
[  240.535954][ T6034]  asm_exc_page_fault+0x2b/0x30
[  240.541126][ T6034] RIP: 0033:0x7eff89641853
[  240.545781][ T6034] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  240.565696][ T6034] RSP: 002b:00007eff8a6494a0 EFLAGS: 00010206
[  240.572062][ T6034] RAX: 0000000000031000 RBX: 00007eff8a649540 RCX: 00007eff7f000000
[  240.580282][ T6034] RDX: 00007eff8a6496e0 RSI: 0000000000000009 RDI: 00007eff8a6495e0
[  240.588523][ T6034] RBP: 000000000000000b R08: 0000000000000008 R09: 00000000000000d6
[  240.596745][ T6034] R10: 00000000000000e0 R11: 00007eff8a649540 R12: 0000000000000001
[  240.604969][ T6034] R13: 00007eff89805fa0 R14: 000000000000002e R15: 00007eff8a6495e0
[  240.613220][ T6034]  </TASK>
[  240.619383][ T6034] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  240.861461][ T6030] Zero length message leads to an empty skb
[  240.862518][ T6034] loop3: detected capacity change from 0 to 2048
[  240.985825][   T10] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0001/input/input5
[  241.082838][   T10] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0001/input/input6
[  241.272665][   T10] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0001/input/input7
[  241.293605][ T6041] loop1: detected capacity change from 0 to 1024
[  241.337782][ T6017] loop0: detected capacity change from 0 to 1024
[  241.369317][ T6041] EXT4-fs: Ignoring removed nomblk_io_submit option
[  241.377513][ T6017] EXT4-fs: Ignoring removed oldalloc option
[  241.413926][   T10] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0001/input/input8
[  241.458324][ T6017] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  241.497540][ T6041] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  241.578580][ T6017] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.629865][ T6041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.676916][   T10] uclogic 0003:256C:006D.0001: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[  241.850236][   T10] usb 1-1: USB disconnect, device number 7
[  242.023984][   T29] audit: type=1326 audit(1732431621.507:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff8977e819 code=0x7ffc0000
[  242.050508][   T29] audit: type=1326 audit(1732431621.537:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff8977e819 code=0x7ffc0000
[  242.165984][ T5798] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.195235][ T3413] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.203478][ T3413] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.274790][   T29] audit: type=1326 audit(1732431621.577:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7eff8977e819 code=0x7ffc0000
[  242.297943][   T29] audit: type=1326 audit(1732431621.577:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7eff8977e853 code=0x7ffc0000
[  242.320352][   T29] audit: type=1326 audit(1732431621.727:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7eff8977d2ff code=0x7ffc0000
[  242.476295][ T4002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.484385][ T4002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.514902][   T29] audit: type=1326 audit(1732431621.997:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7eff8977e8a7 code=0x7ffc0000
[  242.540963][ T6052] loop3: detected capacity change from 0 to 2048
[  242.684157][   T29] audit: type=1326 audit(1732431622.027:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff8977d1b0 code=0x7ffc0000
[  242.707489][   T29] audit: type=1326 audit(1732431622.027:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7eff8977e41b code=0x7ffc0000
[  242.729849][   T29] audit: type=1326 audit(1732431622.147:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7eff8977d4aa code=0x7ffc0000
[  242.756866][   T29] audit: type=1326 audit(1732431622.147:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.3.28" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7eff8977d4aa code=0x7ffc0000
[  243.231519][ T6052] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  243.301155][ T6052] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  243.348248][ T6062] RDS: rds_bind could not find a transport for 100::, load rds_tcp or rds_rdma?
[  243.519066][ T6052] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.573142][ T5835] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  243.758410][ T5835] usb 3-1: Using ep0 maxpacket: 32
[  243.793191][ T5835] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  243.821557][ T5797] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.849496][ T5835] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  243.859785][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  243.870154][ T5835] usb 3-1: Product: syz
[  243.878498][ T5835] usb 3-1: Manufacturer: syz
[  243.883348][ T5835] usb 3-1: SerialNumber: syz
[  243.907238][ T5835] usb 3-1: config 0 descriptor??
[  243.914896][ T6054] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  243.975108][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  244.141716][ T6052] UDF-fs: error (device loop3): udf_read_inode: (ino 1347) failed !bh
[  244.164904][   T10] usb 5-1: device descriptor read/64, error -71
[  244.178323][ T5835] usb 3-1: USB disconnect, device number 2
[  244.467189][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  244.674896][   T10] usb 5-1: device descriptor read/64, error -71
[  244.791844][   T10] usb usb5-port1: attempt power cycle
[  244.934902][ T6080] syz.0.35 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  244.970666][ T6081] FAULT_INJECTION: forcing a failure.
[  244.970666][ T6081] name failslab, interval 1, probability 0, space 0, times 1
[  244.983966][ T6081] CPU: 1 UID: 0 PID: 6081 Comm: syz.3.34 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  244.994430][ T6081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.004719][ T6081] Call Trace:
[  245.008196][ T6081]  <TASK>
[  245.011300][ T6081]  dump_stack_lvl+0x216/0x2d0
[  245.016246][ T6081]  dump_stack+0x1e/0x30
[  245.020651][ T6081]  should_fail_ex+0x748/0x7f0
[  245.025634][ T6081]  should_failslab+0x17f/0x210
[  245.030702][ T6081]  __kmalloc_noprof+0x175/0xf30
[  245.035838][ T6081]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  245.041950][ T6081]  ? kmsan_get_metadata+0x13e/0x1c0
[  245.047451][ T6081]  tomoyo_realpath_from_path+0x104/0xaa0
[  245.053401][ T6081]  ? __srcu_read_lock+0x76/0xd0
[  245.058547][ T6081]  tomoyo_path_number_perm+0x1d9/0x8f0
[  245.064285][ T6081]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  245.070926][ T6081]  ? kmsan_get_metadata+0x13e/0x1c0
[  245.076411][ T6081]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  245.082541][ T6081]  tomoyo_file_ioctl+0x3f/0x50
[  245.087596][ T6081]  security_file_ioctl+0x145/0x590
[  245.092991][ T6081]  __se_sys_ioctl+0xd0/0x440
[  245.097859][ T6081]  __x64_sys_ioctl+0x96/0xe0
[  245.102728][ T6081]  x64_sys_call+0x19f0/0x3c30
[  245.107710][ T6081]  do_syscall_64+0xcd/0x1e0
[  245.112481][ T6081]  ? clear_bhb_loop+0x25/0x80
[  245.117401][ T6081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.123600][ T6081] RIP: 0033:0x7eff8977e819
[  245.128234][ T6081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.148112][ T6081] RSP: 002b:00007eff8a64a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  245.156817][ T6081] RAX: ffffffffffffffda RBX: 00007eff89935fa0 RCX: 00007eff8977e819
[  245.165018][ T6081] RDX: 0000000020000180 RSI: 00000000c03864bc RDI: 0000000000000003
[  245.173208][ T6081] RBP: 00007eff8a64a090 R08: 0000000000000000 R09: 0000000000000000
[  245.181395][ T6081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.189594][ T6081] R13: 0000000000000000 R14: 00007eff89935fa0 R15: 00007ffee4c3a508
[  245.197812][ T6081]  </TASK>
[  245.205352][ T6081] ERROR: Out of memory at tomoyo_realpath_from_path.
[  245.376851][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  245.418988][   T10] usb 5-1: device descriptor read/8, error -71
[  245.593955][ T6083] loop0: detected capacity change from 0 to 64
[  245.650113][ T6087] FAULT_INJECTION: forcing a failure.
[  245.650113][ T6087] name failslab, interval 1, probability 0, space 0, times 0
[  245.663276][ T6087] CPU: 1 UID: 0 PID: 6087 Comm: syz.2.37 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  245.673738][ T6087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.684035][ T6087] Call Trace:
[  245.687515][ T6087]  <TASK>
[  245.690640][ T6087]  dump_stack_lvl+0x216/0x2d0
[  245.695631][ T6087]  dump_stack+0x1e/0x30
[  245.700069][ T6087]  should_fail_ex+0x748/0x7f0
[  245.705080][ T6087]  should_failslab+0x17f/0x210
[  245.710177][ T6087]  __kmalloc_noprof+0x175/0xf30
[  245.715333][ T6087]  ? tomoyo_encode+0x5f8/0xa40
[  245.716894][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  245.727882][ T6087]  ? kmsan_get_metadata+0x13e/0x1c0
[  245.728073][ T6087]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  245.739438][ T6087]  tomoyo_encode+0x5f8/0xa40
[  245.744395][ T6087]  tomoyo_realpath_from_path+0x9dd/0xaa0
[  245.750385][ T6087]  tomoyo_path_number_perm+0x1d9/0x8f0
[  245.756165][ T6087]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  245.762829][ T6087]  ? kmsan_get_metadata+0x13e/0x1c0
[  245.767378][   T10] usb 5-1: device descriptor read/8, error -71
[  245.768260][ T6087]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  245.780570][ T6087]  tomoyo_file_ioctl+0x3f/0x50
[  245.785625][ T6087]  security_file_ioctl+0x145/0x590
[  245.791055][ T6087]  __se_sys_ioctl+0xd0/0x440
[  245.795952][ T6087]  __x64_sys_ioctl+0x96/0xe0
[  245.800847][ T6087]  x64_sys_call+0x19f0/0x3c30
[  245.805917][ T6087]  do_syscall_64+0xcd/0x1e0
[  245.810701][ T6087]  ? clear_bhb_loop+0x25/0x80
[  245.815638][ T6087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.821844][ T6087] RIP: 0033:0x7f348757e819
[  245.826497][ T6087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.846394][ T6087] RSP: 002b:00007f34882a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  245.855111][ T6087] RAX: ffffffffffffffda RBX: 00007f3487735fa0 RCX: 00007f348757e819
[  245.863325][ T6087] RDX: 0000000020000100 RSI: 000000004008b100 RDI: 0000000000000003
[  245.871532][ T6087] RBP: 00007f34882a7090 R08: 0000000000000000 R09: 0000000000000000
[  245.879738][ T6087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.887930][ T6087] R13: 0000000000000000 R14: 00007f3487735fa0 R15: 00007fffd672fda8
[  245.896142][ T6087]  </TASK>
[  245.903802][ T6087] ERROR: Out of memory at tomoyo_realpath_from_path.
[  245.916762][   T10] usb usb5-port1: unable to enumerate USB device
[  246.143064][ T5835] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  246.336506][ T5835] usb 2-1: Using ep0 maxpacket: 16
[  246.350031][ T5835] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  246.362230][ T5835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  246.413852][ T5835] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  246.423489][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.432252][ T5835] usb 2-1: Product: syz
[  246.440011][ T5835] usb 2-1: Manufacturer: syz
[  246.445950][ T5835] usb 2-1: SerialNumber: syz
[  246.497440][ T5835] usb 2-1: config 0 descriptor??
[  246.520178][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  246.547470][ T5835] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  246.557375][ T5835] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  246.686070][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.697595][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.707843][   T10] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  246.717259][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.020351][   T10] usb 1-1: config 0 descriptor??
[  247.158115][ T6097] netlink: 12 bytes leftover after parsing attributes in process `syz.2.42'.
[  247.167621][ T6097] netlink: 12 bytes leftover after parsing attributes in process `syz.2.42'.
[  247.287388][ T5835] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  247.301680][ T5835] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  247.630750][ T6083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.641872][ T6083] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.104912][ T6104] loop3: detected capacity change from 0 to 256
[  248.181497][   T10] hid (null): bogus close delimiter
[  248.208328][   T10] usb 1-1: language id specifier not provided by device, defaulting to English
[  248.406117][ T5835] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  248.425923][ T6085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.436558][ T6085] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.475421][ T6104] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  248.518768][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  248.668655][ T6097] loop2: detected capacity change from 0 to 32768
[  248.678588][ T6097] (syz.2.42,6097,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "localalloc=00>00000000000000008" or missing value
[  248.697230][ T6097] (syz.2.42,6097,1):ocfs2_fill_super:1178 ERROR: status = -22
[  248.701845][   T10] uclogic 0003:256C:006D.0002: failed retrieving string descriptor #200: -71
[  248.714321][   T10] uclogic 0003:256C:006D.0002: failed retrieving pen parameters: -71
[  248.722928][   T10] uclogic 0003:256C:006D.0002: failed probing pen v2 parameters: -71
[  248.731525][   T10] uclogic 0003:256C:006D.0002: failed probing parameters: -71
[  248.740183][   T10] uclogic 0003:256C:006D.0002: probe with driver uclogic failed with error -71
[  248.842466][   T10] usb 1-1: USB disconnect, device number 8
[  248.962645][ T6106] FAULT_INJECTION: forcing a failure.
[  248.962645][ T6106] name failslab, interval 1, probability 0, space 0, times 0
[  248.976213][ T6106] CPU: 0 UID: 0 PID: 6106 Comm: syz.4.46 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  248.986673][ T6106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.996967][ T6106] Call Trace:
[  249.000434][ T6106]  <TASK>
[  249.003549][ T6106]  dump_stack_lvl+0x216/0x2d0
[  249.008527][ T6106]  dump_stack+0x1e/0x30
[  249.012954][ T6106]  should_fail_ex+0x748/0x7f0
[  249.017962][ T6106]  should_failslab+0x17f/0x210
[  249.023068][ T6106]  kmem_cache_alloc_noprof+0xe2/0xb20
[  249.028750][ T6106]  ? __anon_vma_prepare+0x1ef/0xb30
[  249.034418][ T6106]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  249.040553][ T6106]  __anon_vma_prepare+0x1ef/0xb30
[  249.045871][ T6106]  ? down_read_trylock+0x13d/0x1b0
[  249.051301][ T6106]  handle_mm_fault+0xcab6/0xdcc0
[  249.056543][ T6106]  ? kmsan_get_metadata+0x13e/0x1c0
[  249.062116][ T6106]  exc_page_fault+0x41b/0x700
[  249.067129][ T6106]  asm_exc_page_fault+0x2b/0x30
[  249.072290][ T6106] RIP: 0033:0x7f19a4241853
[  249.076954][ T6106] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  249.096878][ T6106] RSP: 002b:00007f19a51d14a0 EFLAGS: 00010206
[  249.103147][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  249.109690][ T6106] RAX: 0000000000008001 RBX: 00007f19a51d1540 RCX: 00007f1999c00000
[  249.117926][ T6106] RDX: 00007f19a51d16e0 RSI: 0000000000000000 RDI: 00007f19a51d15e0
[  249.126173][ T6106] RBP: 0000000000000102 R08: 0000000000000009 R09: 00000000000001a2
[  249.134390][ T6106] R10: 00000000000001ba R11: 00007f19a51d1540 R12: 0000000000000001
[  249.142600][ T6106] R13: 00007f19a4405fa0 R14: 0000000000000042 R15: 00007f19a51d15e0
[  249.150842][ T6106]  </TASK>
[  249.154184][    C0] vkms_vblank_simulate: vblank timer overrun
[  249.169887][ T6106] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  249.219002][ T6106] loop4: detected capacity change from 0 to 256
[  249.244902][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  249.257741][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  249.349431][ T6106] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  249.355410][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  249.606418][ T6106] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  249.621220][ T6106] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  249.631161][ T6106] UDF-fs: Scanning with blocksize 512 failed
[  249.803441][ T6106] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  249.820009][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  249.828567][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  249.835382][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  249.841959][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  249.848825][ T5835] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  249.882193][ T5835] usb 2-1: USB disconnect, device number 4
[  250.006809][ T6106] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.157805][ T6128] loop3: detected capacity change from 0 to 128
[  251.482127][ T6130] loop1: detected capacity change from 0 to 2048
[  251.527531][ T6130] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  251.642489][ T6134] FAULT_INJECTION: forcing a failure.
[  251.642489][ T6134] name failslab, interval 1, probability 0, space 0, times 0
[  251.656504][ T6134] CPU: 1 UID: 0 PID: 6134 Comm: syz.4.56 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  251.666964][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  251.677266][ T6134] Call Trace:
[  251.680728][ T6134]  <TASK>
[  251.683846][ T6134]  dump_stack_lvl+0x216/0x2d0
[  251.688827][ T6134]  dump_stack+0x1e/0x30
[  251.693267][ T6134]  should_fail_ex+0x748/0x7f0
[  251.698271][ T6134]  should_failslab+0x17f/0x210
[  251.703365][ T6134]  kmem_cache_alloc_noprof+0xe2/0xb20
[  251.709069][ T6134]  ? __anon_vma_prepare+0x1ef/0xb30
[  251.714559][ T6134]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  251.720705][ T6134]  __anon_vma_prepare+0x1ef/0xb30
[  251.726033][ T6134]  ? down_read_trylock+0x13d/0x1b0
[  251.731462][ T6134]  handle_mm_fault+0xcab6/0xdcc0
[  251.736714][ T6134]  ? kmsan_get_metadata+0x13e/0x1c0
[  251.742286][ T6134]  exc_page_fault+0x41b/0x700
[  251.747291][ T6134]  asm_exc_page_fault+0x2b/0x30
[  251.752455][ T6134] RIP: 0033:0x7f19a4241853
[  251.757120][ T6134] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  251.777035][ T6134] RSP: 002b:00007f19a51d14a0 EFLAGS: 00010206
[  251.783410][ T6134] RAX: 0000000000000000 RBX: 00007f19a51d1540 RCX: 00007f1999c00000
[  251.791627][ T6134] RDX: 00007f19a51d16e0 RSI: 000000000000000d RDI: 00007f19a51d15e0
[  251.799849][ T6134] RBP: 000000000000013c R08: 000000000000000a R09: 000000000000039a
[  251.808069][ T6134] R10: 00000000000003b0 R11: 00007f19a51d1540 R12: 00007f19a51d1540
[  251.816298][ T6134] R13: 00007f19a4405fa0 R14: 00000000000000eb R15: 00007f19a51d15e0
[  251.824538][ T6134]  </TASK>
[  251.836440][ T6134] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  252.399218][ T6134] loop4: detected capacity change from 0 to 4096
[  252.752522][ T6134] ntfs3(loop4): This driver is compiled without CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).
[  252.752522][ T6134] Volume contains 64 bits run: vcn 0, lcn ffffffffff000000, len 7ff.
[  252.752522][ T6134] Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case
[  252.778981][ T6134] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  252.900224][ T6134] ntfs3(loop4): Failed to load $BadClus (-95).
[  253.017670][ T6154] 9pnet_fd: Insufficient options for proto=fd
[  253.422953][ T6154] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  253.432530][ T6154] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  253.441375][ T6154] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  253.456082][ T6154] overlayfs: missing 'lowerdir'
[  253.570960][ T6159] loop0: detected capacity change from 0 to 1024
[  253.730265][ T6159] hfsplus: xattr searching failed
[  253.760472][ T6159] hfsplus: b-tree write err: -5, ino 3
[  253.792393][ T6165] process 'syz.0.63' launched './file0' with NULL argv: empty string added
[  253.889236][ T6165] hfsplus: xattr searching failed
[  253.946121][ T6165] hfsplus: xattr searching failed
[  254.403241][ T5835] kernel write not supported for file /38/uid_map (pid: 5835 comm: kworker/1:3)
[  254.437969][ T3413] hfsplus: b-tree write err: -5, ino 3
[  254.440907][ T6172] loop1: detected capacity change from 0 to 8
[  254.572352][ T6174] netlink: 12 bytes leftover after parsing attributes in process `syz.2.69'.
[  254.607710][ T6173] loop3: detected capacity change from 0 to 256
[  254.617546][ T6173] =======================================================
[  254.617546][ T6173] WARNING: The mand mount option has been deprecated and
[  254.617546][ T6173]          and is ignored by this kernel. Remove the mand
[  254.617546][ T6173]          option from the mount to silence this warning.
[  254.617546][ T6173] =======================================================
[  254.656487][ T6173] vfat: Unknown parameter 'unr2>di_xlate'
[  254.726529][ T6178] loop4: detected capacity change from 0 to 512
[  254.880308][ T6178] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  254.893706][ T6178] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  255.266934][ T6182] loop3: detected capacity change from 0 to 512
[  255.520909][ T6178] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  255.534671][ T6178] EXT4-fs (loop4): 1 truncate cleaned up
[  255.542104][ T6178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.804922][   T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  255.867851][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.887363][ T5835] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  255.989891][ T6197] loop3: detected capacity change from 0 to 128
[  256.014312][   T10] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  256.024203][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.109231][   T10] usb 1-1: config 0 descriptor??
[  256.156295][   T10] cp210x 1-1:0.0: cp210x converter detected
[  256.349527][ T5835] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  256.360195][ T5835] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  256.416716][ T5835] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  256.426249][ T5835] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  256.434760][ T5835] usb 3-1: SerialNumber: syz
[  256.519438][ T5835] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  256.667674][   T10] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  256.719948][ T6180] netlink: 'syz.0.72': attribute type 1 has an invalid length.
[  256.728823][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.72'.
[  256.977747][ T6180] tipc: Started in network mode
[  256.982946][ T6180] tipc: Node identity ff050000000000000000000000000001, cluster identity 4711
[  257.001232][ T6180] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  257.270266][ T6209] loop2: detected capacity change from 0 to 1764
[  257.317037][ T6214] loop1: detected capacity change from 0 to 256
[  257.344646][   T10] usb 1-1: cp210x converter now attached to ttyUSB0
[  257.405892][ T5835] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  257.416849][ T6215] FAULT_INJECTION: forcing a failure.
[  257.416849][ T6215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.430350][ T6215] CPU: 1 UID: 0 PID: 6215 Comm: syz.4.84 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  257.440816][ T6215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  257.451104][ T6215] Call Trace:
[  257.454594][ T6215]  <TASK>
[  257.457703][ T6215]  dump_stack_lvl+0x216/0x2d0
[  257.462667][ T6215]  dump_stack+0x1e/0x30
[  257.467098][ T6215]  should_fail_ex+0x748/0x7f0
[  257.472095][ T6215]  should_fail+0x2a/0x40
[  257.476642][ T6215]  should_fail_usercopy+0x2e/0x40
[  257.481997][ T6215]  _copy_to_user+0x34/0x120
[  257.486835][ T6215]  simple_read_from_buffer+0x199/0x340
[  257.492624][ T6215]  proc_fail_nth_read+0x1e5/0x2c0
[  257.497985][ T6215]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  257.503856][ T6215]  vfs_read+0x29d/0xf50
[  257.508301][ T6215]  ? kmsan_get_metadata+0x13e/0x1c0
[  257.513812][ T6215]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  257.520477][ T6215]  ksys_read+0x240/0x4b0
[  257.520913][   T10] usb 1-1: USB disconnect, device number 9
[  257.524927][ T6215]  ? kmsan_get_metadata+0x13e/0x1c0
[  257.525122][ T6215]  __x64_sys_read+0x93/0xe0
[  257.541117][ T6215]  x64_sys_call+0x314c/0x3c30
[  257.546113][ T6215]  do_syscall_64+0xcd/0x1e0
[  257.550885][ T6215]  ? clear_bhb_loop+0x25/0x80
[  257.555830][ T6215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.562052][ T6215] RIP: 0033:0x7f19a437d25c
[  257.566705][ T6215] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  257.571387][ T6214] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00000005) bogus content (0x00000001)
[  257.586495][ T6215] RSP: 002b:00007f19a51d2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  257.586637][ T6215] RAX: ffffffffffffffda RBX: 00007f19a4535fa0 RCX: 00007f19a437d25c
[  257.586742][ T6215] RDX: 000000000000000f RSI: 00007f19a51d20a0 RDI: 0000000000000004
[  257.586833][ T6215] RBP: 00007f19a51d2090 R08: 0000000000000000 R09: 0000000000000000
[  257.602792][ T6214] exFAT-fs (loop1): Filesystem has been set read-only
[  257.605675][ T6215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.605765][ T6215] R13: 0000000000000000 R14: 00007f19a4535fa0 R15: 00007ffc4d7e27c8
[  257.605881][ T6215]  </TASK>
[  257.659782][ T6214] exFAT-fs (loop1): failed to load upcase table
[  257.666340][ T6214] exFAT-fs (loop1): failed to recognize exfat type
[  257.697326][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  257.785508][   T10] cp210x 1-1:0.0: device disconnected
[  257.817606][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.829611][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.840401][ T5835] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  257.850646][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.895935][ T5835] usb 4-1: config 0 descriptor??
[  257.929260][    C1] Illegal XDP return value 16128 on prog  (id 8) dev veth0_virt_wifi, expect packet loss!
[  258.086136][ T5908] usb 3-1: USB disconnect, device number 3
[  258.307645][ T6218] fuse: Unknown parameter 'gro'
[  258.775245][ T2046] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  259.074868][ T2046] usb 2-1: device descriptor read/64, error -71
[  259.118097][ T1526] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  259.229291][ T5835] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0003/input/input12
[  259.325194][ T5835] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0003/input/input13
[  259.353000][ T2046] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  259.373364][ T1526] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.412047][ T1526] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.420856][ T6228] loop2: detected capacity change from 0 to 1024
[  259.433907][ T1526] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  259.446366][ T1526] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.464014][ T5835] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0003/input/input14
[  259.487929][ T1526] usb 1-1: config 0 descriptor??
[  259.505177][ T2046] usb 2-1: device descriptor read/64, error -71
[  259.580724][ T5835] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0003/input/input15
[  259.618299][ T6228] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.626149][ T6206] loop3: detected capacity change from 0 to 1024
[  259.641638][ T6206] EXT4-fs: Ignoring removed oldalloc option
[  259.662964][ T6206] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  259.712248][ T2046] usb usb2-port1: attempt power cycle
[  259.716098][ T5835] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  259.931718][ T6206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.969812][ T1526] hid (null): global environment stack underflow
[  260.125634][ T2046] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  260.125832][ T5835] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  260.148584][ T2046] usb 2-1: device descriptor read/8, error -71
[  260.177546][ T1526] hid-steam 0003:28DE:1142.0004: global environment stack underflow
[  260.186223][ T1526] hid-steam 0003:28DE:1142.0004: item 0 2 1 11 parsing failed
[  260.269738][ T5802] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  260.285187][ T1526] hid-steam 0003:28DE:1142.0004: steam_probe:parse of hid interface failed
[  260.294687][ T1526] hid-steam 0003:28DE:1142.0004: probe with driver hid-steam failed with error -22
[  260.329595][   T44] usb 4-1: USB disconnect, device number 2
[  260.341080][ T5835] usb 3-1: Using ep0 maxpacket: 32
[  260.370300][ T5835] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  260.381463][ T5835] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  260.416535][ T5835] usb 3-1: New USB device found, idVendor=0123, idProduct=0001, bcdDevice=4a.fe
[  260.426448][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.435423][ T5835] usb 3-1: Product: syz
[  260.436826][ T2046] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  260.439738][ T5835] usb 3-1: Manufacturer: syz
[  260.452317][ T5835] usb 3-1: SerialNumber: syz
[  260.553568][ T2046] usb 2-1: device descriptor read/8, error -71
[  260.653858][ T5835] usb 3-1: config 0 descriptor??
[  260.675138][ T2046] usb usb2-port1: unable to enumerate USB device
[  260.712416][ T5835] usbtouchscreen 3-1:0.0: probe with driver usbtouchscreen failed with error -12
[  260.892353][ T5835] usb 3-1: USB disconnect, device number 4
[  261.137655][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.684296][ T6237] loop3: detected capacity change from 0 to 1024
[  261.727962][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.829720][ T6237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.075487][ T5835] usb 1-1: USB disconnect, device number 10
[  262.178230][ T6245] FAULT_INJECTION: forcing a failure.
[  262.178230][ T6245] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  262.192108][ T6245] CPU: 1 UID: 0 PID: 6245 Comm: syz.2.92 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  262.202589][ T6245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  262.212889][ T6245] Call Trace:
[  262.216373][ T6245]  <TASK>
[  262.219500][ T6245]  dump_stack_lvl+0x216/0x2d0
[  262.224466][ T6245]  dump_stack+0x1e/0x30
[  262.228893][ T6245]  should_fail_ex+0x748/0x7f0
[  262.233875][ T6245]  should_fail_alloc_page+0x235/0x2b0
[  262.239563][ T6245]  __alloc_pages_noprof+0x343/0xe00
[  262.245051][ T6245]  alloc_pages_mpol_noprof+0x299/0x990
[  262.250796][ T6245]  ? kmsan_get_metadata+0x13e/0x1c0
[  262.256315][ T6245]  vma_alloc_folio_noprof+0x454/0x7f0
[  262.261956][ T6245]  do_wp_page+0x1860/0x7160
[  262.266760][ T6245]  handle_mm_fault+0x5fe9/0xdcc0
[  262.271985][ T6245]  ? kmsan_get_metadata+0x13e/0x1c0
[  262.277532][ T6245]  exc_page_fault+0x41b/0x700
[  262.282531][ T6245]  asm_exc_page_fault+0x2b/0x30
[  262.287665][ T6245] RIP: 0033:0x7f3487441900
[  262.292298][ T6245] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[  262.312183][ T6245] RSP: 002b:00007f34882a64a0 EFLAGS: 00010282
[  262.318519][ T6245] RAX: 0000000000009090 RBX: 00007f34882a6540 RCX: 000000000000007f
[  262.326709][ T6245] RDX: 00000000000cafff RSI: 0000000000007000 RDI: 00007f34882a65e0
[  262.334903][ T6245] RBP: 0000000000000080 R08: 00007f347ce00000 R09: 00000000000000fd
[  262.343182][ T6245] R10: 0000000020000e82 R11: 0000000000000d97 R12: 0000000000006001
[  262.351374][ T6245] R13: 00007f3487605fa0 R14: 000000000000001d R15: 00007f34882a65e0
[  262.359585][ T6245]  </TASK>
[  262.365354][ T6245] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  262.665313][ T5802] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  262.674093][ T5802] Bluetooth: hci4: Injecting HCI hardware error event
[  262.686691][ T5802] Bluetooth: hci4: hardware error 0x00
[  262.798248][ T6245] loop2: detected capacity change from 0 to 4096
[  262.807059][ T6254] loop1: detected capacity change from 0 to 1024
[  262.834963][   T44] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  262.878622][ T6254] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  262.888920][ T6254] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  262.940754][ T6256] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  262.984900][   T44] usb 4-1: device descriptor read/64, error -71
[  262.993405][ T6254] EXT4-fs error (device loop1): ext4_get_journal_inode:5809: inode #32: comm syz.1.96: iget: special inode unallocated
[  263.052473][ T6254] EXT4-fs (loop1): no journal found
[  263.058280][ T6254] EXT4-fs (loop1): can't get journal size
[  263.145843][ T6254] EXT4-fs error (device loop1): ext4_protect_reserved_inode:160: inode #32: comm syz.1.96: iget: special inode unallocated
[  263.175991][ T6254] EXT4-fs (loop1): failed to initialize system zone (-117)
[  263.183535][ T6254] EXT4-fs (loop1): mount failed
[  263.256151][   T44] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  263.445611][   T44] usb 4-1: device descriptor read/64, error -71
[  263.572898][   T44] usb usb4-port1: attempt power cycle
[  263.903714][ T6262] loop2: detected capacity change from 0 to 2048
[  263.970864][   T44] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  264.005821][ T2046] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  264.037125][   T44] usb 4-1: device descriptor read/8, error -71
[  264.061370][ T6262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.241562][ T2046] usb 1-1: Using ep0 maxpacket: 8
[  264.292343][ T2046] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  264.300262][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  264.311998][ T2046] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  264.319699][   T44] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  264.323927][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  264.324105][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  264.421025][ T2046] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  264.428931][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  264.440634][ T2046] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  264.445994][ T5835] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  264.452961][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  264.477710][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  264.545867][ T2046] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  264.553616][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  264.569978][ T2046] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  264.583505][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  264.595129][ T2046] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  264.634674][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.681123][   T44] usb 4-1: device descriptor read/8, error -71
[  264.695034][ T2046] usb 1-1: string descriptor 0 read error: -22
[  264.701868][ T2046] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  264.711760][ T2046] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.756339][ T5802] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  264.786775][ T2046] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  264.798841][   T44] usb usb4-port1: unable to enumerate USB device
[  264.828809][ T5835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.841206][ T5835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.847120][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.851842][ T5835] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  264.872690][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.892906][ T5835] usb 2-1: config 0 descriptor??
[  265.032359][ T2046] usb 1-1: USB disconnect, device number 11
[  265.384083][ T6279] FAULT_INJECTION: forcing a failure.
[  265.384083][ T6279] name failslab, interval 1, probability 0, space 0, times 0
[  265.399381][ T6279] CPU: 0 UID: 0 PID: 6279 Comm: syz.3.103 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  265.409941][ T6279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  265.420236][ T6279] Call Trace:
[  265.423712][ T6279]  <TASK>
[  265.426849][ T6279]  dump_stack_lvl+0x216/0x2d0
[  265.431818][ T6279]  dump_stack+0x1e/0x30
[  265.436245][ T6279]  should_fail_ex+0x748/0x7f0
[  265.441250][ T6279]  should_failslab+0x17f/0x210
[  265.446343][ T6279]  __kmalloc_noprof+0x175/0xf30
[  265.451490][ T6279]  ? tomoyo_encode+0x5f8/0xa40
[  265.456582][ T6279]  ? kmsan_get_metadata+0x13e/0x1c0
[  265.462112][ T6279]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  265.468278][ T6279]  tomoyo_encode+0x5f8/0xa40
[  265.473206][ T6279]  tomoyo_realpath_from_path+0x9dd/0xaa0
[  265.479197][ T6279]  tomoyo_path_number_perm+0x1d9/0x8f0
[  265.484973][ T6279]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  265.491630][ T6279]  ? kmsan_get_metadata+0x13e/0x1c0
[  265.497131][ T6279]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  265.503261][ T6279]  tomoyo_file_ioctl+0x3f/0x50
[  265.508286][ T6279]  security_file_ioctl+0x145/0x590
[  265.513685][ T6279]  __se_sys_ioctl+0xd0/0x440
[  265.518559][ T6279]  __x64_sys_ioctl+0x96/0xe0
[  265.523426][ T6279]  x64_sys_call+0x19f0/0x3c30
[  265.528395][ T6279]  do_syscall_64+0xcd/0x1e0
[  265.533149][ T6279]  ? clear_bhb_loop+0x25/0x80
[  265.538067][ T6279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.544257][ T6279] RIP: 0033:0x7eff8977e819
[  265.548901][ T6279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.568791][ T6279] RSP: 002b:00007eff8a629038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  265.577500][ T6279] RAX: ffffffffffffffda RBX: 00007eff89936080 RCX: 00007eff8977e819
[  265.585725][ T6279] RDX: 0000000020000100 RSI: 0000000040047451 RDI: 0000000000000003
[  265.593928][ T6279] RBP: 00007eff8a629090 R08: 0000000000000000 R09: 0000000000000000
[  265.602120][ T6279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.610327][ T6279] R13: 0000000000000001 R14: 00007eff89936080 R15: 00007ffee4c3a508
[  265.618541][ T6279]  </TASK>
[  265.622620][   T44] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  265.630828][ T6279] ERROR: Out of memory at tomoyo_realpath_from_path.
[  265.816338][   T44] usb 3-1: unable to get BOS descriptor or descriptor too short
[  265.832997][   T44] usb 3-1: config 250 has an invalid interface number: 251 but max is 0
[  265.842562][   T44] usb 3-1: config 250 has no interface number 0
[  265.849475][   T44] usb 3-1: config 250 interface 251 has no altsetting 0
[  265.930668][   T44] usb 3-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice=bd.17
[  265.941209][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.949804][   T44] usb 3-1: Product: 䰊
[  265.954379][   T44] usb 3-1: Manufacturer: ᰉ
[  265.959537][   T44] usb 3-1: SerialNumber: 㰃
[  266.105134][ T5802] Bluetooth: hci3: command 0x0405 tx timeout
[  266.211613][ T6278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.221774][ T6278] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.268933][ T2046] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  266.332773][ T5835] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0005/input/input17
[  266.429703][ T5835] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0005/input/input18
[  266.466538][   T44] usb 3-1: USB disconnect, device number 5
[  266.485135][ T2046] usb 5-1: Using ep0 maxpacket: 32
[  266.515414][ T5835] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0005/input/input19
[  266.529248][ T2046] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  266.540028][ T2046] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  266.597755][ T5835] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0005/input/input20
[  266.693032][ T6285] loop0: detected capacity change from 0 to 256
[  266.726815][ T6266] loop1: detected capacity change from 0 to 1024
[  266.758396][ T6266] EXT4-fs: Ignoring removed oldalloc option
[  266.790840][ T2046] usb 5-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57
[  266.800531][ T2046] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.809034][ T2046] usb 5-1: Product: syz
[  266.818165][ T2046] usb 5-1: Manufacturer: syz
[  266.823015][ T2046] usb 5-1: SerialNumber: syz
[  266.903922][ T5835] uclogic 0003:256C:006D.0005: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  266.942879][ T6266] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  266.986375][ T6285] netlink: 104 bytes leftover after parsing attributes in process `syz.0.106'.
[  267.009942][ T2046] usb 5-1: config 0 descriptor??
[  267.351513][ T6281] netlink: 24 bytes leftover after parsing attributes in process `syz.4.104'.
[  267.496241][ T5908] usb 2-1: reset high-speed USB device number 9 using dummy_hcd
[  267.524029][ T6281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.537739][ T6281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.646739][ T6266] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.660204][ T6281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.670130][ T6281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.952265][ T6299] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  268.279790][ T2046] usb 5-1: USB disconnect, device number 6
[  268.651229][ T6307] syz.3.111[6307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.651642][ T6307] syz.3.111[6307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.693964][ T5798] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.772585][ T6068] udevd[6068]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  268.800138][ T6307] syz.3.111[6307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.846055][ T2046] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  269.410037][   T10] usb 2-1: USB disconnect, device number 9
[  269.480863][ T5819] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  269.494426][ T2046] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 15
[  269.510259][ T2046] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  269.522205][ T2046] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  269.585764][ T2046] usb 1-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[  269.595598][ T2046] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.603874][ T2046] usb 1-1: Product: syz
[  269.608487][ T2046] usb 1-1: Manufacturer: syz
[  269.613418][ T2046] usb 1-1: SerialNumber: syz
[  269.658152][ T2046] usb 1-1: config 0 descriptor??
[  269.720795][ T5819] usb 4-1: unable to get BOS descriptor or descriptor too short
[  269.744029][ T5819] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  269.754826][ T5819] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  269.766399][ T5819] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  269.990065][ T5819] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  270.004128][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.014670][ T5819] usb 4-1: Product: syz
[  270.019260][ T5819] usb 4-1: Manufacturer: syz
[  270.024265][ T5819] usb 4-1: SerialNumber: syz
[  270.066950][ T2046] input: Griffin SoundKnob as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input21
[  270.115051][    C0] powermate: config urb returned -71
[  270.123015][    C0] powermate: config urb returned -71
[  270.131058][    C0] powermate: config urb returned -71
[  270.137787][    C0] powermate: config urb returned -71
[  270.166712][ T2046] usb 1-1: USB disconnect, device number 12
[  270.200598][ T6323] netlink: 100 bytes leftover after parsing attributes in process `syz.4.117'.
[  270.496035][ T5819] usb 4-1: 0:2 : does not exist
[  270.512451][ T6323] syzkaller0: entered allmulticast mode
[  270.793769][ T5819] usb 4-1: USB disconnect, device number 7
[  271.145111][ T5802] Bluetooth: hci3: command 0x0405 tx timeout
[  271.308308][ T6060] udevd[6060]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  272.179581][ T6329] loop1: detected capacity change from 0 to 4096
[  272.215289][ T6329] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  272.436594][ T6338] loop0: detected capacity change from 0 to 2048
[  272.490675][ T6340] loop3: detected capacity change from 0 to 1024
[  272.558069][ T6338] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  272.567528][ T6340] EXT4-fs: Ignoring removed oldalloc option
[  272.698702][ T6340] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  272.715816][ T6063] udevd[6063]: incorrect nilfs2 checksum on /dev/loop0
[  272.809110][ T6345] geneve2: entered promiscuous mode
[  272.814745][ T6345] geneve2: entered allmulticast mode
[  272.838471][ T6346] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  272.926276][ T6329] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  272.987931][ T6329] ntfs3(loop1): Failed to load $Extend (-22).
[  272.994668][ T6329] ntfs3(loop1): Failed to initialize $Extend.
[  273.087264][ T6340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.584334][ T6338] loop0: detected capacity change from 0 to 256
[  273.636880][ T6338] exfat: Deprecated parameter 'utf8'
[  273.643442][ T6338] exfat: Bad value for 'uid'
[  273.648772][ T6338] exfat: Bad value for 'uid'
[  273.774610][    C1] hrtimer: interrupt took 262329 ns
[  273.977464][ T6338] loop0: detected capacity change from 0 to 256
[  274.096972][ T6338] exfat: Deprecated parameter 'namecase'
[  274.103107][ T6338] exfat: Deprecated parameter 'namecase'
[  274.539748][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.553067][ T6338] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  274.856912][ T6362] loop0: detected capacity change from 0 to 256
[  274.865239][ T6362] udf: Unknown parameter '���}�`'
[  275.442995][ T6364] netlink: 100 bytes leftover after parsing attributes in process `syz.1.131'.
[  275.505277][ T6364] syzkaller0: entered allmulticast mode
[  275.973108][ T6381] FAULT_INJECTION: forcing a failure.
[  275.973108][ T6381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.986840][ T6381] CPU: 0 UID: 0 PID: 6381 Comm: syz.1.139 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  275.997388][ T6381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  276.007695][ T6381] Call Trace:
[  276.011164][ T6381]  <TASK>
[  276.014283][ T6381]  dump_stack_lvl+0x216/0x2d0
[  276.019259][ T6381]  dump_stack+0x1e/0x30
[  276.023699][ T6381]  should_fail_ex+0x748/0x7f0
[  276.028706][ T6381]  should_fail+0x2a/0x40
[  276.033252][ T6381]  should_fail_usercopy+0x2e/0x40
[  276.038609][ T6381]  _copy_from_user+0x35/0x110
[  276.043615][ T6381]  evdev_ioctl_handler+0xb35/0x3c80
[  276.049134][ T6381]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  276.055282][ T6381]  ? do_vfs_ioctl+0x14f8/0x3e60
[  276.060470][ T6381]  evdev_ioctl+0x40/0x50
[  276.065012][ T6381]  ? __pfx_evdev_ioctl+0x10/0x10
[  276.070248][ T6381]  __se_sys_ioctl+0x246/0x440
[  276.075238][ T6381]  __x64_sys_ioctl+0x96/0xe0
[  276.080122][ T6381]  x64_sys_call+0x19f0/0x3c30
[  276.085116][ T6381]  do_syscall_64+0xcd/0x1e0
[  276.089893][ T6381]  ? clear_bhb_loop+0x25/0x80
[  276.094830][ T6381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.101072][ T6381] RIP: 0033:0x7f043497e819
[  276.105721][ T6381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.125633][ T6381] RSP: 002b:00007f04327f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.134357][ T6381] RAX: ffffffffffffffda RBX: 00007f0434b35fa0 RCX: 00007f043497e819
[  276.135902][ T5835] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  276.142482][ T6381] RDX: 0000000020000300 RSI: 0000000080104592 RDI: 0000000000000003
[  276.158341][ T6381] RBP: 00007f04327f6090 R08: 0000000000000000 R09: 0000000000000000
[  276.166563][ T6381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.174771][ T6381] R13: 0000000000000000 R14: 00007f0434b35fa0 R15: 00007ffee9bcc298
[  276.182991][ T6381]  </TASK>
[  276.342283][ T5835] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.353843][ T5835] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.364053][ T5835] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  276.377484][ T5835] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  276.386983][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.521364][ T5819] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  276.522247][ T5835] usb 1-1: config 0 descriptor??
[  276.572823][ T6384] loop1: detected capacity change from 0 to 1024
[  276.604945][ T6384] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.659570][ T6384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  276.718074][ T6384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.736283][ T5819] usb 3-1: Using ep0 maxpacket: 32
[  276.759356][ T5819] usb 3-1: config 1 interface 0 altsetting 91 bulk endpoint 0x82 has invalid maxpacket 1023
[  276.770271][ T5819] usb 3-1: config 1 interface 0 altsetting 91 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  276.783664][ T5819] usb 3-1: config 1 interface 0 has no altsetting 0
[  276.815985][ T5819] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  276.826049][ T5819] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.834336][ T5819] usb 3-1: Product: syz
[  276.838928][ T5819] usb 3-1: Manufacturer: syz
[  276.843758][ T5819] usb 3-1: SerialNumber: syz
[  276.920774][ T6386] loop4: detected capacity change from 0 to 1764
[  276.934458][ T6376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  276.962015][ T6376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  277.021076][ T6384] fuse: Unknown parameter 'gro��^ƍ��5��b�0��{�723kLs��a��1���J�w����?�h~��LL��m:iD�ZN�� ��L�k>���;��%���ݽ'N)
�o�����6�_�&����H�L(C�O7��\��T'
[  277.092535][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.100561][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.109012][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.117039][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.124920][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.132670][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.140702][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.148574][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.162911][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.172475][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.180410][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.188240][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.196519][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.204257][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.212152][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.220099][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.228104][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.236041][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.243787][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.251647][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.265837][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.273592][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.283345][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.291542][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.299521][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.309892][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.317899][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.325802][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.333555][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.341453][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.349339][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.357280][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.371271][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.381425][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.392152][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.400600][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.408563][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.416439][ T5835] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  277.494340][ T6386] netlink: 612 bytes leftover after parsing attributes in process `syz.4.142'.
[  277.637652][ T5835] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  277.701742][ T6386] netlink: 32 bytes leftover after parsing attributes in process `syz.4.142'.
[  277.726917][ T5835] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  277.786102][ T5835] usb 1-1: USB disconnect, device number 13
[  277.898896][ T5798] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.938139][ T6386] loop4: detected capacity change from 0 to 512
[  278.055124][ T6386] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  278.186050][ T6386] EXT4-fs (loop4): 1 truncate cleaned up
[  278.257682][ T6386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.330603][ T6402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.341173][ T6402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.504728][ T6406] FAULT_INJECTION: forcing a failure.
[  278.504728][ T6406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.518645][ T6406] CPU: 0 UID: 0 PID: 6406 Comm: syz.0.145 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  278.525120][ T5835] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  278.529095][ T6406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  278.529178][ T6406] Call Trace:
[  278.529228][ T6406]  <TASK>
[  278.553488][ T6406]  dump_stack_lvl+0x216/0x2d0
[  278.558460][ T6406]  dump_stack+0x1e/0x30
[  278.562881][ T6406]  should_fail_ex+0x748/0x7f0
[  278.567891][ T6406]  should_fail+0x2a/0x40
[  278.572437][ T6406]  should_fail_usercopy+0x2e/0x40
[  278.577787][ T6406]  _copy_to_user+0x34/0x120
[  278.582603][ T6406]  simple_read_from_buffer+0x199/0x340
[  278.588385][ T6406]  proc_fail_nth_read+0x1e5/0x2c0
[  278.593749][ T6406]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  278.599637][ T6406]  vfs_read+0x29d/0xf50
[  278.604085][ T6406]  ? kmsan_get_metadata+0x13e/0x1c0
[  278.609608][ T6406]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  278.616273][ T6406]  ksys_read+0x240/0x4b0
[  278.620835][ T6406]  ? kmsan_get_metadata+0x13e/0x1c0
[  278.626367][ T6406]  __x64_sys_read+0x93/0xe0
[  278.631174][ T6406]  x64_sys_call+0x314c/0x3c30
[  278.636162][ T6406]  do_syscall_64+0xcd/0x1e0
[  278.640985][ T6406]  ? clear_bhb_loop+0x25/0x80
[  278.645937][ T6406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.652152][ T6406] RIP: 0033:0x7f0dcfb7d25c
[  278.656808][ T6406] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  278.676728][ T6406] RSP: 002b:00007f0dd0987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  278.685469][ T6406] RAX: ffffffffffffffda RBX: 00007f0dcfd35fa0 RCX: 00007f0dcfb7d25c
[  278.693696][ T6406] RDX: 000000000000000f RSI: 00007f0dd09870a0 RDI: 0000000000000004
[  278.701923][ T6406] RBP: 00007f0dd0987090 R08: 0000000000000000 R09: 0000000000000000
[  278.710137][ T6406] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  278.718355][ T6406] R13: 0000000000000000 R14: 00007f0dcfd35fa0 R15: 00007ffdeece9078
[  278.726596][ T6406]  </TASK>
[  278.920947][ T5802] Bluetooth: hci3: command 0x0405 tx timeout
[  279.298230][ T5819] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  279.337991][ T5819] usb 3-1: USB disconnect, device number 6
[  279.507511][ T6400] loop1: detected capacity change from 0 to 1024
[  279.561930][ T6400] EXT4-fs: Ignoring removed oldalloc option
[  279.591204][ T6400] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  279.630340][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.695850][ T6400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.993847][ T5835] usb 4-1: device descriptor read/64, error -71
[  280.558936][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  280.565790][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  280.654959][ T5835] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  280.824796][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  280.888580][ T5798] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.906966][ T5835] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  280.917327][ T5835] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  280.927785][ T5835] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  280.937943][ T5835] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  281.059710][ T5835] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  281.069636][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.078471][ T5835] usb 4-1: Product: syz
[  281.082879][ T5835] usb 4-1: Manufacturer: syz
[  281.088003][ T5835] usb 4-1: SerialNumber: syz
[  282.357376][ T6410] loop3: detected capacity change from 0 to 4096
[  282.457622][ T6410] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  282.469584][ T6430] loop4: detected capacity change from 0 to 32768
[  282.507475][ T6430] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.154 (6430)
[  282.543160][ T6430] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  282.554065][ T6430] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  282.564064][ T6430] BTRFS error (device loop4): superblock checksum mismatch
[  282.569097][ T6410] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  282.591571][ T6430] BTRFS error (device loop4): open_ctree failed
[  282.810748][ T6410] NILFS (loop3): error -4 creating segctord thread
[  283.874055][ T5835] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  283.911035][ T5835] usb 4-1: USB disconnect, device number 9
[  284.006562][ T5835] usblp0: removed
[  284.224738][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  284.325810][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  284.347478][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  284.439655][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  284.986285][ T5835] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  285.209340][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  285.389760][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.401477][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.411688][ T5835] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  285.425138][ T5835] usb 4-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  285.436410][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.446918][   T44] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  285.594066][ T5835] usb 4-1: config 0 descriptor??
[  285.652013][   T44] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  285.672497][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  285.682347][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  285.693874][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  285.725753][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  285.735377][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  285.746850][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  285.798813][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  285.808344][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  285.819819][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  285.889818][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  285.899493][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  285.910982][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.016390][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  286.026076][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  286.037589][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.078897][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  286.088428][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  286.100042][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.139594][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  286.149078][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  286.160434][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.198122][ T5835] itetech 0003:048D:8595.0007: unknown main item tag 0x0
[  286.205779][ T5835] itetech 0003:048D:8595.0007: unknown main item tag 0x0
[  286.213270][ T5835] itetech 0003:048D:8595.0007: unknown main item tag 0x0
[  286.221239][ T5835] itetech 0003:048D:8595.0007: unknown main item tag 0x0
[  286.228714][ T5835] itetech 0003:048D:8595.0007: unknown main item tag 0x0
[  286.257844][   T44] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  286.273717][   T44] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  286.293809][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.347305][ T5835] itetech 0003:048D:8595.0007: hidraw0: USB HID v0.00 Device [HID 048d:8595] on usb-dummy_hcd.3-1/input0
[  286.418487][ T5835] usb 4-1: USB disconnect, device number 10
[  286.469581][   T44] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  286.483747][   T44] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  286.495676][   T44] usb 3-1: Product: syz
[  286.500091][   T44] usb 3-1: Manufacturer: syz
[  286.506018][   T44] usb 3-1: SerialNumber: syz
[  286.529123][   T44] usb 3-1: config 0 descriptor??
[  286.802134][ T6458] loop4: detected capacity change from 0 to 256
[  286.817755][   T44] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  287.084981][ T6458] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  287.278948][ T6461] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.165'.
[  287.365369][ T6460] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.165'.
[  289.583309][ T5835] usb 3-1: USB disconnect, device number 7
[  289.707903][ T5835] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  290.543612][ T6474] loop2: detected capacity change from 0 to 1024
[  296.066136][ T3959] hfsplus: b-tree write err: -5, ino 4
[  298.357836][ T6483] netlink: 'syz.3.173': attribute type 8 has an invalid length.
[  298.365818][ T6483] netlink: 'syz.3.173': attribute type 1 has an invalid length.
[  298.373670][ T6483] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.173'.
[  302.685076][ T1526] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  302.916338][ T1526] usb 1-1: Using ep0 maxpacket: 8
[  302.998389][ T1526] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  303.010696][ T1526] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  303.020904][ T1526] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.127045][ T1526] usb 1-1: config 0 descriptor??
[  303.330473][ T6507] =====================================================
[  303.337839][ T6507] BUG: KMSAN: uninit-value in ___bpf_prog_run+0x94d5/0xe0f0
[  303.345652][ T6507]  ___bpf_prog_run+0x94d5/0xe0f0
[  303.350802][ T6507]  __bpf_prog_run32+0xc2/0xf0
[  303.355834][ T6507]  __ppp_xmit_process+0x416/0x2840
[  303.361178][ T6507]  ppp_xmit_process+0x100/0x2b0
[  303.366369][ T6507]  ppp_write+0x71d/0x910
[  303.370800][ T6507]  vfs_write+0x48a/0x1540
[  303.375519][ T6507]  ksys_write+0x240/0x4b0
[  303.380047][ T6507]  __x64_sys_write+0x93/0xe0
[  303.383560][ T1526] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  303.385000][ T6507]  x64_sys_call+0x3161/0x3c30
[  303.385139][ T6507]  do_syscall_64+0xcd/0x1e0
[  303.405160][ T6507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.411291][ T6507] 
[  303.413720][ T6507] Uninit was stored to memory at:
[  303.419143][ T6507]  ___bpf_prog_run+0x98e7/0xe0f0
[  303.424384][ T6507]  __bpf_prog_run32+0xc2/0xf0
[  303.429365][ T6507]  __ppp_xmit_process+0x416/0x2840
[  303.434851][ T6507]  ppp_xmit_process+0x100/0x2b0
[  303.439876][ T6507]  ppp_write+0x71d/0x910
[  303.444280][ T6507]  vfs_write+0x48a/0x1540
[  303.448951][ T6507]  ksys_write+0x240/0x4b0
[  303.453465][ T6507]  __x64_sys_write+0x93/0xe0
[  303.458360][ T6507]  x64_sys_call+0x3161/0x3c30
[  303.463250][ T6507]  do_syscall_64+0xcd/0x1e0
[  303.468059][ T6507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.474268][ T6507] 
[  303.476816][ T6507] Uninit was created at:
[  303.481318][ T6507]  kmem_cache_alloc_node_noprof+0x6bf/0xb80
[  303.488076][ T6507]  kmalloc_reserve+0x13d/0x4a0
[  303.493024][ T6507]  __alloc_skb+0x363/0x7b0
[  303.497762][ T6507]  ppp_write+0xdf/0x910
[  303.502083][ T6507]  vfs_write+0x48a/0x1540
[  303.506743][ T6507]  ksys_write+0x240/0x4b0
[  303.511267][ T6507]  __x64_sys_write+0x93/0xe0
[  303.516193][ T6507]  x64_sys_call+0x3161/0x3c30
[  303.521084][ T6507]  do_syscall_64+0xcd/0x1e0
[  303.525903][ T6507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.532023][ T6507] 
[  303.534594][ T6507] CPU: 0 UID: 0 PID: 6507 Comm: syz.4.181 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  303.545162][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  303.555517][ T6507] =====================================================
[  303.562570][ T6507] Disabling lock debugging due to kernel taint
[  303.568985][ T6507] Kernel panic - not syncing: kmsan.panic set ...
[  303.575542][ T6507] CPU: 0 UID: 0 PID: 6507 Comm: syz.4.181 Tainted: G    B              6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  303.587479][ T6507] Tainted: [B]=BAD_PAGE
[  303.591755][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  303.601962][ T6507] Call Trace:
[  303.605367][ T6507]  <TASK>
[  303.608416][ T6507]  dump_stack_lvl+0x216/0x2d0
[  303.613294][ T6507]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  303.619358][ T6507]  dump_stack+0x1e/0x30
[  303.623693][ T6507]  panic+0x4e2/0xcf0
[  303.627754][ T6507]  ? kmsan_get_metadata+0x81/0x1c0
[  303.633092][ T6507]  kmsan_report+0x2c7/0x2d0
[  303.637803][ T6507]  ? kmsan_internal_chain_origin+0xb0/0xd0
[  303.643808][ T6507]  ? __msan_warning+0x95/0x120
[  303.648756][ T6507]  ? ___bpf_prog_run+0x94d5/0xe0f0
[  303.654061][ T6507]  ? __bpf_prog_run32+0xc2/0xf0
[  303.659101][ T6507]  ? __ppp_xmit_process+0x416/0x2840
[  303.664613][ T6507]  ? ppp_xmit_process+0x100/0x2b0
[  303.669804][ T6507]  ? ppp_write+0x71d/0x910
[  303.674374][ T6507]  ? vfs_write+0x48a/0x1540
[  303.679063][ T6507]  ? ksys_write+0x240/0x4b0
[  303.683777][ T6507]  ? __x64_sys_write+0x93/0xe0
[  303.688746][ T6507]  ? x64_sys_call+0x3161/0x3c30
[  303.693803][ T6507]  ? do_syscall_64+0xcd/0x1e0
[  303.698655][ T6507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.704944][ T6507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.711225][ T6507]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  303.717258][ T6507]  ? filter_irq_stacks+0x60/0x1a0
[  303.722480][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.727913][ T6507]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  303.734461][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.739902][ T6507]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  303.745953][ T6507]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  303.751995][ T6507]  __msan_warning+0x95/0x120
[  303.756786][ T6507]  ___bpf_prog_run+0x94d5/0xe0f0
[  303.761934][ T6507]  __bpf_prog_run32+0xc2/0xf0
[  303.766799][ T6507]  ? __pfx___bpf_prog_run32+0x10/0x10
[  303.772354][ T6507]  __ppp_xmit_process+0x416/0x2840
[  303.777710][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.783145][ T6507]  ppp_xmit_process+0x100/0x2b0
[  303.788171][ T6507]  ? ppp_xmit_process+0x2d/0x2b0
[  303.793279][ T6507]  ppp_write+0x71d/0x910
[  303.797684][ T6507]  ? __pfx_ppp_write+0x10/0x10
[  303.802603][ T6507]  vfs_write+0x48a/0x1540
[  303.807117][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.812532][ T6507]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  303.819090][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.824562][ T6507]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  303.830631][ T6507]  ksys_write+0x240/0x4b0
[  303.835150][ T6507]  ? kmsan_get_metadata+0x13e/0x1c0
[  303.840598][ T6507]  __x64_sys_write+0x93/0xe0
[  303.845398][ T6507]  x64_sys_call+0x3161/0x3c30
[  303.850293][ T6507]  do_syscall_64+0xcd/0x1e0
[  303.854983][ T6507]  ? clear_bhb_loop+0x25/0x80
[  303.859937][ T6507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.866084][ T6507] RIP: 0033:0x7f19a437e819
[  303.870643][ T6507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.890455][ T6507] RSP: 002b:00007f19a51d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  303.899061][ T6507] RAX: ffffffffffffffda RBX: 00007f19a4535fa0 RCX: 00007f19a437e819
[  303.907193][ T6507] RDX: 0000000000000002 RSI: 0000000020000900 RDI: 0000000000000003
[  303.915302][ T6507] RBP: 00007f19a43f175e R08: 0000000000000000 R09: 0000000000000000
[  303.923415][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.931533][ T6507] R13: 0000000000000000 R14: 00007f19a4535fa0 R15: 00007ffc4d7e27c8
[  303.939676][ T6507]  </TASK>
[  303.943104][ T6507] Kernel Offset: disabled
[  303.947490][ T6507] Rebooting in 86400 seconds..