last executing test programs:

15.911042021s ago: executing program 2 (id=3906):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
syz_usb_connect(0x3, 0x36, 0x0, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[], 0x20)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x24, 0x1, 0x4, 0x3, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x6}, @NFULA_CFG_TIMEOUT={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x24000010)
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffff8000, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000380)={0x50, 0x0, r3, {0x7, 0x28, 0x0, 0x40488060, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24522716a989086f, 0x400}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000a280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x200, 0x0, {0x5, 0x0, 0x7, 0x1000007, 0x3, 0x0, 0xfffffffe, 0x8000000, 0x0, 0xa000, 0x10000, 0x0, r5, 0x734}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000006680)="8e503ba12553ae35664093744598ff2ed98313cfeff69bbb1f3ba451bc98d27cf439225d75522ac543a153ac5284bf131a87e53d0b20f8dddcb2af841def3e560070344be18fcee4983553ba856738012b512e3dc760fb581a17e5622e0e22e22546476d6cc6d6d94d828a2fa22ec77a1cf082f5ca88f1f8976e8b6c3a7a537f8f50b432bf4df69c912bfcc539a65851f86b23f24e714e0643429ec1198ea1647316538a3ce23fad21e19e087c0dedc7aa6d5e4b0dcbfcbe22c857f5a848aef15126b9ecc810249cbbc82c8b6ba49e46b71cb79f6ef9449d0838b9130946398941a4c64f6e2d84118b60ed4ccfed8a26446032fecf87434e71b7989253f64feb6d2e1013673a9600b1915174e55ad78d1d666fb75c24142e44ceca89a18ca66b4b5e66ba953ca42fb6a36d4a3612a2948393f67a7d1d0957a8553c73855fd007abbb6c3d4bbc943f3b102bb2ea6f40e714516a3de91acc6e1468e9e7b66ee57815da23054153d9d5fca6bdb26ed8f7754d88154d46df2f2e4964ee5d7f47e9218d6877c3b232c945cddeef70b24e5c6c434fa30fd0a2ad1c348c3658494f7cfdfb6bb56b43f1d9b2d049c1166161c3232ada01f3c789b2d6958cdd9f044a654f8397d64cb928f4d57f0c4e9739afbf3afbf0e9f84d56a1aba6db7538d98404b7cdfa97f8770a6df4a13145c1d0cfb7ec0349b5639d9180eada54b2f8c12472fb379901e6d514fbfd6d41d2dd77eb42608a784fc016ae48fb126776b10be5c03f62ec90987e766d20d821a17c03e0d867f4aa3f4902fb803e8261833aa9397e107e6c100daa3d8b792bf4b5081ef56670762b5ae3f528836029ca332f44fcc5cf3750f39091985032afa8dd2e80b69cbffc29aa13fcdc0ff811a108794b4154ecaf70e58a9f70a573cf9d1040e23f5a04a873a583e4ab0fa5f77d620c60f0a45cdc789b849e9e8746528846bbbf8251a84f2aa97ccc3e49f4c9b6abf0248344e86a71486eba9e62ff5920bb80ceccc5813f068da0d5aa208c440b7889118d2f4e8baf22a84544f232d6a3a1aedf31d5fc22f0ece56ac611b1363ff35e5071342a0257d3f146dc3ea1cc795d2f06afeb1d6995e50eb2d2d21dc6c4377a2626dd9486446517d03a4a03c43ef2e255a92b775c198bfe92c21375599235aac33c69190bbbfaad76860d0c9e70ad53273460c370b06bdf94ee8bfc31c48609ff6de0d39f873ec11e8c2835f17b3f18891c8ae335a7074fb5a5c794007a327fbb2622e71d62e43f50a00cc59b7eeb3f8ceed5d87fa5eb62a7a8c74ec90b1096a0b24606bf14b1f13f78ea4ab522304c7ca1d7b8ae47b5859f6a0d9baf3b6ffd29a4fb6782732febcfa51446aa87691ac81bf891717fbf8e4deaccac63477d3bc7b8ed52e9b6ca3fd39eefee6a337c2ad76df9739e2fbff34bf36027be0cfbebfe5b2fd168d75b2fd64479e2faf85654c013955e04044a9b7bf8b3d42da91962796bfe6eb53fe29e36a7a7512a155c712ae561d885703cb26d72e6f1df3976cc665960f871f3110309ffb6b5a79e54057a7a286c62c11e973ef671e86051686f77992f985d729740f38fecf83e03a1fef542cd6b4cee48546f67873a9c682c4afe4a5beccfc64085c622c5a0b5a1f6355f938d16925cabe61426a837c48fd6ad790afe54448fb296a03322f3427e132e8c0623bd311af8a619c2d91415e851744941700f09a2d8471def9dbc448c6aefb4c664f8902c872cc7de9d26e8b300b55b1d08a80257095efef35d9b497487607a22bc95c68f39aeeae243e76ccd40dd1b7ccad6eb39b35d91d239b2b005c8bb6e50037ffb1253276e20384398a5e97ad705fcffd04c720539ddf80cf4e929e82e3fec3d7542e0b7495733eb5da29f6dff5a34ec88a71881f660a5bc9481e755fd3c5683e95ed97cc91ab0edf49afda477aea42bc436b364747d973d61be806e1e63b6982e42814a13c5adb3bd767ec724d2d654afb106198fba6b4c798f4b82f329c2b8055ac4d247da971e32eb4cb971c9ac99d18c0a216d48dd7dffd372e0cad9ce6f05b06e47842c2f53b7c987139c6ddac3446fdb163342f8ca8f5401db91d324a6b710f28dece5839d37760c2515d6ad815a746cd7ccd3a438a5d3f28ca331f6874dedbab107c64127a7590a2813c1287ca977807827d52df80a9c19bc7ef335791da1be53c89f6de8ee1f02f26069b786f22bfd23cd8366e3ca02c0b296d0966d7f8fdbc0ef06895c547224f1a01c92d5f43f81b35539469d1fd9cd76dbf8cdd21b479a6474578863c9906ce6b12d0dbf5a458dafc042fcabe64aeebeb70c0da9300ed22e5d2851c5e77b20f9da1cd26cd810e0b8f1ba17d7c819e8a8ad86aa5bc4eb64748b75ab4a85f05bb1dc542234ac175eced1fe8f3fbd86f1c7349a360f5af0244818df303dce6842ea7afa722be19cf162d671256e5659c77c5569d827b28dc44b7dbb7d9433bc9eff26edbff36cf796b8afb285393f2dab6bb9a3ed40dd065ba8a8ab62cb575e696b97a2853b1700835ae429b983a5bb88972e367f5996a21e9a3b00e943e15c1163fdee023e1cf6e8dc42655cb175590fb6b8c46148b37957c5026aa94e96cbb71bcf9e7899c489edd9b34ca2d3d0dbd29f135cb158652ded6c959820b26a5fb6e8f3a6cfb80bcfa52c36ae0a3868914bda36b5ac09d2ae6cfccff9859550cfc5c6c3b30cddf6a2130c0c563445ae10634f38c65a47aeb8c72a0f25a6747a6787e703e1723303dd6d5bd4303240cb6d4659ee32d80b92859327e882ec84d9bb2a6976d9c6fa450d5598c6af1c92fc4ed7614e3192a06e62e704278424e2e5d521ec4f2cbd87d9b8a65405e807f6247e3f9228e8a5c44e31c9de9247d1b8248ce71d34663cbfcce728c9f08628629fca3f334566118aeb86470886147d714d2dce240408fac3c971b851dd33cb7997e238a2362195ba4f0e83d5c1c5039328817f258d6645bcbc20512398a7a34e2288585b4dc626c6867f3af5a0f573492cdb04e5613bd95bcfe6a61541c3912b4e841b34db2820ed5aca226dcba496f9586b83ab44ed3b9f34cfd2397f36dc4f9811815b975a208b6cd163031296b289b7d202036bca9c4e862f6b1d6356c3c54d47de63e0d0b38e7b9e41e1b25d94fbd03853f786fcf2325020355469e52dd2cfc879e2758382f609173cb2c01775030d1d536af97f5bd0a4b71ad9bf3e5becfccd7dce72fa8882733d2c32cab1338ce67f301be74b1c51dbacff9bdc22868f3f16531cb86b7597aff03040a821c4f7cae2b5b92db792f327dce81e79ac83d4ca15aa248ddc2fad518ebd360c5ac8ff3636e15e8ff61501b1e5c6338847ff43c0d3ed38c87aa623c318c8facffb72fbad8bf4effdd2013dc60ad91f1f5a791905b572321ce0956ffded80e2152b0672875fe71923de673ce343a665d327560c5267223b6fa636ef188b94d4a42884721b4f2d51f90ff3e5145aab164fb56982648a7215601d23017b749c01b684082e250330d109af89bf5d20ca788fbd95fd8d1c128aad3306c4e1bd1c054def7b7ea1948e3c95826078991d234808f55c2314706c8177d7674b2378792afe66b2d65484b481b0e52d8b60e0980163fcf2fffa2cd81f4dbf57afd76fd4e71ec8a6604a697fcaf57e65bba50489f6f0c5b4c046a14303eac05700550ee10fa29d8f68a9eb02fa504b640865f7e2c21f1451ed7d75c90a4734ba64327bc3597b5aff23d0a8f1229f0539720bece2b980f85e11c5ecbf3a560e5dedc40e1260349ccbc647d4d9763b17a45fe1b63e5d16e1a49d55c0011e3ab898b64a6618682bd7bb7e8ed18dafa1b462f20f6aaf2d7c4777a6fb73aa7a1720d67a644f4f4b0bc3ff965e696fd3513979f2e72289dec447af56b240380cfa2a9ce38a808e961d26b6ee6810c75778e9d23a93b3f79b3b293f138f23ef2596b60ecd4afc2036debb7e14f61774d84c1325ee7b8f95dc80c12b001e32e894516473a82aa2c24b5ff7f8c3374e245f1b3ff2a8cf0cc33ecd4b9b7528c34cf54d77756ed3e1b74a0e66c9c1dd8e53c123872c084f70e8a04efe8a8c3527ba75f4d9ced8469229ad7453a1376cae90b155638696103216a07b02e93e3924c4a98d159ce8633b2c8bda44ef28f37ba5edf1e80184c9ac2c8b0db77096dbf2f866536ac4f5ee9eed4bb8dfe0dad4361e901450ba499c119aa1af2a1a7c527b09562a47d8260bd7647e29ee422432f063a84d195e9c843e6f6fa684dd044bd09b8cb3e7a976df68049f09caba37b69a595cea61667f2631e561be743309568b4c37fdaed8ebc628889bc3bf9c5a63bc74e9358a9c2228f51370eb483ee39e682cd4f56f15a16217904c6189ef50044e04f244da23d1c9f41a5209f4f485df4ad8d1922203d365eb11102d48c93c09b700e177aef00f8bf729c0406b89de32490fca998bd34f80c99be60601d4de10e9a86a5a22652eb9df948daa66529b6445cdde70ad125d06e41a3469216233a8b9eeb928f2d041eded321d518f0435ca377e90ae49e95793aabccf299c1f1a82ddec49b2b8732aecd1610d5f09cc5e509d4065c5cfb4edc55f6a15fbaf4dea24439ea95b63bae312ed90e47787000810f22ab9b6aa0622ab969fa30b724b24d82447d6a357468b2d1ec61a80ae680ff7b8b894158218b0e63f99103879f3c1dae33aedec60a1e755755604e33a6698cd0e378b0a0b04017278411f33eade9c4c0e3b7d0d6e62fdc3ebf5559310e0a2913d5aff1ce1bead51578b3879c0e25d96a7a150ba655c97875d864c3a6d5b595ff9dd9698857b3b0bab2d087bbf7f80f5a7225cdebf794ede16a61ca73201f311f87ef9cececb8fd07b2bf384a22a8ae988a5e91e6355e26ac923e78004968bf7f4ae3b319e61a422a43841831a51e2c41df8a118da5239c87b4b0aceb32854413d53e0228090babc167ed6600041390ce04e96c94c65c51fdc00e617e4ed870fe9ed2bbef84c1e1f3f796b2867b0f383b6e01ba2b82ecfced722ac5a7c092716d18b9b41674c342a1a6a7ef961893d451648cce5d0ccb4c180e0493a53f5453de43a6535c486acbfb9f480f3255f998831b684a468a88840e1e7e8a310ef296ce89bef65b7e54265c88bff204e48963cea9945608260e5de37b949acacc938e8e2de9fff925022c010f94a0cd6c7bf16d4e3132034a8a3301f1c1950b9a31ee8227b17cbf460db666f6207a59783064115eac2d4f29f9483ebcd34e8792809d5c25a380b2137bbcd7cda502f4a41a043f7d626e922adec9b4c6478ac0df9842bd4e8912deb2ad2026461510ca392383ee9a7ad0388ae499951a4283db39ca57ed9bebf43dcaa6caa391169077a189641fda3151d8e3a3a0b525dcafa2d9d7b2a01468e658c10c27a8ba74b487a968b05031a3d53b59139068b28ca87c5bfd9db867c0e9b9abd91142c96dbf8883e1a89db8d96c9f0a8999a4f9d6b07f32d6f8bb2ea6d2eaa8a531edf85f25aef35c84eb4bf3f46ab4213602be20cad885d404ef47fafc7793247247848f1c3a06ea31c23d0cbffa07aa5981714dc85736e95cd4d60ed1f25351b1c723e4f042f55f02d24a089862df124c75cc4f618853914439c1406a393a0f1ec0f2346f4cbd6beb17713149d67b9bf1854c814bd8ba3a199218e6eac655db998c955df382c8dee2b4d30c750a63a08e9a88009840e96a331bde3767bce177fc5c44528cb673e862e24c2dc2399be1435cd20916e9e060f8bef39d4b47f335dde4493e0e44b0f619822a35e69b7c5d93dc69575ff71ced7c858e43dbee46f4e50846288cbc8fecbb9291d455a015fdd6e1412aec0e6104d0377074b8e160ec7d813bbc6d3b8e6b0256bce8d255d7a592b408cdf6e63164c99d94f00a693e06c2ecba9dc6d36c6a35697c1647f942df4c805c18344b8e5ac885689068f864c395e8c970702e40cf6c683d10455c7ad75fc035ae260f359c2d8c91305406c6f56ec535be445601c75ffdde1758904787f29a558d0f3bd04bfa08f1612a7ee8a7acf129ed5eb854bba757d34afa354098ed8b4e3a599db4b7611a665fcbbb182a0774cb026a00714d8b91c7fb8691b629b6a93f92da2f3701348885dcefe5a548c90101e50dbaf3f4907611623f7616bcea943bd3feedecf3b3681b4d04a938ac83d9f18a21991a90dc17005e7c56d2e09a0f4ad9f3c676e7da478e96122046d0a167f7e1a28d97d514aa68d24dac8501a1a35ddb6f3703311b26bfa3319361ff5e4d38cd55a04ef1b4fb417a3b638cde7f8569531a22c0fa12ad3a55dfe3c2642205fe1ba0c82d36f8815ec52f6381fe789fcf89efb305498a9b1f0ffafe01bcc5581f5b5d195bba77797085ab1837fd081cf5f086da2a16b6a7f8ca9efbc4c9cf771961b70626120e3715b16b222932291e4ee2449591b1807d56a53d4d86f25011704e7d5efcb799ab130ec2aacd54afd3c43c8acda1c5874ce23234b090c4eaa8ddaedf979b1218a5b9dfb36b8196ce05924dcdc7f50d96b95d0c288551a0498ff23f56c7ccdfb8966480477849c7471bea99cb0af35dbcaa5e781b5ddecf3cde51d78067aed9ca267550dfae119a3d83710ecb92fe80841837b41a40d262f5fad16c20203d1cc3455ca63ebdf0f5dbb7a498b4629dcb87333f2d58726871e6b5adf60faa0f8c9cb4718005e5e199457330da1a11cd0d7e78f617b6805fff8fa45c2cb56e1e17904773e165d2a39470ce1616418e7e15481c798afed92efad9c2babcc3e3346f8022ce30b3e1db015a2b9f5dbd4560ee9776c77eb9cff5cf2af28ebf1085650e29bd8dac01b814e6c285bf964da2eb1a442aeb671589a02c29d58208829c9501c355644ac28c38835f4025dcdabfd3852b1a16e45e9c032e97f7f2f0f612739c6569f44731692e3f3b97ba5bcd0b7f2dea1ee6303b5f92514c022e54aa4c587eff74a5d509c17785686c613bf6b778e3624ff3653674e6daab3f788ec9cf879f06957a673a20fdccf721ced05a0d23e074de82614f775a84dfcd31c621cf0369e28791ab742b62f271218fa1bc8681e9d41b4a93b05cc693013d54d367b1e6e1a7e74b43b44b920192ed8fbb63b89f393e5ffab584d7c201d1b99b7bc6907033109986a4fe7bb79e803315c4df94ed471cba889e148645fd1748374015ea8c696ff64bf6d23bce7e5efa7c7e6215ceefa938cd88aa0374da4ee1e10cbfa96d5283b4a0867f4d76b8492fc618e2bca34ba9bc2ff3368756080a78a1ece2f0d1d1cc30cb721677de3c4cd6da378697c40419bc1f2184b86b8e40abd627aab9c308d8fd2db8daf8b43225003ea9124c11dfcbd1b6ea959a86623e360b40c381d991892c1fa6c0c81bb4d03d8d3656cedd1e48539192fc8bd1474ce961159816dcdc76e95ed9d9893e91a0ca670cd1152cb014310facf952fa9fd0d30900196b604c10596c1a31c1e70416824c207656426b09ef9b558496ae87fc7449bfdba0d5628e9af6397385ddadc986424fde545c07664fb6ef2756ed9e443e39257eef2179fb9e4a9e84062f9b6048125151e2e7fad2560df277323b5e22ab2731dc802d6f372d2a335b5da7e5a86508329b3dceb56f0d4f9f6f9e48507af3ec99fc172c237e67ece3d51198a033a9c66f3243ef694893af85421ff6f93ecb95eacceba5fdc1a76810e999a40733b46433328b24ee17b718b135b74dd535202c7f66de2de5a26412e600971704bb90007e42d3e6a3acd33e7358da6b32883c9ad30c2abb1cdef7452e211734c6fb6d199a397bea8aa3cf1f014929941c34ba06096e70d852fc420effc7924ec29c03bea29f289c82338f0115e00de549007456d5867253a5b9bb4493bcff815a3100fc45a0de0aad7b0b5c641ed1be3e8f07fb3b1a8a496ecfd3dff5abf0d8f5854621faeb4a9920d8c52b7a0338d49fd21d99c24e1943de3ba2668aea7bc95bcf21e2bf0b2d5f899f33d0cec31b60df4ef5a23e1b173cc89390c8bc3ee96e38de06f6016a2b0eafe86af9dc59bead4f5f948a81b1008a95e3ab39f8009bdb4f268f3002245e73ee2ff50cf1cd37e867cbe44ad370b9336e0dddcffb6dd8f2f79155235300bce6385e544105e6d278d345870216e61100337a871ab51b2cde74fe976e1f8b77a90bb8b51eefe7e4201db41915f482edbe1f8ae268314d5af95ffdeb94aba3f4e316990792d281a123d7febbba7f6abaed7ccfc0c567d4bd1c2d9ca217535167c9a09f1ad0ecaa99cc08338fead5deef7fab77d2082d893b91c27f8ea4e48e052a2a31c8e3f9510c4ce94ef16053bcc25eafa324e5a1d045a3de8f7d731e58ec9130427552323bcfde47f6b55b5634e8cb190fe183af132f12d72ef5e4d98508b57106ccb647ab505369c728958a0789c67ee80acc4bbf41b97fa56d8701c3ec5ead411aed16882dfb026c50c28b5fcc442c432837a82f8bfd47650b83aa71b909be61ea77cc029a0c615f8e390874995d19e224c38349c64bc166f50c54332d1a3eff0071d7a0b11a901c56a847b93ab5bd0bfad8f965cbfb53c2184c588fb7dbc5c693a3ade89b303e801a650b79c1ea957aabed937998b5df77ff29fd43515e8a5ffe441e323fefa45a2775237e1c749897d448f1f3ef60c7755d1a1441b96a136a86d341471d57c68c859813656658266c40b8bb8bafded8ed0d940f8c5954923eb43ad5afb58eb452d6430990bc924afb97191f31cd1a1f58e30b0c243f9636245c459280d16da1df1a30ff63de677554d6b252487455e8aff91370c4a0ba9f341384cf8483d18b9d3f2fc51b07ba8a5fa795d7925189ca344f0fddb8bf55e35013f6fab3806b3c4d17499ec1ae819d4f3aa6b6a570c2ea68558fa33373394584dbf11d41f7059b55f186bd54bdc30dea390872737bf0312f4c68dc963d28d5b218eca6314e23b7381cfbcd01c325d9a3869f1176eb82c183b37d65c8500a48e9bbb1c465e27bfb668a16100e5384d9116aa35f3b00b4ee3bc84700ab17283d4db6b420e6140d14d09b51ad020fc8e505d2c820ac307d45b211213c18487ce12dff233a5caf87cd94a77d0eba69d61452f41c1f82cbe32b567a39a4615a6d2155cc73c3b90dc55daf33c8d9eba3eb0e182c79dede1293dd30840ebf048df8a93e38d0136e856d94ea105cd04323406dc429b5551538625109105d88b1ac480d0fb1e9d1977099707f9f9534b683d855c4d3c30a29c6678a3221e0dea7772f8859f572420708da9a030ddf973cf9f221404117b05efb76bb08ecf34aa9b36b0418c74f90a07e8e5c91e1d7c8a8ea596c0de9b10c222e9588c2bbc77d860b7197b42b42a1ab834ce24fccbbe20f2579ec6dbd4efb9aa1a3d2e062de594d289273e98342440045a0c134e400003b50d4243826b029ecd177cf3d2cf3d164ddc58f88a970a0bbdc7f0d60271cab0df2dde79d1b929cd3028effccbe94c05008f4261297024e4f72604d52db9da7b0e5f2f4f59ebe77b319c54aaab9581a8355b75594eb6dc0fc25e91052c89764256ca464f9f6e45bc34d6e5aa28e1fd93997b58f21feff551aa3ecb5375c19ee4543f7339418c11b9ea18fe2637a9bc9744cc9fcb21a7643eb87683694732154bd1eec746f1c57bac65cf18a83267ea437f7993644c510ac44307703ea28b20e52644dbaabbe9ee1e23a38b29b91cf9077fecdb98ff4e4749c9d6ad2901c5a891c07a8b0c26ad1f8126e6db537df7fff65486afeb85eda80e2a04d09d46720330700267cbcf205b5c00076c01d9db0a64d5426864d14cce1781098afdc28f9f5948ab7791627baf78c3e9df2c0ed9ce50b083bc7a34ee0087f4efde579e2dea313e4e20580c5e63d5ef4509c05a9dc38ced91340bbb9cf948bb03ea5e60c666a1a5c4acd385d0c1a01797b9b3183f4afbc925dd2641d21410b4b1af2f21f8cca330fbc08834e1e8210fdcf332f70f08b48a2655cf017ec8a19640f2f263c54876d6f4ad2193be944667f6498baa32225d2b5b82abd3f2fc64033f1db9adff6b1c788555d5ffa1a35d4a691802447b163ba9a615d6c958036528bbab84230d676145054828d530f0e3af417ad0480eaf2004b9002b644bcd8f0ecf860c31766ace95769ab4fd01f297c595b45e6c7b1c9f662044f43fc82b6244e5d08b1e556599096c034600e20ff000d996b6ba3a6700116127b9468c9567ad920ddcf7ccf9c0a74f49984e24a7aaa2321ee58583c1bdba668cb98c319f682ffc5957015ba1799930d4b676bd3bc76037f6bc2d9ddcb47efebd366a90dc7e67076ebc25e2ef2929a89faee06aa04538a3ae7b196dfecd33725ce9f859c5df4713b220ecd18b1613ba76aebbe8f9f93eeaea9e88e46e7ed24c4efbd86fcd57a4f9fc76152175782871ab211a18ae303be8e9459aab930597d17875c5f5f24d9b16bd8dc4e25f6a7a1de05763da11ee7e26e1e32ee0a5ab2de5d069d03a6ea95a33abc1025d59800fccfff1f0e0f7335e2778b8731cbae94828dbe70507c5369f36d457e98d6042e342cbffde2ee74e05cf0f8aa7185de485e5050294472cd8c7ae03977b62cb287a9d6e4d66650dbc4d89e58ad4f7c24d46573acf85f633d1af73cf655788b431bf22315bdae78d9f6f9cfe32330cbf77bb0195a60244d4bcd0ea35b94bcdf7255ff58f1fb11a09a06747337c95f332a0ade622d49ce0f2943517fb4da8049f3c1b53cb68475c2eb52551d40cbeaf5e79a748c5314bb531b4fc28494b65ee8513427e1fd3cc990fe4ef5ead14b65f1c3e9e0598edf42e2862e2eb180b3e674fc3005859ac56ad17022a8f48b49dcc97e991cfece1d52b7ca82e711944a877567ca0da0663276480d69fa4be56f425bb84dc9177d3e3ed45fb737ce026b8df38336f9efedb89a8650f9fb73918d300c909e9f9189458e1930f09b05433980e79a2eacd0dda32852bdb1a417e4ba62b83d0e17ac8d39834f41c8cd49517013ec658c4e10b38d0788df96764d13ce074271b51041671240549d18540271c8898a5c9e4be4895881235d59666a1f0f3b3cd098786afd6ab4781b73275232b488fb3d9eff77e71f8448a95c653fc80d069c15aa2a80d5799e6c45eb27ea8d6675f28f7aa7cfe3cef877c91ecf3e576e942a20312ffb48a64a91876ec5d1ad2f6a68946e73db4785894736106906731793c3482365d4151051c8d5f16dcb0348628e3aba4087ea8c9ce24bb93190fa12916f529c8eed6dfd3f5bc24d09b1ad377699de3f687b392ec921d81e35dc27bd14be4d004e713c3d07cf600255d45fdfb326b4327c9507c6f69d01236eb9383133dbaa787ba37de14a12e850ec60381a9ffab939ce16cb9b490685343048c0933bc280e809fc8114096ae2d303bbcbbc941b70b5d1d03f59f0b534fa195cbcf34e57d2aaee9c1dcddb5eafd8399fd1d53bfdb48a6f6d3153bb903ce411800f7220bdcfa312ac603672c163a0896b85409859b817cd304e73f278634fab0b1dbe226d7e4f93f220180c3434c7c22ac3143e06702f9a21e66a46d4980bd20d9b0c62846362d0a1151584a28a87902dd0f35187850d501c68900", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x8, {0x4, 0x1, 0xfffffffffffffff3, 0x0, 0x9, 0x0, {0x2, 0x80000808000080, 0x3, 0x6, 0x800000000003, 0x100000000000008, 0x80000000, 0x4, 0x6, 0x0, 0x7fffffff, r4, r5, 0x0, 0xcc}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000180)={'macvtap0\x00'})
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000000)={0x2, 0x8})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x7)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f00004e3000/0x2000)=nil, 0x2000, 0xe)

12.462172763s ago: executing program 2 (id=3917):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000280)=0xc7, 0x4)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setrlimit(0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100000000002c0001801400030000000000000000000000ffffac1414bb1400040000000000000000000000ffff000000003c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400fe8000000000000000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aab5fb91a4fc73b36849c8a9be678e5df8b0291c0daa0a59"], 0xc8}}, 0x20000000)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="b0000000daffffff", @ANYRES64=0x3, @ANYBLOB="040000000000000000000000000000000000000000000080040000000000000000000000ff000000010000000000f900060000000000", @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="04000000810000000000000000000000000000000200000000000000010000000700"/44], 0xb0)
r7 = dup(0xffffffffffffffff)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r8, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r8, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
unshare(0x40020000)

10.049012055s ago: executing program 2 (id=3927):
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
socket(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x0, 0x0, 0x83, 0xec}}]}}]}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x40000000015, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xa)
write$proc_mixer(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="414c5450434d20274c696e652043617074757265272030303030303030303030303030303030303030300a4c494e45320a4449474954414c330a535045414b4552202753796e7468272030303030303030303030433030303030617374657220506c61796261636b272030303030303030301a30303030303030303030300a4c494e45330a4c494e453120274d617374657220506061796261636b20d178d153424e47c2ab73"], 0xf7)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

8.311942118s ago: executing program 3 (id=3928):
syz_usb_connect$uac1(0x2, 0xa2, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000406b1d010140000102030109029000000001020c2402060602040c0032a304090401000001020000090401010101020000072401200400000c2402010201400f0a3b4725090501090000f7090607250183020c00090402000001030000090402010101020000050054b57f1cc27cba"], 0x0)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0xeef, 0x72c4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x7, 0x0, 0xff, [{{0x9, 0x4, 0x0, 0x9, 0x2, 0x3, 0x1, 0x1, 0x0, {0x9, 0x21, 0xf, 0x4, 0x1, {0x22, 0x6d0}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x8, 0xe7, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x8, 0x7, 0x12}}]}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0xf7, 0xe, 0x40, 0x10, 0x6}, 0x5, &(0x7f0000000080)={0x5, 0xf, 0x5}, 0x8, [{0x2b, &(0x7f0000000140)=@string={0x2b, 0x3, "e911b38cd5b49c17462bfa92597b15d4cfe35227e52b5681e7cf5c883e87349b81ef5a556ec58deafc"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x42d}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x425}}, {0x65, &(0x7f0000000200)=@string={0x65, 0x3, "49601fb6d85b9ed4778fb9d105e61cd244a8de66bad56ef33bff3f51074cd8a61bfa6b0d3903d763ff7451b9951223050eb3c325e83dad5bf342a8b15414614609cd72c7a4933219e5088e63559e223759d1bf0efeba1d177ce679e26533c7924128b0"}}, {0x97, &(0x7f0000000280)=@string={0x97, 0x3, "3268cb4e26d83ce888bfa036e956ede3821d6685ad97f76f849bf1732e33b40ec87d30d02ce59361b14bdb833379071d45b13fef97e9842eb2ee1cba4694a1bef688ec2e33a7821decdb58336799054e100ab107ddb4454437df8d73a2000d09dd3444c054fa7c7aba0417a1511ab95e3d4b7312e1668ac7feaf3bafbbc823c75e183f4aada9480e712a7eb3403e7f4e2039d5f67b"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x40d}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x441}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x843}}]}) (async)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0xeef, 0x72c4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x7, 0x0, 0xff, [{{0x9, 0x4, 0x0, 0x9, 0x2, 0x3, 0x1, 0x1, 0x0, {0x9, 0x21, 0xf, 0x4, 0x1, {0x22, 0x6d0}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x8, 0xe7, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x8, 0x7, 0x12}}]}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0xf7, 0xe, 0x40, 0x10, 0x6}, 0x5, &(0x7f0000000080)={0x5, 0xf, 0x5}, 0x8, [{0x2b, &(0x7f0000000140)=@string={0x2b, 0x3, "e911b38cd5b49c17462bfa92597b15d4cfe35227e52b5681e7cf5c883e87349b81ef5a556ec58deafc"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x42d}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x425}}, {0x65, &(0x7f0000000200)=@string={0x65, 0x3, "49601fb6d85b9ed4778fb9d105e61cd244a8de66bad56ef33bff3f51074cd8a61bfa6b0d3903d763ff7451b9951223050eb3c325e83dad5bf342a8b15414614609cd72c7a4933219e5088e63559e223759d1bf0efeba1d177ce679e26533c7924128b0"}}, {0x97, &(0x7f0000000280)=@string={0x97, 0x3, "3268cb4e26d83ce888bfa036e956ede3821d6685ad97f76f849bf1732e33b40ec87d30d02ce59361b14bdb833379071d45b13fef97e9842eb2ee1cba4694a1bef688ec2e33a7821decdb58336799054e100ab107ddb4454437df8d73a2000d09dd3444c054fa7c7aba0417a1511ab95e3d4b7312e1668ac7feaf3bafbbc823c75e183f4aada9480e712a7eb3403e7f4e2039d5f67b"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x40d}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x441}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x843}}]})

8.055856803s ago: executing program 0 (id=3929):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000280)={0x7, 0x100, "77c638b05041a0115f44304807e55536b7fc5ae52727d800", 0x1ff, 0x5, 0x79, 0xdf4})
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

6.259826459s ago: executing program 2 (id=3935):
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000720c0c40ac0553025a65000000010902120001000000000904000000030402"], 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000001240)={0xfe, "1cf11f0cf3df06723d68cf2e34bec1fe7aeb2e4f9bdca646c4d338b97ec131354c136ec6cf21a7fd51f27fb956a8ae3885ea642da767ac5f7080830a09b0ff10a4e89e9067691bc9d0c78817f1b777a16c084308ced3efc24ca6c31102220f5d34355338afe106101839c316ef0f88d2fcca226daf1c10a3b4d5bfc8a48d752e7f4a193c4b146ed8108bd5fbac85d2de914e1e1f4fd94decd9fdf1c7af946b07ccce200a7e5e20ac043bf7f8dcb806487be03132bf1f4ea1dc15bfee959c453bd5382b93ec14d8cd22c31ae731cbe7526b49c83607a4d6d0184af37286c08c9572e8b83c8dac93d59d5bf5767d5cd3c023cd121bc6894b0449b66a83345f8720f9113d0363314516e93cb1156ed299e6311c6c27c40a082795958fdfbc97243266bff54d143624911e7dd42e6cfc53bdace1643feecdf2b236a43f15c815cc95c6dd597a69d1e43791827ad87ec72c556ca24bbdfaa226f2367b76559dfb4b668d9b18bb089124f45be9c870cab5973d8a7488703e0c0704777129845591622a696f225bb81d93f5c72683e9778690770fab6750f3d8ff3162cbf04eb0be6477baa460b3f8e457a7b8bfdda324330accb61d513420c4db90797203eaf78e28160ebda297f435c87ba621e550ecbae53a8e48fa9ce5b40d578f6d20778fb060b7c6706d2b842596148cc25a33b5beb9071468af7ca3cebc7b57391b6b34f8d7b9"})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="09f37f7a2400e0623c76ea0010c1ec5f35034dffb931808728dfc3c57106e5dfef3861efd9a09131b5d93944bb66b2fb060637ca3017bc536ed3cd204f2425ebde0253c66d999537aba6304bf1b431802499c5b88586b9a5af72ed6aeed88f25d3f3de455ee6613a4b5b113b55871b56b3d64bd246d470bac24771ba303c83d63f34ed82a8f5bb857186926efbad34fe225909", @ANYRES16=r0, @ANYBLOB="010080000000000000006600000008000300", @ANYRES32=r3, @ANYBLOB="08002600b41400000800b70099000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x48, r0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x4, 0x4d}}}}, [@NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0xdbc1}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x8, 0x2}}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc, 0xbd, [0x3, 0x7ff, 0x401, 0x7]}]}, 0x48}}, 0x4000004)

6.150677615s ago: executing program 3 (id=3936):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f000052a000/0x2000)=nil) (async)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f000052a000/0x2000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x94}]}, 0x10)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) (async)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)

5.380017464s ago: executing program 1 (id=3939):
r0 = syz_open_dev$ndb(&(0x7f00000002c0), 0x0, 0x40000)
ioctl$BLKTRACESTOP(r0, 0x1275, 0x0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000600)=ANY=[], 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r1, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x38, 0x80}, 0x800)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
getsockopt$netlink(r5, 0x10e, 0x5, &(0x7f0000000080)=""/221, &(0x7f0000000000)=0xdd)
sendmmsg(r4, &(0x7f0000002940)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000240)="56d54ce93225402eabe0882d2211c8eb01189b9925fe668720e34cbfec8a6e1e5040ad6ff53b9b0f87affc7a1e608f8b372f7023d739b5a163ab43a814af6162c057", 0x42}], 0x1}}], 0x1, 0x0)
io_setup(0xff, &(0x7f0000000380))
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r6, 0x11c, 0x3, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)

4.449398188s ago: executing program 1 (id=3940):
r0 = socket(0x1e, 0x4, 0x0)
pipe2(&(0x7f0000000080), 0x4000)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="9f00", 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req={0x3fc, 0x2, 0x0, 0x5}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r1) (fail_nth: 2)

4.369195228s ago: executing program 2 (id=3941):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4)
r1 = syz_open_dev$mouse(&(0x7f0000000000), 0xfffffffffffffffb, 0x10400)
write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file0', [{0x20, '$$/%\xa9\'^vX*#(&{'}, {0x20, '\x00'}], 0xa, "09d7b5c5cc22f2b3b76e0507ac9e8621f0265a2b8b5d2891308c19c76c6f73f28cdddff7424e6bfdaa8c66019071ca14fed27c2c9345c470544cbbdad796ac75468ea354c1b62b34af543e1bbad9ec57cbae4e5045153ce85f73f6799fc30318792d080567bc83ccc5e5b6de6634ee073f1bbda2982d14b3e3be04f158a2307bb84b36be4b17cca85561b4825a9e343e8ff5e73120a15a797fefd6bdf7ccf154e42c706d2f19526ca4752ad2f27e9b85695500dcba5eca35bc2d4154cdfc7989b9d38615173f8f22d8f1bf8f"}, 0xe8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffa, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x3, @local, 0x6}, @in6={0xa, 0x4e24, 0x5, @loopback, 0x6}, @in6={0xa, 0x4e24, 0x1, @mcast2, 0x5}], 0x54)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}], 0x1c)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
setsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x14)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
syz_emit_ethernet(0x82, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000088a800008100000086dd6010be2e00442f00fc000000000000000000000000000000ff020000000000000000000000000001"], 0x0)

4.175827824s ago: executing program 3 (id=3942):
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x8031, 0xffffffffffffffff, 0xc08cd000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
unshare(0x2c020400)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_ENUMINPUT(r4, 0xc050561a, &(0x7f0000000540)={0x2, "2a123b084c7f8324cc76356ea2c2ef76068115ecfb56b46998cd6a640317a26f", 0x0, 0x0, 0x1, 0x400000, 0x2060501})
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(r5, &(0x7f0000000100), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r5, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x5c, r6, 0x404, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000001}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x39}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

4.097016155s ago: executing program 1 (id=3943):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000600)={<r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYRES32=r3, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)

3.998624248s ago: executing program 4 (id=3944):
openat$tun(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmmsg(r1, &(0x7f00000029c0), 0x400006d, 0x20000004)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140), &(0x7f0000000180)=0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000100)="03", 0x1, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, 0xffffffffffffffff, 0xec)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r3, 0x3ba0, &(0x7f0000000380)={0x48, 0xd, 0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0})
openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/../file0\x00')
epoll_create1(0x0)
r4 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
unshare(0x60400)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000300)="8c0b712a462083c428374433d488f2329c4f2d81981793947fbaf61853b3a439d8ee3dc4f91dfcffdbdbe8469ad4cccef777ecb334d47bc3b7503c178c883a2a968c44aec426a5f10dafa9751a2cb3544a56121091da998922cbc6716239536d51296679d44bb3c89d642c164c9db67b1236caa9aef1c781662bad9b6876d72509f28a8daa9ed24e502eb269c1d152115bc95be2baaecf6de6450fc14b0eafb6c8f7a5801ef0d52f9cfb89ea242e803a0a040609c1eba8de28dfef7c9ff392c7ce", 0xc1}], 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.87038198s ago: executing program 1 (id=3945):
unshare(0x2040400)
r0 = eventfd(0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c000000020301010000000000000000000000090800010001000023080003400000000f0800044000000028080001ac3882b2138e4843470a6a000200001a08000340000007ff080004ee6ac07f08090002000000000002000000080001000100000b0000010004000027090002000000000900000000c801c650aa6f8ae37fd5c5878fb277731a870e44ee97d7e5b5cbe77239e1dd9bfdaad8dcead4cd7c80067e19d61aac5e79b62ebca6773f728184b567b3f112ebbe8c6bd69e125af2139657ad1730a6d1ce6c914cadb9378dbebf4391ff9a6e61a22fed131a0c6a375f020d3e9ce4a6e4f167d09acb349bc36bc24003daeeeaa5f10586d4f44ca486f042e3cde7f5b2d1badf580fd673e649"], 0x6c}, 0x1, 0x0, 0x0, 0x20000010}, 0x20040020)
sync_file_range(r0, 0xffffffffffff0700, 0xfffffffffffffffd, 0x7)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f00002a5000/0x2000)=nil, 0x2000, 0x4, 0x50, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f00000007c0)=ANY=[], 0xc0, 0x4048015}}], 0x2, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x8, 0x339003)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000680), 0x48200, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, &(0x7f0000000180)={0x900, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r5, 0x3b72, &(0x7f0000000180)=ANY=[])
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="3000000010000100000000000000000008000000", @ANYRES32=r6, @ANYRESHEX, @ANYRES32, @ANYRES32=r2, @ANYRES32=r4, @ANYRES16=r2, @ANYRES8=r2], 0x30}], 0x1}, 0x0)
ioctl$SNDCTL_TMR_METRONOME(r2, 0x40045407)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x4000010, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r7, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x7, 0x0, 0x0, 0x0, 0x80002, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000600)={&(0x7f0000000500)="ec3501fe296a244cb3ae414bc0020f4a5568e5ed6424a4aaa45ad526dcf9670767785b593845a101afdc7634fc775bd0431f96c0eaff8f497d1a1ce596b514dfab67aa5fb3b910c858c8a262a2ae2e1a5c3f264f63b3a0eaf344fcd502018389832f7ffcdd61886fd34ed747ff957bc5568dbb30b006261167fbd9a1edf43678aee3d0914eadaf1b11bc4c98284969d20585b21a06c198ff4a96a301d7ffb021404e2b8b1557458ee20da2792c6fe896c56348bd657cd99eb5bfaabac5409c2bea80eacc81c25afc48bb45a7f50c1b676b5c29c42ca9a41701be9fc62c49471bcab58f1a5ca870aabf2ca958c3f263fbd6", &(0x7f0000000240)=""/106, &(0x7f0000000880)="d4fcfe355ff86be2a60d36d81f7cc534d904effd6b5647ca5f03ccedc0e048f89c2ddd7415a54cd043f2ced463dfff88482b07ee30bef3425b0e49c9d8272a9781a15c5af8af24ef3ea1e8c26636376589b723a8c39af63c43c9a8a8f016aa91ada74fe45606ddfe266e0f5229d61622b6d1fcb345c014626a037d0803abb84d60d2be5024da5c506d626a712a0e4955a94444f570c1a59e5d25e66682", &(0x7f0000000940)="f3621c26a18603fb341eb9f14ee20787e8aab9218780adc538b1f3c59ea69d65897c79e5872ff8575bd0a740e3ba0f55b589898d273acbbfb502052c484638f117a3bffbb82979c2831a5d6e1583b8157ab5141892d9c2a1f432fa5c60e9c83abd57796436178336f5fb702cb60d8a94b1ee08696dbffa782143f2dcbd10e495cea4388ac1d61887ce3af2b793b1e5cfcc907a81fb06e7309d2be780a51ebf57981f9fed38fa313e678d8dadc7ca95b16110d00186046ab74b419a1f808c791c47438912b2fe9ba459152753c1c710a622903f281cc9e25ed740484cbafc3d48f24d9c00"/246, 0x8}, 0x38)

3.85690356s ago: executing program 0 (id=3946):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x40}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x58}}, 0x0)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4001)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000340)={0x20, 0x3, 0x3, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x9}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0), 0x0, 0x0, &(0x7f0000003700)={0x77359400})

3.684024127s ago: executing program 0 (id=3947):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1c, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce0702000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
r0 = openat$vcsu(0xffffff9c, &(0x7f0000000180), 0x8c880, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x1ff)
r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.409167042s ago: executing program 4 (id=3948):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
fcntl$notify(r0, 0x402, 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket(0x1, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
read$nci(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0xfffffffffffffffe)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmsg$inet6(r3, &(0x7f0000000440)={&(0x7f0000000240)={0xa, 0x4e22, 0x3, @remote, 0x1}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000340)="ce", 0x1}], 0x1}, 0x44044)
r4 = syz_io_uring_setup(0x1d14, &(0x7f0000000380)={0x0, 0x5188, 0x10100, 0x800, 0x138}, &(0x7f0000000000), &(0x7f0000000200))
io_uring_enter(r4, 0x8038d5, 0x416e, 0x0, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000280)="f9", 0x1, 0x20000040, &(0x7f0000000040)={0xa, 0x0, 0x2, @private2}, 0x1c)
shutdown(r3, 0x1)
request_key(&(0x7f00000010c0)='dns_resolver\x00', 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

3.272212402s ago: executing program 2 (id=3949):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
munlockall() (fail_nth: 2)

3.168177858s ago: executing program 1 (id=3950):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)

3.052559142s ago: executing program 0 (id=3951):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
close_range(r0, r1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x0)

2.532944466s ago: executing program 1 (id=3952):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
recvmmsg$unix(r2, &(0x7f0000008c00)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f00000001c0)=""/174, 0xae}, {&(0x7f0000000280)=""/30, 0x1e}], 0x2, &(0x7f00000004c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf8}}, {{&(0x7f00000005c0)=@abs, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000640)=""/233, 0xe9}], 0x1, &(0x7f0000000780)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x80}}, {{&(0x7f0000000800), 0x6e, &(0x7f0000001900)=[{&(0x7f0000000880)=""/44, 0x2c}, {&(0x7f00000008c0)=""/53, 0x35}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x3, &(0x7f0000001940)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}, {{&(0x7f00000019c0), 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001a40)=""/161, 0xa1}, {&(0x7f0000001b00)=""/79, 0x4f}, {&(0x7f0000001b80)=""/77, 0x4d}, {&(0x7f0000001c00)=""/134, 0x86}, {&(0x7f0000001cc0)=""/71, 0x47}, {&(0x7f0000001d40)=""/23, 0x17}, {&(0x7f0000001d80)=""/128, 0x80}, {&(0x7f0000004280)=""/4096, 0x1000}, {&(0x7f0000005280)=""/4096, 0x1000}, {&(0x7f0000001e00)=""/97, 0x61}], 0xa, &(0x7f0000001f40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000002140)=@abs, 0x6e, &(0x7f0000008900)=[{&(0x7f0000002000)=""/2, 0x2}, {&(0x7f0000006280)=""/225, 0xe1}, {&(0x7f0000006380)=""/142, 0x8e}, {&(0x7f0000006440)=""/47, 0x2f}, {&(0x7f0000006480)=""/137, 0x89}, {&(0x7f0000006540)=""/199, 0xc7}, {&(0x7f0000006640)=""/62, 0x3e}, {&(0x7f00000086c0)=""/200, 0xc8}, {&(0x7f00000087c0)=""/74, 0x4a}, {&(0x7f0000008840)=""/162, 0xa2}], 0xa, &(0x7f00000089c0)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x70}}], 0x5, 0x60, &(0x7f0000006680)={0x0, 0x989680})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0)
ppoll(&(0x7f0000000100), 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000002c0)={0x8400001e}, 0x10)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0xeea390}}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
r7 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201010200000010f3044d07400001020301090224000101033005090400080103000921ff00010122b0681e058103100002ba070000"], &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1462e287aac843b20ff2e7179ea4dbfc1ca8476fd4515f1c2735de36fde20c4dc9c23e9f29c6bf8e231481c40c8dc160b75aae7ce6dc8c867943f6571c706624d4411b131379f246d2648739cee9a7366cff8623584d92495f5b32c1f806352d6264152adf7370c6fa3da27d3df1d9d42fb71d3fa71039d9a5fdd34b7def781a9ff2564a3abd1b001993d78389d1a2d6fbe3ceea194f3f99b189b73dcee2729f67b20c89f1ae5fd6562d58c674dfc791b791", @ANYRES64=r7, @ANYRES64=r7, @ANYRESHEX=r5, @ANYRES32=r5], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ff, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

1.803568763s ago: executing program 0 (id=3953):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @local}, 0x2}}, 0x2e)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x81, @mcast2, 0x5}, 0x1c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r3, &(0x7f00000019c0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x4, @remote, 0x7}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000280)="e9", 0x1}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x8}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000080)="54c2", 0x2}], 0x1}}], 0x2, 0x931766f6319eed44)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000600)={0x298, r5, 0x300, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x284, 0x11d, 0x0, 0x1, [{0xb0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0xa8, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xc00, 0xec96, 0x64a9, 0xff02, 0x6, 0x200, 0x40, 0x4200]}}, @NL80211_TXRATE_HT={0x14, 0x2, [{0x3, 0x9}, {0x1, 0x2}, {0x1, 0xa}, {0x4, 0x6}, {0x2, 0xa}, {0x1, 0x1}, {0x0, 0x9}, {0x2, 0x8}, {0x7, 0xa}, {0x5, 0x3}, {0x7, 0x9}, {0x3, 0x6}, {0x4, 0x7}, {0x2, 0x6}, {0x6, 0x6}, {0x1, 0x9}]}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x2240, 0x2, 0x3, 0x8, 0x3, 0x9, 0x881]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x1000, 0x40, 0xb, 0x4, 0x4038, 0xc, 0x8]}}, @NL80211_TXRATE_HT={0x6, 0x2, [{0x4, 0x7}, {0x2, 0x8}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x80, 0xff, 0xffff, 0x5, 0x4, 0x9, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x4}, {0x54, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xee}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x20, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x0, 0x6, 0x7, 0x200, 0x60, 0x0, 0x1000]}}]}, @NL80211_BAND_5GHZ={0x4}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xd2}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x148, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x134, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x54, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xca, 0x0, 0x0, 0x0, 0x89fe, 0xdf3, 0x3]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x6]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x30, 0x48, 0x24, 0xb, 0x9, 0x16, 0x6, 0x21, 0x18, 0x18, 0x9, 0xc, 0x6c, 0x36, 0x6, 0x0, 0x9, 0x4, 0x9, 0x9, 0x6, 0x3, 0x66, 0x4, 0x48, 0x24, 0x6c, 0x16, 0x18, 0x60, 0x18, 0x16]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_60GHZ={0xa0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x37, 0x2, [{0x1, 0x3}, {0x6, 0xa}, {0x5, 0x4}, {0x6, 0x7}, {0x7, 0x2}, {0x0, 0x3}, {0x5, 0x7}, {0x7, 0x4}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x3}, {0x3, 0x3}, {}, {0x0, 0x6}, {0x0, 0x5}, {0x7, 0x5}, {0x1, 0x5}, {0x6, 0x9}, {0x3, 0x4}, {0x6, 0x3}, {0x1, 0x5}, {0x7, 0x9}, {0x0, 0x2}, {0x4, 0x6}, {0x1, 0x4}, {0x0, 0xa}, {0x4, 0x9}, {0x2, 0x6}, {0x2, 0xa}, {0x5, 0x4}, {0x7, 0x2}, {0x2, 0x6}, {0x1, 0x4}, {0x2, 0xa}, {0x0, 0x5}, {0x5, 0x1}, {0x2, 0x3}, {0x0, 0x5}, {0x6, 0x8}, {0x4, 0x9}, {0x1, 0x8}, {0x0, 0x2}, {}, {0x1, 0x3}, {0x7}, {0x6, 0x4}, {0x5, 0x7}, {}, {0x1}, {0x4, 0x2}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x3, 0xc, 0x24, 0x18, 0x12, 0x48, 0x1, 0x6c, 0x6c, 0x18, 0x16, 0x7, 0x1, 0x36, 0x18, 0x22, 0x6c, 0x24, 0x1b, 0x6, 0x30, 0x9, 0x12, 0x6, 0x5, 0x3, 0x36, 0x6c, 0x2]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0xc, 0x30, 0x12, 0x18, 0x12, 0x71, 0x3, 0x41, 0x9]}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x7ff, 0xf0c0, 0x9, 0xbf8a, 0x8, 0x3, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x6, 0x8e, 0x8001, 0x120, 0x7, 0x4, 0x8]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x24}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfb}]}, {0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7fff}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}]}, 0x298}, 0x1, 0x0, 0x0, 0x4000}, 0x400c014)
shutdown(r3, 0x1)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x34, r6, 0x1, 0x70bd2b, 0x25dfdbfe, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaaa}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)

1.027453049s ago: executing program 3 (id=3954):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0)

784.009517ms ago: executing program 4 (id=3955):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000600)={<r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000", @ANYRES32=r3, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)

726.187901ms ago: executing program 0 (id=3956):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = syz_open_procfs(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4048800}, 0x0)
signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x8]}, 0x8)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, 0x0, 0x0)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

725.400601ms ago: executing program 3 (id=3957):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x40}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x58}}, 0x0)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4001)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000340)={0x20, 0x3, 0x3, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x9}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0), 0x0, 0x0, &(0x7f0000003700)={0x77359400})

577.19361ms ago: executing program 4 (id=3958):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

423.931925ms ago: executing program 3 (id=3959):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4)
r1 = syz_open_dev$mouse(&(0x7f0000000000), 0xfffffffffffffffb, 0x10400)
write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file0', [{0x20, '$$/%\xa9\'^vX*#(&{'}, {0x20, '\x00'}], 0xa, "09d7b5c5cc22f2b3b76e0507ac9e8621f0265a2b8b5d2891308c19c76c6f73f28cdddff7424e6bfdaa8c66019071ca14fed27c2c9345c470544cbbdad796ac75468ea354c1b62b34af543e1bbad9ec57cbae4e5045153ce85f73f6799fc30318792d080567bc83ccc5e5b6de6634ee073f1bbda2982d14b3e3be04f158a2307bb84b36be4b17cca85561b4825a9e343e8ff5e73120a15a797fefd6bdf7ccf154e42c706d2f19526ca4752ad2f27e9b85695500dcba5eca35bc2d4154cdfc7989b9d38615173f8f22d8f1bf8f"}, 0xe8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffa, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x3, @local, 0x6}, @in6={0xa, 0x4e24, 0x5, @loopback, 0x6}, @in6={0xa, 0x4e24, 0x1, @mcast2, 0x5}], 0x54)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}], 0x1c)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
setsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x14)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
syz_emit_ethernet(0x82, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000088a800008100000086dd6010be2e00442f00fc000000000000000000000000000000ff020000000000000000000000000001"], 0x0)

299.04898ms ago: executing program 4 (id=3960):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0xf000, 0xf0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

0s ago: executing program 4 (id=3961):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d520987f70e06d038e7ff7fc6e5539b0d650e8b089b3f363b68090890e0878f0e1ac6e7049b3b45959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07470936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000640)={0x2c, &(0x7f0000000480)={0x40, 0x6, 0xcd, {0xcd, 0x2, "901a00a7efb91b9ef91466d941af1b33c3f5877116adea4f3b89615964d7a5f284a259c806bcddb1c5c99e5cf1e4a59905b951d43f179e1bc50ae5f7ec541e62e84e2d64b2d9dc4fa5d487b891caa11d8d380146f6f2765c62974d58b9c5fa20c4e63897e6d3698e152460d1fc779abcf089b13b14ae48bf06b8ae9c66cf910e6bf3452a00692a5a6e2020320e0c7a6ad5052baa517fd3b926789b79c772c0979ec0898202d25be69085f4771858f422fd798e7c00b23391dd4dfbe105f564a5d9484ff0df41e7937d9f39"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0})
rt_sigprocmask(0x0, &(0x7f0000000400)={[0xfffff7feffff7ffc]}, 0x0, 0x8)
r4 = gettid()
tkill(r4, 0x12)
io_setup(0x2, &(0x7f00000001c0)=<r5=>0x0)
io_pgetevents(r5, 0x3, 0x3, &(0x7f0000000200)=[{}, {}, {}], &(0x7f0000000140)={0x0, 0x989680}, &(0x7f0000000380)={&(0x7f00000002c0)={[0x2368e8ff]}, 0x8})
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000440)={0x2c, &(0x7f0000000200)={0x40, 0xe, 0x4, "4321bb49"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0x13c, &(0x7f0000000040)={[{0xc4, 0x4e00, "a777fd23edfbc7dda820028ba603be3c380b53bd9bba99c5e5eb1d5e784379e8c126660c333e7d7fbf76ab82583b67f7f8bcb663d7517ab09e0daad484c8e4684c6ef79f1429d60d24b6def73e03f030a8e035f5c9ab3cd1e98226984435deb596750e1c665ab326ccb7551786892fe5081d126a8bae8c6a50123f34e9beaf9fb399fe41acf4a7843c3457eabc96daeae07e4eabacd14ec8e23e41a0078b2f0145261b931b8202c520aca11518d529163f5d9e9ed1047d533d390f1f1f65fb3499361244"}, {0x6f, 0x4e00, "6e3ef8d6810984d03ccd89562aff47baeb6464d0c69af16fee3fef1786e34d38828e0e61fc2a95dbc475653c17d1a49a06455ca2f795324047bd4ea1c7c59c1f26ffd49d81127f72b9ea800d5e4ea367e903f3074aff99c0d889d394d995202b25fbad577df8086ff8d8965b968297"}]})

kernel console output (not intermixed with test programs):

x7f
[  805.991996][T16965] RIP: 0033:0x7f77a378e929
[  805.992013][T16965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  805.992031][T16965] RSP: 002b:00007f77a451b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  805.992052][T16965] RAX: ffffffffffffffda RBX: 00007f77a39b5fa0 RCX: 00007f77a378e929
[  805.992067][T16965] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[  805.992080][T16965] RBP: 00007f77a451b090 R08: 0000000000000000 R09: 0000000000000000
[  805.992093][T16965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  805.992104][T16965] R13: 0000000000000000 R14: 00007f77a39b5fa0 R15: 00007f77a3adfa28
[  805.992143][T16965]  </TASK>
[  806.042473][T16943] netlink: 165 bytes leftover after parsing attributes in process `syz.3.3678'.
[  806.240622][T16966] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3678'.
[  806.268154][ T6905] em28xx 4-1:0.0: chip ID is em2874
[  806.467712][ T6095] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  806.504277][ T5893] usb 4-1: USB disconnect, device number 81
[  806.511837][ T5893] em28xx 4-1:0.0: Disconnecting em28xx
[  806.533001][ T5893] em28xx 4-1:0.0: Freeing device
[  806.577956][ T6905] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  806.640444][ T6095] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  806.658603][ T6095] usb 3-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19
[  806.672424][ T6095] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.685032][ T6095] usb 3-1: Product: syz
[  806.689966][ T6095] usb 3-1: Manufacturer: syz
[  806.694726][ T6095] usb 3-1: SerialNumber: syz
[  806.706769][ T6095] usb 3-1: config 0 descriptor??
[  806.722221][ T6095] usbtouchscreen 3-1:0.0: probe with driver usbtouchscreen failed with error -32
[  806.737840][ T6905] usb 5-1: Using ep0 maxpacket: 16
[  806.749902][ T6905] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  806.766710][ T6905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  806.782565][ T6905] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  806.791741][ T6905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.803804][ T6905] usb 5-1: Product: syz
[  806.809377][ T6905] usb 5-1: Manufacturer: syz
[  806.814112][ T6905] usb 5-1: SerialNumber: syz
[  806.827106][ T6905] usb 5-1: config 0 descriptor??
[  806.838830][ T6905] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  806.859672][ T6905] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  806.928017][T16969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3686'.
[  806.957655][   T30] audit: type=1326 audit(1749429113.125:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  806.980460][   T30] audit: type=1326 audit(1749429113.125:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  806.982000][   T44] usb 3-1: USB disconnect, device number 81
[  807.003713][   T30] audit: type=1326 audit(1749429113.125:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.010807][T15971] wlan0: Trigger new scan to find an IBSS to join
[  807.072803][   T30] audit: type=1326 audit(1749429113.125:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.122080][   T30] audit: type=1326 audit(1749429113.125:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.145178][   T30] audit: type=1326 audit(1749429113.125:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.168627][   T30] audit: type=1326 audit(1749429113.125:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.191630][   T30] audit: type=1326 audit(1749429113.125:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.234569][   T30] audit: type=1326 audit(1749429113.125:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.261856][   T30] audit: type=1326 audit(1749429113.125:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16967 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f77a378e929 code=0x7ffc0000
[  807.339592][T16985] sctp: [Deprecated]: syz.3.3692 (pid 16985) Use of struct sctp_assoc_value in delayed_ack socket option.
[  807.339592][T16985] Use struct sctp_sack_info instead
[  807.496675][ T6905] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  807.509279][ T6905] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  807.526752][ T6905] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  807.537382][ T6905] em28xx 5-1:0.0: No AC97 audio processor
[  807.559417][ T6905] usb 5-1: USB disconnect, device number 76
[  807.566724][ T6905] em28xx 5-1:0.0: Disconnecting em28xx
[  807.579752][ T6905] em28xx 5-1:0.0: Freeing device
[  807.678916][ T5893] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  807.707908][T16994] FAULT_INJECTION: forcing a failure.
[  807.707908][T16994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  807.724205][T16994] CPU: 0 UID: 0 PID: 16994 Comm: syz.2.3695 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  807.724231][T16994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  807.724242][T16994] Call Trace:
[  807.724248][T16994]  <TASK>
[  807.724256][T16994]  dump_stack_lvl+0x189/0x250
[  807.724291][T16994]  ? __pfx____ratelimit+0x10/0x10
[  807.724323][T16994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  807.724356][T16994]  ? __pfx__printk+0x10/0x10
[  807.724382][T16994]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  807.724411][T16994]  should_fail_ex+0x414/0x560
[  807.724445][T16994]  strncpy_from_user+0x36/0x290
[  807.724476][T16994]  __se_sys_add_key+0xcc/0x400
[  807.724501][T16994]  ? __pfx___se_sys_add_key+0x10/0x10
[  807.724528][T16994]  ? do_syscall_64+0xbe/0x3b0
[  807.724546][T16994]  ? __x64_sys_add_key+0x20/0xc0
[  807.724569][T16994]  do_syscall_64+0xfa/0x3b0
[  807.724588][T16994]  ? lockdep_hardirqs_on+0x9c/0x150
[  807.724619][T16994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.724640][T16994]  ? clear_bhb_loop+0x60/0xb0
[  807.724664][T16994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.724684][T16994] RIP: 0033:0x7f77a378e929
[  807.724703][T16994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  807.724721][T16994] RSP: 002b:00007f77a451b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  807.724743][T16994] RAX: ffffffffffffffda RBX: 00007f77a39b5fa0 RCX: 00007f77a378e929
[  807.724758][T16994] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000200000000040
[  807.724772][T16994] RBP: 00007f77a451b090 R08: fffffffffffffffd R09: 0000000000000000
[  807.724786][T16994] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[  807.724798][T16994] R13: 0000000000000001 R14: 00007f77a39b5fa0 R15: 00007f77a3adfa28
[  807.724828][T16994]  </TASK>
[  807.997664][ T5893] usb 4-1: Using ep0 maxpacket: 32
[  808.004818][ T5893] usb 4-1: unable to get BOS descriptor or descriptor too short
[  808.014172][ T5893] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  808.024836][ T5893] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  808.041549][ T5893] usb 4-1: New USB device found, idVendor=9710, idProduct=7840, bcdDevice=7f.91
[  808.050844][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.062305][ T5893] usb 4-1: Product: syz
[  808.066540][ T5893] usb 4-1: Manufacturer: syz
[  808.071282][ T5893] usb 4-1: SerialNumber: syz
[  808.134211][T17002] syz_tun: entered allmulticast mode
[  808.160580][T17001] syz_tun: left allmulticast mode
[  808.244381][ T2962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  808.373960][ T6905] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[  808.615374][ T6905] usb 2-1: config 0 has no interfaces?
[  808.690250][ T6905] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  808.763942][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  808.770454][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  808.784016][ T6905] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.788122][T17010] FAULT_INJECTION: forcing a failure.
[  808.788122][T17010] name failslab, interval 1, probability 0, space 0, times 0
[  808.833482][T17010] CPU: 0 UID: 0 PID: 17010 Comm: syz.0.3701 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  808.833523][T17010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  808.833536][T17010] Call Trace:
[  808.833545][T17010]  <TASK>
[  808.833558][T17010]  dump_stack_lvl+0x189/0x250
[  808.833596][T17010]  ? __pfx____ratelimit+0x10/0x10
[  808.833627][T17010]  ? __pfx_dump_stack_lvl+0x10/0x10
[  808.833658][T17010]  ? __pfx__printk+0x10/0x10
[  808.833686][T17010]  ? __pfx___might_resched+0x10/0x10
[  808.833716][T17010]  ? fs_reclaim_acquire+0x7d/0x100
[  808.833745][T17010]  should_fail_ex+0x414/0x560
[  808.833777][T17010]  should_failslab+0xa8/0x100
[  808.833800][T17010]  __kmalloc_noprof+0xcb/0x4f0
[  808.833818][T17010]  ? kfree+0x4d/0x440
[  808.833845][T17010]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  808.833880][T17010]  tomoyo_realpath_from_path+0xe3/0x5d0
[  808.833911][T17010]  ? tomoyo_domain+0xd9/0x130
[  808.833946][T17010]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  808.833969][T17010]  tomoyo_path_number_perm+0x1e8/0x5a0
[  808.833997][T17010]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  808.834038][T17010]  ? __lock_acquire+0xab9/0xd20
[  808.834087][T17010]  ? __fget_files+0x2a/0x420
[  808.834112][T17010]  ? __fget_files+0x2a/0x420
[  808.834133][T17010]  ? __fget_files+0x3a0/0x420
[  808.834160][T17010]  ? __fget_files+0x2a/0x420
[  808.834187][T17010]  security_file_ioctl+0xcb/0x2d0
[  808.834212][T17010]  __se_sys_ioctl+0x47/0x170
[  808.834245][T17010]  do_syscall_64+0xfa/0x3b0
[  808.834263][T17010]  ? lockdep_hardirqs_on+0x9c/0x150
[  808.834292][T17010]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.834313][T17010]  ? clear_bhb_loop+0x60/0xb0
[  808.834337][T17010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.834357][T17010] RIP: 0033:0x7fd85e38e929
[  808.834376][T17010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  808.834393][T17010] RSP: 002b:00007fd85f19a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  808.834415][T17010] RAX: ffffffffffffffda RBX: 00007fd85e5b5fa0 RCX: 00007fd85e38e929
[  808.834430][T17010] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  808.834443][T17010] RBP: 00007fd85f19a090 R08: 0000000000000000 R09: 0000000000000000
[  808.834455][T17010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.834467][T17010] R13: 0000000000000000 R14: 00007fd85e5b5fa0 R15: 00007fd85e6dfa28
[  808.834496][T17010]  </TASK>
[  808.836177][T17010] ERROR: Out of memory at tomoyo_realpath_from_path.
[  809.182894][ T5893] usb 4-1: USB disconnect, device number 82
[  809.221158][ T6905] usb 2-1: Product: syz
[  809.244331][ T6905] usb 2-1: Manufacturer: syz
[  809.262345][ T6905] usb 2-1: SerialNumber: syz
[  809.306728][ T6905] usb 2-1: config 0 descriptor??
[  809.380817][T14469] bridge_slave_1: left allmulticast mode
[  809.399495][T14469] bridge_slave_1: left promiscuous mode
[  809.437093][T14469] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.478424][T14469] bridge_slave_0: left allmulticast mode
[  809.485631][T14469] bridge_slave_0: left promiscuous mode
[  809.502489][T14469] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.603810][T17000] misc userio: No port type given on /dev/userio
[  809.611928][T17000] misc userio: The device must be registered before sending interrupts
[  809.667977][ T6905] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  809.698523][T17025] binder: 17024:17025 ioctl c0306201 2000000003c0 returned -14
[  809.848257][ T6905] usb 3-1: Using ep0 maxpacket: 16
[  809.864973][ T6905] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  809.883054][ T6905] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  809.924036][ T6905] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  809.966769][ T6905] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  809.984482][ T6905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.996720][ T6905] usb 3-1: Product: syz
[  810.005511][ T6905] usb 3-1: Manufacturer: syz
[  810.013570][ T6905] usb 3-1: SerialNumber: syz
[  810.066099][ T6905] usb 3-1: config 0 descriptor??
[  810.102523][T17021] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  810.499626][ T5893] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  810.569616][T14469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  810.630101][T14469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  810.675819][ T5893] usb 4-1: Using ep0 maxpacket: 8
[  810.695363][ T5893] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  810.715317][T14469] bond0 (unregistering): Released all slaves
[  810.724478][ T5893] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  810.751019][ T5893] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  810.785808][ T5893] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  810.843690][ T5893] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  810.867927][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.006929][    C1] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71)
[  811.024483][ T6905] mcba_usb 3-1:0.0: Microchip CAN BUS Analyzer connected
[  811.031867][    C1] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71)
[  811.197967][ T6094] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  811.348119][ T6094] usb 5-1: Using ep0 maxpacket: 16
[  811.362482][ T6094] usb 5-1: config 0 has an invalid interface number: 64 but max is 0
[  811.375422][ T6094] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  811.377873][ T6905] usb 3-1: USB disconnect, device number 82
[  811.463990][ T6905] mcba_usb 3-1:0.0 can0: device disconnected
[  811.513874][ T6094] usb 5-1: config 0 has no interface number 0
[  811.570833][ T6094] usb 5-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b
[  811.632208][ T6094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.715502][T14469] hsr_slave_0: left promiscuous mode
[  811.726604][T17041] FAULT_INJECTION: forcing a failure.
[  811.726604][T17041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  811.762865][T14469] hsr_slave_1: left promiscuous mode
[  811.810846][T14469] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  811.821250][ T6094] usb 5-1: config 0 descriptor??
[  811.847790][T17041] CPU: 0 UID: 0 PID: 17041 Comm: syz.0.3709 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  811.847819][T17041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  811.847831][T17041] Call Trace:
[  811.847838][T17041]  <TASK>
[  811.847844][T17041]  dump_stack_lvl+0x189/0x250
[  811.847870][T17041]  ? __pfx____ratelimit+0x10/0x10
[  811.847915][T17041]  ? __pfx_dump_stack_lvl+0x10/0x10
[  811.847939][T17041]  ? __pfx__printk+0x10/0x10
[  811.847955][T17041]  ? __might_fault+0xb0/0x130
[  811.847977][T17041]  should_fail_ex+0x414/0x560
[  811.848000][T17041]  _copy_from_user+0x2d/0xb0
[  811.848016][T17041]  ___sys_sendmsg+0x158/0x2a0
[  811.848039][T17041]  ? __pfx____sys_sendmsg+0x10/0x10
[  811.848083][T17041]  ? __fget_files+0x2a/0x420
[  811.848100][T17041]  ? __fget_files+0x3a0/0x420
[  811.848123][T17041]  __x64_sys_sendmsg+0x19b/0x260
[  811.848144][T17041]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  811.848170][T17041]  ? __pfx_ksys_write+0x10/0x10
[  811.848183][T17041]  ? rcu_is_watching+0x15/0xb0
[  811.848210][T17041]  ? do_syscall_64+0xbe/0x3b0
[  811.848226][T17041]  do_syscall_64+0xfa/0x3b0
[  811.848239][T17041]  ? lockdep_hardirqs_on+0x9c/0x150
[  811.848262][T17041]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.848276][T17041]  ? clear_bhb_loop+0x60/0xb0
[  811.848294][T17041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.848308][T17041] RIP: 0033:0x7fd85e38e929
[  811.848322][T17041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.848335][T17041] RSP: 002b:00007fd85f19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  811.848350][T17041] RAX: ffffffffffffffda RBX: 00007fd85e5b5fa0 RCX: 00007fd85e38e929
[  811.848361][T17041] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  811.848371][T17041] RBP: 00007fd85f19a090 R08: 0000000000000000 R09: 0000000000000000
[  811.848380][T17041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.848389][T17041] R13: 0000000000000000 R14: 00007fd85e5b5fa0 R15: 00007fd85e6dfa28
[  811.848430][T17041]  </TASK>
[  812.088406][T14469] batman_adv: batadv0: Removing interface: batadv_slave_0
[  812.152997][T14469] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  812.160814][T14469] batman_adv: batadv0: Removing interface: batadv_slave_1
[  812.181816][ T6094] usb 5-1: Found UVC 0.00 device <unnamed> (0bd3:0555)
[  812.194620][ T6094] usb 5-1: No valid video chain found.
[  812.255120][ T6905] usb 2-1: USB disconnect, device number 92
[  812.289290][T14469] veth1_macvtap: left promiscuous mode
[  812.294969][T14469] veth0_macvtap: left promiscuous mode
[  812.300910][T14469] veth1_vlan: left promiscuous mode
[  812.306367][T14469] veth0_vlan: left promiscuous mode
[  812.389808][T17034] kvm: user requested TSC rate below hardware speed
[  812.711249][ T5893] usb 4-1: usb_control_msg returned -71
[  812.751757][ T5893] usbtmc 4-1:16.0: can't read capabilities
[  812.809537][ T5893] usb 4-1: USB disconnect, device number 83
[  812.987784][ T6905] usb 5-1: USB disconnect, device number 77
[  813.237749][ T5893] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  813.334883][T17069] FAULT_INJECTION: forcing a failure.
[  813.334883][T17069] name failslab, interval 1, probability 0, space 0, times 0
[  813.367119][T17069] CPU: 1 UID: 0 PID: 17069 Comm: syz.4.3715 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  813.367149][T17069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  813.367162][T17069] Call Trace:
[  813.367170][T17069]  <TASK>
[  813.367178][T17069]  dump_stack_lvl+0x189/0x250
[  813.367215][T17069]  ? __pfx____ratelimit+0x10/0x10
[  813.367247][T17069]  ? __pfx_dump_stack_lvl+0x10/0x10
[  813.367277][T17069]  ? __pfx__printk+0x10/0x10
[  813.367305][T17069]  ? __pfx___might_resched+0x10/0x10
[  813.367335][T17069]  ? fs_reclaim_acquire+0x7d/0x100
[  813.367364][T17069]  should_fail_ex+0x414/0x560
[  813.367395][T17069]  ? seq_read_iter+0x1fd/0xe10
[  813.367423][T17069]  should_failslab+0xa8/0x100
[  813.367447][T17069]  __kvmalloc_node_noprof+0x161/0x5f0
[  813.367469][T17069]  ? seq_read_iter+0x1fd/0xe10
[  813.367504][T17069]  seq_read_iter+0x1fd/0xe10
[  813.367536][T17069]  ? end_current_label_crit_section+0x152/0x180
[  813.367587][T17069]  proc_reg_read_iter+0x1b4/0x280
[  813.367618][T17069]  vfs_read+0x4cd/0x980
[  813.367657][T17069]  ? __pfx_vfs_read+0x10/0x10
[  813.367695][T17069]  ? __fget_files+0x2a/0x420
[  813.367727][T17069]  ksys_read+0x145/0x250
[  813.367748][T17069]  ? __pfx_ksys_read+0x10/0x10
[  813.367774][T17069]  ? rcu_is_watching+0x15/0xb0
[  813.367810][T17069]  ? do_syscall_64+0xbe/0x3b0
[  813.367834][T17069]  do_syscall_64+0xfa/0x3b0
[  813.367852][T17069]  ? lockdep_hardirqs_on+0x9c/0x150
[  813.367882][T17069]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.367902][T17069]  ? clear_bhb_loop+0x60/0xb0
[  813.367927][T17069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.367946][T17069] RIP: 0033:0x7fb3a198e929
[  813.367965][T17069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  813.367983][T17069] RSP: 002b:00007fb3a28d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  813.368004][T17069] RAX: ffffffffffffffda RBX: 00007fb3a1bb5fa0 RCX: 00007fb3a198e929
[  813.368019][T17069] RDX: 0000000000002020 RSI: 0000200000001580 RDI: 0000000000000003
[  813.368032][T17069] RBP: 00007fb3a28d0090 R08: 0000000000000000 R09: 0000000000000000
[  813.368044][T17069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  813.368056][T17069] R13: 0000000000000000 R14: 00007fb3a1bb5fa0 R15: 00007fb3a1cdfa28
[  813.368087][T17069]  </TASK>
[  813.497838][ T5893] usb 4-1: Using ep0 maxpacket: 32
[  813.900275][ T5893] usb 4-1: unable to get BOS descriptor or descriptor too short
[  813.909414][ T5893] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  813.920716][ T5893] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  814.047807][T17078] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3716'.
[  814.097831][ T5893] usb 4-1: New USB device found, idVendor=9710, idProduct=7840, bcdDevice=7f.91
[  814.110534][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.119656][ T5893] usb 4-1: Product: syz
[  814.124750][ T5893] usb 4-1: Manufacturer: syz
[  814.130539][ T5893] usb 4-1: SerialNumber: syz
[  815.075241][ T5893] usb 4-1: USB disconnect, device number 84
[  815.517810][ T5893] usb 4-1: new low-speed USB device number 85 using dummy_hcd
[  815.690273][ T5893] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  815.720003][ T5893] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  815.747543][ T5893] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  815.774929][ T5893] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  815.789991][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.806054][T14469] team0 (unregistering): Port device team_slave_1 removed
[  815.833789][ T5893] hub 4-1:1.0: bad descriptor, ignoring hub
[  815.839878][ T5893] hub 4-1:1.0: probe with driver hub failed with error -5
[  815.848451][ T5893] cdc_wdm 4-1:1.0: skipping garbage
[  815.853809][ T5893] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[  815.978970][T14469] team0 (unregistering): Port device team_slave_0 removed
[  816.067826][ T6102] IPVS: starting estimator thread 0...
[  816.110096][T17088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  816.142213][T17088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  816.243738][T17095] IPVS: using max 43 ests per chain, 103200 per kthread
[  816.508884][ T6102] usb 4-1: USB disconnect, device number 85
[  816.839039][T17097] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  816.992049][T17081] ip6gretap1: entered promiscuous mode
[  817.027739][T17081] ip6gretap1: entered allmulticast mode
[  817.188047][ T5893] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  817.397800][ T5893] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  817.443108][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  817.508850][ T5893] usb 3-1: config 0 descriptor??
[  817.580354][ T5893] cp210x 3-1:0.0: cp210x converter detected
[  817.718384][ T5893] usb 3-1: cp210x converter now attached to ttyUSB0
[  817.718654][T14469] IPVS: stop unused estimator thread 0...
[  817.848736][   T44] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  817.947842][ T6102] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  817.975927][ T5893] usb 3-1: USB disconnect, device number 83
[  818.003781][ T5893] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  818.020396][ T5893] cp210x 3-1:0.0: device disconnected
[  818.044161][   T44] usb 4-1: Using ep0 maxpacket: 32
[  818.053377][   T44] usb 4-1: unable to get BOS descriptor or descriptor too short
[  818.064510][   T44] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  818.097722][ T6102] usb 5-1: Using ep0 maxpacket: 32
[  818.107747][   T44] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  818.135399][ T6102] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  818.170564][ T6102] usb 5-1: config 0 has no interface number 0
[  818.179243][   T44] usb 4-1: New USB device found, idVendor=9710, idProduct=7840, bcdDevice=7f.91
[  818.214033][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.225682][ T6102] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  818.253957][ T6102] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.272539][   T44] usb 4-1: Product: syz
[  818.276839][   T44] usb 4-1: Manufacturer: syz
[  818.294556][ T6102] usb 5-1: Product: syz
[  818.299174][   T44] usb 4-1: SerialNumber: syz
[  818.304687][ T6102] usb 5-1: Manufacturer: syz
[  818.314878][ T6102] usb 5-1: SerialNumber: syz
[  818.362180][ T6102] usb 5-1: config 0 descriptor??
[  818.372195][ T6102] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  818.956025][ T6102] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  818.994916][ T6102] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  819.337657][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  819.347056][ T6102] usb 5-1: USB disconnect, device number 78
[  819.408314][ T6102] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  819.497213][ T6102] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  819.516564][   T44] usb 4-1: USB disconnect, device number 86
[  819.588882][ T6102] quatech2 5-1:0.51: device disconnected
[  819.681621][T17144] FAULT_INJECTION: forcing a failure.
[  819.681621][T17144] name failslab, interval 1, probability 0, space 0, times 0
[  819.714307][T17144] CPU: 0 UID: 0 PID: 17144 Comm: syz.3.3735 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  819.714338][T17144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  819.714354][T17144] Call Trace:
[  819.714362][T17144]  <TASK>
[  819.714371][T17144]  dump_stack_lvl+0x189/0x250
[  819.714422][T17144]  ? __pfx____ratelimit+0x10/0x10
[  819.714455][T17144]  ? __pfx_dump_stack_lvl+0x10/0x10
[  819.714487][T17144]  ? __pfx__printk+0x10/0x10
[  819.714515][T17144]  ? __pfx___might_resched+0x10/0x10
[  819.714554][T17144]  should_fail_ex+0x414/0x560
[  819.714587][T17144]  should_failslab+0xa8/0x100
[  819.714612][T17144]  kmem_cache_alloc_noprof+0x73/0x3c0
[  819.714646][T17144]  ? getname_flags+0xb8/0x540
[  819.714675][T17144]  getname_flags+0xb8/0x540
[  819.714704][T17144]  __x64_sys_execveat+0xad/0xe0
[  819.714741][T17144]  do_syscall_64+0xfa/0x3b0
[  819.714759][T17144]  ? lockdep_hardirqs_on+0x9c/0x150
[  819.714791][T17144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.714813][T17144]  ? clear_bhb_loop+0x60/0xb0
[  819.714838][T17144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.714858][T17144] RIP: 0033:0x7f0ebb58e929
[  819.714878][T17144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.714897][T17144] RSP: 002b:00007f0ebc455038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  819.714920][T17144] RAX: ffffffffffffffda RBX: 00007f0ebb7b5fa0 RCX: 00007f0ebb58e929
[  819.714935][T17144] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  819.714950][T17144] RBP: 00007f0ebc455090 R08: 0000000000001000 R09: 0000000000000000
[  819.714964][T17144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.714977][T17144] R13: 0000000000000000 R14: 00007f0ebb7b5fa0 R15: 00007f0ebb8dfa28
[  819.715013][T17144]  </TASK>
[  819.968050][ T5893] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  819.997047][T17150] FAULT_INJECTION: forcing a failure.
[  819.997047][T17150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  820.010569][T17150] CPU: 0 UID: 0 PID: 17150 Comm: syz.3.3738 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  820.010597][T17150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  820.010611][T17150] Call Trace:
[  820.010620][T17150]  <TASK>
[  820.010629][T17150]  dump_stack_lvl+0x189/0x250
[  820.010668][T17150]  ? __pfx____ratelimit+0x10/0x10
[  820.010700][T17150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  820.010734][T17150]  ? __pfx__printk+0x10/0x10
[  820.010757][T17150]  ? __might_fault+0xb0/0x130
[  820.010789][T17150]  should_fail_ex+0x414/0x560
[  820.010822][T17150]  _copy_from_user+0x2d/0xb0
[  820.010844][T17150]  __sys_sendto+0x25c/0x520
[  820.010873][T17150]  ? __pfx___sys_sendto+0x10/0x10
[  820.010894][T17150]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  820.010929][T17150]  ? __fget_files+0x3a0/0x420
[  820.010973][T17150]  ? ksys_write+0x22a/0x250
[  820.010995][T17150]  ? __pfx_ksys_write+0x10/0x10
[  820.011021][T17150]  __x64_sys_sendto+0xde/0x100
[  820.011050][T17150]  do_syscall_64+0xfa/0x3b0
[  820.011069][T17150]  ? lockdep_hardirqs_on+0x9c/0x150
[  820.011100][T17150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.011121][T17150]  ? clear_bhb_loop+0x60/0xb0
[  820.011147][T17150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.011167][T17150] RIP: 0033:0x7f0ebb5907bc
[  820.011185][T17150] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  820.011205][T17150] RSP: 002b:00007f0ebc453ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  820.011226][T17150] RAX: ffffffffffffffda RBX: 00007f0ebc453fc0 RCX: 00007f0ebb5907bc
[  820.011242][T17150] RDX: 0000000000000020 RSI: 00007f0ebc454010 RDI: 0000000000000004
[  820.011256][T17150] RBP: 0000000000000000 R08: 00007f0ebc453f14 R09: 000000000000000c
[  820.011269][T17150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  820.011282][T17150] R13: 00007f0ebc453f68 R14: 00007f0ebc454010 R15: 0000000000000000
[  820.011314][T17150]  </TASK>
[  820.299394][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  820.306720][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  820.319049][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.329384][ T5893] usb 3-1: New USB device found, idVendor=0079, idProduct=1843, bcdDevice= 0.00
[  820.338549][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.347675][ T5835] usb 2-1: new low-speed USB device number 93 using dummy_hcd
[  820.358301][ T5893] usb 3-1: config 0 descriptor??
[  820.499726][ T5835] usb 2-1: config 7 has an invalid interface number: 252 but max is 0
[  820.508182][ T5835] usb 2-1: config 7 has no interface number 0
[  820.514364][ T5835] usb 2-1: config 7 interface 252 altsetting 8 endpoint 0xF has an invalid bInterval 232, changing to 4
[  820.527772][ T5835] usb 2-1: config 7 interface 252 altsetting 8 endpoint 0xF has invalid maxpacket 64, setting to 0
[  820.539060][ T5835] usb 2-1: config 7 interface 252 has no altsetting 0
[  820.551461][ T5835] usb 2-1: string descriptor 0 read error: -22
[  820.558061][ T5835] usb 2-1: New USB device found, idVendor=0681, idProduct=0005, bcdDevice=56.c0
[  820.577653][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.602724][ T5835] idmouse 2-1:7.252: Unable to find bulk-in endpoint.
[  820.713885][T17152] fuse: Unknown parameter 'group_i00000000000000000000'
[  820.775945][ T5893] usbhid 3-1:0.0: can't add hid device: -71
[  820.782098][ T5893] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  820.808377][ T5893] usb 3-1: USB disconnect, device number 84
[  820.829256][ T6095] usb 2-1: USB disconnect, device number 93
[  820.997973][ T5835] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  821.147758][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  821.154732][ T5835] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  821.163144][ T5835] usb 4-1: config 0 has no interface number 0
[  821.169343][ T5835] usb 4-1: config 0 interface 184 has no altsetting 0
[  821.180831][ T5835] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  821.190008][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.198491][ T5835] usb 4-1: Product: syz
[  821.202702][ T5835] usb 4-1: Manufacturer: syz
[  821.207315][ T5835] usb 4-1: SerialNumber: syz
[  821.214588][ T5835] usb 4-1: config 0 descriptor??
[  821.222029][ T5835] smsc75xx v1.0.0
[  822.168246][T17172] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  822.597854][ T6905] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  822.677383][   T44] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  822.861264][ T6905] usb 5-1: Using ep0 maxpacket: 32
[  822.872054][   T44] usb 3-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  822.909417][ T6905] usb 5-1: unable to get BOS descriptor or descriptor too short
[  822.961932][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.006111][   T44] usb 3-1: config 0 descriptor??
[  823.011940][ T6905] usb 5-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  823.067216][ T6905] usb 5-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  823.086491][   T44] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input45
[  823.142911][ T6905] usb 5-1: New USB device found, idVendor=9710, idProduct=7840, bcdDevice=7f.91
[  823.161783][ T6905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.215474][ T6905] usb 5-1: Product: syz
[  823.314925][ T6905] usb 5-1: Manufacturer: syz
[  823.347528][ T6905] usb 5-1: SerialNumber: syz
[  824.066100][ T5835] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  824.123066][ T5835] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  824.196115][ T6905] usb 5-1: USB disconnect, device number 79
[  824.285578][ T5835] usb 4-1: USB disconnect, device number 87
[  824.751137][   T44] usb 5-1: new low-speed USB device number 80 using dummy_hcd
[  824.931333][   T44] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  824.995054][   T44] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  825.042085][   T44] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  825.105290][   T44] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  825.181042][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.267472][   T44] hub 5-1:1.0: bad descriptor, ignoring hub
[  825.323020][   T44] hub 5-1:1.0: probe with driver hub failed with error -5
[  825.372567][   T44] cdc_wdm 5-1:1.0: skipping garbage
[  825.393794][   T44] cdc_wdm 5-1:1.0: skipping garbage
[  825.405011][   T44] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  825.459442][T17187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  825.468623][T17187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  825.575909][ T6094] usb 3-1: USB disconnect, device number 85
[  825.798300][ T6905] usb 5-1: USB disconnect, device number 80
[  825.863967][T17204] kAFS: unparsable volume name
[  826.018524][T17209] FAULT_INJECTION: forcing a failure.
[  826.018524][T17209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  826.069977][T17209] CPU: 0 UID: 0 PID: 17209 Comm: syz.3.3756 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  826.070009][T17209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  826.070023][T17209] Call Trace:
[  826.070032][T17209]  <TASK>
[  826.070042][T17209]  dump_stack_lvl+0x189/0x250
[  826.070081][T17209]  ? __pfx____ratelimit+0x10/0x10
[  826.070113][T17209]  ? __pfx_dump_stack_lvl+0x10/0x10
[  826.070146][T17209]  ? __pfx__printk+0x10/0x10
[  826.070170][T17209]  ? __might_fault+0xb0/0x130
[  826.070219][T17209]  should_fail_ex+0x414/0x560
[  826.070254][T17209]  _copy_from_user+0x2d/0xb0
[  826.070278][T17209]  do_ipv6_setsockopt+0x32d/0x2fb0
[  826.070315][T17209]  ? aa_label_sk_perm+0x413/0x560
[  826.070344][T17209]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  826.070375][T17209]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  826.070420][T17209]  ? __pfx___might_resched+0x10/0x10
[  826.070456][T17209]  ? rcu_read_lock_any_held+0xb3/0x120
[  826.070485][T17209]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  826.070510][T17209]  ? vfs_write+0x8d8/0xa90
[  826.070549][T17209]  ? aa_sk_perm+0x81e/0x950
[  826.070579][T17209]  ? __pfx_aa_sk_perm+0x10/0x10
[  826.070602][T17209]  ? __lock_acquire+0xab9/0xd20
[  826.070643][T17209]  ipv6_setsockopt+0x59/0x170
[  826.070673][T17209]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  826.070699][T17209]  do_sock_setsockopt+0x257/0x3e0
[  826.070727][T17209]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  826.070759][T17209]  ? __fget_files+0x2a/0x420
[  826.070793][T17209]  __x64_sys_setsockopt+0x18b/0x220
[  826.070827][T17209]  do_syscall_64+0xfa/0x3b0
[  826.070847][T17209]  ? lockdep_hardirqs_on+0x9c/0x150
[  826.070879][T17209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.070902][T17209]  ? clear_bhb_loop+0x60/0xb0
[  826.070928][T17209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.070949][T17209] RIP: 0033:0x7f0ebb58e929
[  826.070968][T17209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.070988][T17209] RSP: 002b:00007f0ebc455038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  826.071011][T17209] RAX: ffffffffffffffda RBX: 00007f0ebb7b5fa0 RCX: 00007f0ebb58e929
[  826.071027][T17209] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  826.071041][T17209] RBP: 00007f0ebc455090 R08: 0000000000000068 R09: 0000000000000000
[  826.071055][T17209] R10: 0000200000000f40 R11: 0000000000000246 R12: 0000000000000001
[  826.071069][T17209] R13: 0000000000000000 R14: 00007f0ebb7b5fa0 R15: 00007f0ebb8dfa28
[  826.071101][T17209]  </TASK>
[  826.617963][ T6905] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  826.647760][ T6094] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  826.794057][ T6905] usb 2-1: Using ep0 maxpacket: 32
[  826.810174][ T6905] usb 2-1: unable to get BOS descriptor or descriptor too short
[  826.814239][ T6094] usb 4-1: Using ep0 maxpacket: 32
[  826.828472][ T6905] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  826.842547][ T6905] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  826.855519][ T6905] usb 2-1: New USB device found, idVendor=9710, idProduct=7840, bcdDevice=7f.91
[  826.869402][ T6094] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  826.869518][ T6905] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.887476][ T6905] usb 2-1: Product: syz
[  826.891955][ T5835] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  826.893838][ T6905] usb 2-1: Manufacturer: syz
[  826.899770][ T6094] usb 4-1: config 0 has no interface number 0
[  826.904691][ T6905] usb 2-1: SerialNumber: syz
[  826.953133][ T6094] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  826.963170][ T6094] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.977638][ T6094] usb 4-1: Product: syz
[  826.985492][ T6094] usb 4-1: Manufacturer: syz
[  826.993984][ T6094] usb 4-1: SerialNumber: syz
[  827.014381][ T6094] usb 4-1: config 0 descriptor??
[  827.032926][ T6094] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  827.071369][ T5835] usb 3-1: config 0 has no interfaces?
[  827.084325][ T5835] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  827.102014][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.116368][ T5835] usb 3-1: Product: syz
[  827.125801][ T5835] usb 3-1: Manufacturer: syz
[  827.136783][ T5835] usb 3-1: SerialNumber: syz
[  827.157037][ T5835] usb 3-1: config 0 descriptor??
[  827.244363][ T6094] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  827.265770][ T6094] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  827.446427][T17226] misc userio: No port type given on /dev/userio
[  827.471411][T17226] misc userio: The device must be registered before sending interrupts
[  827.657122][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  827.658720][ T6102] usb 4-1: USB disconnect, device number 88
[  827.715030][ T6102] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  827.754850][ T6905] usb 2-1: USB disconnect, device number 94
[  827.773002][ T6102] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  827.799481][ T6102] quatech2 4-1:0.51: device disconnected
[  828.627785][ T6905] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  828.781879][ T6905] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  828.898194][ T6905] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  829.091708][ T6905] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  829.141425][ T6905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  829.211729][T17239] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  829.224789][ T6905] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  829.506337][ T6905] usb 4-1: USB disconnect, device number 89
[  829.662232][ T5835] usb 3-1: USB disconnect, device number 86
[  830.327682][ T6905] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  830.477688][   T44] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[  830.485373][ T6905] usb 4-1: device descriptor read/64, error -71
[  830.767815][ T6905] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[  830.932476][   T44] usb 2-1: config 0 has no interfaces?
[  830.973247][   T44] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  831.011471][ T6905] usb 4-1: device descriptor read/64, error -71
[  831.031741][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.112779][   T44] usb 2-1: Product: syz
[  831.117228][   T44] usb 2-1: Manufacturer: syz
[  831.121973][   T44] usb 2-1: SerialNumber: syz
[  831.143314][ T6905] usb usb4-port1: attempt power cycle
[  831.179875][   T44] usb 2-1: config 0 descriptor??
[  832.090242][ T6905] usb usb4-port1: Cannot enable. Maybe the USB cable is bad?
[  832.237845][ T6905] usb 4-1: new low-speed USB device number 93 using dummy_hcd
[  832.266584][ T6905] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  832.286926][ T6905] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  832.321630][ T6905] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  832.386268][ T6905] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  832.419641][ T6905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  832.449392][ T6905] hub 4-1:1.0: bad descriptor, ignoring hub
[  832.479913][ T6905] hub 4-1:1.0: probe with driver hub failed with error -5
[  832.544574][ T6905] cdc_wdm 4-1:1.0: skipping garbage
[  832.570469][ T6905] cdc_wdm 4-1:1.0: skipping garbage
[  832.613977][ T6905] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[  832.669650][T17268] program syz.0.3773 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  832.694403][T17263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  832.712403][T17263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  833.058114][ T6905] usb 4-1: USB disconnect, device number 93
[  833.128795][T17274] netlink: 'syz.4.3775': attribute type 30 has an invalid length.
[  833.444244][ T5893] usb 2-1: USB disconnect, device number 95
[  833.667833][ T6095] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  833.915136][ T5835] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[  834.002183][ T6095] usb 3-1: Using ep0 maxpacket: 32
[  834.057708][T16065] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  834.062923][ T6095] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  834.074456][ T6095] usb 3-1: config 0 has no interface number 0
[  834.084664][ T6095] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  834.095563][ T6095] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.117844][ T6095] usb 3-1: Product: syz
[  834.154215][ T6095] usb 3-1: Manufacturer: syz
[  834.167860][ T6095] usb 3-1: SerialNumber: syz
[  834.200654][ T6095] usb 3-1: config 0 descriptor??
[  834.211766][ T6095] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  834.238195][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  834.246076][ T5835] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  834.257494][ T5835] usb 4-1: config 0 has no interface number 0
[  834.280931][ T5835] usb 4-1: config 0 interface 184 has no altsetting 0
[  834.305945][ T5835] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  834.306598][T16065] usb 5-1: config 0 has no interfaces?
[  834.316239][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.342484][ T5835] usb 4-1: Product: syz
[  834.346821][ T5835] usb 4-1: Manufacturer: syz
[  834.359591][ T5835] usb 4-1: SerialNumber: syz
[  834.377102][ T5835] usb 4-1: config 0 descriptor??
[  834.406739][ T5835] smsc75xx v1.0.0
[  834.419799][ T6095] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  834.488167][ T6095] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  834.820571][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  834.834398][ T6095] usb 3-1: USB disconnect, device number 87
[  834.859292][ T6095] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  834.895532][ T6095] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  834.937311][ T6095] quatech2 3-1:0.51: device disconnected
[  835.156516][T16065] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  835.210216][T16065] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  835.243345][T16065] usb 5-1: Product: syz
[  835.251714][T16065] usb 5-1: Manufacturer: syz
[  835.266825][T16065] usb 5-1: SerialNumber: syz
[  835.289762][T16065] usb 5-1: config 0 descriptor??
[  835.555746][T17294] \: renamed from vlan0 (while UP)
[  836.521973][T17304] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  838.163122][ T5835] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  838.193902][ T5835] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  838.212828][ T5835] usb 4-1: USB disconnect, device number 94
[  838.316127][ T6095] usb 5-1: USB disconnect, device number 81
[  838.579853][T17323] FAULT_INJECTION: forcing a failure.
[  838.579853][T17323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.615459][T17323] CPU: 0 UID: 0 PID: 17323 Comm: syz.4.3787 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  838.615490][T17323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  838.615503][T17323] Call Trace:
[  838.615513][T17323]  <TASK>
[  838.615522][T17323]  dump_stack_lvl+0x189/0x250
[  838.615559][T17323]  ? __pfx____ratelimit+0x10/0x10
[  838.615590][T17323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  838.615621][T17323]  ? __pfx__printk+0x10/0x10
[  838.615643][T17323]  ? __might_fault+0xb0/0x130
[  838.615672][T17323]  should_fail_ex+0x414/0x560
[  838.615702][T17323]  _copy_from_user+0x2d/0xb0
[  838.615723][T17323]  ___sys_recvmsg+0x12e/0x510
[  838.615756][T17323]  ? __pfx____sys_recvmsg+0x10/0x10
[  838.615804][T17323]  ? __fget_files+0x3a0/0x420
[  838.615836][T17323]  do_recvmmsg+0x307/0x770
[  838.615869][T17323]  ? __pfx_do_recvmmsg+0x10/0x10
[  838.615906][T17323]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  838.615942][T17323]  __x64_sys_recvmmsg+0x190/0x240
[  838.615971][T17323]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  838.616003][T17323]  ? do_syscall_64+0xbe/0x3b0
[  838.616025][T17323]  do_syscall_64+0xfa/0x3b0
[  838.616041][T17323]  ? lockdep_hardirqs_on+0x9c/0x150
[  838.616069][T17323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.616088][T17323]  ? clear_bhb_loop+0x60/0xb0
[  838.616110][T17323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.616129][T17323] RIP: 0033:0x7fb3a198e929
[  838.616146][T17323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.616163][T17323] RSP: 002b:00007fb3a28af038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  838.616184][T17323] RAX: ffffffffffffffda RBX: 00007fb3a1bb6080 RCX: 00007fb3a198e929
[  838.616199][T17323] RDX: 03ffffffffffff62 RSI: 00002000000005c0 RDI: 0000000000000004
[  838.616212][T17323] RBP: 00007fb3a28af090 R08: 0000000000000000 R09: 0000000000000000
[  838.616224][T17323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.616236][T17323] R13: 0000000000000001 R14: 00007fb3a1bb6080 R15: 00007fb3a1cdfa28
[  838.616264][T17323]  </TASK>
[  840.174497][ T5835] usb 5-1: new low-speed USB device number 82 using dummy_hcd
[  840.292156][T17339] netlink: 'syz.0.3792': attribute type 10 has an invalid length.
[  840.317495][T17339] team0: Device ipvlan1 failed to register rx_handler
[  840.453168][ T5835] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  840.463798][ T5835] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  840.513899][ T5835] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  840.563961][ T5835] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  840.598829][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.624899][T17348] FAULT_INJECTION: forcing a failure.
[  840.624899][T17348] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  840.662768][ T5835] hub 5-1:1.0: bad descriptor, ignoring hub
[  840.667263][T17348] CPU: 1 UID: 0 PID: 17348 Comm: syz.2.3795 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  840.667296][T17348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  840.667310][T17348] Call Trace:
[  840.667319][T17348]  <TASK>
[  840.667328][T17348]  dump_stack_lvl+0x189/0x250
[  840.667371][T17348]  ? __pfx____ratelimit+0x10/0x10
[  840.667407][T17348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  840.667442][T17348]  ? __pfx__printk+0x10/0x10
[  840.667467][T17348]  ? __might_fault+0xb0/0x130
[  840.667499][T17348]  should_fail_ex+0x414/0x560
[  840.667534][T17348]  _copy_from_user+0x2d/0xb0
[  840.667563][T17348]  ___sys_sendmsg+0x158/0x2a0
[  840.667595][T17348]  ? __pfx____sys_sendmsg+0x10/0x10
[  840.667662][T17348]  ? __fget_files+0x2a/0x420
[  840.667702][T17348]  ? __fget_files+0x3a0/0x420
[  840.667748][T17348]  __x64_sys_sendmsg+0x19b/0x260
[  840.667783][T17348]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  840.667843][T17348]  ? __pfx_ksys_write+0x10/0x10
[  840.667860][T17348]  ? rcu_is_watching+0x15/0xb0
[  840.667906][T17348]  ? do_syscall_64+0xbe/0x3b0
[  840.667934][T17348]  do_syscall_64+0xfa/0x3b0
[  840.667957][T17348]  ? lockdep_hardirqs_on+0x9c/0x150
[  840.667991][T17348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.668016][T17348]  ? clear_bhb_loop+0x60/0xb0
[  840.668046][T17348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.668070][T17348] RIP: 0033:0x7f77a378e929
[  840.668091][T17348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.668115][T17348] RSP: 002b:00007f77a451b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  840.668141][T17348] RAX: ffffffffffffffda RBX: 00007f77a39b5fa0 RCX: 00007f77a378e929
[  840.668159][T17348] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  840.668176][T17348] RBP: 00007f77a451b090 R08: 0000000000000000 R09: 0000000000000000
[  840.668192][T17348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  840.668206][T17348] R13: 0000000000000000 R14: 00007f77a39b5fa0 R15: 00007f77a3adfa28
[  840.668250][T17348]  </TASK>
[  840.906934][T17335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  840.919835][T17335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  840.969345][ T6098] usb 4-1: new full-speed USB device number 95 using dummy_hcd
[  841.171634][ T5835] hub 5-1:1.0: probe with driver hub failed with error -5
[  841.200080][T17355] FAULT_INJECTION: forcing a failure.
[  841.200080][T17355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.221749][ T6098] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  841.221903][T17355] CPU: 1 UID: 0 PID: 17355 Comm: syz.0.3797 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  841.221936][T17355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  841.221951][T17355] Call Trace:
[  841.221960][T17355]  <TASK>
[  841.221971][T17355]  dump_stack_lvl+0x189/0x250
[  841.222014][T17355]  ? __pfx____ratelimit+0x10/0x10
[  841.222052][T17355]  ? __pfx_dump_stack_lvl+0x10/0x10
[  841.222091][T17355]  ? __pfx__printk+0x10/0x10
[  841.222118][T17355]  ? __might_fault+0xb0/0x130
[  841.222154][T17355]  should_fail_ex+0x414/0x560
[  841.222191][T17355]  _copy_from_user+0x2d/0xb0
[  841.222218][T17355]  ___sys_sendmsg+0x158/0x2a0
[  841.222253][T17355]  ? __pfx____sys_sendmsg+0x10/0x10
[  841.222344][T17355]  ? __fget_files+0x2a/0x420
[  841.222371][T17355]  ? __fget_files+0x3a0/0x420
[  841.222487][T17355]  __x64_sys_sendmsg+0x19b/0x260
[  841.222525][T17355]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  841.222569][T17355]  ? __pfx_ksys_write+0x10/0x10
[  841.222590][T17355]  ? rcu_is_watching+0x15/0xb0
[  841.222643][T17355]  ? do_syscall_64+0xbe/0x3b0
[  841.222671][T17355]  do_syscall_64+0xfa/0x3b0
[  841.222693][T17355]  ? lockdep_hardirqs_on+0x9c/0x150
[  841.222732][T17355]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.222755][T17355]  ? clear_bhb_loop+0x60/0xb0
[  841.222785][T17355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.222809][T17355] RIP: 0033:0x7fd85e38e929
[  841.222833][T17355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.222855][T17355] RSP: 002b:00007fd85f19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  841.222881][T17355] RAX: ffffffffffffffda RBX: 00007fd85e5b5fa0 RCX: 00007fd85e38e929
[  841.222900][T17355] RDX: 0000000000000000 RSI: 0000200000000640 RDI: 0000000000000003
[  841.222917][T17355] RBP: 00007fd85f19a090 R08: 0000000000000000 R09: 0000000000000000
[  841.222933][T17355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.222947][T17355] R13: 0000000000000000 R14: 00007fd85e5b5fa0 R15: 00007fd85e6dfa28
[  841.222984][T17355]  </TASK>
[  841.444700][ T5835] cdc_wdm 5-1:1.0: skipping garbage
[  841.450086][ T5835] cdc_wdm 5-1:1.0: skipping garbage
[  841.455337][ T5835] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  841.527091][ T5835] usb 5-1: USB disconnect, device number 82
[  841.605613][ T6098] usb 4-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  841.620206][ T6098] usb 4-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  841.629715][ T6098] usb 4-1: Product: syz
[  841.634022][ T6098] usb 4-1: Manufacturer: syz
[  841.639586][ T6098] usb 4-1: SerialNumber: syz
[  841.651335][ T6098] usb 4-1: config 0 descriptor??
[  841.660648][ T6098] gspca_main: conex-2.14.0 probing 0572:0041
[  841.797715][ T6094] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  841.918242][T17362] FAULT_INJECTION: forcing a failure.
[  841.918242][T17362] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.935166][T17362] CPU: 0 UID: 0 PID: 17362 Comm: syz.4.3802 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  841.935195][T17362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  841.935213][T17362] Call Trace:
[  841.935222][T17362]  <TASK>
[  841.935232][T17362]  dump_stack_lvl+0x189/0x250
[  841.935272][T17362]  ? __pfx____ratelimit+0x10/0x10
[  841.935305][T17362]  ? __pfx_dump_stack_lvl+0x10/0x10
[  841.935357][T17362]  ? __pfx__printk+0x10/0x10
[  841.935390][T17362]  ? __might_fault+0xb0/0x130
[  841.935422][T17362]  should_fail_ex+0x414/0x560
[  841.935456][T17362]  _copy_from_user+0x2d/0xb0
[  841.935480][T17362]  ___sys_sendmsg+0x158/0x2a0
[  841.935514][T17362]  ? __pfx____sys_sendmsg+0x10/0x10
[  841.935579][T17362]  ? __fget_files+0x2a/0x420
[  841.935603][T17362]  ? __fget_files+0x3a0/0x420
[  841.935638][T17362]  __x64_sys_sendmsg+0x19b/0x260
[  841.935670][T17362]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  841.935710][T17362]  ? __pfx_ksys_write+0x10/0x10
[  841.935729][T17362]  ? rcu_is_watching+0x15/0xb0
[  841.935769][T17362]  ? do_syscall_64+0xbe/0x3b0
[  841.935795][T17362]  do_syscall_64+0xfa/0x3b0
[  841.935815][T17362]  ? lockdep_hardirqs_on+0x9c/0x150
[  841.935848][T17362]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.935871][T17362]  ? clear_bhb_loop+0x60/0xb0
[  841.935898][T17362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.935920][T17362] RIP: 0033:0x7fb3a198e929
[  841.935940][T17362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.935960][T17362] RSP: 002b:00007fb3a28d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  841.935983][T17362] RAX: ffffffffffffffda RBX: 00007fb3a1bb5fa0 RCX: 00007fb3a198e929
[  841.935999][T17362] RDX: 0000000008000080 RSI: 0000200000000140 RDI: 0000000000000003
[  841.936013][T17362] RBP: 00007fb3a28d0090 R08: 0000000000000000 R09: 0000000000000000
[  841.936027][T17362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.936040][T17362] R13: 0000000000000000 R14: 00007fb3a1bb5fa0 R15: 00007fb3a1cdfa28
[  841.936074][T17362]  </TASK>
[  842.164711][ T6094] usb 3-1: Using ep0 maxpacket: 32
[  842.175979][ T6094] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  842.184825][ T6094] usb 3-1: config 0 has no interface number 0
[  842.195444][ T6094] usb 3-1: config 0 interface 184 has no altsetting 0
[  842.225092][ T6094] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  842.234394][ T6094] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.242703][ T6094] usb 3-1: Product: syz
[  842.246912][ T6094] usb 3-1: Manufacturer: syz
[  842.255513][ T6094] usb 3-1: SerialNumber: syz
[  842.263908][ T6094] usb 3-1: config 0 descriptor??
[  842.280848][ T6094] smsc75xx v1.0.0
[  842.337986][ T6098] usb 4-1: USB disconnect, device number 95
[  842.772426][T17372] FAULT_INJECTION: forcing a failure.
[  842.772426][T17372] name failslab, interval 1, probability 0, space 0, times 0
[  842.785260][T17372] CPU: 1 UID: 0 PID: 17372 Comm: syz.1.3805 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  842.785288][T17372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  842.785301][T17372] Call Trace:
[  842.785309][T17372]  <TASK>
[  842.785318][T17372]  dump_stack_lvl+0x189/0x250
[  842.785357][T17372]  ? __pfx____ratelimit+0x10/0x10
[  842.785390][T17372]  ? __pfx_dump_stack_lvl+0x10/0x10
[  842.785422][T17372]  ? __pfx__printk+0x10/0x10
[  842.785451][T17372]  ? __pfx___might_resched+0x10/0x10
[  842.785481][T17372]  ? fs_reclaim_acquire+0x7d/0x100
[  842.785511][T17372]  should_fail_ex+0x414/0x560
[  842.785542][T17372]  should_failslab+0xa8/0x100
[  842.785566][T17372]  __kmalloc_noprof+0xcb/0x4f0
[  842.785584][T17372]  ? kfree+0x4d/0x440
[  842.785611][T17372]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  842.785646][T17372]  tomoyo_realpath_from_path+0xe3/0x5d0
[  842.785678][T17372]  ? tomoyo_domain+0xd9/0x130
[  842.785713][T17372]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  842.785736][T17372]  tomoyo_path_number_perm+0x1e8/0x5a0
[  842.785764][T17372]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  842.785806][T17372]  ? __lock_acquire+0xab9/0xd20
[  842.785855][T17372]  ? __fget_files+0x2a/0x420
[  842.785880][T17372]  ? __fget_files+0x2a/0x420
[  842.785902][T17372]  ? __fget_files+0x3a0/0x420
[  842.785923][T17372]  ? __fget_files+0x2a/0x420
[  842.785949][T17372]  security_file_ioctl+0xcb/0x2d0
[  842.785975][T17372]  __se_sys_ioctl+0x47/0x170
[  842.786008][T17372]  do_syscall_64+0xfa/0x3b0
[  842.786027][T17372]  ? lockdep_hardirqs_on+0x9c/0x150
[  842.786069][T17372]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.786090][T17372]  ? clear_bhb_loop+0x60/0xb0
[  842.786114][T17372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.786134][T17372] RIP: 0033:0x7fd29f58e929
[  842.786153][T17372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  842.786171][T17372] RSP: 002b:00007fd2a037e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  842.786193][T17372] RAX: ffffffffffffffda RBX: 00007fd29f7b6080 RCX: 00007fd29f58e929
[  842.786208][T17372] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  842.786221][T17372] RBP: 00007fd2a037e090 R08: 0000000000000000 R09: 0000000000000000
[  842.786233][T17372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  842.786245][T17372] R13: 0000000000000001 R14: 00007fd29f7b6080 R15: 00007fd29f8dfa28
[  842.786276][T17372]  </TASK>
[  842.787755][ T6098] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  842.803239][T17372] ERROR: Out of memory at tomoyo_realpath_from_path.
[  842.997936][ T6098] usb 5-1: Using ep0 maxpacket: 8
[  843.079842][T17375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3806'.
[  843.230314][ T6098] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  843.248963][T17380] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  843.265069][ T6098] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  843.275832][ T6098] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  843.294421][ T6098] usb 5-1: Product: syz
[  843.313318][ T6098] usb 5-1: Manufacturer: syz
[  843.327844][ T6098] usb 5-1: SerialNumber: syz
[  843.336481][ T6098] usb 5-1: config 0 descriptor??
[  843.370489][ T6098] ati_remote 5-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  843.573280][T17367] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  843.703589][ T6102] usb 5-1: USB disconnect, device number 83
[  844.495692][T17389] FAULT_INJECTION: forcing a failure.
[  844.495692][T17389] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  844.577776][T17389] CPU: 0 UID: 0 PID: 17389 Comm: syz.4.3808 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  844.577799][T17389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  844.577809][T17389] Call Trace:
[  844.577815][T17389]  <TASK>
[  844.577822][T17389]  dump_stack_lvl+0x189/0x250
[  844.577851][T17389]  ? __pfx____ratelimit+0x10/0x10
[  844.577874][T17389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  844.577897][T17389]  ? __pfx__printk+0x10/0x10
[  844.577913][T17389]  ? __might_fault+0xb0/0x130
[  844.577935][T17389]  should_fail_ex+0x414/0x560
[  844.577959][T17389]  _copy_from_user+0x2d/0xb0
[  844.577975][T17389]  ___sys_sendmsg+0x158/0x2a0
[  844.578015][T17389]  ? __pfx____sys_sendmsg+0x10/0x10
[  844.578057][T17389]  ? __fget_files+0x2a/0x420
[  844.578071][T17389]  ? __fget_files+0x3a0/0x420
[  844.578092][T17389]  __x64_sys_sendmsg+0x19b/0x260
[  844.578111][T17389]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  844.578134][T17389]  ? __pfx_ksys_write+0x10/0x10
[  844.578145][T17389]  ? rcu_is_watching+0x15/0xb0
[  844.578169][T17389]  ? do_syscall_64+0xbe/0x3b0
[  844.578184][T17389]  do_syscall_64+0xfa/0x3b0
[  844.578196][T17389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.578208][T17389]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  844.578221][T17389]  ? clear_bhb_loop+0x60/0xb0
[  844.578236][T17389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.578248][T17389] RIP: 0033:0x7fb3a198e929
[  844.578262][T17389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.578273][T17389] RSP: 002b:00007fb3a28d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  844.578288][T17389] RAX: ffffffffffffffda RBX: 00007fb3a1bb5fa0 RCX: 00007fb3a198e929
[  844.578298][T17389] RDX: 0000000004000000 RSI: 0000200000001b80 RDI: 0000000000000003
[  844.578306][T17389] RBP: 00007fb3a28d0090 R08: 0000000000000000 R09: 0000000000000000
[  844.578315][T17389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  844.578323][T17389] R13: 0000000000000000 R14: 00007fb3a1bb5fa0 R15: 00007fb3a1cdfa28
[  844.578342][T17389]  </TASK>
[  845.437941][ T6102] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  845.518317][ T6094] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  845.647699][ T6102] usb 5-1: device descriptor read/64, error -71
[  845.751726][ T6094] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  845.857938][ T6094] usb 3-1: USB disconnect, device number 88
[  845.944122][ T6102] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  846.088118][ T6102] usb 5-1: device descriptor read/64, error -71
[  846.208681][ T6102] usb usb5-port1: attempt power cycle
[  846.277881][T16065] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[  846.470377][T16065] usb 4-1: device descriptor read/64, error -71
[  846.570355][ T6102] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  846.608480][ T6102] usb 5-1: device descriptor read/8, error -71
[  846.747691][T16065] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[  846.848022][ T6102] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  846.878109][T16065] usb 4-1: device descriptor read/64, error -71
[  846.885233][ T6102] usb 5-1: device descriptor read/8, error -71
[  847.001169][T16065] usb usb4-port1: attempt power cycle
[  847.007052][ T6102] usb usb5-port1: unable to enumerate USB device
[  847.549480][T17412] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3816'.
[  847.659827][T16065] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[  847.698364][T16065] usb 4-1: device descriptor read/8, error -71
[  847.960930][T16065] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[  847.989888][T16065] usb 4-1: device descriptor read/8, error -71
[  848.098052][T16065] usb usb4-port1: unable to enumerate USB device
[  848.229845][ T6905] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[  848.380061][T16065] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  848.388761][ T6905] usb 2-1: Using ep0 maxpacket: 16
[  848.404933][ T6905] usb 2-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  848.416307][ T6905] usb 2-1: config 0 interface 0 has no altsetting 0
[  848.424076][T17427] vivid-003: disconnect
[  848.428690][ T6905] usb 2-1: New USB device found, idVendor=05ac, idProduct=0273, bcdDevice= 0.00
[  848.445332][ T6905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  848.475029][ T6905] usb 2-1: config 0 descriptor??
[  848.572665][T16065] usb 3-1: config 0 has no interfaces?
[  848.586652][T16065] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  848.609468][T16065] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.631818][T16065] usb 3-1: Product: syz
[  848.642713][T16065] usb 3-1: Manufacturer: syz
[  848.647820][T16065] usb 3-1: SerialNumber: syz
[  848.656157][T16065] usb 3-1: config 0 descriptor??
[  848.694864][ T6905] usb 2-1: string descriptor 0 read error: -71
[  848.753009][ T6905] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input46
[  848.779191][ T5191] bcm5974 2-1:0.0: could not read from device
[  848.796453][ T5191] bcm5974 2-1:0.0: could not read from device
[  848.812212][ T6905] usb 2-1: USB disconnect, device number 96
[  848.823090][ T5191] bcm5974 2-1:0.0: could not read from device
[  848.834422][ T5191] bcm5974 2-1:0.0: could not read from device
[  849.120227][T17425] vivid-003: reconnect
[  849.124551][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  849.147457][   T30] audit: type=1326 audit(1749429155.295:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.195589][   T30] audit: type=1326 audit(1749429155.295:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.222046][   T30] audit: type=1326 audit(1749429155.295:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.481225][   T30] audit: type=1326 audit(1749429155.295:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.516011][   T30] audit: type=1326 audit(1749429155.295:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.538872][   T30] audit: type=1326 audit(1749429155.295:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.567679][   T30] audit: type=1326 audit(1749429155.295:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.590534][   T30] audit: type=1326 audit(1749429155.295:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.769002][   T30] audit: type=1326 audit(1749429155.295:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  849.823799][   T30] audit: type=1326 audit(1749429155.295:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17425 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3a198e929 code=0x7fc00000
[  850.021027][ T6905] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  850.047717][T16065] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[  850.191656][ T6905] usb 5-1: Using ep0 maxpacket: 16
[  850.199980][ T6905] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  850.213085][ T6905] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  850.222221][T16065] usb 4-1: Using ep0 maxpacket: 32
[  850.227603][ T6905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  850.237877][T16065] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  850.247792][T16065] usb 4-1: config 0 has no interface number 0
[  850.254704][ T6905] usb 5-1: config 0 descriptor??
[  850.260121][T16065] usb 4-1: config 0 interface 184 has no altsetting 0
[  850.270177][T16065] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  850.282056][T16065] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  850.292919][T16065] usb 4-1: Product: syz
[  850.297148][T16065] usb 4-1: Manufacturer: syz
[  850.301990][T16065] usb 4-1: SerialNumber: syz
[  850.312617][T16065] usb 4-1: config 0 descriptor??
[  850.321203][T16065] smsc75xx v1.0.0
[  850.691608][ T6905] logitech 0003:046D:C24F.0018: ignoring exceeding usage max
[  850.708924][ T6905] logitech 0003:046D:C24F.0018: hidraw0: USB HID v10.00 Device [HID 046d:c24f] on usb-dummy_hcd.4-1/input0
[  850.731184][ T6905] logitech 0003:046D:C24F.0018: no inputs found
[  850.986341][ T6094] usb 5-1: USB disconnect, device number 88
[  851.058598][T17449] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  851.492670][ T6094] usb 3-1: USB disconnect, device number 89
[  852.826251][T16065] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  852.862857][T16065] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  852.905666][T16065] usb 4-1: USB disconnect, device number 100
[  853.220112][T17466] netlink: 'syz.2.3828': attribute type 7 has an invalid length.
[  853.247721][ T6905] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  853.298158][T17466] : entered promiscuous mode
[  853.457818][ T6905] usb 2-1: Using ep0 maxpacket: 8
[  853.481531][T17476] vivid-001: disconnect
[  853.487420][ T6905] usb 2-1: config 0 has an invalid interface number: 155 but max is 1
[  853.500506][ T6905] usb 2-1: config 0 has an invalid interface number: 245 but max is 1
[  853.509216][ T6905] usb 2-1: config 0 has no interface number 0
[  853.523125][ T6905] usb 2-1: config 0 has no interface number 1
[  853.542881][ T6905] usb 2-1: config 0 interface 155 has no altsetting 0
[  853.578121][T17473] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3828'.
[  853.592495][T17473] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  853.612993][ T6905] usb 2-1: config 0 interface 245 has no altsetting 0
[  853.626334][ T6905] usb 2-1: New USB device found, idVendor=04c8, idProduct=0720, bcdDevice=b8.b6
[  853.803545][ T6905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.814815][ T6905] usb 2-1: config 0 descriptor??
[  854.045305][ T6905] usb 2-1: string descriptor 0 read error: -71
[  854.085712][T17474] vivid-001: reconnect
[  854.135717][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  854.135740][   T30] audit: type=1326 audit(1749429160.265:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17474 comm="syz.3.3833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb58e929 code=0x7fc00000
[  854.161155][ T6905] usb 2-1: USB disconnect, device number 97
[  855.117746][ T6905] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  855.191584][T17501] netlink: 212364 bytes leftover after parsing attributes in process `syz.1.3843'.
[  855.205659][T17501] openvswitch: netlink: Message has 5 unknown bytes.
[  855.227328][T17501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3843'.
[  855.280787][ T6905] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  855.296382][ T6905] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  855.314519][ T6905] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  855.329289][ T6905] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  855.466445][ T6905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  855.502871][ T6905] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  855.517409][ T6905] usb 3-1: invalid MIDI out EP 0
[  855.751743][ T6905] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  855.765025][T17489] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  855.775346][T17508] vivid-002: disconnect
[  855.813225][T17489] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  856.439691][T17504] vivid-002: reconnect
[  856.445144][   T30] audit: type=1326 audit(1749429162.615:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.513057][   T30] audit: type=1326 audit(1749429162.615:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.615570][   T30] audit: type=1326 audit(1749429162.615:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.718699][   T30] audit: type=1326 audit(1749429162.615:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.744825][   T30] audit: type=1326 audit(1749429162.615:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.807767][   T30] audit: type=1326 audit(1749429162.615:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.840992][   T30] audit: type=1326 audit(1749429162.615:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.878266][   T30] audit: type=1326 audit(1749429162.615:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  856.925515][ T5156] Bluetooth: hci2: command 0x0406 tx timeout
[  856.972258][   T30] audit: type=1326 audit(1749429162.615:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17504 comm="syz.1.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29f58e929 code=0x7fc00000
[  857.681613][T17489] delete_channel: no stack
[  857.708500][ T6094] usb 3-1: USB disconnect, device number 90
[  858.147658][ T6094] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  858.338262][ T6094] usb 3-1: Using ep0 maxpacket: 8
[  858.414024][ T6094] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  858.538716][ T6094] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[  858.595290][ T6094] usb 3-1: config 0 interface 0 has no altsetting 0
[  858.616943][ T6094] usb 3-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.00
[  858.639453][ T6094] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.672765][ T6094] usb 3-1: config 0 descriptor??
[  858.720260][T17535] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3854'.
[  858.797784][T17535] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3854'.
[  859.099309][ T6094] smartjoyplus 0003:0B43:0003.0019: collection stack underflow
[  859.115026][ T6094] smartjoyplus 0003:0B43:0003.0019: item 0 4 0 12 parsing failed
[  859.155394][ T6094] smartjoyplus 0003:0B43:0003.0019: parse failed
[  859.175605][ T6094] smartjoyplus 0003:0B43:0003.0019: probe with driver smartjoyplus failed with error -22
[  859.320370][ T6094] usb 3-1: USB disconnect, device number 91
[  859.593699][   T44] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[  859.750906][   T44] usb 4-1: config 0 has no interfaces?
[  859.761337][   T44] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  859.771975][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  859.781008][   T44] usb 4-1: Product: syz
[  859.788704][   T44] usb 4-1: Manufacturer: syz
[  859.794583][   T44] usb 4-1: SerialNumber: syz
[  859.806982][   T44] usb 4-1: config 0 descriptor??
[  860.035173][T17543] misc userio: No port type given on /dev/userio
[  860.042037][T17543] misc userio: The device must be registered before sending interrupts
[  860.567685][   T44] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[  860.594266][ T6094] usb 4-1: USB disconnect, device number 101
[  860.757983][   T44] usb 2-1: Using ep0 maxpacket: 32
[  860.794637][   T44] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  860.803902][   T44] usb 2-1: config 0 has no interface number 0
[  860.841185][   T44] usb 2-1: config 0 interface 184 has no altsetting 0
[  860.901399][   T44] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  860.912043][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  860.952333][   T44] usb 2-1: Product: syz
[  860.963336][   T44] usb 2-1: Manufacturer: syz
[  860.976744][   T44] usb 2-1: SerialNumber: syz
[  861.004059][   T44] usb 2-1: config 0 descriptor??
[  861.030890][   T44] smsc75xx v1.0.0
[  861.908833][ T6905] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  862.100433][T17581] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  862.118216][ T6905] usb 3-1: device descriptor read/64, error -71
[  862.364069][T17586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3869'.
[  862.553008][ T6905] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  862.817799][ T6905] usb 3-1: device descriptor read/64, error -71
[  862.930109][ T6905] usb usb3-port1: attempt power cycle
[  863.367735][ T6905] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  863.432927][ T6905] usb 3-1: device descriptor read/8, error -71
[  863.575321][   T44] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  863.738349][   T44] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  863.774290][ T6905] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[  863.849509][ T6905] usb 3-1: device descriptor read/8, error -71
[  863.868322][   T44] usb 2-1: USB disconnect, device number 98
[  863.997941][ T6905] usb usb3-port1: unable to enumerate USB device
[  864.503525][T17602] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3874'.
[  864.919342][T17605] tipc: Started in network mode
[  864.956567][T17605] tipc: Node identity 4, cluster identity 4711
[  864.975156][T17605] tipc: Node number set to 4
[  865.917733][ T5835] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[  865.947817][ T6098] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  866.115319][ T6098] usb 5-1: config 0 has no interfaces?
[  866.128328][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  866.138279][ T5835] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  866.175420][ T6098] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  866.193704][ T5835] usb 4-1: config 0 has no interface number 0
[  866.225163][ T6098] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.249301][ T5835] usb 4-1: config 0 interface 184 has no altsetting 0
[  866.266659][ T6098] usb 5-1: Product: syz
[  866.275275][ T5835] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  866.291226][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.301733][ T6098] usb 5-1: Manufacturer: syz
[  866.313760][ T6098] usb 5-1: SerialNumber: syz
[  866.321641][ T5835] usb 4-1: Product: syz
[  866.344190][ T5835] usb 4-1: Manufacturer: syz
[  866.368307][ T6098] usb 5-1: config 0 descriptor??
[  866.378027][ T5835] usb 4-1: SerialNumber: syz
[  866.419013][ T5835] usb 4-1: config 0 descriptor??
[  866.436000][ T5835] smsc75xx v1.0.0
[  866.602526][T17629] misc userio: No port type given on /dev/userio
[  866.609408][T17629] misc userio: The device must be registered before sending interrupts
[  867.916479][T17640] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  869.013573][ T6905] usb 5-1: USB disconnect, device number 89
[  870.046494][ T5835] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  870.059787][ T6910] usb 2-1: new full-speed USB device number 99 using dummy_hcd
[  870.070312][ T5835] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  870.092106][ T5835] usb 4-1: USB disconnect, device number 102
[  870.207714][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  870.215630][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  870.372552][ T6910] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  870.443232][ T6910] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  870.582579][ T6910] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  870.650038][ T6910] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  870.659717][ T6910] usb 2-1: New USB device strings: Mfr=8, Product=0, SerialNumber=1
[  870.675028][ T6910] usb 2-1: Manufacturer: syz
[  870.686994][ T6910] usb 2-1: SerialNumber: syz
[  870.940932][ T6910] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  870.989885][ T6910] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[  871.041604][ T6910] usb 2-1: USB disconnect, device number 99
[  871.581331][T17679] FAULT_INJECTION: forcing a failure.
[  871.581331][T17679] name failslab, interval 1, probability 0, space 0, times 0
[  871.597297][T17679] CPU: 1 UID: 0 PID: 17679 Comm: syz.0.3895 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  871.597328][T17679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  871.597342][T17679] Call Trace:
[  871.597352][T17679]  <TASK>
[  871.597361][T17679]  dump_stack_lvl+0x189/0x250
[  871.597401][T17679]  ? __pfx____ratelimit+0x10/0x10
[  871.597435][T17679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  871.597469][T17679]  ? __pfx__printk+0x10/0x10
[  871.597500][T17679]  ? __pfx___might_resched+0x10/0x10
[  871.597543][T17679]  should_fail_ex+0x414/0x560
[  871.597578][T17679]  should_failslab+0xa8/0x100
[  871.597603][T17679]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  871.597625][T17679]  ? __alloc_skb+0x112/0x2d0
[  871.597655][T17679]  __alloc_skb+0x112/0x2d0
[  871.597696][T17679]  netlink_sendmsg+0x5c6/0xb30
[  871.597734][T17679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.597765][T17679]  ? aa_sock_msg_perm+0x94/0x160
[  871.597796][T17679]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  871.597824][T17679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.597852][T17679]  __sock_sendmsg+0x219/0x270
[  871.597890][T17679]  ____sys_sendmsg+0x505/0x830
[  871.597925][T17679]  ? __pfx_____sys_sendmsg+0x10/0x10
[  871.597964][T17679]  ? import_iovec+0x74/0xa0
[  871.597990][T17679]  ___sys_sendmsg+0x21f/0x2a0
[  871.598021][T17679]  ? __pfx____sys_sendmsg+0x10/0x10
[  871.598089][T17679]  ? __fget_files+0x2a/0x420
[  871.598113][T17679]  ? __fget_files+0x3a0/0x420
[  871.598149][T17679]  __x64_sys_sendmsg+0x19b/0x260
[  871.598181][T17679]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  871.598221][T17679]  ? __pfx_ksys_write+0x10/0x10
[  871.598239][T17679]  ? rcu_is_watching+0x15/0xb0
[  871.598278][T17679]  ? do_syscall_64+0xbe/0x3b0
[  871.598303][T17679]  do_syscall_64+0xfa/0x3b0
[  871.598323][T17679]  ? lockdep_hardirqs_on+0x9c/0x150
[  871.598355][T17679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.598378][T17679]  ? clear_bhb_loop+0x60/0xb0
[  871.598405][T17679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.598427][T17679] RIP: 0033:0x7fd85e38e929
[  871.598446][T17679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.598466][T17679] RSP: 002b:00007fd85f19a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  871.598489][T17679] RAX: ffffffffffffffda RBX: 00007fd85e5b5fa0 RCX: 00007fd85e38e929
[  871.598505][T17679] RDX: 0000000004040010 RSI: 0000200000000200 RDI: 0000000000000003
[  871.598520][T17679] RBP: 00007fd85f19a090 R08: 0000000000000000 R09: 0000000000000000
[  871.598546][T17679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  871.598559][T17679] R13: 0000000000000000 R14: 00007fd85e5b5fa0 R15: 00007fd85e6dfa28
[  871.598591][T17679]  </TASK>
[  872.262295][T17687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3898'.
[  872.310791][T17688] input: syz1 as /devices/virtual/input/input47
[  873.458580][ T6095] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  873.646092][ T6095] usb 5-1: Using ep0 maxpacket: 32
[  873.665004][ T6095] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  873.712460][ T6095] usb 5-1: config 0 has no interface number 0
[  873.731989][ T6095] usb 5-1: config 0 interface 184 has no altsetting 0
[  873.747358][ T6095] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  873.770932][ T6095] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  873.794220][ T6095] usb 5-1: Product: syz
[  873.815357][ T6095] usb 5-1: Manufacturer: syz
[  873.823788][ T6095] usb 5-1: SerialNumber: syz
[  873.859900][ T6095] usb 5-1: config 0 descriptor??
[  873.907130][ T6095] smsc75xx v1.0.0
[  874.197800][ T6910] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[  874.415004][ T6910] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  874.424543][ T6910] usb 4-1: config 0 has no interface number 0
[  874.445083][ T6910] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  874.464321][ T6910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  874.642241][ T6910] usb 4-1: Product: syz
[  874.651499][ T6910] usb 4-1: Manufacturer: syz
[  874.663388][ T6910] usb 4-1: SerialNumber: syz
[  874.709231][ T6910] usb 4-1: config 0 descriptor??
[  874.939736][ T6910] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  875.010777][ T6910] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  875.021615][ T6910] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  875.030293][ T6910] usb 4-1: media controller created
[  875.045163][T17722] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  875.080789][ T6910] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  875.370395][ T6910] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  875.498090][ T6910] usb 4-1: USB disconnect, device number 103
[  876.097130][T17727] usb usb8: usbfs: process 17727 (syz.0.3908) did not claim interface 0 before use
[  876.761836][ T6095] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  876.820551][ T6095] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  876.880346][ T6095] usb 5-1: USB disconnect, device number 90
[  877.353125][T17749] FAULT_INJECTION: forcing a failure.
[  877.353125][T17749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  877.367927][T17749] CPU: 1 UID: 0 PID: 17749 Comm: syz.3.3916 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  877.367956][T17749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  877.367969][T17749] Call Trace:
[  877.367977][T17749]  <TASK>
[  877.367986][T17749]  dump_stack_lvl+0x189/0x250
[  877.368023][T17749]  ? __pfx____ratelimit+0x10/0x10
[  877.368055][T17749]  ? __pfx_dump_stack_lvl+0x10/0x10
[  877.368086][T17749]  ? __pfx__printk+0x10/0x10
[  877.368108][T17749]  ? __might_fault+0xb0/0x130
[  877.368136][T17749]  should_fail_ex+0x414/0x560
[  877.368180][T17749]  _copy_from_user+0x2d/0xb0
[  877.368202][T17749]  core_sys_select+0x4b7/0xa20
[  877.368234][T17749]  ? __pfx_core_sys_select+0x10/0x10
[  877.368277][T17749]  ? __pfx_set_user_sigmask+0x10/0x10
[  877.368319][T17749]  __se_sys_pselect6+0x27a/0x300
[  877.368346][T17749]  ? __pfx___se_sys_pselect6+0x10/0x10
[  877.368367][T17749]  ? __pfx_ksys_write+0x10/0x10
[  877.368384][T17749]  ? rcu_is_watching+0x15/0xb0
[  877.368420][T17749]  ? __x64_sys_pselect6+0x21/0xf0
[  877.368444][T17749]  do_syscall_64+0xfa/0x3b0
[  877.368464][T17749]  ? lockdep_hardirqs_on+0x9c/0x150
[  877.368494][T17749]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.368514][T17749]  ? clear_bhb_loop+0x60/0xb0
[  877.368537][T17749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.368557][T17749] RIP: 0033:0x7f0ebb58e929
[  877.368574][T17749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.368590][T17749] RSP: 002b:00007f0ebc455038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  877.368611][T17749] RAX: ffffffffffffffda RBX: 00007f0ebb7b5fa0 RCX: 00007f0ebb58e929
[  877.368625][T17749] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  877.368638][T17749] RBP: 00007f0ebc455090 R08: 0000000000000000 R09: 0000000000000000
[  877.368651][T17749] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  877.368663][T17749] R13: 0000000000000000 R14: 00007f0ebb7b5fa0 R15: 00007f0ebb8dfa28
[  877.368693][T17749]  </TASK>
[  877.787839][   T44] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  877.957758][   T44] usb 2-1: Using ep0 maxpacket: 32
[  877.967194][   T44] usb 2-1: config 14 has an invalid interface number: 227 but max is 1
[  877.987596][   T44] usb 2-1: config 14 has an invalid interface number: 3 but max is 1
[  877.995753][   T44] usb 2-1: config 14 has no interface number 0
[  878.017081][   T44] usb 2-1: config 14 has no interface number 1
[  878.031572][   T44] usb 2-1: config 14 interface 3 altsetting 6 endpoint 0x9 has an invalid bInterval 0, changing to 7
[  878.043029][   T44] usb 2-1: config 14 interface 3 altsetting 6 endpoint 0x9 has invalid maxpacket 1289, setting to 1024
[  878.054602][   T44] usb 2-1: config 14 interface 227 has no altsetting 0
[  878.061832][   T44] usb 2-1: config 14 interface 3 has no altsetting 0
[  878.072493][   T44] usb 2-1: New USB device found, idVendor=0582, idProduct=003b, bcdDevice=18.f3
[  878.082053][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.099398][   T44] usb 2-1: Product: syz
[  878.103637][   T44] usb 2-1: Manufacturer: syz
[  878.108961][   T44] usb 2-1: SerialNumber: syz
[  878.469315][T17744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  878.512499][T17744] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  878.622086][   T44] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  878.702436][   T44] usb 2-1: USB disconnect, device number 100
[  878.760720][T17768] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3922'.
[  878.891276][T17770] FAULT_INJECTION: forcing a failure.
[  878.891276][T17770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  878.949586][T17770] CPU: 0 UID: 0 PID: 17770 Comm: syz.4.3923 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  878.949617][T17770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  878.949631][T17770] Call Trace:
[  878.949641][T17770]  <TASK>
[  878.949650][T17770]  dump_stack_lvl+0x189/0x250
[  878.949690][T17770]  ? __pfx____ratelimit+0x10/0x10
[  878.949723][T17770]  ? __pfx_dump_stack_lvl+0x10/0x10
[  878.949757][T17770]  ? __pfx__printk+0x10/0x10
[  878.949799][T17770]  ? __might_fault+0xb0/0x130
[  878.949846][T17770]  should_fail_ex+0x414/0x560
[  878.949895][T17770]  _copy_from_user+0x2d/0xb0
[  878.949919][T17770]  ___sys_recvmsg+0x12e/0x510
[  878.949955][T17770]  ? __pfx____sys_recvmsg+0x10/0x10
[  878.950018][T17770]  ? __might_fault+0xb0/0x130
[  878.950040][T17770]  do_recvmmsg+0x307/0x770
[  878.950079][T17770]  ? __pfx_do_recvmmsg+0x10/0x10
[  878.950121][T17770]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  878.950162][T17770]  __x64_sys_recvmmsg+0x190/0x240
[  878.950194][T17770]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  878.950222][T17770]  ? rcu_is_watching+0x15/0xb0
[  878.950261][T17770]  ? do_syscall_64+0xbe/0x3b0
[  878.950293][T17770]  do_syscall_64+0xfa/0x3b0
[  878.950312][T17770]  ? lockdep_hardirqs_on+0x9c/0x150
[  878.950344][T17770]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.950366][T17770]  ? clear_bhb_loop+0x60/0xb0
[  878.950392][T17770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.950413][T17770] RIP: 0033:0x7fb3a198e929
[  878.950433][T17770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  878.950453][T17770] RSP: 002b:00007fb3a28d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  878.950477][T17770] RAX: ffffffffffffffda RBX: 00007fb3a1bb5fa0 RCX: 00007fb3a198e929
[  878.950492][T17770] RDX: 0000000000000002 RSI: 0000200000003440 RDI: 0000000000000003
[  878.950506][T17770] RBP: 00007fb3a28d0090 R08: 0000000000000000 R09: 0000000000000000
[  878.950521][T17770] R10: 0000000040000241 R11: 0000000000000246 R12: 0000000000000001
[  878.950534][T17770] R13: 0000000000000000 R14: 00007fb3a1bb5fa0 R15: 00007fb3a1cdfa28
[  878.950566][T17770]  </TASK>
[  879.169793][    C0] vkms_vblank_simulate: vblank timer overrun
[  879.294630][T17775] FAULT_INJECTION: forcing a failure.
[  879.294630][T17775] name failslab, interval 1, probability 0, space 0, times 0
[  879.336956][T17775] CPU: 1 UID: 0 PID: 17775 Comm: syz.4.3924 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  879.336979][T17775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  879.336989][T17775] Call Trace:
[  879.336996][T17775]  <TASK>
[  879.337004][T17775]  dump_stack_lvl+0x189/0x250
[  879.337040][T17775]  ? __pfx____ratelimit+0x10/0x10
[  879.337065][T17775]  ? __pfx_dump_stack_lvl+0x10/0x10
[  879.337089][T17775]  ? __pfx__printk+0x10/0x10
[  879.337110][T17775]  ? __pfx___might_resched+0x10/0x10
[  879.337137][T17775]  should_fail_ex+0x414/0x560
[  879.337162][T17775]  should_failslab+0xa8/0x100
[  879.337180][T17775]  __kmalloc_noprof+0xcb/0x4f0
[  879.337194][T17775]  ? sock_kmalloc+0xd6/0x160
[  879.337218][T17775]  sock_kmalloc+0xd6/0x160
[  879.337241][T17775]  af_alg_alloc_areq+0x8d/0x260
[  879.337262][T17775]  skcipher_recvmsg+0x356/0x11c0
[  879.337288][T17775]  ? aa_sk_perm+0x81e/0x950
[  879.337315][T17775]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  879.337335][T17775]  ? __lock_acquire+0xab9/0xd20
[  879.337358][T17775]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  879.337378][T17775]  ? security_socket_recvmsg+0x7e/0x2e0
[  879.337402][T17775]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  879.337436][T17775]  sock_recvmsg+0x229/0x270
[  879.337453][T17775]  ____sys_recvmsg+0x1c9/0x460
[  879.337480][T17775]  ? __pfx_____sys_recvmsg+0x10/0x10
[  879.337511][T17775]  ? import_iovec+0x74/0xa0
[  879.337536][T17775]  ___sys_recvmsg+0x1b5/0x510
[  879.337570][T17775]  ? __pfx____sys_recvmsg+0x10/0x10
[  879.337623][T17775]  ? __fget_files+0x3a0/0x420
[  879.337659][T17775]  do_recvmmsg+0x307/0x770
[  879.337696][T17775]  ? __pfx_do_recvmmsg+0x10/0x10
[  879.337738][T17775]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  879.337777][T17775]  __x64_sys_recvmmsg+0x190/0x240
[  879.337810][T17775]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  879.337847][T17775]  ? rcu_is_watching+0x15/0xb0
[  879.337882][T17775]  ? do_syscall_64+0xbe/0x3b0
[  879.337905][T17775]  do_syscall_64+0xfa/0x3b0
[  879.337922][T17775]  ? lockdep_hardirqs_on+0x9c/0x150
[  879.337950][T17775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.337968][T17775]  ? clear_bhb_loop+0x60/0xb0
[  879.337993][T17775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.338012][T17775] RIP: 0033:0x7fb3a198e929
[  879.338038][T17775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  879.338055][T17775] RSP: 002b:00007fb3a28d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  879.338076][T17775] RAX: ffffffffffffffda RBX: 00007fb3a1bb5fa0 RCX: 00007fb3a198e929
[  879.338091][T17775] RDX: 0000000000000001 RSI: 0000200000000e40 RDI: 0000000000000004
[  879.338103][T17775] RBP: 00007fb3a28d0090 R08: 0000000000000000 R09: 0000000000000000
[  879.338115][T17775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  879.338126][T17775] R13: 0000000000000000 R14: 00007fb3a1bb5fa0 R15: 00007fb3a1cdfa28
[  879.338154][T17775]  </TASK>
[  879.947980][ T6094] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[  880.098139][ T5835] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  880.128074][ T6094] usb 2-1: Using ep0 maxpacket: 32
[  880.134760][ T6094] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  880.143894][ T6094] usb 2-1: config 0 has no interface number 0
[  880.150132][ T6094] usb 2-1: config 0 interface 184 has no altsetting 0
[  880.159940][ T6094] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  880.169401][ T6094] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.177514][ T6094] usb 2-1: Product: syz
[  880.181794][ T6094] usb 2-1: Manufacturer: syz
[  880.186406][ T6094] usb 2-1: SerialNumber: syz
[  880.195045][ T6094] usb 2-1: config 0 descriptor??
[  880.207096][ T6094] smsc75xx v1.0.0
[  880.271529][ T5835] usb 5-1: config 0 has no interfaces?
[  880.283204][ T5835] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  880.292694][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.301008][ T5835] usb 5-1: Product: syz
[  880.305423][ T5835] usb 5-1: Manufacturer: syz
[  880.311560][ T5835] usb 5-1: SerialNumber: syz
[  880.320898][ T5835] usb 5-1: config 0 descriptor??
[  880.367764][   T44] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[  880.531646][   T44] usb 3-1: Using ep0 maxpacket: 32
[  880.549572][   T44] usb 3-1: config 0 interface 0 has no altsetting 0
[  880.560620][   T44] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  880.575593][T17781] misc userio: No port type given on /dev/userio
[  880.582153][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.590589][   T44] usb 3-1: Product: syz
[  880.595106][T17781] misc userio: The device must be registered before sending interrupts
[  880.603598][   T44] usb 3-1: Manufacturer: syz
[  880.608363][   T44] usb 3-1: SerialNumber: syz
[  880.633692][   T44] usb 3-1: config 0 descriptor??
[  880.646621][   T44] gs_usb 3-1:0.0: Required endpoints not found
[  881.108115][T17787] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  882.297851][ T5835] usb 4-1: new full-speed USB device number 104 using dummy_hcd
[  882.547994][ T5835] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  882.620523][ T5835] usb 4-1: config 0 has an invalid interface number: 2 but max is -1
[  882.631515][ T5835] usb 4-1: config 0 has an invalid interface number: 2 but max is -1
[  882.662748][ T5835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  882.784862][ T5835] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  882.807935][ T5835] usb 4-1: config 0 has no interface number 0
[  882.846220][ T5835] usb 4-1: config 0 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  882.979896][ T6094] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  882.993164][ T6094] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  883.008351][ T5835] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  883.021417][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  883.069407][ T6094] usb 2-1: USB disconnect, device number 101
[  883.077937][ T5835] usb 4-1: Product: syz
[  883.087753][ T5835] usb 4-1: Manufacturer: syz
[  883.093181][ T5835] usb 4-1: SerialNumber: syz
[  883.187216][ T5835] usb 4-1: config 0 descriptor??
[  883.235767][ T6905] usb 5-1: USB disconnect, device number 91
[  883.438230][ T5835] usb 4-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  883.463310][ T5835] usb 4-1: MIDIStreaming interface descriptor not found
[  883.579608][ T5835] usb 4-1: USB disconnect, device number 104
[  883.665316][ T6094] usb 3-1: USB disconnect, device number 96
[  884.062194][T17817] FAULT_INJECTION: forcing a failure.
[  884.062194][T17817] name failslab, interval 1, probability 0, space 0, times 0
[  884.120327][T17817] CPU: 1 UID: 0 PID: 17817 Comm: syz.1.3934 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  884.120358][T17817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  884.120372][T17817] Call Trace:
[  884.120382][T17817]  <TASK>
[  884.120392][T17817]  dump_stack_lvl+0x189/0x250
[  884.120432][T17817]  ? __pfx____ratelimit+0x10/0x10
[  884.120473][T17817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  884.120506][T17817]  ? __pfx__printk+0x10/0x10
[  884.120535][T17817]  ? __pfx___might_resched+0x10/0x10
[  884.120567][T17817]  ? fs_reclaim_acquire+0x7d/0x100
[  884.120597][T17817]  should_fail_ex+0x414/0x560
[  884.120643][T17817]  should_failslab+0xa8/0x100
[  884.120668][T17817]  __kmalloc_noprof+0xcb/0x4f0
[  884.120688][T17817]  ? unregister_netdevice_many_notify+0x909/0x2320
[  884.120728][T17817]  unregister_netdevice_many_notify+0x909/0x2320
[  884.120767][T17817]  ? try_to_wake_up+0x7e5/0x1290
[  884.120797][T17817]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  884.120832][T17817]  ? __queue_work+0x103/0xfe0
[  884.120855][T17817]  ? __queue_work+0xc80/0xfe0
[  884.120881][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  884.120921][T17817]  unregister_netdevice_queue+0x33c/0x380
[  884.120951][T17817]  ? __pfx_queue_delayed_work_on+0x10/0x10
[  884.120972][T17817]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  884.121001][T17817]  ? linkwatch_urgent_event+0x62/0x3a0
[  884.121042][T17817]  __tun_detach+0xda4/0x1560
[  884.121076][T17817]  ? __pfx_tun_chr_close+0x10/0x10
[  884.121106][T17817]  tun_chr_close+0x10a/0x1c0
[  884.121139][T17817]  __fput+0x44c/0xa70
[  884.121177][T17817]  fput_close_sync+0x119/0x200
[  884.121207][T17817]  ? __pfx_fput_close_sync+0x10/0x10
[  884.121247][T17817]  __x64_sys_close+0x7f/0x110
[  884.121281][T17817]  do_syscall_64+0xfa/0x3b0
[  884.121299][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  884.121329][T17817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.121350][T17817]  ? clear_bhb_loop+0x60/0xb0
[  884.121376][T17817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.121396][T17817] RIP: 0033:0x7fd29f58e929
[  884.121416][T17817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  884.121434][T17817] RSP: 002b:00007fd2a039f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  884.121457][T17817] RAX: ffffffffffffffda RBX: 00007fd29f7b5fa0 RCX: 00007fd29f58e929
[  884.121473][T17817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  884.121486][T17817] RBP: 00007fd2a039f090 R08: 0000000000000000 R09: 0000000000000000
[  884.121499][T17817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  884.121512][T17817] R13: 0000000000000000 R14: 00007fd29f7b5fa0 R15: 00007fd29f8dfa28
[  884.121550][T17817]  </TASK>
[  884.527682][ T5835] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[  884.547738][   T44] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[  884.719172][   T44] usb 3-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice=65.5a
[  884.728324][ T5835] usb 4-1: Using ep0 maxpacket: 8
[  884.731973][ T5835] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  884.734755][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.742904][ T5835] usb 4-1: config 0 has no interface number 0
[  884.782982][ T5835] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  884.802107][ T5835] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  884.815364][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.840032][ T5835] usb 4-1: config 0 descriptor??
[  884.849050][   T44] usb 3-1: config 0 descriptor??
[  884.883312][ T5835] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  884.929450][   T44] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input48
[  885.148764][ T5191] bcm5974 3-1:0.0: could not read from device
[  885.166291][ T5191] bcm5974 3-1:0.0: could not read from device
[  885.179028][ T5835] usb 4-1: USB disconnect, device number 105
[  885.244188][ T5191] bcm5974 3-1:0.0: could not read from device
[  885.258605][   T44] usb 3-1: USB disconnect, device number 97
[  885.275736][T16382] bcm5974 3-1:0.0: could not read from device
[  885.288326][ T5191] bcm5974 3-1:0.0: could not read from device
[  885.302068][ T5191] bcm5974 3-1:0.0: could not read from device
[  885.321335][T16382] udevd[16382]: Error opening device "/dev/input/event4": No such device
[  885.334002][T16382] udevd[16382]: Unable to EVIOCGABS device "/dev/input/event4"
[  885.344691][T16382] udevd[16382]: Unable to EVIOCGABS device "/dev/input/event4"
[  885.353808][T16382] udevd[16382]: Unable to EVIOCGABS device "/dev/input/event4"
[  885.361939][T16382] udevd[16382]: Unable to EVIOCGABS device "/dev/input/event4"
[  885.816831][T17835] tipc: Started in network mode
[  885.823925][T17835] tipc: Node identity 4, cluster identity 4711
[  885.837755][T17835] tipc: Node number set to 4
[  886.328186][ T5835] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[  886.373561][T17849] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3945'.
[  886.501384][ T5835] usb 4-1: config 0 has no interfaces?
[  886.545976][ T5835] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  886.555568][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  886.566912][ T5835] usb 4-1: Product: syz
[  886.571431][ T5835] usb 4-1: Manufacturer: syz
[  886.576136][ T5835] usb 4-1: SerialNumber: syz
[  886.585159][ T5835] usb 4-1: config 0 descriptor??
[  886.598434][T17852] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3945'.
[  886.868512][T17842] misc userio: No port type given on /dev/userio
[  886.878491][T17842] misc userio: The device must be registered before sending interrupts
[  887.073573][T17866] FAULT_INJECTION: forcing a failure.
[  887.073573][T17866] name failslab, interval 1, probability 0, space 0, times 0
[  887.112262][T17866] CPU: 0 UID: 0 PID: 17866 Comm: syz.2.3949 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  887.112296][T17866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  887.112309][T17866] Call Trace:
[  887.112318][T17866]  <TASK>
[  887.112327][T17866]  dump_stack_lvl+0x189/0x250
[  887.112387][T17866]  ? __pfx____ratelimit+0x10/0x10
[  887.112423][T17866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  887.112460][T17866]  ? __pfx__printk+0x10/0x10
[  887.112491][T17866]  ? __pfx___might_resched+0x10/0x10
[  887.112532][T17866]  should_fail_ex+0x414/0x560
[  887.112568][T17866]  should_failslab+0xa8/0x100
[  887.112595][T17866]  kmem_cache_alloc_noprof+0x73/0x3c0
[  887.112639][T17866]  ? mas_alloc_nodes+0x2e9/0x8e0
[  887.112678][T17866]  mas_alloc_nodes+0x2e9/0x8e0
[  887.112721][T17866]  mas_preallocate+0x39e/0x6b0
[  887.112760][T17866]  ? __pfx_mas_preallocate+0x10/0x10
[  887.112800][T17866]  ? __asan_memset+0x22/0x50
[  887.112840][T17866]  commit_merge+0x1fd/0x700
[  887.112872][T17866]  ? up_write+0x1c4/0x420
[  887.112892][T17866]  ? __pfx___anon_vma_interval_tree_augment_rotate+0x10/0x10
[  887.112926][T17866]  ? __pfx_commit_merge+0x10/0x10
[  887.112953][T17866]  ? anon_vma_clone+0x494/0x4f0
[  887.112997][T17866]  vma_modify+0x1363/0x1970
[  887.113047][T17866]  vma_modify_flags+0x1e8/0x230
[  887.113082][T17866]  ? __pfx_vma_modify_flags+0x10/0x10
[  887.113139][T17866]  mlock_fixup+0x22a/0x360
[  887.113178][T17866]  apply_mlockall_flags+0x2f0/0x3c0
[  887.113214][T17866]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  887.113281][T17866]  ? __pfx_down_write_killable+0x10/0x10
[  887.113308][T17866]  ? __pfx_ksys_write+0x10/0x10
[  887.113337][T17866]  __ia32_sys_munlockall+0x10a/0x220
[  887.113371][T17866]  do_syscall_64+0xfa/0x3b0
[  887.113392][T17866]  ? lockdep_hardirqs_on+0x9c/0x150
[  887.113425][T17866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.113447][T17866]  ? clear_bhb_loop+0x60/0xb0
[  887.113473][T17866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.113495][T17866] RIP: 0033:0x7f77a378e929
[  887.113515][T17866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  887.113547][T17866] RSP: 002b:00007f77a15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  887.113570][T17866] RAX: ffffffffffffffda RBX: 00007f77a39b6080 RCX: 00007f77a378e929
[  887.113587][T17866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  887.113600][T17866] RBP: 00007f77a15f6090 R08: 0000000000000000 R09: 0000000000000000
[  887.113620][T17866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  887.113633][T17866] R13: 0000000000000001 R14: 00007f77a39b6080 R15: 00007f77a3adfa28
[  887.113665][T17866]  </TASK>
[  887.550297][T17866] vmg ffffc90003377c40 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[  887.597932][T17866] vmg ffffc90003377c40 state: mm ffff888034d81580 pgoff 200000130
[  887.597932][T17866] vmi ffffc90003377de0 [200000130000,200000800000)
[  887.597932][T17866] prev ffff888050051640 middle ffff888050051640 next 0000000000000000 target 0000000000000000
[  887.597932][T17866] start 200000130000 end 200000800000 flags 28100077
[  887.597932][T17866] file 0000000000000000 anon_vma ffff888065a33990 policy 0000000000000000
[  887.597932][T17866] uffd_ctx 0000000000000000
[  887.597932][T17866] anon_name 0000000000000000
[  887.597932][T17866] state 0
[  887.597932][T17866] just_expand 0
[  887.597932][T17866] __adjust_middle_start 0 __adjust_next_start 0
[  887.597932][T17866] __remove_middle 0 __remove_next 0
[  887.806372][T17866] vmg ffffc90003377c40 mm:
[  887.811943][T17866] mm ffff888034d81580 task_size 140737488351232
[  887.811943][T17866] mmap_base 140151834689536 mmap_legacy_base 47480960479232
[  887.811943][T17866] pgd ffff88804aa58000 mm_users 3 mm_count 2 pgtables_bytes 139264 map_count 40
[  887.811943][T17866] hiwater_rss 1e13 hiwater_vm 5fae total_vm 5fce locked_vm 6d0
[  887.811943][T17866] pinned_vm 0 data_vm 23d9 exec_vm 1a4 stack_vm 21
[  887.811943][T17866] start_code 7f77a3649000 end_code 7f77a37eadb9 start_data 7f77a3990000 end_data 7f77a3990000
[  887.811943][T17866] start_brk 55558862b000 brk 55558865f000 start_stack 7ffd0cbf6350
[  887.811943][T17866] arg_start 7ffd0cbf6f6d arg_end 7ffd0cbf6f81 env_start 7ffd0cbf6f81 env_end 7ffd0cbf6fe9
[  887.811943][T17866] binfmt ffffffff8e2b5f40 flags 800207fd
[  887.811943][T17866] ioctx_table 0000000000000000
[  887.811943][T17866] owner ffff888020af3c00 exe_file ffff888033136c40
[  887.811943][T17866] notifier_subscriptions 0000000000000000
[  887.811943][T17866] numa_next_scan 4295025903 numa_scan_offset 0 numa_scan_seq 0
[  887.811943][T17866] tlb_flush_pending 0
[  887.811943][T17866] def_flags: 0x0()
[  887.957365][T17866] vmg ffffc90003377c40 prev:
[  888.063839][T17866] vma ffff888050051640 start 0000200000130000 end 0000200000800000 mm ffff888034d81580
[  888.063839][T17866] prot 25 anon_vma ffff888065a33990 vm_ops 0000000000000000
[  888.063839][T17866] pgoff 200000130 file 0000000000000000 private_data 0000000000000000
[  888.063839][T17866] refcnt 1
[  888.063839][T17866] flags: 0x28102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty|hugepage)
[  888.104404][T17866] vmg ffffc90003377c40 middle:
[  888.114500][T17866] vma ffff888050051640 start 0000200000130000 end 0000200000800000 mm ffff888034d81580
[  888.114500][T17866] prot 25 anon_vma ffff888065a33990 vm_ops 0000000000000000
[  888.114500][T17866] pgoff 200000130 file 0000000000000000 private_data 0000000000000000
[  888.114500][T17866] refcnt 1
[  888.114500][T17866] flags: 0x28102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty|hugepage)
[  888.237668][T17866] vmg ffffc90003377c40 next: (NULL)
[  888.245343][T17866] vmg ffffc90003377c40 vmi:
[  888.250326][T17866] MAS: tree=ffff888034d815c0 enode=ffff888078a81c0c 
[  888.250346][T17866] (ma_active)
[  888.257185][T17866] Store Type: 
[  888.265215][T17866] node_store
[  888.302507][T17866] [7/15] index=200000130000 last=2000007fffff
[  888.370510][T17866]      min=0 max=55558864cfff alloc=0000000000000000, depth=0, flags=0
[  888.417637][ T6095] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[  888.464616][T17866] maple_tree(ffff888034d815c0) flags 30B, height 2 root ffff888078a8041e
[  888.490334][T17866] 0-ffffffffffffffff: node ffff888078a80400 depth 0 type 3 parent ffff888034d815c1 contents: 35558762a000 2a2218f77000 9000 ffff8002f3409000 0 0 0 0 0 0 | 03 03| ffff888078a81c0c 55558864CFFF ffff8880781b420c 7F77A35FFFFF ffff888078a8180c 7F77A44EDFFF ffff888078a80a0c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[  888.542878][T17866]   0-55558864cfff: node ffff888078a81c00 depth 1 type 1 parent ffff888078a80406 contents: 0000000000000000 110C22FFFF ffff888078171140 110E22FFFF 0000000000000000 1B30C1FFFF ffff888078af68c0 1B30C5FFFF 0000000000000000 1FFFFFFFEFFF ffff888078af6a00 1FFFFFFFFFFF ffff88807838b3c0 20000012FFFF ffff888050051640 2000007FFFFF ffff8880789cd3c0 20000092FFFF ffff88807838b140 200000A92FFF ffff8880500518c0 200000A95FFF 0000000000000000 200000A96FFF ffff888060e63c80 200000FFFFFF ffff888078af6000 200001000FFF 0000000000000000 55558862AFFF ffff888078af6b40
[  888.614339][T17866]     0-110c22ffff: 0000000000000000
[  888.620615][ T6095] usb 2-1: Using ep0 maxpacket: 16
[  888.627417][T17866]     110c230000-110e22ffff: ffff888078171140
[  888.640063][ T6095] usb 2-1: unable to get BOS descriptor or descriptor too short
[  888.649993][T17866]     110e230000-1b30c1ffff: 0000000000000000
[  888.657276][ T6095] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  888.672457][ T6095] usb 2-1: config 1 interface 0 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  888.692164][ T6095] usb 2-1: config 1 interface 0 has no altsetting 0
[  888.702304][T17866]     1b30c20000-1b30c5ffff: ffff888078af68c0
[  888.705473][ T6095] usb 2-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  888.721329][ T6095] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  888.729627][ T6095] usb 2-1: Product: syz
[  888.733941][ T6095] usb 2-1: Manufacturer: syz
[  888.738978][ T6095] usb 2-1: SerialNumber: syz
[  888.745542][T17866]     1b30c60000-1fffffffefff: 0000000000000000
[  888.758088][T17866]     1ffffffff000-1fffffffffff: ffff888078af6a00
[  888.764899][T17866]     200000000000-20000012ffff: ffff88807838b3c0
[  888.781093][T17866]     200000130000-2000007fffff: ffff888050051640
[  888.830279][T17866]     200000800000-20000092ffff: ffff8880789cd3c0
[  888.861762][T17866]     200000930000-200000a92fff: ffff88807838b140
[  888.887196][T17866]     200000a93000-200000a95fff: ffff8880500518c0
[  888.910562][T17866]     200000a96000-200000a96fff: 0000000000000000
[  888.920115][T17866]     200000a97000-200000ffffff: ffff888060e63c80
[  888.926748][T17866]     200001000000-200001000fff: ffff888078af6000
[  888.933979][T17866]     200001001000-55558862afff: 0000000000000000
[  888.943691][T17866]     55558862b000-55558864cfff: ffff888078af6b40
[  888.951514][T17866]   55558864d000-7f77a35fffff: node ffff8880781b4200 depth 1 type 1 parent ffff888078a8040e contents: ffff888078af6c80 55558865EFFF 0000000000000000 7F77A15D5FFF ffff88802f0ba640 7F77A15D6FFF ffff888078f308c0 7F77A15F6FFF ffff88802f0ba8c0 7F77A15F7FFF ffff888078f30dc0 7F77A1DF7FFF ffff888078f30c80 7F77A1DF8FFF ffff8880666b5140 7F77A25F8FFF ffff88805c763b40 7F77A25FAFFF ffff88805c763a00 7F77A29FAFFF ffff8880513d2280 7F77A29FCFFF ffff888078318280 7F77A2DFCFFF ffff888078318640 7F77A2DFEFFF ffff8880783188c0 7F77A31FEFFF ffff888078318000 7F77A31FFFFF ffff888078318780
[  889.032260][T17866]     55558864d000-55558865efff: ffff888078af6c80
[  889.041465][T17866]     55558865f000-7f77a15d5fff: 0000000000000000
[  889.052896][T17866]     7f77a15d6000-7f77a15d6fff: ffff88802f0ba640
[  889.065487][T17866]     7f77a15d7000-7f77a15f6fff: ffff888078f308c0
[  889.076257][T17866]     7f77a15f7000-7f77a15f7fff: ffff88802f0ba8c0
[  889.088141][   T44] usb 4-1: USB disconnect, device number 106
[  889.093776][T17866]     7f77a15f8000-7f77a1df7fff: ffff888078f30dc0
[  889.101835][T17866]     7f77a1df8000-7f77a1df8fff: ffff888078f30c80
[  889.112523][T17866]     7f77a1df9000-7f77a25f8fff: ffff8880666b5140
[  889.126733][T17866]     7f77a25f9000-7f77a25fafff: ffff88805c763b40
[  889.142005][T17866]     7f77a25fb000-7f77a29fafff: ffff88805c763a00
[  889.149450][T17866]     7f77a29fb000-7f77a29fcfff: ffff8880513d2280
[  889.156072][T17866]     7f77a29fd000-7f77a2dfcfff: ffff888078318280
[  889.166645][T17866]     7f77a2dfd000-7f77a2dfefff: ffff888078318640
[  889.174545][T17866]     7f77a2dff000-7f77a31fefff: ffff8880783188c0
[  889.190022][T17866]     7f77a31ff000-7f77a31fffff: ffff888078318000
[  889.196760][T17866]     7f77a3200000-7f77a35fffff: ffff888078318780
[  889.205858][T17866]   7f77a3600000-7f77a44edfff: node ffff888078a81800 depth 1 type 1 parent ffff888078a80416 contents: ffff8880604bb500 7F77A3648FFF ffff8880604bb140 7F77A37EAFFF ffff8880604bb640 7F77A3898FFF ffff8880604bb8c0 7F77A397DFFF ffff8880604bb280 7F77A3986FFF 0000000000000000 7F77A398FFFF ffff8880604bb000 7F77A39DFFFF ffff88802feeadc0 7F77A39E0FFF ffff88802feea500 7F77A44EDFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[  889.264247][T17866]     7f77a3600000-7f77a3648fff: ffff8880604bb500
[  889.272074][T17866]     7f77a3649000-7f77a37eafff: ffff8880604bb140
[  889.282664][T17866]     7f77a37eb000-7f77a3898fff: ffff8880604bb640
[  889.290852][T17866]     7f77a3899000-7f77a397dfff: ffff8880604bb8c0
[  889.307241][T17866]     7f77a397e000-7f77a3986fff: ffff8880604bb280
[  889.315843][T17866]     7f77a3987000-7f77a398ffff: 0000000000000000
[  889.376722][T17866]     7f77a3990000-7f77a39dffff: ffff8880604bb000
[  889.403996][T17866]     7f77a39e0000-7f77a39e0fff: ffff88802feeadc0
[  889.453606][T17866]     7f77a39e1000-7f77a44edfff: ffff88802feea500
[  889.521332][T17866]   7f77a44ee000-ffffffffffffffff: node ffff888078a80a00 depth 1 type 1 parent ffff888078a8041e contents: 0000000000000000 7F77A44FAFFF ffff888060e638c0 7F77A44FBFFF ffff888060e63000 7F77A451BFFF ffff88802feea000 7F77A451FFFF ffff88802feeac80 7F77A4521FFF ffff888060e63500 7F77A4523FFF 0000000000000000 7FFD0CBD5FFF ffff888060e63280 7FFD0CBF6FFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[  889.691827][T17866]     7f77a44ee000-7f77a44fafff: 0000000000000000
[  889.729644][T17866]     7f77a44fb000-7f77a44fbfff: ffff888060e638c0
[  889.807813][T17866]     7f77a44fc000-7f77a451bfff: ffff888060e63000
[  889.814448][T17866]     7f77a451c000-7f77a451ffff: ffff88802feea000
[  889.824749][T17866]     7f77a4520000-7f77a4521fff: ffff88802feeac80
[  889.948755][T17866]     7f77a4522000-7f77a4523fff: ffff888060e63500
[  889.960816][T17866]     7f77a4524000-7ffd0cbd5fff: 0000000000000000
[  889.982729][T17866]     7ffd0cbd6000-7ffd0cbf6fff: ffff888060e63280
[  890.211860][T17866]     7ffd0cbf7000-ffffffffffffffff: 0000000000000000
[  890.261201][T17866] ------------[ cut here ]------------
[  890.266794][T17866] WARNING: CPU: 1 PID: 17866 at mm/vma.c:821 vma_modify+0x153d/0x1970
[  890.275454][T17866] Modules linked in:
[  890.280138][T17866] CPU: 1 UID: 0 PID: 17866 Comm: syz.2.3949 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  890.290550][T17866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  890.300767][T17866] RIP: 0010:vma_modify+0x153d/0x1970
[  890.306121][T17866] Code: 0b 90 e9 9d ed ff ff e8 e1 5f ab ff 90 0f 0b 90 e9 a6 ec ff ff e8 d3 5f ab ff 4c 89 f7 48 c7 c6 c0 92 96 8b e8 b4 06 f3 ff 90 <0f> 0b 90 e9 4f ed ff ff e8 b6 5f ab ff e9 52 ee ff ff e8 ac 5f ab
[  890.325990][T17866] RSP: 0018:ffffc90003377b38 EFLAGS: 00010286
[  890.332374][T17866] RAX: ffffffff8b5ea8cd RBX: ffff888050051640 RCX: ffff888031360000
[  890.340461][T17866] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  890.348508][T17866] RBP: 0000200000130000 R08: ffffc900033776a7 R09: 1ffff9200066eed4
[  890.356536][T17866] R10: dffffc0000000000 R11: fffff5200066eed5 R12: 0000200000130000
[  890.364611][T17866] R13: ffffc90003377c60 R14: ffffc90003377c40 R15: 1ffff9200066ef8c
[  890.372658][T17866] FS:  00007f77a15f66c0(0000) GS:ffff888125d52000(0000) knlGS:0000000000000000
[  890.381936][T17866] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  890.388725][T17866] CR2: 00007ff1351e3d2c CR3: 000000004aa58000 CR4: 00000000003526f0
[  890.396870][T17866] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  890.404931][T17866] DR3: 3a810b1eb6134bdc DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  890.413000][T17866] Call Trace:
[  890.416434][T17866]  <TASK>
[  890.419465][T17866]  vma_modify_flags+0x1e8/0x230
[  890.424377][T17866]  ? __pfx_vma_modify_flags+0x10/0x10
[  890.429834][T17866]  mlock_fixup+0x22a/0x360
[  890.434291][T17866]  apply_mlockall_flags+0x2f0/0x3c0
[  890.439619][T17866]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  890.445396][T17866]  ? __pfx_down_write_killable+0x10/0x10
[  890.451115][T17866]  ? __pfx_ksys_write+0x10/0x10
[  890.455991][T17866]  __ia32_sys_munlockall+0x10a/0x220
[  890.461376][T17866]  do_syscall_64+0xfa/0x3b0
[  890.465912][T17866]  ? lockdep_hardirqs_on+0x9c/0x150
[  890.471204][T17866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.477278][T17866]  ? clear_bhb_loop+0x60/0xb0
[  890.482075][T17866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.488028][T17866] RIP: 0033:0x7f77a378e929
[  890.492474][T17866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  890.512161][T17866] RSP: 002b:00007f77a15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  890.520806][T17866] RAX: ffffffffffffffda RBX: 00007f77a39b6080 RCX: 00007f77a378e929
[  890.528853][T17866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  890.536861][T17866] RBP: 00007f77a15f6090 R08: 0000000000000000 R09: 0000000000000000
[  890.544880][T17866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  890.552930][T17866] R13: 0000000000000001 R14: 00007f77a39b6080 R15: 00007f77a3adfa28
[  890.560977][T17866]  </TASK>
[  890.564013][T17866] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  890.571330][T17866] CPU: 1 UID: 0 PID: 17866 Comm: syz.2.3949 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  890.581675][T17866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  890.591738][T17866] Call Trace:
[  890.595035][T17866]  <TASK>
[  890.597986][T17866]  dump_stack_lvl+0x99/0x250
[  890.602609][T17866]  ? __asan_memcpy+0x40/0x70
[  890.607232][T17866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  890.612462][T17866]  ? __pfx__printk+0x10/0x10
[  890.617096][T17866]  panic+0x2db/0x790
[  890.621032][T17866]  ? __pfx_panic+0x10/0x10
[  890.625493][T17866]  __warn+0x31b/0x4b0
[  890.629549][T17866]  ? vma_modify+0x153d/0x1970
[  890.634278][T17866]  ? vma_modify+0x153d/0x1970
[  890.639002][T17866]  report_bug+0x2be/0x4f0
[  890.643366][T17866]  ? vma_modify+0x153d/0x1970
[  890.648073][T17866]  ? vma_modify+0x153d/0x1970
[  890.652803][T17866]  ? vma_modify+0x153f/0x1970
[  890.657513][T17866]  handle_bug+0x84/0x160
[  890.661800][T17866]  exc_invalid_op+0x1a/0x50
[  890.666329][T17866]  asm_exc_invalid_op+0x1a/0x20
[  890.671209][T17866] RIP: 0010:vma_modify+0x153d/0x1970
[  890.676537][T17866] Code: 0b 90 e9 9d ed ff ff e8 e1 5f ab ff 90 0f 0b 90 e9 a6 ec ff ff e8 d3 5f ab ff 4c 89 f7 48 c7 c6 c0 92 96 8b e8 b4 06 f3 ff 90 <0f> 0b 90 e9 4f ed ff ff e8 b6 5f ab ff e9 52 ee ff ff e8 ac 5f ab
[  890.696187][T17866] RSP: 0018:ffffc90003377b38 EFLAGS: 00010286
[  890.702334][T17866] RAX: ffffffff8b5ea8cd RBX: ffff888050051640 RCX: ffff888031360000
[  890.710340][T17866] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  890.718348][T17866] RBP: 0000200000130000 R08: ffffc900033776a7 R09: 1ffff9200066eed4
[  890.726332][T17866] R10: dffffc0000000000 R11: fffff5200066eed5 R12: 0000200000130000
[  890.734326][T17866] R13: ffffc90003377c60 R14: ffffc90003377c40 R15: 1ffff9200066ef8c
[  890.742324][T17866]  ? mt_dump_node+0x18cd/0x26b0
[  890.747263][T17866]  ? vma_modify+0x153c/0x1970
[  890.751991][T17866]  vma_modify_flags+0x1e8/0x230
[  890.756884][T17866]  ? __pfx_vma_modify_flags+0x10/0x10
[  890.762305][T17866]  mlock_fixup+0x22a/0x360
[  890.766876][T17866]  apply_mlockall_flags+0x2f0/0x3c0
[  890.772110][T17866]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  890.777861][T17866]  ? __pfx_down_write_killable+0x10/0x10
[  890.783516][T17866]  ? __pfx_ksys_write+0x10/0x10
[  890.788393][T17866]  __ia32_sys_munlockall+0x10a/0x220
[  890.793714][T17866]  do_syscall_64+0xfa/0x3b0
[  890.798269][T17866]  ? lockdep_hardirqs_on+0x9c/0x150
[  890.803510][T17866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.809601][T17866]  ? clear_bhb_loop+0x60/0xb0
[  890.814311][T17866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.820211][T17866] RIP: 0033:0x7f77a378e929
[  890.824650][T17866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  890.844380][T17866] RSP: 002b:00007f77a15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  890.852818][T17866] RAX: ffffffffffffffda RBX: 00007f77a39b6080 RCX: 00007f77a378e929
[  890.860829][T17866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  890.868830][T17866] RBP: 00007f77a15f6090 R08: 0000000000000000 R09: 0000000000000000
[  890.876831][T17866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  890.884831][T17866] R13: 0000000000000001 R14: 00007f77a39b6080 R15: 00007f77a3adfa28
[  890.892848][T17866]  </TASK>
[  890.896267][T17866] Kernel Offset: disabled
[  890.900625][T17866] Rebooting in 86400 seconds..