last executing test programs:

24m24.210737346s ago: executing program 3 (id=2192):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20009005}, 0x0)

24m24.060548666s ago: executing program 3 (id=2193):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f00000004c0)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x2002004}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="59f1e4552e75986be30344c577df27f4b4a41646039fbf9beda7bf5a572121f6414ca8bd405e18b655af5c5e013e0c7388225a727cc1eb4eb7c7cd47b2c3d353dec75184436dfd9933bd374d8dfd322d0a5b705731fba628d06c11ab04e155f747b67108a4e376b5711565b653281ada57116b0dbf782e6f343532ef258b42d65df4a96f83b00ce9c66eb1a1ab23f2039927adfe99a3872de7a80ec34aa05b8be26021e61d2e1509d903f77783525e515ae5051541be24502d5123d1a08e06d959aae764ee7bed31361802c486a3f9fbb3824a21fc1b73f95d88167f7659cd90bbb4b7eb78c21e01a9da912544402618285e461cc1c9a1ada2f273d3799feb3d90e373c4f0132554fc3ebe0b8557d521e89f66531514ca337bb1149f86158e7ac94d88fc583a59b7ead0fc249ae26a4ef2ff5bab62209000575441363025553f5012b8eea50bb087202114f8b48ab602fe3fd952bf9886dcc41a9d6c22bfd543f7dec92f32758b99cd239cb69a2fe1c4560426e101666b862aec3e235fd308a6e7560aa2207cc185acabd03b20d4091ff7936120b450b1db200228cd435c434c2626f641cdd8180946982d665352ee755358afa123e7fd9a202e912c528929067ce785f3ba1877968a047f56dfb7cef747d59feeabcff03e73aa3dd3dafb367f32758de4d98dfe15737ba1cb7400ee5bdf4220d6e667c651757d4f8bf536771309d6dfa928e59c9171fa7a710a6d308e757775ce029e0724971c8d7782e29b8ca82de04e883ba042f92e6f7c6b2e627e1242e1f2033ca5bcc81797ba39359e320139cfcf6335086cd646b842e13ab0f90d2fa92ae3cdbeac38deebfc485b2f10f4e29507c858046ae009df144c4ab38ae70e25cccff11078408d7ef4d7bb262310fec1663f1a1dc035864a40616b4690c841c986630ccb784d7af382fef327e7e64817a48db2eae499584fb6cb758a4da7967d283c7400e87657443148a94a352bc46154849a9d6eaf85e4e5556c648017e7f5456be988abcbbcf4a5e2228d2cebf144229fb8b8b6ad244be8f6ccfecfa6df74278761bae6be823eeb6cd08bd0bc01283d04fb719f546cf4d2de5388d1f90eec21674d35c9e295cb1bff104689395cdb6349efcf3d3d99e0141b7bdd4f0ef24fdd6afc35fdca10ade6d539bf1e32ca2e5ab5223e4e975a3cdbfa604dc7904755919905e3ab5e4a1932e2cd7741dd80f4993d0822bbeaf7ea70541e7d18af5a36aa1b928b801bf5a8652adac57dd76f0b7d0629a9fa493db118d6420a18236ca92487cf1b751477bd7b66b6ab97a280306f921493eb9a6172a70cb4f62526c09bd73d148faefe36c47275a0b8822b71c6b09dc80dce0b130ede61296ea03951a563bbf020c75aeea843b95d134bd7228915c22c6e34579bf71479eb4185bf4d11f9735093d9b9d5f18f443a1925f59d2041ff9f6a017eebe9923e5b46de296ba24c25019591cde699475c075904b97f01a639dee3bfce62ecabd2ce078e5fd84b8733392e42e77a6dbb0f51fb0fc59cd7286b6912a8796cdb22e6c3949f6052a014c17b73b3cce6e531127173569d70f07d76359755a6d8bb239f135becb8524ff638452db9d7786e6c52efaa254590a9bfe6bcd485ae8b7114948d58d8c0b9620eb9ace67211e0f7eb4e75740b51f23c0d59903cf2bbcdba9fb516afb8c64cab133c51c0ccca855eba033cc4eb08bbc7632f427f6fb8de4a11bc292aa090503e96a2ae414d5c8907e599874c7e9ffbb8e57ed9b1564ea52f09afffeddb8da0a9ed228da5bbae4a1ef608a0d327cdd7f19fac5d342c31088bbd05cf87c1bb73c55db60087e058c21d313c899071a38ac027e7c2704516b2cbeeb3c18771ecaec46d90c18aaf7cc207cecd60faf27fa4fbea3fecf0dc67336263870e21a1ef39c35e89254fd02bb75848f3729450a08990a410331ac720c1b9c3859a436d65899158caacff7aea71f3bb34e69d954994b698e608836a52b88d8ae8303fb918956e13bc1bb99f955c72474d53ab8ba2ee131730f7fb7dcc4ebcf14b9c3c0553a783d6123c3b9a3cd5ff9c6c2d588c38bae6e81b5f0dabc3b4f6b2d9805474453f66e3f6bbc29b64604374ec82a602109cce44bf4ca88a8b0ea2dd27a49f70eb481f3fb59a4ec5cd0b2196c05a96905cbd0f3b01b579401d20f12aabffc6f9e869af2fb43b0c3362f67a015dbe51b33281236326c3cf93f466a07f5baa29cac348ee7c17088aca34bff6844cc60c5f9376c4869afef5e14b74d780ba0fe5ba3f919d6e3ad2c5a9b259c3a79da133173f107bc2fdf426cdbc144a96a33951bdbc43d5b5a6a5c4e8aeb90816cbde9ffcec6630ca37ae6ccddcd61dc6893b75fc6d951be9d2144b6ae4bf739ddce3400456f0bed97dcec4330b717f590ae2f30cde4203d592a4abc864b27fce63bff3da754425fa0caa91e173f8f99fb0c81910df88b01e2e4918e424322149a283a69a04effe4da0cb417126d674d802455a67bb72aa88f1a6beba6a82f9f0529caff162285679cff18c0a9387abd6ac70135ddd07d04c8cc18143c57bdbf5676feacfb5afcdde7233abc411ad08372a885ee2047017c51167112b1dfb4c3a06a829c8c57c2e6d55c85ed97063c9a5843aa299ff3c63e61440baa42b696adf218d37b39231314acc6ffff7b23d16c8762562ef8a056e31c385d57f8fda45862034abf4487d6abd7816ebda9a7aa8bcd753508babb0d4c08cc25ee88fe3a5eb26842ef5a0687f5bd5c3f0b29e4723fbacfd852f3e194e47ffcc9fefea63b972cb9f3293956ee71308ad6ccb891d760469a62c5864069cefa60b247c5366b32d864d5d63a495209627b1b36b9db1bc0979e13dbf2f7203ba69596ad6cd991dc22cadd0fc55ce89db7fed238b082674458c8fa10398e6fe69b50b8cc8df9324180305fc4c17c3f0ecab996c44f8bb2eb575bbe4300e1c93c39a34ce0f255522f4bad18b6f7ed2b5d712baf19c39bfd974dea6181511e4bce407a38e2ce591f989001bcbff570f78649b8d80d7c51d9415dfe8871f1c4161e685d9a361ee2c3f7386c7d89570ae6894f59219c9e53059a13149fe6f3d37f982c503e11f9a90fff483e3b2e4016f376fbf81a3a95d666460fa0c3f6e873ed7ba2e9b6da20b62eec19de014c540b9dc4c3c25995c0435fa5dac1d5cefd66b248db8cc951a84913341e308a318bf94d1d49e12d80053712d3d68fb4acbf8c07ff3ab721c982b114f98edb9e693afed4c80892d8d75484cf228a41fb9af3e59a31c802bb5883d88f5d804806a1747bee00a1347edffc1d832d5e01d15dcd4c7e21f35c47e90761904d0381b56e8200d69338edba5f5e5992d2439143846e1295aa77dd0745c1f33b02b108e987a3d675d8bd593ad22b49068a6f91478a807275b05261dd14553a112fc85cab73dceea1fd31a319db40ff6646afce5a9dc0588747afc06bd36c4326a5f495a12c4eb6ca44e4b23dc52836336832e267db22165554caf7925cf13c84685ee31bfd19fb988a42a2d931fe0212a64e6ffcf9fcaaeeb9fd211a529364abb1a915811a46c41289da4a3a730942d4e0b9534944ec993555d96fcfb68e4f85c53c297f1ea34781b55b69b25bbdf4f0cfc9572e924adfd354b4c291d77d802bfbdc7d7b24f1d266cabc9ecf63ea5b48d5e7f30d8ce1ee4ad861537c441667405b8223e81ba71f55e09d0e92f1c4233227eb276db865b23c8d28df9b2738f025b59d10a118e156b04da94a15b7d8393783dbbb29131603bd11397625c8cb5d8a86cabf660906bf714079f9261c901815688b76afbc65962aeba08e940c20931ea1e3b875427afbb608634eda3f7f69da64906616f24a8a750abf2da50c1e47cec369ffa25d4c199caf1da2f51ebeca7de266e7550dc12019f0e7dcd8f814c2095b12cbf94404e3343e032ebdb8b598febec6390c84fdb65c3eda086c341c09321d1ee471896be010214de39a658cf48585660010578290b3349f0233e301dce10a9dcaa372ade8a4a7170e68522add35f6cdb23c688ba42b425775f077bd0d9f6706722499763efb84c98ee3717b293b26eb46d097a7af1e8097cec825a2d92cb1038980a8a73a7a351001a6efabf812b00788bb950e8b88784054a299906786b7dbd25c9d8ef4146e45b84611d65e7ad898ac1d234574d174acb1d23d8e206518fa40e521bd3c3953c95aedf265c3755243374ce36500a62dd57a94ac22aa6c9b6d79edbad8c0633263f9ffc04524d23e64a18a22cfc1d9ff00eab75a48cffa364f025b31fc632d4ba3f1a829e78b08a9297d59b9ac9c2ae3fe7ef21a0bdc4ee34477654b4bb80b30e117dd846a4f71750f76cf93afb134eb28e0409b92016ce47871fd2a531b2b05d7684421f524833f7a9ac4a02d8c92a1c83150fbb6c68edf0c4ecc833c9e2e058c91f8f9ba81ee48ba5fb71132bb84c4e4993561b0f0ee77405a5573df396469fa5a1a761a9398e618221bdb888a9f2f07a1e9247fc7e3ff2d72bdad77654645171fc89cf4e93d6eaae95f4e7bd9dc75c1b1fc5c7926aa0d0c70b7b442ab657e734fb39660b058403057f94ae3e9b96233647216e29b891272e4403e3a155e4f77fb227cd56a3e3856969cf3ce85d1aca889c2cb1ddfab9cfdcaba80e2411243e8370757725e2875bceebec0d8174ecdda380dd8bcf63cfc619ebfd4b562949e32c8ae7173d630df595b79afc5b0c2ba6e9613ebdc3912db74a1c41bbd4c50428e1dfeff661fe3c3cbcd8fbe4a6d1c02d2b06068e3fe7fa5fb63eed98361baa5c075ea1694a575551818d3ca4988dd080df8c604f2fcaf0d3d3bd922f142ecd2b88efec2563686447750a1e814926e037c2e4d2c530bae36a0cba4b9b42d21b63d6ff403f1a5bea1a169eb494192a7adcb0787759a944043d0df72d57d775e9604a5236775b44d9553dd186f63512bfd3d4b65667f8d715bc9c100a0855e2ed963da442e0ef54b809b2e794eb9b29daea42a84c2d45c220a1ab3242bf7e2f41754feaba92998b834391aee0005c3b5bf05ca648577d77712c6a2107c0d017b1828b82a63ac32587023ae8214e55b907a08c774d12be071ae593716426038f326b45e565900ae67778cfed493dd873b613d457837bf505622d6270f7c2177b8b0048ada47e3fc97a913552d9b65be45a914c29fe5e2e398c9dc7d541f8244c9ce1fdb8d20547471ae840cdf88e4362e05b3091a80c3b32afec6747b05033f98456bb0503240d63b18d1756bd24656def9f79e6bbaca8084caf07dfd17d77f98343fb3f141f788ed0a9397f0a591023c332f4a16e468643b8dffb950f798d7cb165757b18ffa1863898de59c892b148d268b4d0ec3e5f2e4790358cbe0a40007a4be6cb789ac11badcf369f1aff5c458b5c9514b24cfc395b4b4f0df30ab6b3228feb960d545d027a76abfecf455b673be7caadf0d0f2544cb5473ecbc3a339b08652b444a3b5a28d834e63ae4d831d5abb077297428bc3b6542477fb6d4ffdb1398349cea95e7d6131184e7d793603582e81253974e10f8f947d339d2fdfa4c8871b33403cc23b2e225462d29d0450f285433c75959774fe65058188cc54488bc23a20880a0b786e6cc4622c5621f427af5dc294420c07c268cb04eef4400fcaf6fd1a500504fe59cd3c44836a0b477a62d05c8f43e96962a367cbae1f88dd4f4c22e0c7d2afea8a2de91917599f6db37449474048ba84f144532af50b65cdaba868f50f079a4a495d2ee921d835badc2ac45e2521dfc559bbc664f6f27446a6d5afcc8c0d90d68f991dd503291d7687f64641fd052c73be1786b507252749fd788c0c8edf25ab5efe9ddb2a67ec7e24f22f9fe28966d64338b691222c7cc493a9a5c10430ce0f074703047757a9abed0ee0cca14c20cfa9cb521f0e4e91e886e4b1285ffc996912ca7c9f81f2e8e64454fe6846ff44dd21c294b888d52c37bc386ba8cd7f7c0fedcd524ebf603f0a5b5f19be9c7e0f6da5d0ddbc2543d1adf46f5d0140d40c8798f8baa4ba49d99aa0171ffc797e3f919b21a37d3ca8b7a729781aa262d68a0451a2705f59f18268387fdecaed03045fd6f1759a694a5224c46f7a4c6c4eab6b11089b114e5a78546c258f23a2b80fe7f9503d006799d2b8fed769d87e9dafaf6f923ad1be071538789b771d13125049b58a2f2c4f91a5cedbfd725e419e8b640b9d704f48b96efab1b249784bed0e6c3c938b5ce66b6766ca0bbea73aa3a514a57ad7d1907f72072128be570e016a2a5b5754f60e2b0bcc3bd9a4ed21fe4e9b4655ca22656ab6cccf5091a1f85251e51f59094762252c996d9609430cfba1d160702643060cf386f3c3ab02eb5943326312444ebc0e5df143dfa8e868fafb719fbe1f5b355c472adc7694967522e39c1b162b57d49aeda122bc4a60393bba6db3f083751a41f9aa2d6cb59038f94b896a5623f82bad390d2b729f66d5f87b72cc9b54a2f08b3e7ad321310e8f79556ed4dd0c8a058e6a434b6a3fdf28a6b669b53694c16a72e14c1bce34f81c67071152d75ee8f146e465849a7b3eefc2fddb779fa34685effe59432444b3a6fc237da95fc7655aad861aa319a75880e53858ca6a7dad341b2643918e69e3c81969fecf6cdecec304c519ddd0f54b659ed7f9c3782c58202ba393c3811aa1f34d710db2cd0bd1478db3b3445c5d20811dfeb0e4bc3434ae4fa3518c9c36ebcc73d2e40a1701496f82d186309885af32b9694a7a6616bba665b94bff24ab493488c9a53cf1de2eaac644cd0f8d9ef4930f8bf56797b5ac4abc8132f62125905f7e18db3048a90c4a4779b5e29815830fb4093956bda4e2596bb8956c45313ce4e4662143a95779e5c23933e9312372e29c00ee668e82c7d4de290a5a6a66b85e6738528a58b4d169221a0ac5367196cea76c58b4c236b7da73ae1ce463656941f322d4cdec390d91d813c2c9bd70b10151673585457016c0d302f23f323c4a118fcc32a8076be44606d3241bfa66e78178c8d991093d9dd5d93d3eb455ed085eb5e88d83f3a47ce9c5fa7f9035df5c407eb27daa231c538ab58765668ed5a80e8f8a3a4470181b9f15b56d5c4a43708e7287775ee1e991c8e28af2afefef93b19ce3c4a1cf5d25e9b232f424a312cd4883230ffb071343986092141ea12e9647e5f5ab4e70de17d17756eec8ff64328c0050794c568baf183dce6c798e9b01dc53e76c4b9a0b61f1b65cfb74152d9936e05505df63048cd62cec15a97ec79995c5381b0491e65661c2804cc7a5cba0f418d5ec420ecdcf1363cc48777ac6a9901a30d6aed7bb62651480da8f84c93a61bd66ee6f218f2999d052e7e3fbcb002b57bf3c1292cf75a52a164d5c7f1265f1c7f881683dc8d6572853eef350f3834f888a1ab0eff22ee3b93ec2d82f93ddcb5b915f2c273a296be81f3ea3d5e9855863fb5cdc7289770111d02a7e0ee6558e46e754a5c11e4d36c55946fbc62d0c89f87156e33db0ac968dfb67c3a43a55328996a73cce287d518d45f5753f45051bba90d6dd06d95bd14c13d7707bc1afb44595da6783a48d6675c8e28affea30a55ee55a904d9ffb31e9c4fe04fe3dcdbb459d62d36156b2c6aa015b20205f6222008692f6be91ae531afafba348725ba820bb9fb2b93d3013e3f4766dec362a1e0cf40534eb1a18168c18afe08dfdd65e9953869353ba14cd1daaed1fc0c0ae1fc8deaa98c79b74ebd2043b18076dae9c2b4625ca9459a354ce3571b8c33870cc291983da1c0f32f87133192564e6c22abce03fdde7a7cca192d623253e99d5d1ee2f5e4c6535cb027eaae8fb1486ebd7c09881a14c88494a03030f5dba58f7e45a78905b10a5645409ea754162aeae8551d1026021da8685d4cbafbcb0ad980a1a16199be14b11434b0cd62a559b8584cd373bf9f959641059b17a654523cf3f3e7fd94a809e44a21ce2242cce6f79a32dd5443b79df68ddbbdc73eef492ef6a9f093f3131874064f89f26ff32eda7e6451081990a022a0fe52f189cd1deba409dcc090f91d10fa769d1bd75d11ec22b6e85405cbf9b3256e4f8913d7b8eda2945069e219fb4abca2a191e024d5af78e75cdbe0d9d5471a1d8e8aeb9e0a00274d4474ab6b0ebbb66d41bfc1683642c88a1155c91a7eb2295c4b9aa93eb0e77dc5a928e1698490de1226c65a7ef79fa9237dc9f7fdb8fcf9b54658ee3c714b14297fcaa1371c22e746151608f6f1f49bfdddce0ce24e6fc8da8f8dec534e5fe36106c81f25250be3fc496a4df508e79f49c7a4341d50bb6f96289afab14dbf4e8802a14ae82705a75e18330884c9bb1152792249a68ced40afc63deeb59daf9711484b982ec2675f5d9239f182849c4780046460e59aed8cdaaee156544370962771ced877365d37723bd9f935e8192ffd677348db41e3884704b5cbc6002c32111c9168dfcbbcc1c1ae3fd907b494a1fc7a8da0077517b55cc86393f61b07cf71408c47c9f4ca78c9cd48bf62c3b48232f74fa04f4e1fe9e5a4b88e94cae83397ca74948acc002afad739a3891c16c102fe026e2d1ac172a8b0f8c26689d99c371e275671b4f7ba1a08f7e955175b0dd88bdc63f6c1416fdaad20924c7dfec72d961b7fdde56de6ec0c11d43abf60fba174f4a689a1ff15016e7bbe378255f6724fac6a877a00d34a44b85c332ffb3b48101cb6137ccbb5e79f0e0ebe144800c8eb8ee3540cd23def571a4419908604a4217e4da5c72ac49c188e050c6c154df8f1ae2275a6bf123da80196a01cabbd699b215e6e1d7762c299d22e5b72dc1d17fafc2b42bf8c1546694772a2bd9a5f1f75504906c649988f88dd1f1236ab3e92907da0b87b7b674f5f3856c2d0996c20795a2cf7eca5b8dbbb4715dd4e67ce6ef38848bd50389686f17c059070fd9f1bfbd0409e3df16e7a73fb115c66cebb217cd01c5967c774143aa11d9815f2b0f9030f012bb8df1548a4e495e3553ea8524d374772a287beb18a7e88c88f4678e8835f35ee901eba3276b55095122d36a4da666e3b2a70114bc7c8faa5c73b89744c47aa138463c619a322e4dd8e4414ab12b143d2465401cafd97f500b2b035ee96f87131b3c5acbd7d336d926973e70b7c409372a1bb270e0666831de3fb5f059d25cb733106554ad892b2d46f5b33b00ae6198573c4c57b059266f806943e864a34a2b830003bdb7447fd105244bb975b0d7f1b6e25a72ac98a6fa3be7e3b430701633b95f8560620a58caa3366b0ddef41d153452417e4a5b48cfde67e6525d23c538a90d87f9b3cbd4205ccb30ebbbd54a00c4b0fb30cba4d02c5f108cb25af1cd791711d244c87de9738afd56401755ad8f5e62198d28164475997d7719f91ed7685829c6d536a090353b0b2de436d27e9f1fecb09917c1a3e7cbbe33024a74883790c9d18c2349a3f748f6362a79b92b95f1b3e8ddf118c87fc389c1ca08786b81513b62ebefb9fe472ff79eddbfa06d6569faaa1b8df516e2d0365256bf012da3571c6bc8589c49e0573da6d9ea1f7ad35840450a9f334d5d2cf9aa343dcc0f9864129bc548914507b30075d1a153d98af8a6def82e5c8619d9656f8ed0598b3463632c1cfa8ce86cbb90c772cf1298709fab835fe07b755a955f0d05c0f4dbffecaa7f6b1b6d40fffda03965021fd8f1316b62ee8e2bf6fffa01bc2740c066b7655d39f4be9d96f39713fab5ba34fc5431cd86c7384ee9177c20bf5ed5b9242b5abaefd4429a73195c166366527daaad6ce29136edf7fa974415fdeca13adb617e35d357d9c8d76953b6704bd04c391eb3070b1536342224577305c75b69cbe622e308722b3b76fdd3ad0ee69e7cef96a9cd267a92d846863b97862613b2ff5667559ed286e2fe6805a3a09ffc25e4df4b58302844e747a65310d4eb9d64c1b31995a2df3dce8026426e445b60520933fea52f4a9fc8e15033b75e5f412866f4c75371b6cb6436acb118d62752da91b64f15d40c8263bdc6ab718020442bc9cb8005ff30e90ca8bb4f489b0eb4218d323b39022fc542dcc16841899d094d4a5bf134281a330efdfb2445bb31d818b11d9abfd0e58c6497d2db7ac72a26d068b6b4b62de8d291188d4de82d9e53f3cf597e9c383a308a6a52814269c18a18b654bbf4db4502c11856637400b8c2ec3aa0127a659efcaaf5377adf69cb3d9ec65130864cd49320a8ac21aeb31c1c08f92a483c70318870b0107b4ac6070575e548bf70a25d1b220d8192697bbcf891521e4217efb59429c9ca2638a6eb13845d74a91ce45471e8df8f9d8a3a4ea4c8fab267017294f8054e43af04394dd3cbd35b6e60911f049d0f1048d1941effae8ed0ef726efeabe24607e3036e95297f7ee8d3bade2ca8cc431504524b6b40bfff220cc60f9f64376ad5b5fa7cd8dbc3baf145d6ff4ac00a4a8fc2de132af0e2d84302d02c5677b927d76094d38c8b644c1480c6dbcb7274d15362a3ec973cbe40086137160e6447ebaeec5aeeee932ef2bb03fd0754a7708968f2bba76ce16209e7bf1de26971f8c112581f9c417828a4a0fe4b6f243b939e8c4a7595230039f3f81fb64d84227c3725cde10c89d6413354e53811b2cbfc8a0d27dfb11884af23522a51a68f5415ba529690561df7d3f3d053166fc97e6c931d80968477384da3107cb5321b88940c3602a25195b870af1d956f749ecf6f0321f0bdead7cac3627d2895db23f74a244ba8cef7a7d1ff04f5258d45f5e1aa4a4baa83a36abb0e5fc94104e32314ef739725d83de8d0027218b7aea54c6de45dac43f955dd2ae4f7b89774219f12a25a7d47213d545357d7a0977486f8bbad66d8ef36bc26671c1a9c2a54d35e2e303b7cc4e3c431c2068ac10e6168ff1a0c023bf68868a20f20612ef5062ccc978332f2a97b58b0b92cbefa1ce73815776ef3e658145074592a463e5fce30fb89d3657906129fbbf369f0a7af4d9f1f153b0a840dfb80607da59ab2f01e72413d364f0c4f90a13b313b03df460696a8506c6c1dc6964918093274054bb9b46b7373a30efdea62c115fe9fd396c989c53c31402ee4b6bf6d9db19bf75906a0fd0e807f7e6cb7c5ef4daf0b21edcbf2f64605ccb7b5238bef39231d470d1542da1eab747084516fb6ef188308e62658540bf37e10215f26e2b1cab4d91a2a429e51bc270cb07c4628a8fe4066192893253d22b3a24edb3f3d02e227c613067231da02b449dc5ecce6a6e605ee5708817b2b72453fcf0f4e04f0c22996871d01cc3684e2b73573604366ca12a604f450edd6e113f4d1bda649939270c0ca493eafce9f46547b2ca1dcd8a63ec6053b99a2705a26c71df3a9dc7a347152dfc55b036701e9f7dffbe9138e6f619daff7721ab2c79e41c7f7fc829e3a22c2fc286f08a0117fc53d63d7c241aed27350badef0ff11ffee83920d62fb09f6be8ae44eab4273560e0ff14096afd10580306ab96cf9998da75e1dd04a9f70023673935a470c015762480b4182c32cf4715d7cdec146b1c8f50709c8a704922900bd1941e1e8172981b373f5de5260e84a498ec8110d55de18c99a5310ec0a7c69fcf54c8b70", 0x2000, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="d00300000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000006001000000000000000400000009516af0f0000004d0242e22ae8c3177576c724", @ANYRES8, @ANYRES32=0x0, @ANYBLOB="0000000004000000000000000000000000000000000000000000000004000000000000002e2e5e27000000000400000000000000030000000000000009"], 0x0, 0x0, 0x0})
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r1, 0x0, 0x0)

24m23.028803451s ago: executing program 3 (id=2210):
r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000003c0)={0x1})

24m22.967198526s ago: executing program 3 (id=2213):
r0 = syz_open_dev$video(0x0, 0xa7, 0x0)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000180)={0x1, @raw_data="9d5dcc684d7857bcda7df742eb7fcb9db9d7335d5969e0569fe57b510de14401e488167afb076e80e2571d2c0ecd86f64227098aa93a0023814ab330c4ff0f0000000000002632594f8f6e94eb9e68c55a52d912967db7166c302e09aefc10e9ccf1714f7bee737d7f28c2662c77ddd7512b984348b85d04970d0431177bd4b80200000070da4a6a0f367f42ee2bd48fbd8b62d0e268cf88a0cdd333529b59444dba0e1123565b0bf47bee4089677af86974c54301ba0c4a2f428c00"})

24m22.864306986s ago: executing program 3 (id=2215):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc4, 0x2})

24m22.624466563s ago: executing program 3 (id=2221):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x300000f, 0x11011, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)

24m7.534983364s ago: executing program 32 (id=2221):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x300000f, 0x11011, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)

21m36.391683535s ago: executing program 4 (id=3569):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x18, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}}, 0x18}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

21m35.460336024s ago: executing program 4 (id=3572):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="581b0800", @ANYRES16, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

21m34.907123107s ago: executing program 4 (id=3573):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x90, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x1060c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
ioctl$HIDIOCGUSAGES(r2, 0x4030582a, &(0x7f0000008340)={{0x1, 0x3, 0x7f, 0x7, 0x1000, 0x40}, 0x2bf, [0xb704, 0x3ff, 0x6, 0x2, 0xfba9, 0x80000001, 0x1c, 0x8, 0x2, 0x80000000, 0x8, 0x8001, 0xffff, 0x1, 0x248b56bb, 0xf734, 0x46a93a47, 0x51e1, 0x6, 0x6, 0xff, 0xffffffff, 0x8, 0x4, 0x1000004, 0x6, 0xeb09, 0x101, 0x5, 0x6, 0x8, 0x4, 0x3, 0x88, 0x0, 0x0, 0x1000, 0xfb81, 0x8, 0x40, 0x7, 0xf, 0x3ff, 0x401, 0x5, 0x10, 0xfffffffd, 0x1, 0xc6f8, 0x2, 0x80, 0x2, 0x7, 0xa1a, 0x9, 0x6, 0x1, 0x2, 0x0, 0xa, 0x5, 0x8000, 0x6, 0x2, 0x5819, 0x7, 0x6, 0x4f4, 0x3, 0x80000, 0x1000, 0x2, 0xb, 0x4, 0x7, 0x5, 0x1, 0x2, 0x80000000, 0x0, 0x5, 0x2, 0x8, 0x1, 0x0, 0x6, 0xd985, 0x51, 0x1, 0x5, 0x9, 0x6, 0xfffffffe, 0x79, 0x2, 0x8, 0xffe00, 0xfffffffb, 0x71172ab, 0x3, 0x6, 0x6, 0x1, 0xe96, 0x4, 0xa09, 0x2, 0x4, 0x3, 0xa80c, 0x80000001, 0x9, 0xe7, 0x3e, 0x3, 0x0, 0x4, 0x2cdf, 0x3000, 0x3, 0x5, 0xff, 0x2, 0x4, 0x101, 0xff, 0x1400000, 0xfffffff7, 0x8, 0x8, 0x4, 0x100, 0x2, 0x9, 0xffe, 0xfd93, 0x0, 0x5, 0x21, 0x4, 0x80000001, 0x2, 0x5, 0xfffffffb, 0x48cd, 0x1, 0x7fff, 0x8000, 0xfffffffe, 0x9, 0x1, 0x6, 0x6, 0xf8, 0xfffffffd, 0xa, 0x6, 0x2, 0xfb2, 0x100, 0x10001, 0x1, 0x40, 0x7, 0x8, 0x3e3, 0x0, 0x6, 0x0, 0x9, 0x0, 0x49, 0x3ff, 0x5, 0x1ff, 0x3, 0xbd, 0xfffffff8, 0x5, 0x1, 0x2, 0x6, 0x0, 0x9, 0x38, 0xd, 0x6, 0xfffffffa, 0x6, 0xf, 0x25, 0x2, 0x0, 0x4, 0x9, 0x2896, 0x4, 0x3, 0x3, 0x7, 0x0, 0xb, 0x9, 0xa9, 0x400, 0x8001, 0x8, 0x2, 0xc6ab, 0x18, 0x8000, 0x2, 0x0, 0x7, 0x1, 0x6, 0x5, 0x400, 0x3, 0x3, 0x4, 0x1, 0x2, 0x2, 0x7, 0x8, 0x0, 0x7, 0x7, 0x0, 0xffffff64, 0x5, 0x2, 0x6, 0x3, 0x5, 0xc7, 0x7, 0x212, 0x7, 0x5, 0xe19b, 0x7, 0x9, 0x67, 0xa, 0xf60b, 0x1, 0x1, 0x4, 0x98a, 0x6, 0x10, 0x2eb, 0x2f7e, 0x0, 0x4, 0x1d21, 0x9, 0x80, 0xb, 0x1ff, 0xfffffff6, 0x0, 0xffffffff, 0x4, 0x6, 0x3, 0x6, 0x20000000, 0x8, 0xa, 0x3ff, 0xffffffff, 0x7, 0x68b32c17, 0x339, 0x2, 0xc, 0x5, 0x40, 0x2d, 0x1ff, 0x91, 0x7f, 0x4, 0x7, 0x1, 0x2, 0x3b1, 0x800003, 0x2, 0x3, 0x8001, 0x7, 0xfffffffc, 0x8, 0x0, 0x401c, 0x7, 0x200, 0x8, 0x5, 0xab83, 0x73, 0x14000, 0x1, 0x2, 0x8, 0x7, 0x3, 0x4, 0x8, 0x1, 0x74e, 0x88, 0x2, 0x20, 0x2, 0x328, 0xe5, 0x7, 0x9, 0x86a, 0x2, 0x1, 0x2b, 0xfffffffb, 0x6, 0xa, 0xd2e, 0x80000000, 0x7, 0xfffffff8, 0x0, 0x8, 0x569, 0xa, 0x100, 0xac3, 0x5, 0x6, 0xff, 0xe, 0x81, 0xca, 0xfffffffe, 0x7, 0x8, 0x0, 0x7, 0x5, 0x5, 0x4, 0xe, 0x5, 0x9, 0x7fffffff, 0xfffffffe, 0x1, 0x3de, 0x2, 0x1, 0xfb, 0x2, 0xfffffff8, 0x3ff, 0x8, 0x3, 0x8, 0x31eb, 0x7, 0x5, 0x8, 0x4a0000, 0x0, 0x2, 0xb0, 0x4, 0x8000, 0x80, 0xd05, 0x9, 0x5, 0x8, 0x80, 0x2, 0x5, 0xfffffe00, 0x7, 0x4000000, 0x5, 0x6af, 0x4, 0x8, 0x3, 0x580, 0x7, 0x9, 0x3, 0x2, 0x0, 0x81, 0x9, 0x7ff, 0x4, 0xfffffff8, 0x9, 0x2, 0x3, 0x77ae, 0x4, 0x91c, 0x5, 0x6, 0x3, 0x0, 0x80000000, 0x21000000, 0xfffffffa, 0x3ff, 0xb3, 0x4f8c, 0x4, 0x127, 0x1, 0x2bfe1798, 0x10000, 0x1, 0x44c, 0x0, 0x3, 0x895, 0x8, 0xff9, 0xfffffff7, 0x3, 0x2c, 0x3ff, 0x6, 0x8, 0x7, 0x1, 0x1000, 0xc530, 0x5, 0x8f, 0x0, 0x6, 0x8000, 0x400, 0x7, 0x6, 0x9, 0x1, 0x2005f66, 0x10001, 0x1, 0x9, 0x8000, 0x5, 0x80000001, 0x81, 0x6, 0x8, 0x75f, 0xab8, 0x4, 0x8, 0xe0b0, 0xffff, 0xf, 0x2, 0x4, 0x9, 0xffffd40a, 0x2, 0x9, 0x6, 0x2, 0xfffffa86, 0x8, 0x6, 0x101, 0x3, 0xa000000, 0x8, 0x7fffffff, 0x2, 0x6, 0x4, 0x101, 0x1, 0x200, 0x800, 0x9, 0x2, 0x3, 0xf5, 0xb30, 0x9, 0x2, 0x1, 0xd, 0x7fffffff, 0x7, 0x8, 0x0, 0x9, 0x4, 0x1, 0x462, 0x80000001, 0x5, 0x7, 0x3e2b, 0x4, 0x7ff, 0x2, 0x9, 0x3ff, 0x9, 0x8, 0x6, 0x2, 0x1, 0x100, 0xa, 0x5, 0x800, 0x80000000, 0x40, 0x1, 0x10000, 0xffffcd67, 0x5af, 0x3, 0x8, 0x7, 0x0, 0x227, 0x0, 0x8, 0x0, 0x1c18, 0x6, 0x7, 0x0, 0x9, 0xff, 0x6, 0x101, 0x7fff, 0x1, 0x101, 0xd7b, 0x2, 0x6, 0x81, 0x1, 0x10001, 0x3, 0x2, 0x2, 0xbfc8, 0x1, 0x101, 0x23b8, 0x7f, 0x8, 0xad9, 0x8, 0x4, 0xd31, 0x3a64ec4a, 0xffffffcf, 0x81, 0x9536, 0x0, 0x2, 0x3, 0x0, 0x9, 0x4af7e4bc, 0x7, 0x4, 0x2, 0x2f8, 0x4, 0x4, 0x1, 0x1ff, 0x1c7, 0x80000000, 0xd, 0x8, 0x0, 0x7, 0x1, 0x3, 0x6, 0x10000, 0x89e7, 0xa, 0x6d, 0x4, 0x9, 0x6, 0xf, 0x4, 0x706, 0x800, 0xfffffff2, 0x7, 0x7, 0x5, 0x6, 0x1, 0x91, 0x1f, 0x0, 0xb, 0x3, 0x8, 0x46, 0xd3, 0x0, 0x0, 0xfffffff4, 0x1, 0x3e, 0x7923, 0x7, 0x7, 0x101, 0x7, 0x9a0, 0x9, 0xbff, 0xf26, 0x800, 0xe00000, 0x7, 0x171, 0x5, 0x5, 0x4000023, 0x400, 0x5, 0x3, 0x5, 0x5, 0x0, 0x0, 0x5, 0x10, 0x6, 0x40007, 0x5, 0x4, 0x1, 0x2, 0x0, 0x3, 0x75, 0x3, 0x5, 0xdec3, 0x7, 0x4, 0xfffffff9, 0x3, 0x6, 0x74b, 0xb166, 0xffffffff, 0xbe25, 0x7, 0x9, 0x9a, 0x6, 0x0, 0x76f, 0x4, 0x2, 0x4, 0x1, 0x3, 0xfffffff5, 0x7, 0x6, 0xc, 0x1ff, 0x6a, 0xe3, 0x390e, 0x1, 0x8, 0x7fffffff, 0x47, 0x3, 0x24dc, 0x80000001, 0x3ff, 0xfc, 0x0, 0xfffffffa, 0x4, 0xba, 0x3, 0x3, 0x3ff, 0x3, 0x5, 0xf72, 0x5, 0x8, 0x1258dd22, 0x1, 0x4, 0x88, 0xb5e, 0x4, 0x0, 0x3, 0x9, 0x101, 0xff, 0x3, 0x4, 0x39aa, 0xfffffffd, 0x408, 0x9fb0, 0x400, 0x3, 0xfffffff9, 0x7, 0x8, 0x4, 0xafdb, 0x8001, 0x9, 0x0, 0x2a, 0x40, 0x2e77, 0x0, 0x8, 0x7, 0x6, 0x1, 0x81, 0x10, 0x40, 0x1, 0xef, 0x1, 0x9, 0xc, 0xdd5a, 0x0, 0xffff, 0x2, 0x1000, 0x3, 0x1100, 0x3, 0x4, 0x800, 0xfffffffa, 0x800, 0x7, 0x4, 0xfffffffe, 0xfffffff8, 0x81, 0x3ff, 0x7f, 0x4, 0x7, 0xffffffff, 0x0, 0x401, 0xa, 0x468, 0x1, 0xfffffff9, 0x5, 0x7, 0x8000, 0x0, 0x8, 0x0, 0x6, 0x5, 0x2, 0x2, 0x0, 0x1, 0xae9, 0xb07c, 0x13d2, 0x4, 0xfffffffe, 0xa1ef, 0x9c76, 0xf, 0x2, 0x6865e652, 0x10001, 0x0, 0xcb93, 0x1, 0x2df8, 0x2, 0x3, 0x8, 0x7f, 0x43c2, 0x9, 0x24, 0x2, 0x7, 0x3ff, 0x0, 0x5, 0xa000, 0x964, 0x1, 0x8001, 0x1, 0x7f, 0x6, 0x4, 0x0, 0x0, 0x8000, 0x1, 0x100, 0x800, 0x7, 0x2d0f, 0x6ea, 0x1, 0x34cd, 0x8, 0x8, 0x9, 0x10000, 0x7, 0x9, 0x5, 0xfffffffa, 0x9, 0x81, 0x11, 0x2, 0x10000, 0x8, 0xffffffff, 0x6, 0x200, 0x8000, 0xad, 0x9, 0x7fffffff, 0xa5, 0x101, 0x0, 0x7, 0x10, 0xa3, 0x7fffffff, 0x5, 0x2, 0x200, 0x8001, 0x0, 0x3, 0x4, 0xfffffffc, 0x4, 0x7, 0xfffffff8, 0x5, 0x0, 0x3, 0x0, 0x1, 0x100001, 0xa, 0x0, 0x0, 0x75, 0x101, 0x69cba428, 0xfff, 0x9, 0x9, 0xfffffc00, 0x1, 0x2, 0xf, 0x6, 0x208, 0x4, 0xc, 0x2, 0x37e, 0x14000, 0x3, 0x8000, 0x0, 0x0, 0x77ef, 0x800, 0x8, 0xffffffb2, 0x7ffffffe, 0x202, 0xc, 0x9, 0xfffff000, 0x7fffffff, 0xffffffff, 0x5, 0x1, 0x1000, 0x1000, 0x10, 0x9, 0x9, 0x1ff, 0x7, 0xfffffff9, 0x3, 0x80000000, 0x7, 0x40, 0x9, 0x1, 0x7, 0x0, 0x352, 0x0, 0xa, 0x3ff, 0x7, 0x2, 0x200001, 0x10001, 0xfffffff7, 0x0, 0x7, 0x8, 0x4, 0x9, 0x1, 0xe3, 0x5e48, 0x7, 0xffffffff, 0x8001, 0x805, 0xfffffff7, 0x9, 0x5, 0x3, 0x9c, 0x1, 0x2c, 0x3, 0x9, 0x7f, 0x35, 0x8d, 0x0, 0xffff, 0x6, 0x81, 0xdae, 0x8, 0x0, 0x8, 0x9, 0x0, 0x7, 0xed9a, 0x800, 0x8, 0x8, 0x8, 0xecc, 0x4622, 0xffffffc0, 0x1, 0x1, 0x1000, 0x101, 0x6, 0x6, 0xfff, 0x5, 0x0, 0x3, 0x2, 0x6, 0x9, 0xf, 0x2, 0x5, 0x0, 0xc, 0x1cd30080, 0x9, 0xf, 0xf5b, 0x8, 0x54, 0xfffffffe, 0x3, 0xbc, 0xe]})

21m34.674472984s ago: executing program 4 (id=3575):
r0 = socket$inet(0xa, 0x801, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
writev(r5, &(0x7f0000000940), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f00000001c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
sched_setattr(0x0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r7 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0xc)
accept4(r0, &(0x7f0000000280)=@l2={0x1f, 0x0, @fixed}, &(0x7f0000000200)=0x80, 0x800)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x42}, 0x20)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)

21m32.797969154s ago: executing program 4 (id=3580):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
syz_clone3(&(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0])
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)

21m29.967865157s ago: executing program 4 (id=3585):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8923, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, 0x0)
r2 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)

21m13.918658016s ago: executing program 33 (id=3585):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8923, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, 0x0)
r2 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)

3m52.224844263s ago: executing program 6 (id=8087):
r0 = socket$inet(0x2, 0x3, 0x4)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000003c0)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp={0x44, 0x14, 0x14, 0x0, 0x3, [0x8000000, 0x9, 0x7ad4fe9f, 0x5]}]}}}], 0x28}}], 0x1, 0x40)

3m52.05830337s ago: executing program 6 (id=8088):
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) (async)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000000), 0x4)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000040)={0x29, 0x1, '\x00', [@generic={0xe}, @pad1, @pad1]}, 0x10)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x400000, 0x80)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000001c0)={'ip_vti0\x00', &(0x7f0000000100)={'ip_vti0\x00', 0x0, 0x40, 0x0, 0x0, 0x2, {{0x19, 0x4, 0x3, 0x4, 0x64, 0x67, 0x0, 0x2, 0x2f, 0x0, @broadcast, @empty, {[@rr={0x7, 0x7, 0xfd, [@empty]}, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @generic={0x9cb86f0df35d912f, 0xd, "0b8e41bb88a1a6de637101"}, @timestamp_prespec={0x44, 0x14, 0x61, 0x3, 0xd, [{@local, 0x7}, {@remote, 0x7}]}, @timestamp={0x44, 0x20, 0xa1, 0x0, 0x0, [0x8, 0x200, 0x2, 0x4, 0x6, 0xffffffff, 0x2]}]}}}}}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000001c0)={'ip_vti0\x00', &(0x7f0000000100)={'ip_vti0\x00', <r1=>0x0, 0x40, 0x0, 0x0, 0x2, {{0x19, 0x4, 0x3, 0x4, 0x64, 0x67, 0x0, 0x2, 0x2f, 0x0, @broadcast, @empty, {[@rr={0x7, 0x7, 0xfd, [@empty]}, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @generic={0x9cb86f0df35d912f, 0xd, "0b8e41bb88a1a6de637101"}, @timestamp_prespec={0x44, 0x14, 0x61, 0x3, 0xd, [{@local, 0x7}, {@remote, 0x7}]}, @timestamp={0x44, 0x20, 0xa1, 0x0, 0x0, [0x8, 0x200, 0x2, 0x4, 0x6, 0xffffffff, 0x2]}]}}}}})
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000200)={@local, r1}, 0x14)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000240)={<r2=>0x0, 0x1, r0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000280)) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000280)={<r3=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f00000002c0)={<r4=>0x0, 0x1, r0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000300)={<r5=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000340)={0x0, 0x1, r0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000340)={<r6=>0x0, 0x1, r0})
ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f00000003c0)={&(0x7f0000000380)=[r2, r3, r4, r5, r6], 0x5})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x800, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000480)={0x4, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0]}) (async)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000480)={0x4, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0]})
ioctl$VT_GETSTATE(r7, 0x5603, &(0x7f00000004c0)={0x4, 0x3, 0x3ff})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r0, 0xc02064cc, &(0x7f0000000500)={r6, r6, 0x8, 0xffffffffffffffff, 0x1}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r0, 0xc02064cc, &(0x7f0000000500)={r6, r6, 0x8, 0xffffffffffffffff, 0x1})
r8 = syz_open_dev$evdev(&(0x7f0000000540), 0x7, 0x440241)
ioctl$EVIOCSKEYCODE_V2(r8, 0x40284504, &(0x7f0000000580)={0x55, 0x15, 0x2, 0x8, "f97875f9bba9ac7e48ba95ea9833920a9079343db4237f59d26a192d574b0f6f"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0x8, &(0x7f00000005c0)=0x1)
r9 = syz_clone(0x80000, &(0x7f0000000600)="53daa13058dd27073be6084c92067502ce6dda023094d6137686a19663e011c092cc17", 0x23, &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="389d556592012ada3333e6fc627f1ffc4d84c36230c8d71c9310fab646365f15805000b6791605334fcec3c052a20568e0b4f83ca8c1642cb4ecdb87eb114a2d6628eeed6e18a71e3da48897993d79f58fb41d77848e35ce3229bdb09ea3088777fd51d8f93acef0fbe1e8ddfec7275bd803e1d75d1909697f7a66987ec1477a9592ee1219b7d8c3e6b39ac0a76ade67143707fe02a51b9c98a4620e582160e37fe495a8b345d3e301a7328030ac99c1437f4cf9de6ea764c30c525a06ad1d3d3b1698c13b789a0121cd46d0a249602682efdd88732d343f386115b66b95ba79738c24e094c9c909bfba584fd1383be139a45b25f463")
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000800)={r9, r0, 0x0, 0x7, &(0x7f00000007c0)='].#-&\xcd\x00'}, 0x30)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001a00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000019c0)={&(0x7f0000000880)={0x1118, 0x14, 0x200, 0x70bd29, 0x25dfdbfb, {0x5, 0xf7}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "63f8ff18496192b11344959999fa024b98cc74fbb08f67940a6c23d275ba749681ff67b7b4ccc5c1c191186add22417b3473b27421c36ec6a5817716421fc5caa2d3c471f3f4d15bffd7518839c725024337f50728755fde67a532dc2c86566d95ab05d8edea91953a2823d94342c479bcd935833831275a40612f12f6740e7c4348d93429a4c03d6660d5a2137ecd9420a1712ad033756340e8882433c3e34834827e22b3f2e986e08a414812c355a5f1826442cc5b6de1104874bdb7a19ea9d1a23017ad1e5096cd7d5167c7829dfa838e63d2d4514fc4aa73108e78bfa7bea5182b2ee24c41707eaf020514f7cd28da8447c2832f8be1f09c50fbe49db889dafa9452503c4e91d3e1b1ec2f49fd2d677b1af650e6b7f844156e6fcdcde0feae18ec70493452c9c5d243406685b42addb85e7d3804cd7c3ad8974bbaabe501ced6791a55d5bbaa6e66e6a4cb2ffb4cb6b41df2d81be2bfca177f6fc5de50bc9b80b0ea97dd92d762f6da010f5644070c38b38c50eb3b6a8e74f713d4242aa1778401905c3b13ffb85a6b989271daa6fb048f53c9bc92d3571e389988c6198e3b8b7fd93e083a7365e50324bcd826f1a056e362a19787923a255d2449b9f6d5d59d1b25864ba767bf7ff0d980c3f4f9b07ec06e53c3b711d14517528994c86d9dcdee8955c42fd737d8a84fc6dad45d293ad2a5a16f70220448790cc5cf501df912bf29fb288bb0d55381888061160fab829775c164d1aceed1756fa0fb78772ca83bddcfd5b49786645cb59ae2da7fba4ffc9c4296e93e3f316969eb3b859842465e6601de0e6180a4b6bf0175180593f092df567022fac6f6b41ee165ca5f45b6cc66546acdf6035fb11869c72ae989107c607afe729c4485c950bb83edc60673ef675916acfdfba7ded43616a05f1529f92354ca01b8812f70adb8573b7d79c07683479b1791aba8a67260adc95dc53193a84e9ee6a21998c230ab1245bb9da52fd14c322dc1bb5dffa1670e32b2af0b215357aea6e8c9ee91e64d8e40374189b2e91213011d71a7e82bd15628e90e0ef7bfbdca276fc0bffcdb13aa2209e0a85d86978bf550ac45908bd01b74419f5d548c8469099cf94a10392a1e0be7b1db9a449412fb9e2a40383cf13ef6fb068f7a102f1e995e0a96f3d57441a08097e67ddee8840768ee42377e61b8635f1c8908e2968cbffefed0a09b5db9fef3002743e21ca502f5dc77e2e368df9331da60ac1c4d0b63110b71cf7ee54ac6d8017581c595cdc8376f88c62fd570aeca7e65f0276c2692e7d593f2987f1c176f358f444ef90f75701e68d43bddb3a4f23197b24f9e2a5ae2a92a176b51b06a65de761b2a85e0764998f49ad187ef1a51f450327fbc879dbc36b271d4c691b0a936b19b7d8f6aae5e423487245827353b3cd0dd7ca6a4e7583baa4070f2eae463758ee736c8f83e8d55c3e4b8b4399bc35fc30afe1e1e1e2f760a6ada45c6f149dfbb83dbd72cd0c91be92391fc1e17bb657249ed084b23cde44293c1d1baac93c9f518cfd45ff6d136b3e6baaf489ecabb6a8b1f4d59a60bb0674ffd4db1d65c72dcb2030a213c95527f5820fc73c8a976979c0547ed51f0c652e683dfe057bfd9163d7cf201a2e97667276960c0c98127fd11c35c7f0b0868d9f1b16a5a08f010ddcbf1067a87138c8c53f40d9821aa60c86e9abe1c0a3b66d387b6a1a712e9a8fdfd06b96c205e415a4281337b99f4755ad79629f77dbacf6244555574b520c5e4b88b95698499631487a8ea67f0c6d32fd4f04891222f8eb2e2407b94a5affcb3532517bd369201e21da11ebb47a994093736d4af9a572618f48fcbfaf538688e9456314be0d98d75abd1e97779a154000fda897d149ab8add0701f3d565844185c5c0109699574cd6d6418f9a4bba2c0b5d69afbcfb690328ff964d2527e7318f022aa43aa525141f31f18c1f376bac768366c13bd36e062b8823f085b7a8510dc3017428c7c31ff8fd8c1d6dc5d4e53266d9b8b5fad7f693d9baa01416167a4dcfa4863e8f94ba057526acdba257a18bf617dc67886e32c27b0ad0c8b22d2a4aa8a40c012e6b349b7ef9534d8ed49541a4b121c7d2bd010d828cbfa539b69f6206c63f12fec42959119c5033e3485b50b24b128505a2c56ad07c402d62655177dcdffbe01419862eebff32086d646ae02f24f72a0dfbc194e6e5289212520b034bd164af8334bc0e97c7fe54bea899a0d51dece08168cff4a72639921b052f07e9e4437dc56ce3fd128985478932922950200e862a53fb53e604ffc5d19498af67dced889247a75eb43330095b1427d170e41c872215cbb1c39e50a0bd2313da240633dddd92003f3b5a156c3c1eccffee47c3b1071bec4c160926d69a5536623facc915c96606623ede449ccfccbf2c32a54ee6f98619a9da504402a2c012c1cca83ba5bca053b4d242476b601b96ea9f27891b1d8389acc97d0edf3b20387d10c4cb506f393f77a39e8957b7a997bba7dec6ffa98c63447fb74cef44f1251a7119f393bdce67f4abb9fe6ad37eec3b23ce90af967151f19906605092ed444b5bc5f70d0e13aff9a82e9eb7d9680f7465db59404c79590153ef0350611ce4225a3ba62676b2a13a734d9545ff4df26e0c62f67676a09b07f4dbd3d0375467d47acbf377a63875c565d1c96a6f22281c0cb2d6830af3c6f05b63d2939fe3fd7d4485a21a1ff97088d05b15fab60d341182bbe77d79586f17313f2f7af08da482b00eee6d0853e2c29d95936280b66083cbef69b48edc8f06087c037c83f15bc156e6dff41c1da55b9b667f7b7e5f46a6389de41f13c2dbebe8c2c7ff03b12969fc134040ee2d8c7728d6dac4a410529f56c98ac63865dd193243a29f6e21f767602e1d46945381d86b1c92ef36f68d2b325d818bf1e090e2ff8c72b087fdb994ef2fcfbf1adb1cc0eaec43ff35383ee8fc8d9dc9ba1f21327667c3c87e78da164aa4fe481475d27a9db422f698cc6d967d7cc0bbd94c2d81a6b37b07ab40c5df4e08431a9ffcdf76f736d431449234970961f6017377cd6caa8e63dbcc6a2563ed715269c7c6f26eb849b8913c2994d28b21762372dffe17af09ed20ffd5151df5d639acea6d5581a0c686b8ad92a6f4a2ce8508b0f3a7d8c78d6b75072965c860b977fc0c363b333948755e80abd2cca5636df209e7df78f9fc072cae92396aac7c7bb1a113f21745fe2f041dc0a117a1cfc4575cca79a2805fbd6529ea82924c1fef542c4ec80be786e0626c2d5e2a0caf1506dcbdfd5c38af2f45bf59b859c36df33e3c55a5633536e7e2dc2ee858bc684aed42a477d63de9bb8f1f6da54fbdc7ddfd02f986c4c10fbf8b72162471e501a497c477ba4231eaa377e7cdd6eeb061007e8a4130d93ba51e5e76978bf99deeb7e99be1ee687d6797672e98ed906cf06f04251361758b39464d43dbde9b4f36b1aed320c8565dcbaa19ae105bef1e2157fce6241a6165444fec7ef2431180fc5ca05d75655a5d74a6be0d157711c0a6363b4136b91daa90f7ca972f35628b374c72efd32686a70bdc05428e291752577d8dfb7a60afc40fe6bd29e2a3bc2693e9e51a103b334665692f81b2535116902cccab4f9d173813c24e2b8a6e5e81a5d46e20bb44d087eaf36463b7eea500dc932124821988c2a82a9da505fff0e7a77d170108319e260d35fba40588e46c0ca9391adf2ba0bd18be6faf720cfc19388e0652d012c91863af2dad697d84aff25848eb4650255ec4d9da6e74e9093c31fcf26f1b243055be55a64c303c6b296dadc2b4a8b2d954c156cc9f5d71da2dfaca29134655d7dd4f01c4b61de219403d8ec624b59b660a70b232d61bb6c95bdeed213913a5b124d04bfb3d44c19129d416ecad3cec5c8121a5eb5041bc7083b6a7a9b31e93639c1e6cb424cc9312d3dd910449e231ded06fad083ed760a448c88ae06de9821fa9b120d6924ef0a9825030c4426fa1dbf9cd2e16b228a6f61faba8edb0531864949398c9678152cf17f991d0946bfe7e18fd498410367494087ecead0903fb0374c9c4d92fde60ac6d53692e3af32f778c550143cc451d3ab4206405f39471abf06a7dd84a3214491bf89cba552aebfa4008d60b4b0b937a33b50924f6e8a288d48e1a993426ceac773f702948148e59674d9131c53488f8c3645af0773c7ef0c31050763a44ad3f91fbf7cd22aa1b16e79cca83dada9fc72af4d5433deef7cd40bde8a9f0bcfa773a6c5d676279ece156332ec292b93e6f7fe1bda2de9b9569c42898d4744de21970f2cacccd14941eace25ba09ff367d259958c742502388faa7a894b289ac67ed5a0c57114785af753f99dafc8e56081a5df009e39b7c9ff40a08b3b3c294a67ac55e6ea147960c2f59c6e2ff8acf3de06546c81b3cae29589f5028c02495dc6fb85fcca1769a3bf035b86febbc38a97305748734e663665ecf58482f61fa633cad0ed0f5590abb9cfb2b8a962b89095eee066cd7599fb63e5437d49b339a0a446d6d62da7106165210f1bbf9f3427a653f446813179a2b4569d3935374e28e5057c9d65cf92dd3c0971800fe83740b67820025aad3563338a86ba77fd486f3fc9733dc0999e0456921a88571ee9c626b9275ebc7296aa329fbbd97af2cf2457dd1db4724b8164fa3b1ae53821f61800043b1bde1312fc616dbea701ce721cb81fd85ba129b07843005cbd6f66df64225dc2c20e84ba397fd79fe4cae49a768a55bccbadcb26044b20f68beb7ce8a9ce2e43ff9a08a7dd0cd1625082fc8bcfd7bb9758b663e5a9b2f5270d416362fda69f76766ab3a9895d603432193dbc6d1ce7712b9ae2e03230330b1c46bb9d15c5df63be9d527df5405d588c103ac577a88f80c10b29640814513ec78d7037ddb9231573df21a213e63ef5d84b9e0fd08509cd22717450f12f1967e0f58a5478dd05697290fa413edd968759da31fc705cbf04da5775893fb33c6092057390b2a2e4c2a834a94c16d8d4aca3cc7ded963d663950a6c0f0f0118020edaebf7bc7e7cc280e2baeca72381a8b811f8cdf35ba0c0c084e882e39d40e383281ec5e3937ace52b9990218db8f0f906be1c5156ae8eab2a348861ab9fb30652778422f9e67c035f9a49609fd873c9cb00295ef22ab0e910ccbe9cc679ff2d12e086546e196d481b8db8ac75443d8e7225dc29e1d34764e78ad30e90dd570de3fb0e9e3e02ebf81f5542acef72d0ce36487ff604b21bc65dc316c330fadcbb7874cd3ea37dfcfc1284c60c09920963cac9c6de0ec94f1fdf9b48d5512741b5e4841f189710ec424060d7aac6de249dead705308833adf278c831a5fafe905f20cc82d2826f4d15c24ff170ed24f6a9aa554f24350979baf05f451ab137d7f06c32f09593ea31acba821073b556beb95624ecd860cd54698dddbe8bf67bb99a8b7946cd95adda0e56b583fb61b46ab8a03fca4b8e02baeaa5c53794781fd389402597d2880fd5dd679cdb32a43b4b9c715546a88ad7042085ab1bbe6acaf358f1fd06416f0655dcc723dfab0e2428963ed152930c7df1c8f9454e20ef75a0eaedd905304c4f9609636c450c8e687d3bc8d885752883cfa795ea8b56f800795ca9b33119c422f61b50567af3c0125d3d4e65008d065f1555a2866a7fcf0eb906a52e3cc474ae3fb58a8334c232c16b73df22307c358e9207dd234119daf9e930d4a6741af667a76c9fcb4636e658471c7f6b820a7b11f01e10ebb3f9854e53ce372a8d1ced681eed9a21f16900e03db03bfa32d"}, @INET_DIAG_REQ_BYTECODE={0xe6, 0x1, "ed311a2cebe9faee07955a57626d70a881eed599cf31364cd65c72a44a2b465cc3eb3ae9e14fcce23c08cfe62c5531f4f114e7d4ccc7745ce032e1fee392674389dcb44245c393b30d10e8056ff124c24758de6755674787ecc3bfb6b026e1b4f52098f0c5c6b181b3f9bdab9632d628966cbe9e06ea798fa2a5bdecafab04dfbdde0ac316ecfb35cfb8f6b94872f41ef4b1b2f6bca346cd3122334751c16e80ef3317dbf3f601dc4c97ea6739730d36b22efb3fc8d3b3c81482e97bc0327405d91d5af89cf4f7eddc06e8f2176a16d2fd0309cbbb82f8944ac78cd122df53fa69e7"}, @INET_DIAG_REQ_BYTECODE={0x17, 0x1, "c9a2578780e0292e6e7bd9b9eb21e980df89bd"}]}, 0x1118}, 0x1, 0x0, 0x0, 0x20000080}, 0x2000)
sendmsg$key(r0, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000001a40)={0x2, 0xe, 0x0, 0x9, 0x1c, 0x0, 0x70bd25, 0x25dfdbfc, [@sadb_address={0x5, 0x6, 0x33, 0x80, 0x0, @in6={0xa, 0x4e22, 0x0, @loopback, 0x7}}, @sadb_lifetime={0x4, 0x3, 0x100, 0x1d786be6, 0x2, 0x1}, @sadb_lifetime={0x4, 0x2, 0x8, 0x7, 0x3c37}, @sadb_x_policy={0x8, 0x12, 0x4, 0x4, 0x0, 0x6e6bb5, 0x5, {0x6, 0x32, 0x2, 0x9, 0x0, 0xcc16, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@rand_addr=0x64010100}}, @sadb_x_filter={0x5, 0x1a, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x14, 0x3c}]}, 0xe0}}, 0x10)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001bc0), 0x2, 0x0) (async)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001bc0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000001c40)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001c00), 0x2, 0x5}}, 0x20)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x100000000, &(0x7f0000001c80)) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x100000000, &(0x7f0000001c80))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001cc0)='./cgroup/syz0\x00', 0x200002, 0x0)

3m48.745768834s ago: executing program 6 (id=8097):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000240)=0x2)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x24d417d6, 0x3, 0x800, 0xe26}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendto$packet(r3, &(0x7f0000000400)="9b491334537b8c57b9d2d2b74ece247b5dd4526cebd4f29c46", 0x19, 0x44000, &(0x7f0000000440)={0x11, 0x1b, 0x0, 0x1, 0xfd}, 0x14)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_genetlink_get_family_id$team(&(0x7f0000000180), r3)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
syz_open_dev$sndmidi(&(0x7f0000000380), 0x7, 0x2000)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0xfff3}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x4e}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000001c0)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000026c0)=ANY=[@ANYBLOB="00585def", @ANYRES16=r6, @ANYBLOB="00042dbd7000ffdbdf250100000008000100", @ANYRES32=r9, @ANYBLOB="7c000280400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400fdffffff08000600", @ANYRES32=r10, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c0000000000000005000300030000000800040002000000"], 0x98}, 0x1, 0x0, 0x0, 0x804}, 0x801)
r11 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_NESTED_STATE(r11, 0xc048aeca, &(0x7f0000000640)={{0x3, 0x0, 0x80, {0xeeef0000, 0xdddd0000, 0x2}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606000000000000007fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c0000e5c8d8f8fa71ad876b96069f2e4352c8aa716e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0531d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fc0987c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1df5dcf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7cab3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992543d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b968101108e7c4c956c03649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa398b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85e0a816fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03459e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bf07005bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c2c93b9f922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c8abac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e543178502e59b927c7015436237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e1483a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
syz_open_dev$loop(&(0x7f0000000080), 0x2000000000000006, 0x80100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd8e3fe3dc4e48aa31086b8703300000001f00000000000000040014000d0029", 0x27}], 0x1, 0x0, 0x0, 0x1f000801}, 0x41040)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000007600000024001280090001007866726d0000000014000280080001000400000008000200020000000a0002"], 0x5c}}, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[], 0xfe33)

3m47.241309909s ago: executing program 6 (id=8103):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)
ioctl$HIDIOCGREPORTINFO(0xffffffffffffffff, 0xc00c4809, &(0x7f0000000280)={0x1, 0xffffffff, 0x6})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000000c0)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0xf, 0x400000000000, 0x25, 0x7, 0x8, r4, 0x0, 0x0, 0x40000000000e7, 0x0, 0x2}])
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x4080, 0x0)
r8 = accept4$inet6(r7, &(0x7f0000000340)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000440)=0x1c, 0x180000)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x40040)
sendmsg$NFT_MSG_GETOBJ(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x1c, 0x13, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x1c}}, 0x4040040)
sendmmsg$inet6(r1, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)="4554df65be81a0bf753342fec58b35816e9154600cefc69700540e516557eb313ac29b85ff9538e6956351ed22ea299d7ac38f20c069edfd453512bde2369d5be8c3b82a6bbef5666c8f48599cdfcf217bd867f899d76cccb27f7d4e74126ec1a2d996dc9eb58b6c197a893c2f502ae01ef6febc77a35dbb74fbfbafb616e3c1330e40c0357f660fe90484080a7dfe6612768a5b203c355e8365c4216a0734bce00536bdc03a555b904a149c5e203ee6ed0d796452788e6fe8ff56c952a1e2cb78e0170c41c692c21eeb382ee7e6dba91e732e9a4b9012326ee0", 0xda}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x48800)
syz_usb_disconnect(0xffffffffffffffff)
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x4080)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r10, 0x54a2)
r11 = open(&(0x7f0000000280)='.\x00', 0x0, 0x40)
fcntl$notify(r11, 0x402, 0x8000003d)
mkdirat(r11, &(0x7f0000000200)='./file1\x00', 0x0)

3m45.663252708s ago: executing program 6 (id=8111):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x69, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000940)=""/268, 0x10c}, {&(0x7f0000000d00)=""/214, 0xd6}, {&(0x7f0000001100)=""/4059, 0xfdb}, {&(0x7f0000001000)=""/199, 0xc7}, {&(0x7f0000000e00)=""/203, 0xcb}, {&(0x7f0000000380)=""/232, 0xe8}, {&(0x7f0000002100)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/199, 0xc7}, {&(0x7f0000000540)=""/167, 0xa7}, {&(0x7f0000000240)=""/185, 0xb9}, {&(0x7f0000000480)=""/89, 0x59}, {&(0x7f00000006c0)=""/191, 0xbf}], 0xc}, 0x40010100)

3m45.244554149s ago: executing program 6 (id=8114):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x198b, 0x10100, 0x0, 0x3aa, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = msgget$private(0x0, 0x100)
msgsnd(r5, &(0x7f0000002900)=ANY=[@ANYBLOB="03000000000000002c5b92fe53d0a8d45c8df77b3a5b24f5b5f47fb21e984f7cd98be58672f21c05d89a28dd30d16695fd88872467e730c5c5b07c0baad7f374dbe55481983863b91989f7f9e702207af9ed03c1ce4f6eb9b24a840cf9e71f78cba191462144280a2866a9e564cdf705a0dcf7833ebd4d2f23d396cbe8ffa41ecb67a470e3bb3037a146b21a2af740178582259f87014c3647901b3c888b71cb87bcb145a83f4429394c319164566ac0c8821c5827f7c81d9a289c18b0808e9046145a3890f5273bab59211376b73224dc2cfc9a99c36c8266430e1877aa8fb26ccbdee4c77a0de31deb8729c07d000f3714455c7db1999b623eee354be50ae48db0bc57b0d663aeabe13198305efa3c242b6b1745acf3aaf07f57727548163f83393600bc81201c2792b82cc5cdaa5ba4ae7ecdb2db7defa75da39bfbcdc1c139ac6f945758e6f536796ee758ebc486b289244942a2db4721deede70ef5b975e2ef6f72e7530e2a48d4cbb74ce7a376939ddd77cdc6aab076c17bba11ad81fb16f5308e8d397bd797b54a9fbb2f8b96b982a5775124bd1a73d659d8ec88148e5c9ee4f6156071adb66ee79e19cc753724cc31b5883b7a8c0d2921aff7103de65c90b97e4acd5e18bb3f373b9cd32f6a03476d6324645fcc44adad16f2bf3935232b2d33e68f16882e264d01064d9d74bdd36d1a43a6157875309e8ca7d23e87d44ae57f8db8a005f6833f75016ee942f226686cd342e11cc3b035d815c3935d0104783cb3d4bc70c2f1a377ef865b1ae7f1f8da4bd85a748b24a592b020891acd6f1bd1f6462e0fa5bd704dd94e254a60f7da2794abd16fa208a2b3dd40b8b6c91502da6aa9ce0b49c30dc886e94f9c637d0279234f69e9cc824a9f9eab8b78437f839d19c2d33b26f3a4aee997de0a3a9f4e850f2672de91b03e4199a231ac11b370a8381f742bd42521dde5e5703306273f763c36a499b7dfd591847d9a037761fb6b5fe63259896d3cc5a92839c7f8c7bc30fdb87bdf10e20528f85eee2e898e505d85ea55c7ca6f8188c99203ac65ab028c3ec8537a4bab01abe8df789fce5bb267737e936ba40834855589736b9ddd9610593ba55853cc171a5f40b81dadc741a2dd608977251c67cf5265066c064d9f29f444f08d6e220f930856207a4fc954dfdc2aa0af045c2a1e053e37c88af310ed50b4cfc7930d6394c7fb0579ff5b20d729a71c91bd509ea2e50aad1f878523463eda57c4199287f9265289cef64c4e38da47adee287055d8f54bb6f9f7082b8046d62be6d974dfee3b99784d3a02f5b7507c2bf332711bba305d6d13954282a390ec2872ce52c84d25b38f2c29a797eb21f3a2df1b207382561df9ec9432cc14a99ac51ded0afd4e4a2ea0504c9500100000000000002726bbed0eeabf92a5d44b36b68697"], 0x2000, 0x0)

3m44.270560913s ago: executing program 34 (id=8114):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x198b, 0x10100, 0x0, 0x3aa, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = msgget$private(0x0, 0x100)
msgsnd(r5, &(0x7f0000002900)=ANY=[@ANYBLOB="03000000000000002c5b92fe53d0a8d45c8df77b3a5b24f5b5f47fb21e984f7cd98be58672f21c05d89a28dd30d16695fd88872467e730c5c5b07c0baad7f374dbe55481983863b91989f7f9e702207af9ed03c1ce4f6eb9b24a840cf9e71f78cba191462144280a2866a9e564cdf705a0dcf7833ebd4d2f23d396cbe8ffa41ecb67a470e3bb3037a146b21a2af740178582259f87014c3647901b3c888b71cb87bcb145a83f4429394c319164566ac0c8821c5827f7c81d9a289c18b0808e9046145a3890f5273bab59211376b73224dc2cfc9a99c36c8266430e1877aa8fb26ccbdee4c77a0de31deb8729c07d000f3714455c7db1999b623eee354be50ae48db0bc57b0d663aeabe13198305efa3c242b6b1745acf3aaf07f57727548163f83393600bc81201c2792b82cc5cdaa5ba4ae7ecdb2db7defa75da39bfbcdc1c139ac6f945758e6f536796ee758ebc486b289244942a2db4721deede70ef5b975e2ef6f72e7530e2a48d4cbb74ce7a376939ddd77cdc6aab076c17bba11ad81fb16f5308e8d397bd797b54a9fbb2f8b96b982a5775124bd1a73d659d8ec88148e5c9ee4f6156071adb66ee79e19cc753724cc31b5883b7a8c0d2921aff7103de65c90b97e4acd5e18bb3f373b9cd32f6a03476d6324645fcc44adad16f2bf3935232b2d33e68f16882e264d01064d9d74bdd36d1a43a6157875309e8ca7d23e87d44ae57f8db8a005f6833f75016ee942f226686cd342e11cc3b035d815c3935d0104783cb3d4bc70c2f1a377ef865b1ae7f1f8da4bd85a748b24a592b020891acd6f1bd1f6462e0fa5bd704dd94e254a60f7da2794abd16fa208a2b3dd40b8b6c91502da6aa9ce0b49c30dc886e94f9c637d0279234f69e9cc824a9f9eab8b78437f839d19c2d33b26f3a4aee997de0a3a9f4e850f2672de91b03e4199a231ac11b370a8381f742bd42521dde5e5703306273f763c36a499b7dfd591847d9a037761fb6b5fe63259896d3cc5a92839c7f8c7bc30fdb87bdf10e20528f85eee2e898e505d85ea55c7ca6f8188c99203ac65ab028c3ec8537a4bab01abe8df789fce5bb267737e936ba40834855589736b9ddd9610593ba55853cc171a5f40b81dadc741a2dd608977251c67cf5265066c064d9f29f444f08d6e220f930856207a4fc954dfdc2aa0af045c2a1e053e37c88af310ed50b4cfc7930d6394c7fb0579ff5b20d729a71c91bd509ea2e50aad1f878523463eda57c4199287f9265289cef64c4e38da47adee287055d8f54bb6f9f7082b8046d62be6d974dfee3b99784d3a02f5b7507c2bf332711bba305d6d13954282a390ec2872ce52c84d25b38f2c29a797eb21f3a2df1b207382561df9ec9432cc14a99ac51ded0afd4e4a2ea0504c9500100000000000002726bbed0eeabf92a5d44b36b68697"], 0x2000, 0x0)

8.03277315s ago: executing program 7 (id=8863):
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x200)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write(r0, &(0x7f0000000680)="ee40a7761e9508745cec1b9be97aad5d8294e67b2eea7a92394b60c0a8de0b3316420e5a67c226d9addeb539cecafbd707699bf7882f5d95480f74d161cb12172e7951b3095b5912c5e5c97d3f248b37088a70bb5b81cd9399da9098787d745719f4193182806bf456be76f5e5f6e3c03ae0f3419c8cbe00000000000000051d4bbfbdd4cf45ce7500041e1d0919d008b1e7fd732ce672f4dcc700c66451dbf3c3ad34c64188b6cfd06d4d6919de7c3dbd41d9e6c0deffbe205fdc4d640f7383a344a26ca2c8bef66840a090ff75bb2ec60a9690b7bf29f40d976ef55a", 0xdd)
r1 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x6)
capset(&(0x7f00000002c0)={0x20071026}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x2, {0x0, 0x1}, {0x47, 0x2}, @cond=[{0x84, 0x3ff, 0x404, 0x4, 0x1, 0xd}, {0x0, 0xa0, 0x1, 0x5, 0x800, 0xff01}]})
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$evdev(r2, &(0x7f0000000400)=[{{0x77359400}, 0x14, 0x1}], 0x18)
ioctl$EVIOCSMASK(r2, 0x40104593, 0x0)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x12d8)

7.848388365s ago: executing program 5 (id=8865):
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000002c0)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})

7.724747203s ago: executing program 7 (id=8866):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x5, 0x3, 0x7fff0000}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0x4000})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

7.662793434s ago: executing program 5 (id=8868):
writev(0xffffffffffffffff, &(0x7f0000002480)=[{&(0x7f0000000140)="46baf28e2824057e0a9c81b5b5e7dd95bf3cd3a462421d8882e4422ed707e6deec50ee46931af177f360643af232edce918a8e50c4af52627e8133cb04f6abfe2d15c8776364935cd0f2d02d5ec6bb09d1a450d09e2e8c63bd767e63ef68743f4aa814088ae57551f6d1f9f8382e1bc94f50db9a0f21d0054862388007646a0a081a2a64af7c7cc37843a013302ce21a355afdfa9949b69622df7024936f431806c3fc6ddde0ab0be39ae31434e5704bff151c3844c7c8c9685bdf00785000b9bcd68d5bce143e65a66eb57e628160484cb67f20d8089c9627d0c46835662895ee567ff2fe7ba22dcc1615685fb6115eb330584ad9ed4e3b5c098ed275ea4d83fdda1878e3234c5da335dcd1b6ccfa9161873bec1818d9e0cae70472ed99100c590dbe300d4b15678bc6b43227e06b427bcf4705e625dd1780f8266306b506dc294cd853b3eff606d1e09bfbf356fe124e48c51923e88653f24a7c4e61008aea56b449c567b0b995a995eaeb40f7e5cc7c804326665e7f4f8f15373b73104c35d437739087a1a3f69c1acb712bb6ab1692b4bf860c3543901e231184f36134a561ebb48238d8eedafb793250ed9377dbc9b6c2982352e4f171dbdda1af684abc88c23c7005fefc7cc300815534e3375085d616912b141fee71a9400ab47168289533e5ea4e3806439777b7530676220e325df70753f913eb66b117a1b01e9d584a45f8832ed820e0a33d439dc4619b7d27457f27e7d9a5094ef5ca5cf1ddba64b5a0df6f6ddbd6c234e817b37d3aabc467ae599de8aea90f18673a7194fe74ff37171a798720f50cd051e244a0a9d24b3ad90fb5908ce2e30a74e15210116d44cc40", 0x262}], 0x1)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
pselect6(0x40, &(0x7f00000002c0)={0x4, 0xffff, 0x645b, 0x5, 0x854c, 0x5, 0x67, 0x5}, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

7.38910036s ago: executing program 7 (id=8871):
syz_open_dev$dri(0x0, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd0900300003003000000060ce902d9f0c2f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022eb"], 0xfdef)

7.044084856s ago: executing program 7 (id=8873):
syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r1 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x930, 0x2000000, 0x24132, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
memfd_secret(0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
r4 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
r5 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000003)
write$binfmt_format(r1, &(0x7f0000000100)='-1\x00', 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="0000040000000b0f0667"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6.516868894s ago: executing program 5 (id=8875):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x7, 0x0)
ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, 0x0)

6.443426855s ago: executing program 5 (id=8876):
socket$packet(0x11, 0x3, 0x300)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
socket(0x200000100000011, 0x3, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x6}, 0x94)
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_DEVICE_INFO(r4, 0xc1007c00, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r7=>0x0})
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000180)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27"})
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='sched\x00')
writev(r9, &(0x7f0000000000)=[{0x0}], 0x1)

5.573189013s ago: executing program 1 (id=8880):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f0000000000)={0x0, 0x2, 0x808000, 0x0, 0x0, 0x8fe0, 0x7})

5.347515581s ago: executing program 1 (id=8882):
r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x400, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000280)={0x1, 0x0, {0x0, 0xfffffffd, 0x10, 0x6}})

5.024715351s ago: executing program 1 (id=8885):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)

4.275064394s ago: executing program 5 (id=8891):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f00000002c0)={0x0, 0x0, 0x2, 0x1, 0x7})

3.476677728s ago: executing program 5 (id=8894):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
getdents64(0xffffffffffffffff, &(0x7f0000000f80)=""/4096, 0x1000)
open(&(0x7f0000000080)='./file0\x00', 0x1635c0, 0x8)
syz_usb_connect$cdc_ncm(0x6, 0x0, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = memfd_create(&(0x7f00000006c0)='\xd1\xbd\x01\x9b\xd4\n\xa6\xb7\xa9kE\x10Bx\xd0\x05\xe9\xd57\xc9\xc3\tC8\xa0F\x91\x9e\x98\x17\xa9\xb7\xc5<V+K\xd4A\x9e\xc6:\xd8z\x05\xe0O\xf4\x0e\x91\xc9\x82oT$9\xbb\xb5g2V\x89\xdbT5d\xa8\x86\x1b\x91\xde8v\xd4~\xd224\xec\x86\xfb8\xfb[\xbd5?\x10\x18bz\x1d(\xa0o\x00\x1aE\x96\x1d\x0f\xd7\x8b\xcd\xd9\xdfG\xab\xdf\xf8 \x1c\a\xd9\xc8\xa0@\xbal\x8c#!q>\xac\xafv\xff\x81/\x00\x98\x89\xeb\xb1Ot\xc5h\xc4f\xdf\x832\xc3\x9bW\x89<7\xf9\xfc\xf8\x89\x1e\xe5\xf6.\xa0\xfc\xc7\xf3\x01,\x17\xd4\xec3\x17\xe8x\xca?H\x813\xc0o57d\x82 \x89K\x14Dr\xe4\xc0K2\xd7\x12bu\x9ao\xf8H\xa6\xbf\xea\x11T\xcf*\x10\x9d', 0x4)
fstatfs(r7, &(0x7f00000003c0)=""/146)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x1)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELFLOWTABLE={0x14, 0x18, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

3.291625669s ago: executing program 7 (id=8895):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x20004e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x2000000, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)

3.244322353s ago: executing program 0 (id=8896):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f)
read$dsp(r1, &(0x7f0000000b80)=""/4112, 0x1010)

2.827860293s ago: executing program 0 (id=8898):
r0 = socket(0x2a, 0x2, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

2.757132249s ago: executing program 1 (id=8899):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.64362303s ago: executing program 0 (id=8901):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000010"], 0x7c}}, 0x0)

2.511377707s ago: executing program 1 (id=8903):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r3, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r3, 0x0, 0x20000044)

2.312665743s ago: executing program 0 (id=8904):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xfd, 0x1, 0x3100}, [@RTA_DST={0x8, 0x1, @loopback}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

2.236011445s ago: executing program 0 (id=8905):
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x1e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000098", @ANYBLOB="0000000000000000b702000014000000b7030400000000008500000083000000bf09000000000000550901000000000095000000000000008520000002000000d72b10"], &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0x9, 0x5, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.484800905s ago: executing program 2 (id=8907):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0xb, 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

1.357556196s ago: executing program 2 (id=8908):
r0 = syz_open_dev$loop(&(0x7f0000000300), 0x2, 0x2002)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000880)="d3ff2f", 0x3}], 0x1)

1.176637959s ago: executing program 0 (id=8909):
r0 = inotify_init()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = getpgid(0x0)
fcntl$setownex(r5, 0xf, &(0x7f0000000140)={0x2, r6})
fcntl$setsig(r5, 0xa, 0x1d)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="070000000400000008000000", @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r8}, 0xc)
sendmmsg$unix(r4, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4000}}], 0x1, 0x40015)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)

1.12490108s ago: executing program 2 (id=8910):
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x3, 0x0, 0x8}, 0x20)

828.632565ms ago: executing program 7 (id=8911):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20, 0xfffffffffffffffe, 0x0, {0x0, 0x0, 0x7}}, 0x0})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"])

706.843602ms ago: executing program 2 (id=8912):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="0f38", 0x2}], 0x1)

448.80169ms ago: executing program 2 (id=8913):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e6574000000000c0007800800124008000002050005000a0000000500010006000000"], 0x58}}, 0x0)

330.721405ms ago: executing program 2 (id=8914):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x4, <r5=>r3})
ioctl$DMA_BUF_SET_NAME_A(r5, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000080)=0x2)
syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc0000000109021200010000000009"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

0s ago: executing program 1 (id=8915):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xfd, 0x1, 0x3100}, [@RTA_DST={0x8, 0x1, @loopback}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

kernel console output (not intermixed with test programs):

5]  ? xfrm_policy_alloc+0x78/0x2b0
[ 1610.501719][ T1025]  xfrm_policy_alloc+0x78/0x2b0
[ 1610.501740][ T1025]  xfrm_policy_construct+0x39/0x6b0
[ 1610.501765][ T1025]  ? aa_get_newest_label+0xf7/0x5d0
[ 1610.501795][ T1025]  xfrm_add_policy+0x267/0x800
[ 1610.501819][ T1025]  ? rcu_is_watching+0x15/0xb0
[ 1610.501850][ T1025]  ? __pfx_xfrm_add_policy+0x10/0x10
[ 1610.501871][ T1025]  ? apparmor_capable+0x137/0x1b0
[ 1610.501904][ T1025]  ? __nla_parse+0x40/0x60
[ 1610.501935][ T1025]  xfrm_user_rcv_msg+0x7a0/0xab0
[ 1610.501963][ T1025]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1610.502024][ T1025]  ? __mutex_trylock_common+0x153/0x260
[ 1610.502048][ T1025]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1610.502072][ T1025]  ? rcu_is_watching+0x15/0xb0
[ 1610.502101][ T1025]  ? trace_contention_end+0x39/0x120
[ 1610.502126][ T1025]  netlink_rcv_skb+0x208/0x470
[ 1610.502150][ T1025]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1610.502173][ T1025]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1610.502210][ T1025]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1610.502230][ T1025]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1610.502253][ T1025]  xfrm_netlink_rcv+0x79/0x90
[ 1610.502275][ T1025]  netlink_unicast+0x75b/0x8d0
[ 1610.502305][ T1025]  netlink_sendmsg+0x805/0xb30
[ 1610.502336][ T1025]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1610.502361][ T1025]  ? aa_sock_msg_perm+0x94/0x160
[ 1610.502386][ T1025]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1610.502410][ T1025]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1610.502432][ T1025]  __sock_sendmsg+0x219/0x270
[ 1610.502464][ T1025]  ____sys_sendmsg+0x505/0x830
[ 1610.502492][ T1025]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1610.502524][ T1025]  ? import_iovec+0x74/0xa0
[ 1610.502546][ T1025]  ___sys_sendmsg+0x21f/0x2a0
[ 1610.502571][ T1025]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1610.502628][ T1025]  ? __fget_files+0x2a/0x420
[ 1610.502648][ T1025]  ? __fget_files+0x3a0/0x420
[ 1610.502679][ T1025]  __x64_sys_sendmsg+0x19b/0x260
[ 1610.502706][ T1025]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1610.502738][ T1025]  ? __pfx_ksys_write+0x10/0x10
[ 1610.502753][ T1025]  ? rcu_is_watching+0x15/0xb0
[ 1610.502786][ T1025]  ? do_syscall_64+0xbe/0x3b0
[ 1610.502818][ T1025]  do_syscall_64+0xfa/0x3b0
[ 1610.502845][ T1025]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1610.502871][ T1025]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1610.502890][ T1025]  ? clear_bhb_loop+0x60/0xb0
[ 1610.502912][ T1025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1610.502931][ T1025] RIP: 0033:0x7f8ddc78e929
[ 1610.502948][ T1025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1610.502965][ T1025] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1610.502991][ T1025] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1610.503005][ T1025] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1610.503018][ T1025] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1610.503030][ T1025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1610.503041][ T1025] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1610.503070][ T1025]  </TASK>
[ 1610.877968][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1611.693807][T31925] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1611.875712][T31925] usb 2-1: config 0 has no interfaces?
[ 1612.043856][ T2152] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1612.057183][T31925] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1612.243784][T31925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.251890][T31925] usb 2-1: Product: syz
[ 1612.297061][ T2152] usb 3-1: Using ep0 maxpacket: 8
[ 1612.313282][ T2152] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1612.333982][T31925] usb 2-1: Manufacturer: syz
[ 1612.338619][T31925] usb 2-1: SerialNumber: syz
[ 1612.382621][ T2152] usb 3-1: config 1 has an invalid interface number: 65 but max is 0
[ 1612.395973][ T2152] usb 3-1: config 1 has no interface number 0
[ 1612.403058][T31925] usb 2-1: config 0 descriptor??
[ 1612.409276][ T2152] usb 3-1: config 1 interface 65 has no altsetting 0
[ 1612.467380][ T2152] usb 3-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=2b.cd
[ 1612.603458][ T2152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.657229][ T2152] usb 3-1: Product: syz
[ 1612.661451][ T2152] usb 3-1: Manufacturer: syz
[ 1612.678201][ T2152] usb 3-1: SerialNumber: syz
[ 1612.749701][ T1072] vivid-000: disconnect
[ 1612.864955][ T1063] vivid-000: reconnect
[ 1613.831999][ T1085] FAULT_INJECTION: forcing a failure.
[ 1613.831999][ T1085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1613.885941][ T1085] CPU: 1 UID: 0 PID: 1085 Comm: syz.5.8407 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1613.885961][ T1085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1613.885970][ T1085] Call Trace:
[ 1613.885976][ T1085]  <TASK>
[ 1613.885981][ T1085]  dump_stack_lvl+0x189/0x250
[ 1613.886006][ T1085]  ? __pfx____ratelimit+0x10/0x10
[ 1613.886026][ T1085]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1613.886049][ T1085]  ? __pfx__printk+0x10/0x10
[ 1613.886071][ T1085]  should_fail_ex+0x414/0x560
[ 1613.886097][ T1085]  _copy_to_user+0x31/0xb0
[ 1613.886118][ T1085]  simple_read_from_buffer+0xe1/0x170
[ 1613.886143][ T1085]  proc_fail_nth_read+0x1df/0x250
[ 1613.886169][ T1085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1613.886191][ T1085]  ? rw_verify_area+0x258/0x650
[ 1613.886211][ T1085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1613.886227][ T1085]  vfs_read+0x200/0x980
[ 1613.886250][ T1085]  ? __pfx___mutex_lock+0x10/0x10
[ 1613.886271][ T1085]  ? __pfx_vfs_read+0x10/0x10
[ 1613.886292][ T1085]  ? __fget_files+0x2a/0x420
[ 1613.886309][ T1085]  ? __fget_files+0x3a0/0x420
[ 1613.886322][ T1085]  ? __fget_files+0x2a/0x420
[ 1613.886342][ T1085]  ksys_read+0x145/0x250
[ 1613.886368][ T1085]  ? __pfx_ksys_read+0x10/0x10
[ 1613.886394][ T1085]  ? rcu_is_watching+0x15/0xb0
[ 1613.886428][ T1085]  ? do_syscall_64+0xbe/0x3b0
[ 1613.886454][ T1085]  do_syscall_64+0xfa/0x3b0
[ 1613.886472][ T1085]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1613.886490][ T1085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1613.886503][ T1085]  ? clear_bhb_loop+0x60/0xb0
[ 1613.886522][ T1085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1613.886534][ T1085] RIP: 0033:0x7f8455f8d33c
[ 1613.886546][ T1085] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1613.886558][ T1085] RSP: 002b:00007f8456ed5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1613.886572][ T1085] RAX: ffffffffffffffda RBX: 00007f84561b5fa0 RCX: 00007f8455f8d33c
[ 1613.886582][ T1085] RDX: 000000000000000f RSI: 00007f8456ed50a0 RDI: 0000000000000007
[ 1613.886591][ T1085] RBP: 00007f8456ed5090 R08: 0000000000000000 R09: 0000000000000000
[ 1613.886599][ T1085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1613.886607][ T1085] R13: 0000000000000000 R14: 00007f84561b5fa0 R15: 00007f84562dfa28
[ 1613.886627][ T1085]  </TASK>
[ 1614.442163][T27223] usb 2-1: USB disconnect, device number 81
[ 1614.578526][ T2152] kalmia 3-1:1.65 (unnamed net_device) (uninitialized): Error sending init packet. Status -22
[ 1614.649368][ T2152] kalmia 3-1:1.65: probe with driver kalmia failed with error -22
[ 1614.704103][ T2152] usb 3-1: USB disconnect, device number 86
[ 1614.773775][ T5847] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1614.955867][ T5847] usb 1-1: config 68 has an invalid interface number: 220 but max is 0
[ 1614.975184][ T5847] usb 1-1: config 68 has no interface number 0
[ 1614.995824][ T5847] usb 1-1: config 68 interface 220 has no altsetting 0
[ 1615.041436][ T5847] usb 1-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=55.7a
[ 1615.113422][ T5847] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1615.141970][ T5847] usb 1-1: Product: syz
[ 1615.152893][ T5847] usb 1-1: Manufacturer: syz
[ 1615.158965][ T5847] usb 1-1: SerialNumber: syz
[ 1615.373654][ T1091] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8408'.
[ 1615.406296][ T5847] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1615.420738][ T5847] gspca_spca501: reg write: error -71
[ 1615.437788][ T5847] spca501 1-1:68.220: Reg write failed for 0x02,0x07,0x05
[ 1615.457298][ T5847] spca501 1-1:68.220: probe with driver spca501 failed with error -22
[ 1615.457911][ T1122] FAULT_INJECTION: forcing a failure.
[ 1615.457911][ T1122] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.490571][ T1122] CPU: 0 UID: 0 PID: 1122 Comm: syz.5.8415 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1615.490597][ T1122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1615.490611][ T1122] Call Trace:
[ 1615.490619][ T1122]  <TASK>
[ 1615.490628][ T1122]  dump_stack_lvl+0x189/0x250
[ 1615.490663][ T1122]  ? __pfx____ratelimit+0x10/0x10
[ 1615.490693][ T1122]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1615.490723][ T1122]  ? __pfx__printk+0x10/0x10
[ 1615.490751][ T1122]  ? __pfx___might_resched+0x10/0x10
[ 1615.490779][ T1122]  ? fs_reclaim_acquire+0x7d/0x100
[ 1615.490807][ T1122]  should_fail_ex+0x414/0x560
[ 1615.490836][ T1122]  ? rhashtable_init_noprof+0x4ee/0xbb0
[ 1615.490863][ T1122]  should_failslab+0xa8/0x100
[ 1615.490886][ T1122]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1615.490907][ T1122]  ? rhashtable_init_noprof+0x4ee/0xbb0
[ 1615.490940][ T1122]  rhashtable_init_noprof+0x4ee/0xbb0
[ 1615.490986][ T1122]  rhltable_init_noprof+0x1e/0x60
[ 1615.491013][ T1122]  nf_tables_newtable+0x68f/0x1890
[ 1615.491056][ T1122]  nfnetlink_rcv+0x1132/0x2520
[ 1615.491113][ T1122]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1615.491173][ T1122]  ? ref_tracker_free+0x63a/0x7d0
[ 1615.491229][ T1122]  ? __netlink_deliver_tap+0x807/0x850
[ 1615.491262][ T1122]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1615.491284][ T1122]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1615.491312][ T1122]  netlink_unicast+0x75b/0x8d0
[ 1615.491343][ T1122]  netlink_sendmsg+0x805/0xb30
[ 1615.491374][ T1122]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1615.491401][ T1122]  ? aa_sock_msg_perm+0x94/0x160
[ 1615.491435][ T1122]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1615.491460][ T1122]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1615.491484][ T1122]  __sock_sendmsg+0x219/0x270
[ 1615.491516][ T1122]  ____sys_sendmsg+0x505/0x830
[ 1615.491547][ T1122]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1615.491580][ T1122]  ? import_iovec+0x74/0xa0
[ 1615.491612][ T1122]  ___sys_sendmsg+0x21f/0x2a0
[ 1615.491637][ T1122]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1615.491692][ T1122]  ? __fget_files+0x2a/0x420
[ 1615.491712][ T1122]  ? __fget_files+0x3a0/0x420
[ 1615.491742][ T1122]  __x64_sys_sendmsg+0x19b/0x260
[ 1615.491768][ T1122]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1615.491800][ T1122]  ? __pfx_ksys_write+0x10/0x10
[ 1615.491815][ T1122]  ? rcu_is_watching+0x15/0xb0
[ 1615.491849][ T1122]  ? do_syscall_64+0xbe/0x3b0
[ 1615.491880][ T1122]  do_syscall_64+0xfa/0x3b0
[ 1615.491906][ T1122]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1615.491932][ T1122]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1615.491951][ T1122]  ? clear_bhb_loop+0x60/0xb0
[ 1615.491973][ T1122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1615.491991][ T1122] RIP: 0033:0x7f8455f8e929
[ 1615.492008][ T1122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1615.492023][ T1122] RSP: 002b:00007f8456ed5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1615.492041][ T1122] RAX: ffffffffffffffda RBX: 00007f84561b5fa0 RCX: 00007f8455f8e929
[ 1615.492054][ T1122] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1615.492066][ T1122] RBP: 00007f8456ed5090 R08: 0000000000000000 R09: 0000000000000000
[ 1615.492077][ T1122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1615.492088][ T1122] R13: 0000000000000000 R14: 00007f84561b5fa0 R15: 00007f84562dfa28
[ 1615.492115][ T1122]  </TASK>
[ 1615.492406][ T5847] usb 1-1: USB disconnect, device number 78
[ 1616.022864][ T1132] FAULT_INJECTION: forcing a failure.
[ 1616.022864][ T1132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1616.066970][ T1132] CPU: 1 UID: 0 PID: 1132 Comm: syz.2.8416 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1616.067002][ T1132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1616.067015][ T1132] Call Trace:
[ 1616.067024][ T1132]  <TASK>
[ 1616.067034][ T1132]  dump_stack_lvl+0x189/0x250
[ 1616.067072][ T1132]  ? __pfx____ratelimit+0x10/0x10
[ 1616.067104][ T1132]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1616.067138][ T1132]  ? __pfx__printk+0x10/0x10
[ 1616.067175][ T1132]  should_fail_ex+0x414/0x560
[ 1616.067209][ T1132]  strncpy_from_user+0x36/0x290
[ 1616.067239][ T1132]  getname_flags+0xf3/0x540
[ 1616.067270][ T1132]  __x64_sys_rmdir+0x3a/0x50
[ 1616.067303][ T1132]  do_syscall_64+0xfa/0x3b0
[ 1616.067335][ T1132]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1616.067366][ T1132]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1616.067387][ T1132]  ? clear_bhb_loop+0x60/0xb0
[ 1616.067414][ T1132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1616.067435][ T1132] RIP: 0033:0x7f8ddc78e929
[ 1616.067454][ T1132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1616.067473][ T1132] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 1616.067497][ T1132] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1616.067513][ T1132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 1616.067528][ T1132] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1616.067541][ T1132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1616.067554][ T1132] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1616.067587][ T1132]  </TASK>
[ 1616.552423][ T1144] FAULT_INJECTION: forcing a failure.
[ 1616.552423][ T1144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1616.695781][ T1144] CPU: 1 UID: 0 PID: 1144 Comm: syz.2.8420 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1616.695808][ T1144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1616.695820][ T1144] Call Trace:
[ 1616.695829][ T1144]  <TASK>
[ 1616.695837][ T1144]  dump_stack_lvl+0x189/0x250
[ 1616.695870][ T1144]  ? __pfx____ratelimit+0x10/0x10
[ 1616.695897][ T1144]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1616.695926][ T1144]  ? __pfx__printk+0x10/0x10
[ 1616.695946][ T1144]  ? __might_fault+0xb0/0x130
[ 1616.695978][ T1144]  should_fail_ex+0x414/0x560
[ 1616.696005][ T1144]  _copy_from_user+0x2d/0xb0
[ 1616.696024][ T1144]  ___sys_sendmsg+0x158/0x2a0
[ 1616.696050][ T1144]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1616.696105][ T1144]  ? __fget_files+0x2a/0x420
[ 1616.696124][ T1144]  ? __fget_files+0x3a0/0x420
[ 1616.696154][ T1144]  __x64_sys_sendmsg+0x19b/0x260
[ 1616.696179][ T1144]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1616.696211][ T1144]  ? __pfx_ksys_write+0x10/0x10
[ 1616.696225][ T1144]  ? rcu_is_watching+0x15/0xb0
[ 1616.696258][ T1144]  ? do_syscall_64+0xbe/0x3b0
[ 1616.696289][ T1144]  do_syscall_64+0xfa/0x3b0
[ 1616.696315][ T1144]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1616.696341][ T1144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1616.696359][ T1144]  ? clear_bhb_loop+0x60/0xb0
[ 1616.696381][ T1144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1616.696399][ T1144] RIP: 0033:0x7f8ddc78e929
[ 1616.696417][ T1144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1616.696433][ T1144] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1616.696453][ T1144] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1616.696466][ T1144] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[ 1616.696478][ T1144] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1616.696490][ T1144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1616.696502][ T1144] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1616.696530][ T1144]  </TASK>
[ 1617.112805][ T1150] vivid-000: disconnect
[ 1617.236315][ T5847] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1617.595329][T27223] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1617.673301][ T5847] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1617.699438][ T5847] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1617.772227][ T5847] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1617.816584][ T5847] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1617.854068][T27223] usb 2-1: Using ep0 maxpacket: 8
[ 1617.877053][T27223] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1617.901364][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1617.911219][T27223] usb 2-1: config 1 has an invalid interface number: 65 but max is 0
[ 1617.945128][T27223] usb 2-1: config 1 has no interface number 0
[ 1617.983798][T27223] usb 2-1: config 1 interface 65 has no altsetting 0
[ 1617.985908][ T5847] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1618.034175][T27223] usb 2-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=2b.cd
[ 1618.063626][T27223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1618.084936][ T5847] usb 1-1: invalid MIDI out EP 0
[ 1618.100225][T27223] usb 2-1: Product: syz
[ 1618.109761][T27223] usb 2-1: Manufacturer: syz
[ 1618.121803][T27223] usb 2-1: SerialNumber: syz
[ 1618.197912][ T1140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1618.215951][ T1140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1618.237823][ T1140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1618.247075][ T1140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1618.373045][T23615] udevd[23615]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1619.180073][ T5847] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1619.269182][ T5847] usb 1-1: USB disconnect, device number 79
[ 1619.777105][T27223] kalmia 2-1:1.65 (unnamed net_device) (uninitialized): Error sending init packet. Status -22
[ 1619.854043][T27223] kalmia 2-1:1.65: probe with driver kalmia failed with error -22
[ 1619.902603][T27223] usb 2-1: USB disconnect, device number 82
[ 1620.827967][ T2152] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1620.996687][ T2152] usb 1-1: config 68 has an invalid interface number: 220 but max is 0
[ 1621.005429][ T2152] usb 1-1: config 68 has no interface number 0
[ 1621.017782][ T2152] usb 1-1: config 68 interface 220 has no altsetting 0
[ 1621.036959][ T2152] usb 1-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=55.7a
[ 1621.046593][ T2152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1621.075445][ T2152] usb 1-1: Product: syz
[ 1621.096404][ T2152] usb 1-1: Manufacturer: syz
[ 1621.123260][ T2152] usb 1-1: SerialNumber: syz
[ 1621.362133][ T1174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8429'.
[ 1621.402154][ T2152] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1621.432198][ T2152] gspca_spca501: reg write: error -71
[ 1621.448443][ T2152] spca501 1-1:68.220: Reg write failed for 0x02,0x07,0x05
[ 1621.463982][ T2152] spca501 1-1:68.220: probe with driver spca501 failed with error -22
[ 1621.484237][ T2152] usb 1-1: USB disconnect, device number 80
[ 1621.531676][T22727] udevd[22727]: setting owner of /dev/bus/usb/001/080 to uid=0, gid=0 failed: No such file or directory
[ 1621.759259][ T1175] netlink: 136 bytes leftover after parsing attributes in process `syz.2.8430'.
[ 1621.776335][ T1175] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1623.593835][ T2152] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1623.750174][ T2152] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1623.773986][ T2152] usb 1-1: New USB device found, idVendor=045e, idProduct=02bf, bcdDevice=9e.06
[ 1623.870820][ T2152] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1624.091292][ T2152] usb 1-1: config 0 descriptor??
[ 1624.373325][ T2152] gspca_main: kinect-2.14.0 probing 045e:02bf
[ 1624.693843][T27223] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1624.907578][T27223] usb 2-1: config 0 has no interfaces?
[ 1624.947399][T27223] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1624.990477][T27223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1625.099165][T27223] usb 2-1: Product: syz
[ 1625.116548][T27223] usb 2-1: Manufacturer: syz
[ 1625.143567][T27223] usb 2-1: SerialNumber: syz
[ 1625.180238][T27223] usb 2-1: config 0 descriptor??
[ 1625.550248][ T1215] FAULT_INJECTION: forcing a failure.
[ 1625.550248][ T1215] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.601310][ T1215] CPU: 0 UID: 0 PID: 1215 Comm: syz.2.8439 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1625.601329][ T1215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1625.601337][ T1215] Call Trace:
[ 1625.601343][ T1215]  <TASK>
[ 1625.601349][ T1215]  dump_stack_lvl+0x189/0x250
[ 1625.601373][ T1215]  ? __pfx____ratelimit+0x10/0x10
[ 1625.601396][ T1215]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1625.601416][ T1215]  ? __pfx__printk+0x10/0x10
[ 1625.601439][ T1215]  should_fail_ex+0x414/0x560
[ 1625.601459][ T1215]  should_failslab+0xa8/0x100
[ 1625.601475][ T1215]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1625.601495][ T1215]  ? skb_clone+0x212/0x3a0
[ 1625.601515][ T1215]  skb_clone+0x212/0x3a0
[ 1625.601534][ T1215]  __netlink_deliver_tap+0x404/0x850
[ 1625.601556][ T1215]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1625.601572][ T1215]  netlink_deliver_tap+0x19c/0x1b0
[ 1625.601587][ T1215]  netlink_sendskb+0x68/0x140
[ 1625.601601][ T1215]  netlink_rcv_skb+0x28c/0x470
[ 1625.601615][ T1215]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1625.601634][ T1215]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1625.601659][ T1215]  ? down_read+0x1ad/0x2e0
[ 1625.601673][ T1215]  genl_rcv+0x28/0x40
[ 1625.601689][ T1215]  netlink_unicast+0x75b/0x8d0
[ 1625.601708][ T1215]  netlink_sendmsg+0x805/0xb30
[ 1625.601729][ T1215]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1625.601745][ T1215]  ? aa_sock_msg_perm+0x94/0x160
[ 1625.601766][ T1215]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1625.601783][ T1215]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1625.601798][ T1215]  __sock_sendmsg+0x219/0x270
[ 1625.601820][ T1215]  ____sys_sendmsg+0x505/0x830
[ 1625.601840][ T1215]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1625.601861][ T1215]  ? import_iovec+0x74/0xa0
[ 1625.601877][ T1215]  ___sys_sendmsg+0x21f/0x2a0
[ 1625.601894][ T1215]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1625.601933][ T1215]  ? __fget_files+0x2a/0x420
[ 1625.601947][ T1215]  ? __fget_files+0x3a0/0x420
[ 1625.601968][ T1215]  __x64_sys_sendmsg+0x19b/0x260
[ 1625.601986][ T1215]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1625.602017][ T1215]  ? __pfx_ksys_write+0x10/0x10
[ 1625.602027][ T1215]  ? rcu_is_watching+0x15/0xb0
[ 1625.602050][ T1215]  ? do_syscall_64+0xbe/0x3b0
[ 1625.602072][ T1215]  do_syscall_64+0xfa/0x3b0
[ 1625.602091][ T1215]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1625.602110][ T1215]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1625.602123][ T1215]  ? clear_bhb_loop+0x60/0xb0
[ 1625.602139][ T1215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1625.602151][ T1215] RIP: 0033:0x7f8ddc78e929
[ 1625.602163][ T1215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1625.602174][ T1215] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1625.602188][ T1215] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1625.602198][ T1215] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[ 1625.602207][ T1215] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1625.602215][ T1215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1625.602223][ T1215] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1625.602242][ T1215]  </TASK>
[ 1626.900502][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1626.900515][   T30] audit: type=1326 audit(1750941008.755:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1626.928975][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1626.942699][   T30] audit: type=1326 audit(1750941008.765:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1626.965145][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1626.988321][   T30] audit: type=1326 audit(1750941008.765:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.027994][   T30] audit: type=1326 audit(1750941008.765:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.050313][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1627.075012][   T30] audit: type=1326 audit(1750941008.765:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.097484][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1627.111427][  T977] usb 1-1: USB disconnect, device number 81
[ 1627.118515][   T30] audit: type=1326 audit(1750941008.775:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8455f8d290 code=0x7ffc0000
[ 1627.284387][   T30] audit: type=1326 audit(1750941008.815:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.307510][   T30] audit: type=1326 audit(1750941008.815:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.330436][   T30] audit: type=1326 audit(1750941008.815:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.343034][ T5847] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 1627.353777][   T30] audit: type=1326 audit(1750941008.815:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1219 comm="syz.5.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x7ffc0000
[ 1627.400584][T27223] usb 2-1: USB disconnect, device number 83
[ 1627.583784][ T5847] usb 3-1: Using ep0 maxpacket: 32
[ 1627.591480][  T977] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1627.594236][ T5847] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1627.610482][ T5847] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1627.619905][ T5847] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1627.629799][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1627.682672][ T5847] usb 3-1: config 0 descriptor??
[ 1627.823082][  T977] usb 1-1: config 68 has an invalid interface number: 220 but max is 0
[ 1627.831444][  T977] usb 1-1: config 68 has no interface number 0
[ 1627.847260][  T977] usb 1-1: config 68 interface 220 has no altsetting 0
[ 1627.886457][  T977] usb 1-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=55.7a
[ 1627.905351][  T977] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1627.913365][  T977] usb 1-1: Product: syz
[ 1628.031648][  T977] usb 1-1: Manufacturer: syz
[ 1628.043027][  T977] usb 1-1: SerialNumber: syz
[ 1628.339049][  T977] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1628.346591][  T977] gspca_spca501: reg write: error -71
[ 1628.352093][  T977] spca501 1-1:68.220: Reg write failed for 0x02,0x07,0x05
[ 1628.361054][  T977] spca501 1-1:68.220: probe with driver spca501 failed with error -22
[ 1628.381004][  T977] usb 1-1: USB disconnect, device number 82
[ 1629.015464][ T1240] binder: 1239:1240 ioctl f518 0 returned -22
[ 1629.084129][ T1156] Set syz1 is full, maxelem 65536 reached
[ 1630.053837][  T977] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1630.080951][ T2152] usb 3-1: USB disconnect, device number 87
[ 1630.323982][  T977] usb 2-1: config 0 has no interfaces?
[ 1630.345629][  T977] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1630.349379][ T1257] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8451'.
[ 1630.401909][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1630.425137][  T977] usb 2-1: Product: syz
[ 1630.471071][  T977] usb 2-1: Manufacturer: syz
[ 1630.486284][  T977] usb 2-1: SerialNumber: syz
[ 1630.679484][  T977] usb 2-1: config 0 descriptor??
[ 1631.110411][ T5847] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[ 1631.333825][ T5847] usb 3-1: Using ep0 maxpacket: 8
[ 1631.348802][ T5847] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1631.393231][ T5847] usb 3-1: config 1 has an invalid interface number: 65 but max is 0
[ 1631.485598][ T5847] usb 3-1: config 1 has no interface number 0
[ 1631.530506][ T5847] usb 3-1: config 1 interface 65 has no altsetting 0
[ 1631.562762][ T5847] usb 3-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=2b.cd
[ 1631.598859][ T5847] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1631.639927][ T5847] usb 3-1: Product: syz
[ 1631.655604][ T5847] usb 3-1: Manufacturer: syz
[ 1631.683182][ T5847] usb 3-1: SerialNumber: syz
[ 1632.014291][T27223] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 1632.177667][T27223] usb 1-1: config 0 has no interfaces?
[ 1632.190741][T27223] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1632.200277][T27223] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1632.208589][T27223] usb 1-1: Product: syz
[ 1632.231454][T27223] usb 1-1: Manufacturer: syz
[ 1632.238509][T27223] usb 1-1: SerialNumber: syz
[ 1632.270444][T27223] usb 1-1: config 0 descriptor??
[ 1633.004306][T27223] usb 2-1: USB disconnect, device number 84
[ 1633.414040][T27223] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1633.603598][ T1276] macvlan2: entered allmulticast mode
[ 1633.628369][T27223] usb 2-1: config 68 has an invalid interface number: 220 but max is 0
[ 1633.639754][T27223] usb 2-1: config 68 has no interface number 0
[ 1633.648205][T27223] usb 2-1: config 68 interface 220 has no altsetting 0
[ 1633.681781][ T5847] kalmia 3-1:1.65 (unnamed net_device) (uninitialized): Error sending init packet. Status -22
[ 1633.717533][T27223] usb 2-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=55.7a
[ 1633.730516][T27223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.735469][ T5847] kalmia 3-1:1.65: probe with driver kalmia failed with error -22
[ 1633.758802][T27223] usb 2-1: Product: syz
[ 1633.763078][T27223] usb 2-1: Manufacturer: syz
[ 1633.785849][ T1279] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.8459'.
[ 1633.831439][T27223] usb 2-1: SerialNumber: syz
[ 1633.844730][ T1280] ALSA: mixer_oss: invalid index 40000
[ 1633.890162][ T5847] usb 3-1: USB disconnect, device number 88
[ 1633.923310][ T1282] FAULT_INJECTION: forcing a failure.
[ 1633.923310][ T1282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1633.952802][ T1282] CPU: 1 UID: 0 PID: 1282 Comm: syz.5.8460 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1633.952828][ T1282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1633.952840][ T1282] Call Trace:
[ 1633.952847][ T1282]  <TASK>
[ 1633.952856][ T1282]  dump_stack_lvl+0x189/0x250
[ 1633.952885][ T1282]  ? __pfx____ratelimit+0x10/0x10
[ 1633.952906][ T1282]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1633.952936][ T1282]  ? __pfx__printk+0x10/0x10
[ 1633.952968][ T1282]  should_fail_ex+0x414/0x560
[ 1633.952995][ T1282]  _copy_to_user+0x31/0xb0
[ 1633.953014][ T1282]  simple_read_from_buffer+0xe1/0x170
[ 1633.953031][ T1282]  proc_fail_nth_read+0x1df/0x250
[ 1633.953049][ T1282]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1633.953071][ T1282]  ? rw_verify_area+0x258/0x650
[ 1633.953100][ T1282]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1633.953123][ T1282]  vfs_read+0x200/0x980
[ 1633.953155][ T1282]  ? __pfx___mutex_lock+0x10/0x10
[ 1633.953177][ T1282]  ? __pfx_vfs_read+0x10/0x10
[ 1633.953197][ T1282]  ? __fget_files+0x2a/0x420
[ 1633.953218][ T1282]  ? __fget_files+0x3a0/0x420
[ 1633.953245][ T1282]  ? __fget_files+0x2a/0x420
[ 1633.953273][ T1282]  ksys_read+0x145/0x250
[ 1633.953301][ T1282]  ? __pfx_ksys_read+0x10/0x10
[ 1633.953324][ T1282]  ? rcu_is_watching+0x15/0xb0
[ 1633.953349][ T1282]  ? do_syscall_64+0xbe/0x3b0
[ 1633.953396][ T1282]  do_syscall_64+0xfa/0x3b0
[ 1633.953438][ T1282]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1633.953463][ T1282]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.953482][ T1282]  ? clear_bhb_loop+0x60/0xb0
[ 1633.953500][ T1282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.953512][ T1282] RIP: 0033:0x7f8455f8d33c
[ 1633.953525][ T1282] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1633.953536][ T1282] RSP: 002b:00007f8456ed5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1633.953556][ T1282] RAX: ffffffffffffffda RBX: 00007f84561b5fa0 RCX: 00007f8455f8d33c
[ 1633.953570][ T1282] RDX: 000000000000000f RSI: 00007f8456ed50a0 RDI: 0000000000000007
[ 1633.953582][ T1282] RBP: 00007f8456ed5090 R08: 0000000000000000 R09: 0000000000000000
[ 1633.953596][ T1282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1633.953606][ T1282] R13: 0000000000000000 R14: 00007f84561b5fa0 R15: 00007f84562dfa28
[ 1633.953633][ T1282]  </TASK>
[ 1634.184724][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1634.484775][T27223] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1634.494531][T27223] gspca_spca501: reg write: error -71
[ 1634.499952][T27223] spca501 2-1:68.220: Reg write failed for 0x02,0x07,0x05
[ 1634.552835][T27223] spca501 2-1:68.220: probe with driver spca501 failed with error -22
[ 1634.634332][T27223] usb 2-1: USB disconnect, device number 85
[ 1634.863802][ T5847] usb 1-1: USB disconnect, device number 83
[ 1635.030120][ T1295] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8464'.
[ 1635.116040][ T1295] FAULT_INJECTION: forcing a failure.
[ 1635.116040][ T1295] name failslab, interval 1, probability 0, space 0, times 0
[ 1635.172818][ T1295] CPU: 0 UID: 0 PID: 1295 Comm: syz.0.8464 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1635.172839][ T1295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1635.172848][ T1295] Call Trace:
[ 1635.172854][ T1295]  <TASK>
[ 1635.172861][ T1295]  dump_stack_lvl+0x189/0x250
[ 1635.172886][ T1295]  ? __pfx____ratelimit+0x10/0x10
[ 1635.172908][ T1295]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1635.172930][ T1295]  ? __pfx__printk+0x10/0x10
[ 1635.172955][ T1295]  should_fail_ex+0x414/0x560
[ 1635.172976][ T1295]  should_failslab+0xa8/0x100
[ 1635.172992][ T1295]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1635.173014][ T1295]  ? skb_clone+0x212/0x3a0
[ 1635.173035][ T1295]  skb_clone+0x212/0x3a0
[ 1635.173055][ T1295]  __netlink_deliver_tap+0x404/0x850
[ 1635.173080][ T1295]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1635.173097][ T1295]  netlink_deliver_tap+0x19c/0x1b0
[ 1635.173113][ T1295]  netlink_sendskb+0x68/0x140
[ 1635.173128][ T1295]  netlink_rcv_skb+0x28c/0x470
[ 1635.173144][ T1295]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1635.173166][ T1295]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1635.173204][ T1295]  ? bpf_lsm_capable+0x9/0x20
[ 1635.173217][ T1295]  ? security_capable+0x7e/0x2e0
[ 1635.173238][ T1295]  nfnetlink_rcv+0x26a/0x2520
[ 1635.173260][ T1295]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1635.173280][ T1295]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 1635.173302][ T1295]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1635.173320][ T1295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1635.173339][ T1295]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1635.173358][ T1295]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1635.173384][ T1295]  ? ref_tracker_free+0x63a/0x7d0
[ 1635.173400][ T1295]  ? __copy_skb_header+0xa7/0x550
[ 1635.173417][ T1295]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1635.173440][ T1295]  ? __skb_clone+0x63/0x7a0
[ 1635.173459][ T1295]  ? __skb_clone+0x483/0x7a0
[ 1635.173480][ T1295]  ? skb_clone+0x246/0x3a0
[ 1635.173499][ T1295]  ? __netlink_deliver_tap+0x807/0x850
[ 1635.173513][ T1295]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1635.173531][ T1295]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1635.173545][ T1295]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1635.173563][ T1295]  netlink_unicast+0x75b/0x8d0
[ 1635.173583][ T1295]  netlink_sendmsg+0x805/0xb30
[ 1635.173604][ T1295]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1635.173621][ T1295]  ? aa_sock_msg_perm+0x94/0x160
[ 1635.173639][ T1295]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1635.173655][ T1295]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1635.173681][ T1295]  __sock_sendmsg+0x219/0x270
[ 1635.173713][ T1295]  ____sys_sendmsg+0x505/0x830
[ 1635.173734][ T1295]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1635.173756][ T1295]  ? import_iovec+0x74/0xa0
[ 1635.173771][ T1295]  ___sys_sendmsg+0x21f/0x2a0
[ 1635.173789][ T1295]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1635.173827][ T1295]  ? __fget_files+0x2a/0x420
[ 1635.173841][ T1295]  ? __fget_files+0x3a0/0x420
[ 1635.173862][ T1295]  __x64_sys_sendmsg+0x19b/0x260
[ 1635.173881][ T1295]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1635.173903][ T1295]  ? __pfx_ksys_write+0x10/0x10
[ 1635.173932][ T1295]  ? rcu_is_watching+0x15/0xb0
[ 1635.173975][ T1295]  ? do_syscall_64+0xbe/0x3b0
[ 1635.174002][ T1295]  do_syscall_64+0xfa/0x3b0
[ 1635.174024][ T1295]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1635.174045][ T1295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1635.174060][ T1295]  ? clear_bhb_loop+0x60/0xb0
[ 1635.174079][ T1295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1635.174093][ T1295] RIP: 0033:0x7fdf07b8e929
[ 1635.174108][ T1295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1635.174122][ T1295] RSP: 002b:00007fdf08add038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1635.174138][ T1295] RAX: ffffffffffffffda RBX: 00007fdf07db5fa0 RCX: 00007fdf07b8e929
[ 1635.174150][ T1295] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 0000000000000007
[ 1635.174160][ T1295] RBP: 00007fdf08add090 R08: 0000000000000000 R09: 0000000000000000
[ 1635.174169][ T1295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1635.174179][ T1295] R13: 0000000000000000 R14: 00007fdf07db5fa0 R15: 00007fdf07edfa28
[ 1635.174201][ T1295]  </TASK>
[ 1635.234235][T19195] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[ 1635.744407][T19195] usb 3-1: Using ep0 maxpacket: 16
[ 1635.787170][T19195] usb 3-1: config 0 has an invalid interface number: 195 but max is 0
[ 1635.802380][T19195] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1635.830896][T19195] usb 3-1: config 0 has no interface number 0
[ 1635.856369][T19195] usb 3-1: New USB device found, idVendor=0421, idProduct=0418, bcdDevice=95.ff
[ 1635.873474][T19195] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.882196][T19195] usb 3-1: Product: syz
[ 1635.893775][T19195] usb 3-1: Manufacturer: syz
[ 1635.898437][T19195] usb 3-1: SerialNumber: syz
[ 1635.914849][T19195] usb 3-1: config 0 descriptor??
[ 1635.921756][T19195] rndis_host 3-1:0.195: More than one union descriptor, skipping ...
[ 1635.946551][T19195] usb 3-1: bad CDC descriptors
[ 1635.951967][T19195] cdc_acm 3-1:0.195: More than one union descriptor, skipping ...
[ 1636.054910][ T1315] netlink: 1004 bytes leftover after parsing attributes in process `syz.0.8472'.
[ 1636.194905][ T1291] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8462'.
[ 1636.204698][ T1291] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1637.104052][T19195] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[ 1637.273997][T19195] usb 1-1: Using ep0 maxpacket: 16
[ 1637.282616][T19195] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1637.290681][T19195] usb 1-1: too many configurations: 9, using maximum allowed: 8
[ 1637.300897][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.311332][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.321258][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.331537][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.341547][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.351984][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.362336][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.372755][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.387587][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.398348][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.409485][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.420227][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.430607][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.441951][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.452034][T19195] usb 1-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[ 1637.462615][T19195] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1637.473659][T19195] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1637.483208][T19195] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1637.491383][T19195] usb 1-1: Product: syz
[ 1637.498909][T19195] usb 1-1: Manufacturer: syz
[ 1637.503534][T19195] usb 1-1: SerialNumber: syz
[ 1637.718769][ T1325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1637.729178][ T1325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1637.752752][T19195] usb 1-1: USB disconnect, device number 84
[ 1637.859207][T31925] usb 3-1: USB disconnect, device number 89
[ 1638.142312][ T1336] vlan0: entered promiscuous mode
[ 1638.148066][ T1336] bridge0: entered promiscuous mode
[ 1638.248010][ T1347] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8478'.
[ 1638.497622][ T1352] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8481'.
[ 1638.658654][ T1357] FAULT_INJECTION: forcing a failure.
[ 1638.658654][ T1357] name failslab, interval 1, probability 0, space 0, times 0
[ 1638.679725][ T1357] CPU: 0 UID: 0 PID: 1357 Comm: syz.7.8483 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1638.679751][ T1357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1638.679764][ T1357] Call Trace:
[ 1638.679773][ T1357]  <TASK>
[ 1638.679781][ T1357]  dump_stack_lvl+0x189/0x250
[ 1638.679815][ T1357]  ? __pfx____ratelimit+0x10/0x10
[ 1638.679844][ T1357]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1638.679874][ T1357]  ? __pfx__printk+0x10/0x10
[ 1638.679901][ T1357]  ? __pfx___might_resched+0x10/0x10
[ 1638.679936][ T1357]  ? fs_reclaim_acquire+0x7d/0x100
[ 1638.679963][ T1357]  should_fail_ex+0x414/0x560
[ 1638.679992][ T1357]  should_failslab+0xa8/0x100
[ 1638.680015][ T1357]  __kmalloc_noprof+0xcb/0x4f0
[ 1638.680032][ T1357]  ? kfree+0x4d/0x440
[ 1638.680057][ T1357]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1638.680090][ T1357]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1638.680119][ T1357]  ? tomoyo_domain+0xd9/0x130
[ 1638.680151][ T1357]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1638.680175][ T1357]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1638.680200][ T1357]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1638.680238][ T1357]  ? __lock_acquire+0xab9/0xd20
[ 1638.680284][ T1357]  ? __fget_files+0x2a/0x420
[ 1638.680308][ T1357]  ? __fget_files+0x2a/0x420
[ 1638.680328][ T1357]  ? __fget_files+0x3a0/0x420
[ 1638.680348][ T1357]  ? __fget_files+0x2a/0x420
[ 1638.680372][ T1357]  security_file_ioctl+0xcb/0x2d0
[ 1638.680396][ T1357]  __se_sys_ioctl+0x47/0x170
[ 1638.680426][ T1357]  do_syscall_64+0xfa/0x3b0
[ 1638.680454][ T1357]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1638.680481][ T1357]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1638.680500][ T1357]  ? clear_bhb_loop+0x60/0xb0
[ 1638.680523][ T1357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1638.680542][ T1357] RIP: 0033:0x7f303338e929
[ 1638.680559][ T1357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1638.680577][ T1357] RSP: 002b:00007f30341fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1638.680598][ T1357] RAX: ffffffffffffffda RBX: 00007f30335b5fa0 RCX: 00007f303338e929
[ 1638.680612][ T1357] RDX: 0000200000000000 RSI: 00000000c0045543 RDI: 0000000000000006
[ 1638.680625][ T1357] RBP: 00007f30341fe090 R08: 0000000000000000 R09: 0000000000000000
[ 1638.680636][ T1357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1638.680647][ T1357] R13: 0000000000000000 R14: 00007f30335b5fa0 R15: 00007f30336dfa28
[ 1638.680676][ T1357]  </TASK>
[ 1638.680684][ T1357] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1639.275061][ T1366] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1639.326858][ T1366] netlink: 68 bytes leftover after parsing attributes in process `syz.0.8485'.
[ 1639.336034][ T1366] netlink: 48 bytes leftover after parsing attributes in process `syz.0.8485'.
[ 1639.413999][T19195] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1639.575958][T19195] usb 2-1: Using ep0 maxpacket: 32
[ 1639.583095][T19195] usb 2-1: config 0 has an invalid interface number: 149 but max is 0
[ 1639.592498][T19195] usb 2-1: config 0 has no interface number 0
[ 1639.618913][T19195] usb 2-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=44.19
[ 1639.632117][T19195] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1639.653799][T19195] usb 2-1: Product: syz
[ 1639.658354][T19195] usb 2-1: Manufacturer: syz
[ 1639.670296][T19195] usb 2-1: SerialNumber: syz
[ 1639.685562][T19195] usb 2-1: config 0 descriptor??
[ 1639.784196][T27223] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 1639.907511][T19195] peak_usb 2-1:0.149 can0: unable to request usb[type=0 value=1] err=-71
[ 1639.926924][T19195] peak_usb 2-1:0.149: unable to read PCAN-Chip USB firmware info (err -71)
[ 1639.969587][T27223] usb 1-1: too many configurations: 9, using maximum allowed: 8
[ 1639.973407][ T1385] FAULT_INJECTION: forcing a failure.
[ 1639.973407][ T1385] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.011449][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.018588][ T1385] CPU: 1 UID: 0 PID: 1385 Comm: syz.7.8492 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1640.018616][ T1385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1640.018630][ T1385] Call Trace:
[ 1640.018639][ T1385]  <TASK>
[ 1640.018648][ T1385]  dump_stack_lvl+0x189/0x250
[ 1640.018686][ T1385]  ? __pfx____ratelimit+0x10/0x10
[ 1640.018720][ T1385]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1640.018752][ T1385]  ? __pfx__printk+0x10/0x10
[ 1640.018778][ T1385]  ? __pfx___might_resched+0x10/0x10
[ 1640.018828][ T1385]  ? fs_reclaim_acquire+0x7d/0x100
[ 1640.018860][ T1385]  should_fail_ex+0x414/0x560
[ 1640.018894][ T1385]  should_failslab+0xa8/0x100
[ 1640.018920][ T1385]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1640.018943][ T1385]  ? snd_mixer_oss_get_volume1_sw+0xf6/0x470
[ 1640.018982][ T1385]  snd_mixer_oss_get_volume1_sw+0xf6/0x470
[ 1640.019013][ T1385]  ? kasan_quarantine_put+0xdd/0x220
[ 1640.019050][ T1385]  snd_mixer_oss_get_recsrc1_sw+0x8f/0x140
[ 1640.019093][ T1385]  ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10
[ 1640.019125][ T1385]  snd_mixer_oss_ioctl1+0x13b0/0x18b0
[ 1640.019158][ T1385]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[ 1640.019185][ T1385]  ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10
[ 1640.019214][ T1385]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1640.019261][ T1385]  ? __lock_acquire+0xab9/0xd20
[ 1640.019306][ T1385]  snd_mixer_oss_ioctl_card+0x10b/0x160
[ 1640.019340][ T1385]  ? __pfx_snd_mixer_oss_ioctl_card+0x10/0x10
[ 1640.019376][ T1385]  ? __fget_files+0x2a/0x420
[ 1640.019400][ T1385]  ? __fget_files+0x3a0/0x420
[ 1640.019428][ T1385]  snd_pcm_oss_ioctl+0x264/0xdd0
[ 1640.019462][ T1385]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1640.019495][ T1385]  __se_sys_ioctl+0xf9/0x170
[ 1640.019530][ T1385]  do_syscall_64+0xfa/0x3b0
[ 1640.019563][ T1385]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1640.019594][ T1385]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1640.019617][ T1385]  ? clear_bhb_loop+0x60/0xb0
[ 1640.019645][ T1385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1640.019667][ T1385] RIP: 0033:0x7f303338e929
[ 1640.019688][ T1385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1640.019707][ T1385] RSP: 002b:00007f30341fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1640.019732][ T1385] RAX: ffffffffffffffda RBX: 00007f30335b5fa0 RCX: 00007f303338e929
[ 1640.019749][ T1385] RDX: 0000200000000140 RSI: 0000000080044dff RDI: 0000000000000003
[ 1640.019764][ T1385] RBP: 00007f30341fe090 R08: 0000000000000000 R09: 0000000000000000
[ 1640.019778][ T1385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1640.019791][ T1385] R13: 0000000000000000 R14: 00007f30335b5fa0 R15: 00007f30336dfa28
[ 1640.019825][ T1385]  </TASK>
[ 1640.309825][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.330482][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.339259][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.341540][T19195] peak_usb 2-1:0.149: probe with driver peak_usb failed with error -71
[ 1640.348707][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.368201][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.377571][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.388750][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.434210][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.454029][T19195] usb 2-1: USB disconnect, device number 86
[ 1640.464780][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.485297][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.504205][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.562623][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.603835][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.651913][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.662187][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.671948][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.685132][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.718496][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.729882][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.745767][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.767070][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1640.796607][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1640.820790][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1640.854793][T27223] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1640.892808][T27223] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1640.902613][T27223] usb 1-1: Product: syz
[ 1640.913791][T27223] usb 1-1: Manufacturer: syz
[ 1640.918487][T27223] usb 1-1: SerialNumber: syz
[ 1640.949633][T27223] usb 1-1: config 0 descriptor??
[ 1640.969339][T27223] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[ 1641.003824][T19195] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1641.155733][T19195] usb 2-1: config 68 has an invalid interface number: 220 but max is 0
[ 1641.164865][T19195] usb 2-1: config 68 has no interface number 0
[ 1641.171079][T19195] usb 2-1: config 68 interface 220 has no altsetting 0
[ 1641.190039][T19195] usb 2-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice=55.7a
[ 1641.201776][T19195] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.210060][T19195] usb 2-1: Product: syz
[ 1641.214625][T19195] usb 2-1: Manufacturer: syz
[ 1641.221089][T19195] usb 2-1: SerialNumber: syz
[ 1641.231093][T27223] usb 1-1: USB disconnect, device number 85
[ 1641.289366][T27223] yurex 1-1:0.0: USB YUREX #0 now disconnected
[ 1641.484407][T19195] gspca_main: spca501-2.14.0 probing 0497:c001
[ 1641.512990][T19195] gspca_spca501: reg write: error -71
[ 1641.524458][T19195] spca501 2-1:68.220: Reg write failed for 0x02,0x07,0x05
[ 1641.531854][T19195] spca501 2-1:68.220: probe with driver spca501 failed with error -22
[ 1641.546311][T19195] usb 2-1: USB disconnect, device number 87
[ 1641.612010][ T1411] FAULT_INJECTION: forcing a failure.
[ 1641.612010][ T1411] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.657856][ T1411] CPU: 0 UID: 0 PID: 1411 Comm: syz.2.8498 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1641.657883][ T1411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1641.657895][ T1411] Call Trace:
[ 1641.657903][ T1411]  <TASK>
[ 1641.657911][ T1411]  dump_stack_lvl+0x189/0x250
[ 1641.657944][ T1411]  ? __pfx____ratelimit+0x10/0x10
[ 1641.657974][ T1411]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1641.657995][ T1411]  ? __pfx__printk+0x10/0x10
[ 1641.658013][ T1411]  ? __pfx___might_resched+0x10/0x10
[ 1641.658033][ T1411]  ? fs_reclaim_acquire+0x7d/0x100
[ 1641.658058][ T1411]  should_fail_ex+0x414/0x560
[ 1641.658078][ T1411]  should_failslab+0xa8/0x100
[ 1641.658093][ T1411]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1641.658106][ T1411]  ? loop_add+0xd0/0xad0
[ 1641.658123][ T1411]  loop_add+0xd0/0xad0
[ 1641.658137][ T1411]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1641.658155][ T1411]  ? __pfx_loop_add+0x10/0x10
[ 1641.658189][ T1411]  loop_control_ioctl+0x128/0x5a0
[ 1641.658206][ T1411]  ? ksys_write+0x1e1/0x250
[ 1641.658217][ T1411]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1641.658234][ T1411]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1641.658253][ T1411]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1641.658268][ T1411]  __se_sys_ioctl+0xf9/0x170
[ 1641.658288][ T1411]  do_syscall_64+0xfa/0x3b0
[ 1641.658307][ T1411]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1641.658326][ T1411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1641.658339][ T1411]  ? clear_bhb_loop+0x60/0xb0
[ 1641.658354][ T1411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1641.658366][ T1411] RIP: 0033:0x7f8ddc78e929
[ 1641.658378][ T1411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1641.658390][ T1411] RSP: 002b:00007f8ddd610038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1641.658403][ T1411] RAX: ffffffffffffffda RBX: 00007f8ddc9b6080 RCX: 00007f8ddc78e929
[ 1641.658413][ T1411] RDX: 00000000000fffff RSI: 0000000000004c80 RDI: 0000000000000003
[ 1641.658421][ T1411] RBP: 00007f8ddd610090 R08: 0000000000000000 R09: 0000000000000000
[ 1641.658429][ T1411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1641.658437][ T1411] R13: 0000000000000000 R14: 00007f8ddc9b6080 R15: 00007f8ddcadfa28
[ 1641.658456][ T1411]  </TASK>
[ 1642.053997][T27223] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 1642.204513][T27223] usb 1-1: too many configurations: 9, using maximum allowed: 8
[ 1642.216804][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1642.237864][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1642.280987][ T1414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1642.294261][ T1414] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1642.305243][ T1414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1642.324460][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1642.346613][ T1414] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1642.362431][T27223] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1642.381720][T27223] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1642.403157][T27223] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1642.503996][T19195] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[ 1642.651764][T27223] usb 1-1: unable to read config index 2 descriptor/start: -71
[ 1642.676237][T27223] usb 1-1: can't read configurations, error -71
[ 1642.677582][T19195] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1642.794700][T19195] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1642.859500][T19195] usb 3-1: too many endpoints for config 1 interface 1 altsetting 145: 217, using maximum allowed: 30
[ 1642.871210][T19195] usb 3-1: config 1 interface 1 altsetting 145 has 0 endpoint descriptors, different from the interface descriptor's value: 217
[ 1642.885465][T19195] usb 3-1: config 1 interface 1 has no altsetting 0
[ 1642.895280][T19195] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1642.924763][T19195] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1642.966092][T19195] usb 3-1: Product: syz
[ 1642.977314][T19195] usb 3-1: Manufacturer: syz
[ 1642.996491][T19195] usb 3-1: SerialNumber: syz
[ 1643.010204][ T1432] netlink: 1004 bytes leftover after parsing attributes in process `syz.0.8506'.
[ 1643.016420][T19195] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -22
[ 1643.093806][T15739] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1643.215586][  T977] usb 3-1: USB disconnect, device number 90
[ 1643.265014][T15739] usb 2-1: Using ep0 maxpacket: 16
[ 1643.273298][T15739] usb 2-1: config 8 has an invalid interface number: 39 but max is 0
[ 1643.282784][T15739] usb 2-1: config 8 has no interface number 0
[ 1643.289405][T15739] usb 2-1: config 8 interface 39 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1643.300456][T15739] usb 2-1: config 8 interface 39 has no altsetting 0
[ 1643.309680][T15739] usb 2-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[ 1643.319182][T15739] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1643.327417][T15739] usb 2-1: Product: syz
[ 1643.331754][T15739] usb 2-1: Manufacturer: syz
[ 1643.336938][T15739] usb 2-1: SerialNumber: syz
[ 1643.562851][T15739] ipheth 2-1:8.39: Unable to find endpoints
[ 1643.611524][T15739] usb 2-1: USB disconnect, device number 88
[ 1643.663194][ T1435] FAULT_INJECTION: forcing a failure.
[ 1643.663194][ T1435] name failslab, interval 1, probability 0, space 0, times 0
[ 1643.692990][ T1435] CPU: 1 UID: 0 PID: 1435 Comm: syz.0.8507 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1643.693016][ T1435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1643.693029][ T1435] Call Trace:
[ 1643.693037][ T1435]  <TASK>
[ 1643.693045][ T1435]  dump_stack_lvl+0x189/0x250
[ 1643.693080][ T1435]  ? __pfx____ratelimit+0x10/0x10
[ 1643.693108][ T1435]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1643.693137][ T1435]  ? __pfx__printk+0x10/0x10
[ 1643.693172][ T1435]  should_fail_ex+0x414/0x560
[ 1643.693201][ T1435]  should_failslab+0xa8/0x100
[ 1643.693223][ T1435]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1643.693253][ T1435]  ? skb_clone+0x212/0x3a0
[ 1643.693281][ T1435]  skb_clone+0x212/0x3a0
[ 1643.693309][ T1435]  __netlink_deliver_tap+0x404/0x850
[ 1643.693343][ T1435]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1643.693366][ T1435]  netlink_deliver_tap+0x19c/0x1b0
[ 1643.693389][ T1435]  netlink_sendskb+0x68/0x140
[ 1643.693409][ T1435]  netlink_rcv_skb+0x28c/0x470
[ 1643.693431][ T1435]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1643.693459][ T1435]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1643.693494][ T1435]  ? down_read+0x1ad/0x2e0
[ 1643.693515][ T1435]  genl_rcv+0x28/0x40
[ 1643.693535][ T1435]  netlink_unicast+0x75b/0x8d0
[ 1643.693558][ T1435]  netlink_sendmsg+0x805/0xb30
[ 1643.693582][ T1435]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1643.693603][ T1435]  ? aa_sock_msg_perm+0x94/0x160
[ 1643.693629][ T1435]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1643.693649][ T1435]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1643.693675][ T1435]  __sock_sendmsg+0x219/0x270
[ 1643.693706][ T1435]  ____sys_sendmsg+0x505/0x830
[ 1643.693734][ T1435]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1643.693766][ T1435]  ? import_iovec+0x74/0xa0
[ 1643.693788][ T1435]  ___sys_sendmsg+0x21f/0x2a0
[ 1643.693813][ T1435]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1643.693871][ T1435]  ? __fget_files+0x2a/0x420
[ 1643.693892][ T1435]  ? __fget_files+0x3a0/0x420
[ 1643.693954][ T1435]  __x64_sys_sendmsg+0x19b/0x260
[ 1643.693980][ T1435]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1643.694011][ T1435]  ? __pfx_ksys_write+0x10/0x10
[ 1643.694025][ T1435]  ? rcu_is_watching+0x15/0xb0
[ 1643.694057][ T1435]  ? do_syscall_64+0xbe/0x3b0
[ 1643.694087][ T1435]  do_syscall_64+0xfa/0x3b0
[ 1643.694116][ T1435]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1643.694148][ T1435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1643.694170][ T1435]  ? clear_bhb_loop+0x60/0xb0
[ 1643.694197][ T1435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1643.694218][ T1435] RIP: 0033:0x7fdf07b8e929
[ 1643.694238][ T1435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1643.694258][ T1435] RSP: 002b:00007fdf08add038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1643.694281][ T1435] RAX: ffffffffffffffda RBX: 00007fdf07db5fa0 RCX: 00007fdf07b8e929
[ 1643.694296][ T1435] RDX: 9590f6cc3ea35512 RSI: 0000200000000000 RDI: 0000000000000003
[ 1643.694312][ T1435] RBP: 00007fdf08add090 R08: 0000000000000000 R09: 0000000000000000
[ 1643.694326][ T1435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1643.694339][ T1435] R13: 0000000000000000 R14: 00007fdf07db5fa0 R15: 00007fdf07edfa28
[ 1643.694367][ T1435]  </TASK>
[ 1644.344661][T15739] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 1644.548314][T15739] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1644.573173][T15739] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1644.611448][T15739] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1644.643975][T19195] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[ 1644.677669][T15739] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1644.694103][T15739] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1644.714413][T15739] usb 3-1: config 0 descriptor??
[ 1644.805086][T19195] usb 1-1: Using ep0 maxpacket: 16
[ 1644.915728][T19195] usb 1-1: config 0 has an invalid interface number: 195 but max is 0
[ 1644.951765][T19195] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1645.009159][T19195] usb 1-1: config 0 has no interface number 0
[ 1645.027895][T19195] usb 1-1: New USB device found, idVendor=0421, idProduct=0418, bcdDevice=95.ff
[ 1645.045236][T19195] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1645.126401][T19195] usb 1-1: Product: syz
[ 1645.135095][T19195] usb 1-1: Manufacturer: syz
[ 1645.144627][T19195] usb 1-1: SerialNumber: syz
[ 1645.172923][T19195] usb 1-1: config 0 descriptor??
[ 1645.186789][T19195] rndis_host 1-1:0.195: More than one union descriptor, skipping ...
[ 1645.206791][T15739] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x6
[ 1645.215365][T15739] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[ 1645.238417][T19195] usb 1-1: bad CDC descriptors
[ 1645.251337][T15739] plantronics 0003:047F:FFFF.0027: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1645.290656][T19195] cdc_acm 1-1:0.195: More than one union descriptor, skipping ...
[ 1645.296229][ T1433] Bluetooth: hci2: command 0x0406 tx timeout
[ 1645.419839][T19195] usb 3-1: USB disconnect, device number 91
[ 1645.491256][ T1452] delete_channel: no stack
[ 1645.498391][ T1460] fido_id[1460]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[ 1645.567611][ T1461] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8511'.
[ 1645.643223][ T1461] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1645.743378][ T1466] netlink: 1004 bytes leftover after parsing attributes in process `syz.5.8517'.
[ 1646.553904][ T5847] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1646.714883][ T5847] usb 2-1: Using ep0 maxpacket: 16
[ 1646.723723][ T5847] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1646.737578][ T5847] usb 2-1: can't read configurations, error -61
[ 1646.885124][ T5847] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1647.043979][ T5847] usb 2-1: Using ep0 maxpacket: 16
[ 1647.071164][ T5847] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1647.120076][ T5847] usb 2-1: can't read configurations, error -61
[ 1647.169999][ T5847] usb usb2-port1: attempt power cycle
[ 1647.324969][ T1498] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1647.331555][ T1498] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1647.529428][ T1498] vhci_hcd vhci_hcd.0: Device attached
[ 1647.590530][ T5847] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 1647.614562][ T5847] usb 2-1: Using ep0 maxpacket: 16
[ 1647.630624][ T1492] cgroup: fork rejected by pids controller in /syz7
[ 1647.642021][ T5847] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1647.656071][ T5847] usb 2-1: can't read configurations, error -61
[ 1647.698156][T15739] usb 1-1: USB disconnect, device number 88
[ 1647.705957][ T1500] vhci_hcd: connection closed
[ 1647.708083][ T3510] vhci_hcd: stop threads
[ 1647.733866][ T3510] vhci_hcd: release socket
[ 1647.744721][ T3510] vhci_hcd: disconnect device
[ 1647.814485][ T5847] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 1647.868023][ T5847] usb 2-1: Using ep0 maxpacket: 16
[ 1647.876428][ T5847] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1647.884346][ T5847] usb 2-1: can't read configurations, error -61
[ 1647.891779][ T5847] usb usb2-port1: unable to enumerate USB device
[ 1648.044765][ T1543] FAULT_INJECTION: forcing a failure.
[ 1648.044765][ T1543] name failslab, interval 1, probability 0, space 0, times 0
[ 1648.074135][ T1543] CPU: 1 UID: 0 PID: 1543 Comm: syz.7.8530 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1648.074166][ T1543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1648.074181][ T1543] Call Trace:
[ 1648.074189][ T1543]  <TASK>
[ 1648.074200][ T1543]  dump_stack_lvl+0x189/0x250
[ 1648.074238][ T1543]  ? __pfx____ratelimit+0x10/0x10
[ 1648.074272][ T1543]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1648.074314][ T1543]  ? __pfx__printk+0x10/0x10
[ 1648.074345][ T1543]  ? __pfx___might_resched+0x10/0x10
[ 1648.074378][ T1543]  ? fs_reclaim_acquire+0x7d/0x100
[ 1648.074410][ T1543]  should_fail_ex+0x414/0x560
[ 1648.074444][ T1543]  should_failslab+0xa8/0x100
[ 1648.074469][ T1543]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1648.074492][ T1543]  ? __alloc_skb+0x112/0x2d0
[ 1648.074521][ T1543]  __alloc_skb+0x112/0x2d0
[ 1648.074549][ T1543]  netlink_ack+0x146/0xa50
[ 1648.074571][ T1543]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1648.074599][ T1543]  ? ref_tracker_free+0x63a/0x7d0
[ 1648.074626][ T1543]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1648.074655][ T1543]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1648.074686][ T1543]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1648.074727][ T1543]  netlink_rcv_skb+0x28c/0x470
[ 1648.074753][ T1543]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1648.074786][ T1543]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1648.074830][ T1543]  ? down_read+0x1ad/0x2e0
[ 1648.074855][ T1543]  genl_rcv+0x28/0x40
[ 1648.074883][ T1543]  netlink_unicast+0x75b/0x8d0
[ 1648.074918][ T1543]  netlink_sendmsg+0x805/0xb30
[ 1648.074954][ T1543]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1648.074983][ T1543]  ? aa_sock_msg_perm+0x94/0x160
[ 1648.075013][ T1543]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1648.075042][ T1543]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1648.075068][ T1543]  __sock_sendmsg+0x219/0x270
[ 1648.075116][ T1543]  ____sys_sendmsg+0x505/0x830
[ 1648.075158][ T1543]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1648.075207][ T1543]  ? import_iovec+0x74/0xa0
[ 1648.075231][ T1543]  ___sys_sendmsg+0x21f/0x2a0
[ 1648.075258][ T1543]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1648.075326][ T1543]  ? __fget_files+0x2a/0x420
[ 1648.075347][ T1543]  ? __fget_files+0x3a0/0x420
[ 1648.075380][ T1543]  __x64_sys_sendmsg+0x19b/0x260
[ 1648.075408][ T1543]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1648.075443][ T1543]  ? __pfx_ksys_write+0x10/0x10
[ 1648.075458][ T1543]  ? rcu_is_watching+0x15/0xb0
[ 1648.075494][ T1543]  ? do_syscall_64+0xbe/0x3b0
[ 1648.075528][ T1543]  do_syscall_64+0xfa/0x3b0
[ 1648.075556][ T1543]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1648.075584][ T1543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.075604][ T1543]  ? clear_bhb_loop+0x60/0xb0
[ 1648.075628][ T1543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.075648][ T1543] RIP: 0033:0x7f303338e929
[ 1648.075666][ T1543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1648.075683][ T1543] RSP: 002b:00007f30341fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1648.075704][ T1543] RAX: ffffffffffffffda RBX: 00007f30335b5fa0 RCX: 00007f303338e929
[ 1648.075720][ T1543] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[ 1648.075733][ T1543] RBP: 00007f30341fe090 R08: 0000000000000000 R09: 0000000000000000
[ 1648.075746][ T1543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1648.075758][ T1543] R13: 0000000000000000 R14: 00007f30335b5fa0 R15: 00007f30336dfa28
[ 1648.075789][ T1543]  </TASK>
[ 1648.721321][ T1551] FAULT_INJECTION: forcing a failure.
[ 1648.721321][ T1551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1648.775835][ T1551] CPU: 1 UID: 0 PID: 1551 Comm: syz.2.8531 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1648.775865][ T1551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1648.775879][ T1551] Call Trace:
[ 1648.775886][ T1551]  <TASK>
[ 1648.775893][ T1551]  dump_stack_lvl+0x189/0x250
[ 1648.775917][ T1551]  ? __pfx____ratelimit+0x10/0x10
[ 1648.775937][ T1551]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1648.775958][ T1551]  ? __pfx__printk+0x10/0x10
[ 1648.775972][ T1551]  ? __might_fault+0xb0/0x130
[ 1648.775992][ T1551]  should_fail_ex+0x414/0x560
[ 1648.776012][ T1551]  _copy_from_user+0x2d/0xb0
[ 1648.776026][ T1551]  ___sys_recvmsg+0x12e/0x510
[ 1648.776046][ T1551]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1648.776102][ T1551]  ? __might_fault+0xb0/0x130
[ 1648.776118][ T1551]  do_recvmmsg+0x307/0x770
[ 1648.776141][ T1551]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1648.776167][ T1551]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1648.776201][ T1551]  __x64_sys_recvmmsg+0x190/0x240
[ 1648.776222][ T1551]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1648.776238][ T1551]  ? rcu_is_watching+0x15/0xb0
[ 1648.776264][ T1551]  ? do_syscall_64+0xbe/0x3b0
[ 1648.776293][ T1551]  do_syscall_64+0xfa/0x3b0
[ 1648.776314][ T1551]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1648.776333][ T1551]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.776347][ T1551]  ? clear_bhb_loop+0x60/0xb0
[ 1648.776364][ T1551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.776377][ T1551] RIP: 0033:0x7f8ddc78e929
[ 1648.776390][ T1551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1648.776402][ T1551] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1648.776417][ T1551] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1648.776428][ T1551] RDX: 0000000000000006 RSI: 0000200000000e40 RDI: 0000000000000003
[ 1648.776436][ T1551] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1648.776445][ T1551] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[ 1648.776454][ T1551] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1648.776474][ T1551]  </TASK>
[ 1651.383840][T15739] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1651.533844][T15739] usb 3-1: Using ep0 maxpacket: 32
[ 1651.547264][T15739] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[ 1651.560865][T15739] usb 3-1: config 0 has no interface number 0
[ 1651.570376][T15739] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1651.588746][T15739] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1651.605008][T15739] usb 3-1: Product: syz
[ 1651.616832][T15739] usb 3-1: Manufacturer: syz
[ 1651.638343][T15739] usb 3-1: SerialNumber: syz
[ 1651.672089][T15739] usb 3-1: config 0 descriptor??
[ 1651.684262][T15739] smsc95xx v2.0.0
[ 1652.094368][T15739] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1652.105815][T15739] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1652.318404][T15739] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[ 1652.332800][T15739] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -61
[ 1654.135995][ T5847] usb 3-1: USB disconnect, device number 92
[ 1654.258682][ T1631] =======================================================
[ 1654.258682][ T1631] WARNING: The mand mount option has been deprecated and
[ 1654.258682][ T1631]          and is ignored by this kernel. Remove the mand
[ 1654.258682][ T1631]          option from the mount to silence this warning.
[ 1654.258682][ T1631] =======================================================
[ 1654.582891][ T5897] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1654.874638][ T5897] usb 2-1: Using ep0 maxpacket: 16
[ 1654.890858][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1654.963721][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1654.995824][ T5897] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1655.031648][ T5897] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1655.063629][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1655.139586][ T5897] usb 2-1: config 0 descriptor??
[ 1655.774160][ T5897] shield 0003:0955:7214.0028: unknown main item tag 0x0
[ 1655.792721][ T5897] shield 0003:0955:7214.0028: item fetching failed at offset 1/5
[ 1655.793959][T15739] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[ 1655.818921][ T5897] shield 0003:0955:7214.0028: Parse failed
[ 1655.828826][ T5897] shield 0003:0955:7214.0028: probe with driver shield failed with error -22
[ 1656.153774][T15739] usb 1-1: Using ep0 maxpacket: 8
[ 1656.174384][ T1640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1656.185233][ T1640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1656.650563][ T1641] could not allocate digest TFM handle poly1305-simd
[ 1657.016488][T19195] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1657.221533][ T5897] usb 2-1: USB disconnect, device number 93
[ 1657.401811][T19195] usb 3-1: config 0 has no interfaces?
[ 1657.419445][T19195] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1657.429192][T19195] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1657.462079][T19195] usb 3-1: Product: syz
[ 1657.713103][T19195] usb 3-1: Manufacturer: syz
[ 1657.762043][T19195] usb 3-1: SerialNumber: syz
[ 1657.841230][T19195] usb 3-1: config 0 descriptor??
[ 1657.914658][T13941] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 1658.173032][T13941] usb 2-1: config 0 has no interfaces?
[ 1658.209112][T13941] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1658.305391][T13941] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1658.330509][T13941] usb 2-1: Product: syz
[ 1658.360619][T13941] usb 2-1: Manufacturer: syz
[ 1658.417564][T13941] usb 2-1: SerialNumber: syz
[ 1658.509639][T13941] usb 2-1: config 0 descriptor??
[ 1658.903913][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1658.903951][   T30] audit: type=1800 audit(1750941040.785:2800): pid=1670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8568" name="file0" dev="tmpfs" ino=2567 res=0 errno=0
[ 1659.141552][T15739] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1659.162552][T15739] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1659.181106][T15739] usb 1-1: can't read configurations, error -71
[ 1659.916966][ T5838] usb 3-1: USB disconnect, device number 93
[ 1659.968389][ T1694] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[ 1660.913990][ T1702] syzkaller1: entered promiscuous mode
[ 1660.926583][ T1702] syzkaller1: entered allmulticast mode
[ 1661.031713][T19195] usb 2-1: USB disconnect, device number 94
[ 1661.259957][ T1708] netlink: 32 bytes leftover after parsing attributes in process `syz.7.8580'.
[ 1661.704207][T19195] usb 3-1: new full-speed USB device number 94 using dummy_hcd
[ 1661.866808][T19195] usb 3-1: not running at top speed; connect to a high speed hub
[ 1661.879027][T19195] usb 3-1: config 4 has an invalid interface number: 121 but max is 1
[ 1661.911244][T19195] usb 3-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[ 1661.955136][T19195] usb 3-1: config 4 has an invalid interface number: 139 but max is 1
[ 1662.133947][T19195] usb 3-1: config 4 has no interface number 0
[ 1662.160534][T19195] usb 3-1: config 4 has no interface number 1
[ 1662.238532][T19195] usb 3-1: config 4 interface 121 altsetting 16 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 1662.286452][T19195] usb 3-1: config 4 interface 121 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[ 1662.389281][T19195] usb 3-1: config 4 interface 121 altsetting 16 endpoint 0xA has invalid maxpacket 1024, setting to 64
[ 1662.406504][T19195] usb 3-1: config 4 interface 121 altsetting 16 endpoint 0xE has invalid maxpacket 512, setting to 64
[ 1662.421734][T19195] usb 3-1: config 4 interface 121 altsetting 16 has an endpoint descriptor with address 0x9A, changing to 0x8A
[ 1662.435544][ T1732] bridge0: entered promiscuous mode
[ 1662.442104][T19195] usb 3-1: config 4 interface 121 altsetting 16 has a duplicate endpoint with address 0x8A, skipping
[ 1662.459827][T19195] usb 3-1: config 4 interface 121 altsetting 16 endpoint 0xD has invalid wMaxPacketSize 0
[ 1662.521654][T19195] usb 3-1: config 4 interface 121 has no altsetting 0
[ 1662.551270][ T1732] batman_adv: batadv0: Adding interface: macsec1
[ 1662.558291][ T1732] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1662.587553][ T1732] batman_adv: batadv0: Interface activated: macsec1
[ 1662.616325][T19195] usb 3-1: config 4 interface 139 has no altsetting 0
[ 1662.639092][T19195] usb 3-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=3a.bb
[ 1662.679314][T19195] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1662.712700][T19195] usb 3-1: Product: ╨Ц
[ 1662.721431][T19195] usb 3-1: Manufacturer: чжЬыЕРхПкюЛ╜ъАгф╢жю┐╖ы╕Йш║аъ╖ХяО╛тКМцЛ┐реКчГ▓ъШ│╫ЬуеЖцШЧэЮнуОС
[ 1662.756934][T19195] usb 3-1: SerialNumber: ╨г
[ 1662.758616][ T1736] FAULT_INJECTION: forcing a failure.
[ 1662.758616][ T1736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1662.864852][ T1736] CPU: 1 UID: 0 PID: 1736 Comm: syz.7.8589 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1662.864876][ T1736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1662.864886][ T1736] Call Trace:
[ 1662.864893][ T1736]  <TASK>
[ 1662.864900][ T1736]  dump_stack_lvl+0x189/0x250
[ 1662.864933][ T1736]  ? __pfx____ratelimit+0x10/0x10
[ 1662.864957][ T1736]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1662.864981][ T1736]  ? __pfx__printk+0x10/0x10
[ 1662.864998][ T1736]  ? __might_fault+0xb0/0x130
[ 1662.865022][ T1736]  should_fail_ex+0x414/0x560
[ 1662.865045][ T1736]  _copy_from_user+0x2d/0xb0
[ 1662.865061][ T1736]  __sys_bind+0x199/0x3e0
[ 1662.865078][ T1736]  ? __pfx___sys_bind+0x10/0x10
[ 1662.865102][ T1736]  ? __pfx_ksys_write+0x10/0x10
[ 1662.865126][ T1736]  ? rcu_is_watching+0x15/0xb0
[ 1662.865154][ T1736]  __x64_sys_bind+0x7a/0x90
[ 1662.865180][ T1736]  do_syscall_64+0xfa/0x3b0
[ 1662.865199][ T1736]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1662.865218][ T1736]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1662.865231][ T1736]  ? clear_bhb_loop+0x60/0xb0
[ 1662.865246][ T1736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1662.865259][ T1736] RIP: 0033:0x7f303338e929
[ 1662.865271][ T1736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1662.865283][ T1736] RSP: 002b:00007f30341fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1662.865297][ T1736] RAX: ffffffffffffffda RBX: 00007f30335b5fa0 RCX: 00007f303338e929
[ 1662.865307][ T1736] RDX: 0000000000000014 RSI: 0000200000000040 RDI: 0000000000000003
[ 1662.865316][ T1736] RBP: 00007f30341fe090 R08: 0000000000000000 R09: 0000000000000000
[ 1662.865324][ T1736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1662.865332][ T1736] R13: 0000000000000000 R14: 00007f30335b5fa0 R15: 00007f30336dfa28
[ 1662.865351][ T1736]  </TASK>
[ 1663.165008][T19195] usb 3-1: USB disconnect, device number 94
[ 1663.307299][T22727] udevd[22727]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:4.121/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1664.116887][ T1750] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8593'.
[ 1665.002549][T19195] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[ 1665.177194][T19195] usb 1-1: Using ep0 maxpacket: 32
[ 1665.188777][T19195] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.1f
[ 1665.201984][T19195] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1665.252302][T19195] usb 1-1: config 0 descriptor??
[ 1665.516542][T19195] usb 1-1: string descriptor 0 read error: -71
[ 1665.538031][T19195] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[ 1665.570489][T19195] usb 1-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[ 1665.581763][T19195] usb 1-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[ 1665.991837][ T1771] FAULT_INJECTION: forcing a failure.
[ 1665.991837][ T1771] name failslab, interval 1, probability 0, space 0, times 0
[ 1666.010340][ T1771] CPU: 1 UID: 0 PID: 1771 Comm: syz.2.8598 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1666.010367][ T1771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1666.010379][ T1771] Call Trace:
[ 1666.010388][ T1771]  <TASK>
[ 1666.010403][ T1771]  dump_stack_lvl+0x189/0x250
[ 1666.010438][ T1771]  ? __pfx____ratelimit+0x10/0x10
[ 1666.010468][ T1771]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1666.010498][ T1771]  ? __pfx__printk+0x10/0x10
[ 1666.010534][ T1771]  should_fail_ex+0x414/0x560
[ 1666.010564][ T1771]  should_failslab+0xa8/0x100
[ 1666.010587][ T1771]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1666.010617][ T1771]  ? skb_clone+0x212/0x3a0
[ 1666.010647][ T1771]  skb_clone+0x212/0x3a0
[ 1666.010677][ T1771]  __netlink_deliver_tap+0x404/0x850
[ 1666.010712][ T1771]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1666.010736][ T1771]  netlink_deliver_tap+0x19c/0x1b0
[ 1666.010760][ T1771]  netlink_sendskb+0x68/0x140
[ 1666.010782][ T1771]  netlink_rcv_skb+0x28c/0x470
[ 1666.010805][ T1771]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1666.010834][ T1771]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1666.010874][ T1771]  ? down_read+0x1ad/0x2e0
[ 1666.010895][ T1771]  genl_rcv+0x28/0x40
[ 1666.010920][ T1771]  netlink_unicast+0x75b/0x8d0
[ 1666.010951][ T1771]  netlink_sendmsg+0x805/0xb30
[ 1666.010984][ T1771]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1666.011010][ T1771]  ? aa_sock_msg_perm+0x94/0x160
[ 1666.011037][ T1771]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1666.011061][ T1771]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1666.011085][ T1771]  __sock_sendmsg+0x219/0x270
[ 1666.011118][ T1771]  ____sys_sendmsg+0x505/0x830
[ 1666.011148][ T1771]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1666.011182][ T1771]  ? import_iovec+0x74/0xa0
[ 1666.011205][ T1771]  ___sys_sendmsg+0x21f/0x2a0
[ 1666.011231][ T1771]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1666.011293][ T1771]  ? __fget_files+0x2a/0x420
[ 1666.011313][ T1771]  ? __fget_files+0x3a0/0x420
[ 1666.011346][ T1771]  __x64_sys_sendmsg+0x19b/0x260
[ 1666.011373][ T1771]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1666.011412][ T1771]  ? __pfx_ksys_write+0x10/0x10
[ 1666.011428][ T1771]  ? rcu_is_watching+0x15/0xb0
[ 1666.011464][ T1771]  ? do_syscall_64+0xbe/0x3b0
[ 1666.011497][ T1771]  do_syscall_64+0xfa/0x3b0
[ 1666.011524][ T1771]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1666.011552][ T1771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.011571][ T1771]  ? clear_bhb_loop+0x60/0xb0
[ 1666.011595][ T1771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.011613][ T1771] RIP: 0033:0x7f8ddc78e929
[ 1666.011631][ T1771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1666.011648][ T1771] RSP: 002b:00007f8ddd631038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1666.011668][ T1771] RAX: ffffffffffffffda RBX: 00007f8ddc9b5fa0 RCX: 00007f8ddc78e929
[ 1666.011683][ T1771] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 1666.011696][ T1771] RBP: 00007f8ddd631090 R08: 0000000000000000 R09: 0000000000000000
[ 1666.011708][ T1771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1666.011720][ T1771] R13: 0000000000000000 R14: 00007f8ddc9b5fa0 R15: 00007f8ddcadfa28
[ 1666.011750][ T1771]  </TASK>
[ 1666.853900][ T5838] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1667.021093][ T5838] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1667.031562][ T5838] usb 3-1: config 0 has no interfaces?
[ 1667.054153][ T5838] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1667.082751][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1667.098082][ T5838] usb 3-1: config 0 descriptor??
[ 1667.325340][ T1774] netlink: 'syz.2.8599': attribute type 3 has an invalid length.
[ 1667.340528][ T1774] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8599'.
[ 1667.372766][ T5838] usb 3-1: USB disconnect, device number 95
[ 1668.130182][ T1789] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8604'.
[ 1668.829832][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.838015][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1670.578836][T31925] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1670.739129][ T1826] No such timeout policy "syz0"
[ 1670.769231][T31925] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1670.796652][T31925] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1670.877824][T31925] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1670.910515][T31925] usb 3-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[ 1670.945764][T31925] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1671.014712][T31925] usb 3-1: config 0 descriptor??
[ 1671.121227][ T1836] netlink: 72 bytes leftover after parsing attributes in process `syz.7.8613'.
[ 1671.461055][T31925] itetech 0003:048D:8595.0029: item fetching failed at offset 3/7
[ 1671.496332][T31925] itetech 0003:048D:8595.0029: probe with driver itetech failed with error -22
[ 1671.554495][  T977] usb 2-1: new full-speed USB device number 95 using dummy_hcd
[ 1671.759143][  T977] usb 2-1: config 0 has an invalid descriptor of length 155, skipping remainder of the config
[ 1671.783596][ T1850] netlink: 148 bytes leftover after parsing attributes in process `syz.7.8617'.
[ 1671.828894][  T977] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1671.871116][  T977] usb 2-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[ 1671.897365][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1671.903813][ T1850] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1671.946490][  T977] usb 2-1: config 0 descriptor??
[ 1671.957170][ T5838] usb 3-1: USB disconnect, device number 96
[ 1672.129400][  T977] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1672.680740][ T1858] FAULT_INJECTION: forcing a failure.
[ 1672.680740][ T1858] name failslab, interval 1, probability 0, space 0, times 0
[ 1672.701319][ T1858] CPU: 0 UID: 0 PID: 1858 Comm: syz.7.8620 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1672.701339][ T1858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1672.701348][ T1858] Call Trace:
[ 1672.701354][ T1858]  <TASK>
[ 1672.701360][ T1858]  dump_stack_lvl+0x189/0x250
[ 1672.701387][ T1858]  ? __pfx____ratelimit+0x10/0x10
[ 1672.701408][ T1858]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1672.701430][ T1858]  ? __pfx__printk+0x10/0x10
[ 1672.701449][ T1858]  ? __pfx___might_resched+0x10/0x10
[ 1672.701470][ T1858]  ? fs_reclaim_acquire+0x7d/0x100
[ 1672.701490][ T1858]  should_fail_ex+0x414/0x560
[ 1672.701531][ T1858]  should_failslab+0xa8/0x100
[ 1672.701547][ T1858]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1672.701562][ T1858]  ? rtnl_newlink+0xed/0x1c70
[ 1672.701576][ T1858]  ? kasan_save_free_info+0x46/0x50
[ 1672.701598][ T1858]  rtnl_newlink+0xed/0x1c70
[ 1672.701611][ T1858]  ? netlink_sendmsg+0x805/0xb30
[ 1672.701628][ T1858]  ? __sock_sendmsg+0x219/0x270
[ 1672.701661][ T1858]  ? ____sys_sendmsg+0x505/0x830
[ 1672.701675][ T1858]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1672.701690][ T1858]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1672.701731][ T1858]  ? do_syscall_64+0xfa/0x3b0
[ 1672.701752][ T1858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1672.701773][ T1858]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1672.701815][ T1858]  ? kasan_quarantine_put+0xdd/0x220
[ 1672.701835][ T1858]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1672.701859][ T1858]  ? nlmon_xmit+0xb0/0x100
[ 1672.701878][ T1858]  ? kmem_cache_free+0x18f/0x400
[ 1672.701896][ T1858]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1672.701918][ T1858]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1672.701938][ T1858]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1672.701960][ T1858]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1672.701983][ T1858]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1672.702016][ T1858]  ? __lock_acquire+0xab9/0xd20
[ 1672.702052][ T1858]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1672.702065][ T1858]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1672.702082][ T1858]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1672.702095][ T1858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1672.702107][ T1858]  ? ref_tracker_free+0x63a/0x7d0
[ 1672.702125][ T1858]  ? __copy_skb_header+0xa7/0x550
[ 1672.702144][ T1858]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1672.702162][ T1858]  ? __skb_clone+0x63/0x7a0
[ 1672.702184][ T1858]  netlink_rcv_skb+0x208/0x470
[ 1672.702200][ T1858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1672.702215][ T1858]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1672.702239][ T1858]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1672.702254][ T1858]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1672.702273][ T1858]  netlink_unicast+0x75b/0x8d0
[ 1672.702293][ T1858]  netlink_sendmsg+0x805/0xb30
[ 1672.702315][ T1858]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1672.702334][ T1858]  ? aa_sock_msg_perm+0x94/0x160
[ 1672.702353][ T1858]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1672.702371][ T1858]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1672.702388][ T1858]  __sock_sendmsg+0x219/0x270
[ 1672.702410][ T1858]  ____sys_sendmsg+0x505/0x830
[ 1672.702431][ T1858]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1672.702454][ T1858]  ? import_iovec+0x74/0xa0
[ 1672.702470][ T1858]  ___sys_sendmsg+0x21f/0x2a0
[ 1672.702488][ T1858]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1672.702528][ T1858]  ? __fget_files+0x2a/0x420
[ 1672.702543][ T1858]  ? __fget_files+0x3a0/0x420
[ 1672.702566][ T1858]  __x64_sys_sendmsg+0x19b/0x260
[ 1672.702591][ T1858]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1672.702625][ T1858]  ? __pfx_ksys_write+0x10/0x10
[ 1672.702641][ T1858]  ? rcu_is_watching+0x15/0xb0
[ 1672.702674][ T1858]  ? do_syscall_64+0xbe/0x3b0
[ 1672.702703][ T1858]  do_syscall_64+0xfa/0x3b0
[ 1672.702724][ T1858]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1672.702743][ T1858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1672.702757][ T1858]  ? clear_bhb_loop+0x60/0xb0
[ 1672.702774][ T1858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1672.702787][ T1858] RIP: 0033:0x7f303338e929
[ 1672.702800][ T1858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1672.702812][ T1858] RSP: 002b:00007f30341fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1672.702827][ T1858] RAX: ffffffffffffffda RBX: 00007f30335b5fa0 RCX: 00007f303338e929
[ 1672.702838][ T1858] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[ 1672.702847][ T1858] RBP: 00007f30341fe090 R08: 0000000000000000 R09: 0000000000000000
[ 1672.702855][ T1858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1672.702864][ T1858] R13: 0000000000000000 R14: 00007f30335b5fa0 R15: 00007f30336dfa28
[ 1672.702884][ T1858]  </TASK>
[ 1673.144012][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1673.206742][ T1860] tap0: tun_chr_ioctl cmd 1074025677
[ 1673.213991][ T1860] tap0: linktype set to 823
[ 1673.691664][ T1853] netlink: 4720 bytes leftover after parsing attributes in process `syz.0.8618'.
[ 1673.791644][ T1856] cgroup: fork rejected by pids controller in /syz2
[ 1674.255698][ T5897] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1674.426686][ T5897] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1674.452052][ T5897] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1674.465768][ T5897] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1674.475700][ T5897] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[ 1674.486795][ T5897] usb 3-1: SerialNumber: syz
[ 1674.712064][ T5897] usb 3-1: 0:2 : does not exist
[ 1674.811661][ T5897] usb 3-1: USB disconnect, device number 97
[ 1674.902071][T22727] udevd[22727]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1675.399297][ T1923] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1675.418253][ T1925] netlink: 148 bytes leftover after parsing attributes in process `syz.2.8630'.
[ 1675.444906][ T1925] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1675.467366][ T1923] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1675.614041][T27223] usb 2-1: USB disconnect, device number 95
[ 1675.666812][ T1927] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8632'.
[ 1677.972986][ T1962] netlink: 'syz.1.8643': attribute type 29 has an invalid length.
[ 1678.262646][ T1962] netlink: 'syz.1.8643': attribute type 29 has an invalid length.
[ 1678.275158][ T1962] netlink: 'syz.1.8643': attribute type 29 has an invalid length.
[ 1678.288020][ T1962] netlink: 'syz.1.8643': attribute type 29 has an invalid length.
[ 1679.134331][ T1968] netlink: 148 bytes leftover after parsing attributes in process `syz.0.8645'.
[ 1679.151518][ T1968] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1680.166559][ T1980] netlink: 136 bytes leftover after parsing attributes in process `syz.0.8647'.
[ 1680.199837][ T1982] input: syz0 as /devices/virtual/input/input58
[ 1680.254242][ T1980] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[ 1681.684392][T27223] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1681.843742][T27223] usb 3-1: Using ep0 maxpacket: 8
[ 1681.935170][T27223] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1681.970713][T27223] usb 3-1: config 8 has an invalid interface number: 24 but max is 1
[ 1682.101074][T27223] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1682.223959][T27223] usb 3-1: config 8 has 1 interface, different from the descriptor's value: 2
[ 1682.238260][T27223] usb 3-1: config 8 has no interface number 0
[ 1682.298937][T27223] usb 3-1: config 8 interface 24 altsetting 2 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1682.343221][T27223] usb 3-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1682.360968][T27223] usb 3-1: config 8 interface 24 altsetting 2 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1682.419034][T27223] usb 3-1: config 8 interface 24 has no altsetting 0
[ 1682.628638][T27223] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1682.779781][T27223] usb 3-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[ 1682.799011][T27223] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1682.813861][T27223] usb 3-1: Product: syz
[ 1682.823742][T27223] usb 3-1: Manufacturer: syz
[ 1682.833742][T27223] usb 3-1: SerialNumber: syz
[ 1682.863357][ T2027] FAULT_INJECTION: forcing a failure.
[ 1682.863357][ T2027] name failslab, interval 1, probability 0, space 0, times 0
[ 1682.927886][ T2027] CPU: 0 UID: 0 PID: 2027 Comm: syz.0.8660 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1682.927917][ T2027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1682.927932][ T2027] Call Trace:
[ 1682.927941][ T2027]  <TASK>
[ 1682.927951][ T2027]  dump_stack_lvl+0x189/0x250
[ 1682.927990][ T2027]  ? __pfx____ratelimit+0x10/0x10
[ 1682.928023][ T2027]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1682.928064][ T2027]  ? __pfx__printk+0x10/0x10
[ 1682.928106][ T2027]  should_fail_ex+0x414/0x560
[ 1682.928139][ T2027]  should_failslab+0xa8/0x100
[ 1682.928174][ T2027]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1682.928205][ T2027]  ? skb_clone+0x212/0x3a0
[ 1682.928236][ T2027]  skb_clone+0x212/0x3a0
[ 1682.928265][ T2027]  __netlink_deliver_tap+0x404/0x850
[ 1682.928300][ T2027]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1682.928325][ T2027]  netlink_deliver_tap+0x19c/0x1b0
[ 1682.928348][ T2027]  netlink_sendskb+0x68/0x140
[ 1682.928369][ T2027]  netlink_rcv_skb+0x28c/0x470
[ 1682.928392][ T2027]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1682.928422][ T2027]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1682.928461][ T2027]  ? down_read+0x1ad/0x2e0
[ 1682.928484][ T2027]  genl_rcv+0x28/0x40
[ 1682.928509][ T2027]  netlink_unicast+0x75b/0x8d0
[ 1682.928540][ T2027]  netlink_sendmsg+0x805/0xb30
[ 1682.928573][ T2027]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1682.928599][ T2027]  ? aa_sock_msg_perm+0x94/0x160
[ 1682.928626][ T2027]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1682.928651][ T2027]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1682.928675][ T2027]  __sock_sendmsg+0x219/0x270
[ 1682.928708][ T2027]  ____sys_sendmsg+0x505/0x830
[ 1682.928738][ T2027]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1682.928772][ T2027]  ? import_iovec+0x74/0xa0
[ 1682.928795][ T2027]  ___sys_sendmsg+0x21f/0x2a0
[ 1682.928822][ T2027]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1682.928884][ T2027]  ? __fget_files+0x2a/0x420
[ 1682.928904][ T2027]  ? __fget_files+0x3a0/0x420
[ 1682.928937][ T2027]  __x64_sys_sendmsg+0x19b/0x260
[ 1682.928964][ T2027]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1682.928998][ T2027]  ? __pfx_ksys_write+0x10/0x10
[ 1682.929013][ T2027]  ? rcu_is_watching+0x15/0xb0
[ 1682.929048][ T2027]  ? do_syscall_64+0xbe/0x3b0
[ 1682.929088][ T2027]  do_syscall_64+0xfa/0x3b0
[ 1682.929115][ T2027]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1682.929143][ T2027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1682.929162][ T2027]  ? clear_bhb_loop+0x60/0xb0
[ 1682.929186][ T2027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1682.929205][ T2027] RIP: 0033:0x7fdf07b8e929
[ 1682.929222][ T2027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1682.929239][ T2027] RSP: 002b:00007fdf08add038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1682.929260][ T2027] RAX: ffffffffffffffda RBX: 00007fdf07db5fa0 RCX: 00007fdf07b8e929
[ 1682.929276][ T2027] RDX: 0000000000004804 RSI: 0000200000000300 RDI: 0000000000000003
[ 1682.929288][ T2027] RBP: 00007fdf08add090 R08: 0000000000000000 R09: 0000000000000000
[ 1682.929301][ T2027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1682.929312][ T2027] R13: 0000000000000000 R14: 00007fdf07db5fa0 R15: 00007fdf07edfa28
[ 1682.929343][ T2027]  </TASK>
[ 1683.318555][ T2013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1683.328466][ T2013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1684.442998][ T2015] could not allocate digest TFM handle poly1305-simd
[ 1685.301588][ T2062] FAULT_INJECTION: forcing a failure.
[ 1685.301588][ T2062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1685.316549][ T2062] CPU: 0 UID: 0 PID: 2062 Comm: syz.5.8666 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1685.316576][ T2062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1685.316590][ T2062] Call Trace:
[ 1685.316617][ T2062]  <TASK>
[ 1685.316627][ T2062]  dump_stack_lvl+0x189/0x250
[ 1685.316670][ T2062]  ? __pfx____ratelimit+0x10/0x10
[ 1685.316718][ T2062]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1685.316749][ T2062]  ? __pfx__printk+0x10/0x10
[ 1685.316771][ T2062]  ? __might_fault+0xb0/0x130
[ 1685.316801][ T2062]  should_fail_ex+0x414/0x560
[ 1685.316832][ T2062]  _copy_from_user+0x2d/0xb0
[ 1685.316853][ T2062]  ___sys_sendmsg+0x158/0x2a0
[ 1685.316880][ T2062]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1685.316941][ T2062]  ? __fget_files+0x2a/0x420
[ 1685.316962][ T2062]  ? __fget_files+0x3a0/0x420
[ 1685.316995][ T2062]  __x64_sys_sendmsg+0x19b/0x260
[ 1685.317023][ T2062]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1685.317057][ T2062]  ? __pfx_ksys_write+0x10/0x10
[ 1685.317074][ T2062]  ? rcu_is_watching+0x15/0xb0
[ 1685.317110][ T2062]  ? do_syscall_64+0xbe/0x3b0
[ 1685.317149][ T2062]  do_syscall_64+0xfa/0x3b0
[ 1685.317178][ T2062]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1685.317206][ T2062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1685.317226][ T2062]  ? clear_bhb_loop+0x60/0xb0
[ 1685.317251][ T2062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1685.317271][ T2062] RIP: 0033:0x7f8455f8e929
[ 1685.317290][ T2062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1685.317308][ T2062] RSP: 002b:00007f8456ed5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1685.317330][ T2062] RAX: ffffffffffffffda RBX: 00007f84561b5fa0 RCX: 00007f8455f8e929
[ 1685.317346][ T2062] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[ 1685.317359][ T2062] RBP: 00007f8456ed5090 R08: 0000000000000000 R09: 0000000000000000
[ 1685.317372][ T2062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1685.317385][ T2062] R13: 0000000000000000 R14: 00007f84561b5fa0 R15: 00007f84562dfa28
[ 1685.317414][ T2062]  </TASK>
[ 1685.530428][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1686.004116][T27223] vmk80xx 3-1:8.24: driver 'vmk80xx' failed to auto-configure device.
[ 1686.037458][T27223] vmk80xx 3-1:8.24: probe with driver vmk80xx failed with error -22
[ 1686.067762][T27223] usb 3-1: USB disconnect, device number 98
[ 1689.016746][ T2106] SET target dimension over the limit!
[ 1690.395093][ T2117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1690.408125][ T2117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1690.587250][ T2129] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8682'.
[ 1690.679394][ T2119] could not allocate digest TFM handle poly1305-simd
[ 1691.552614][  T977] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1691.751977][  T977] usb 3-1: config 0 has no interfaces?
[ 1691.762929][  T977] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1691.772101][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1691.781414][  T977] usb 3-1: Product: syz
[ 1691.799787][  T977] usb 3-1: Manufacturer: syz
[ 1691.807911][  T977] usb 3-1: SerialNumber: syz
[ 1691.831326][  T977] usb 3-1: config 0 descriptor??
[ 1692.898129][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1693.977343][T32135] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.205715][T32135] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.386850][ T1433] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1694.403516][ T1433] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1694.451298][ T1433] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1694.469711][ T1433] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1694.478275][ T1433] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1694.515213][T32135] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.595835][ T1985] usb 3-1: USB disconnect, device number 99
[ 1695.137298][T32135] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1695.588042][T32135] bridge_slave_1: left allmulticast mode
[ 1695.594682][T32135] bridge_slave_1: left promiscuous mode
[ 1695.600712][T32135] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1695.618010][T32135] bridge_slave_0: left allmulticast mode
[ 1695.624053][T32135] bridge_slave_0: left promiscuous mode
[ 1695.630124][T32135] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1695.642688][T32135] tipc: Resetting bearer <eth:xfrm0>
[ 1695.822241][T32135] tipc: Disabling bearer <eth:xfrm0>
[ 1695.907140][T32135] dvmrp1 (unregistering): left allmulticast mode
[ 1696.164808][ T2179] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8693'.
[ 1696.195366][T32135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1696.211090][T32135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1696.225232][T32135] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1696.235601][T32135] bond0 (unregistering): Released all slaves
[ 1696.392769][T32135] tipc: Disabling bearer <udp:syz2>
[ 1696.399108][T32135] tipc: Left network mode
[ 1696.554812][T26926] Bluetooth: hci4: command tx timeout
[ 1696.663522][ T2163] chnl_net:caif_netlink_parms(): no params data found
[ 1697.582307][T32135] mac80211_hwsim hwsim28 wlan0 (unregistering): left allmulticast mode
[ 1698.006824][ T2163] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1698.071586][ T2163] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1698.092400][ T2163] bridge_slave_0: entered allmulticast mode
[ 1698.123321][ T2163] bridge_slave_0: entered promiscuous mode
[ 1698.248717][ T2163] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1698.403287][ T2163] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1698.509477][ T2163] bridge_slave_1: entered allmulticast mode
[ 1698.529383][ T2163] bridge_slave_1: entered promiscuous mode
[ 1698.580844][T32135] hsr_slave_0: left promiscuous mode
[ 1698.633841][T26926] Bluetooth: hci4: command tx timeout
[ 1698.737981][T32135] hsr_slave_1: left promiscuous mode
[ 1698.779057][T32135] veth1_macvtap: left promiscuous mode
[ 1698.799086][T32135] veth0_macvtap: left promiscuous mode
[ 1700.063763][ T1986] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1700.310591][ T1986] usb 3-1: Using ep0 maxpacket: 32
[ 1700.327792][ T1986] usb 3-1: config index 0 descriptor too short (expected 68, got 18)
[ 1700.336909][ T1986] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1700.345149][ T1986] usb 3-1: config 0 has no interface number 0
[ 1700.376164][ T1986] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1700.387305][ T1986] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1700.395631][ T1986] usb 3-1: Product: syz
[ 1700.403785][ T1986] usb 3-1: Manufacturer: syz
[ 1700.411650][ T1986] usb 3-1: SerialNumber: syz
[ 1700.476001][ T1986] usb 3-1: config 0 descriptor??
[ 1700.504496][ T1986] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1700.720273][T26926] Bluetooth: hci4: command tx timeout
[ 1702.118234][ T2277] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1702.158522][ T2277] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1702.171382][ T2277] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1702.190568][ T2277] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1702.203614][ T2277] geneve2: entered allmulticast mode
[ 1702.237543][ T2163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1702.427940][ T2163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1702.580138][ T2163] team0: Port device team_slave_0 added
[ 1702.608925][ T2163] team0: Port device team_slave_1 added
[ 1702.659069][T32135] IPVS: stop unused estimator thread 0...
[ 1702.775563][ T2163] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1702.803011][T26926] Bluetooth: hci4: command tx timeout
[ 1702.804139][ T2163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1702.976076][ T2163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1703.029793][ T2163] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1703.043914][   T30] audit: type=1326 audit(1750941084.965:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.5.8709" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8455f8e929 code=0x0
[ 1703.057906][ T2163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1703.130763][ T2163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1703.897273][ T1986] usb 3-1: qt2_attach - failed to power on unit: -71
[ 1703.936436][ T1986] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[ 1703.950017][ T2163] hsr_slave_0: entered promiscuous mode
[ 1704.044912][ T2163] hsr_slave_1: entered promiscuous mode
[ 1704.056132][ T1986] usb 3-1: USB disconnect, device number 100
[ 1704.073317][ T2163] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1704.119614][  T977] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[ 1704.129274][ T2163] Cannot create hsr debugfs directory
[ 1704.283828][  T977] usb 2-1: Using ep0 maxpacket: 16
[ 1704.502823][  T977] usb 2-1: config 8 has an invalid interface number: 39 but max is 0
[ 1704.543769][  T977] usb 2-1: config 8 has no interface number 0
[ 1704.559333][  T977] usb 2-1: config 8 interface 39 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1704.574509][ T1986] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1704.636159][  T977] usb 2-1: config 8 interface 39 has no altsetting 0
[ 1704.745361][  T977] usb 2-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[ 1704.807928][ T1986] usb 3-1: config 0 has no interfaces?
[ 1704.825031][ T1986] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1704.834697][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1704.841578][ T1986] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1704.842711][  T977] usb 2-1: Product: syz
[ 1704.855427][ T1986] usb 3-1: Product: syz
[ 1704.859593][ T1986] usb 3-1: Manufacturer: syz
[ 1704.882329][ T1986] usb 3-1: SerialNumber: syz
[ 1704.906508][ T1986] usb 3-1: config 0 descriptor??
[ 1705.030021][  T977] usb 2-1: Manufacturer: syz
[ 1705.044492][  T977] usb 2-1: SerialNumber: syz
[ 1705.341298][  T977] ipheth 2-1:8.39: Unable to find endpoints
[ 1705.395419][  T977] usb 2-1: USB disconnect, device number 96
[ 1706.033369][ T2163] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1706.068271][ T2163] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1706.116970][ T2163] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1706.155412][ T2163] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1706.611349][ T2163] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1706.710960][ T2163] 8021q: adding VLAN 0 to HW filter on device team0
[ 1706.749371][T12277] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1706.756608][T12277] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1706.841522][T12277] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1706.848746][T12277] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1707.224283][ T2163] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1707.352076][ T1987] usb 3-1: USB disconnect, device number 101
[ 1707.608459][ T2163] veth0_vlan: entered promiscuous mode
[ 1707.683112][ T2163] veth1_vlan: entered promiscuous mode
[ 1707.830241][ T2163] veth0_macvtap: entered promiscuous mode
[ 1707.871279][ T2163] veth1_macvtap: entered promiscuous mode
[ 1707.907602][ T2163] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1707.933490][ T2163] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1707.962932][ T2163] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.982862][ T2163] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.993859][ T5838] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1707.997029][ T2163] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.032066][ T2163] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.083805][  T977] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[ 1708.145681][ T5838] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1708.178251][ T5838] usb 3-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[ 1708.200564][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1708.218911][ T5838] usb 3-1: Product: syz
[ 1708.227960][ T5838] usb 3-1: Manufacturer: syz
[ 1708.234641][T12279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.235909][  T977] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1708.266306][ T5838] usb 3-1: SerialNumber: syz
[ 1708.277127][T12279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1708.286292][ T5838] usb 3-1: config 0 descriptor??
[ 1708.297057][  T977] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1708.343749][  T977] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1708.445486][  T977] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1708.456237][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1708.503053][T12279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.546928][   T43] usb 3-1: USB disconnect, device number 102
[ 1708.555103][T12279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1708.648885][  T977] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1708.690861][  T977] usb 2-1: invalid MIDI out EP 0
[ 1708.920655][  T977] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1708.967668][  T977] usb 2-1: USB disconnect, device number 97
[ 1711.505953][ T2463] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8735'.
[ 1713.492101][ T2511] ptrace attach of ""[2513] was attempted by "./syz-executor exec"[2511]
[ 1713.822991][ T2520] ptrace attach of "./syz-executor exec"[2521] was attempted by "./syz-executor exec"[2520]
[ 1716.081490][ T2554] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1716.088070][ T2554] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1716.115295][ T2554] vhci_hcd vhci_hcd.0: Device attached
[ 1716.355230][ T5838] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 1716.699334][ T2568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8762'.
[ 1716.965693][ T1433] Bluetooth: hci3: command 0x0406 tx timeout
[ 1717.619883][ T2591] netlink: 212 bytes leftover after parsing attributes in process `syz.2.8767'.
[ 1718.803050][ T2613] input: syz1 as /devices/virtual/input/input59
[ 1719.112704][ T2555] vhci_hcd: connection reset by peer
[ 1719.130401][ T3510] vhci_hcd: stop threads
[ 1719.135168][ T3510] vhci_hcd: release socket
[ 1719.149153][ T3510] vhci_hcd: disconnect device
[ 1721.633828][ T5838] vhci_hcd: vhci_device speed not set
[ 1722.643743][T15739] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1722.814043][T15739] usb 3-1: Using ep0 maxpacket: 32
[ 1722.831419][T15739] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1722.864001][T15739] usb 3-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 1722.887069][T15739] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1722.927439][T15739] usb 3-1: config 0 descriptor??
[ 1723.188537][ T1986] usb 3-1: USB disconnect, device number 103
[ 1724.796985][ T2721] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8803'.
[ 1726.166278][   T43] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0
[ 1726.391895][   T43] hid-generic 0000:0000:0000.002A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1730.247008][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.247023][T19195] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[ 1730.247089][T19195] dvb_usb_az6027 1-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[ 1730.253362][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.419651][T19195] usb 1-1: USB disconnect, device number 91
[ 1730.903802][T19195] IPVS: starting estimator thread 0...
[ 1731.013808][ T2834] IPVS: using max 32 ests per chain, 76800 per kthread
[ 1732.364881][ T2863] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8842'.
[ 1733.273418][T15739] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1733.450203][T15739] usb 3-1: Using ep0 maxpacket: 32
[ 1733.471008][T15739] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[ 1733.502987][T15739] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1733.536664][T15739] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[ 1733.553824][T15739] usb 3-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[ 1733.573790][T15739] usb 3-1: Product: syz
[ 1733.577999][T15739] usb 3-1: Manufacturer: syz
[ 1733.582663][T15739] usb 3-1: SerialNumber: syz
[ 1733.615917][T15739] usb 3-1: config 0 descriptor??
[ 1733.654309][T15739] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1733.852085][T32136] usb 3-1: Failed to submit usb control message: -71
[ 1733.852352][T15739] usb 3-1: USB disconnect, device number 104
[ 1733.862331][T32136] usb 3-1: unable to send the bmi data to the device: -71
[ 1733.884730][T32136] usb 3-1: unable to get target info from device
[ 1733.891115][T32136] usb 3-1: could not get target info (-71)
[ 1733.924074][T32136] usb 3-1: could not probe fw (-71)
[ 1735.424832][ T2925] : entered promiscuous mode
[ 1736.083863][T15739] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[ 1736.253761][T15739] usb 1-1: Using ep0 maxpacket: 8
[ 1736.261351][T15739] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1736.275481][T15739] usb 1-1: config 4 interface 0 has no altsetting 0
[ 1736.287244][T15739] usb 1-1: string descriptor 0 read error: -22
[ 1736.303350][T15739] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1736.332790][T15739] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1736.377459][T15739] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1736.424793][T15739] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1736.445629][T15739] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1736.461815][T15739] usb 1-1: media controller created
[ 1736.528314][T15739] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1736.574693][T15739] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1736.584465][ T1986] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1736.664622][T15739] usb 1-1: USB disconnect, device number 92
[ 1736.744386][ T1986] usb 3-1: Using ep0 maxpacket: 32
[ 1736.775763][ T1986] usb 3-1: config 0 has no interfaces?
[ 1736.781274][ T1986] usb 3-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[ 1736.798215][ T1986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1736.810950][ T1986] usb 3-1: config 0 descriptor??
[ 1737.026694][T15739] usb 3-1: USB disconnect, device number 105
[ 1739.948580][ T3004] loop9: detected capacity change from 0 to 7
[ 1739.979151][ T3004] Dev loop9: unable to read RDB block 7
[ 1740.013732][ T3004]  loop9: unable to read partition table
[ 1740.028709][ T3004] loop9: partition table beyond EOD, truncated
[ 1740.063858][ T3004] loop_reread_partitions: partition scan of loop9 (■глx№        ) failed (rc=-5)
[ 1740.584581][ T3012] delete_channel: no stack
[ 1741.015291][ T3028] bridge0: entered promiscuous mode
[ 1741.021099][ T3028] macvlan0: entered promiscuous mode
[ 1741.518150][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xdf0000000000
[ 1741.560289][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xdf0000000000
[ 1741.607743][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1741.672477][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xde4600000000
[ 1741.731994][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1741.847224][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xdf0000000000
[ 1741.906240][ T3035] kvm: kvm [3034]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[ 1743.395541][ T3068] 
[ 1743.397930][ T3068] =====================================================
[ 1743.404881][ T3068] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 1743.412387][ T3068] 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 Not tainted
[ 1743.419511][ T3068] -----------------------------------------------------
[ 1743.426456][ T3068] syz.0.8909/3068 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 1743.434110][ T3068] ffffffff8de0c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigurg+0x12b/0x420
[ 1743.442876][ T3068] 
[ 1743.442876][ T3068] and this task is already holding:
[ 1743.450251][ T3068] ffff88804fae3120 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x55/0x420
[ 1743.458977][ T3068] which would create a new lock dependency:
[ 1743.464879][ T3068]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[ 1743.472481][ T3068] 
[ 1743.472481][ T3068] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 1743.481931][ T3068]  (&client->buffer_lock){..-.}-{3:3}
[ 1743.481957][ T3068] 
[ 1743.481957][ T3068] ... which became SOFTIRQ-irq-safe at:
[ 1743.495033][ T3068]   lock_acquire+0x120/0x360
[ 1743.499642][ T3068]   _raw_spin_lock+0x2e/0x40
[ 1743.504250][ T3068]   evdev_pass_values+0xb9/0xbd0
[ 1743.509205][ T3068]   evdev_events+0x1e6/0x340
[ 1743.513805][ T3068]   input_pass_values+0x288/0x890
[ 1743.518834][ T3068]   input_event_dispose+0x3e5/0x6b0
[ 1743.524096][ T3068]   input_event+0x8c/0xc0
[ 1743.528440][ T3068]   hidinput_hid_event+0x132c/0x1c90
[ 1743.533728][ T3068]   hid_process_event+0x4be/0x620
[ 1743.538762][ T3068]   hid_report_raw_event+0xe91/0x16d0
[ 1743.544168][ T3068]   hid_input_report+0x43e/0x520
[ 1743.549125][ T3068]   hid_irq_in+0x47e/0x6d0
[ 1743.553544][ T3068]   __usb_hcd_giveback_urb+0x417/0x690
[ 1743.559444][ T3068]   dummy_timer+0x862/0x4550
[ 1743.564141][ T3068]   __hrtimer_run_queues+0x529/0xc60
[ 1743.569443][ T3068]   hrtimer_run_softirq+0x187/0x2b0
[ 1743.574648][ T3068]   handle_softirqs+0x286/0x870
[ 1743.579545][ T3068]   __irq_exit_rcu+0xca/0x1f0
[ 1743.584245][ T3068]   irq_exit_rcu+0x9/0x30
[ 1743.588588][ T3068]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1743.594326][ T3068]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1743.600408][ T3068]   pv_native_safe_halt+0x13/0x20
[ 1743.605441][ T3068]   default_idle+0x13/0x20
[ 1743.609869][ T3068]   default_idle_call+0x74/0xb0
[ 1743.614725][ T3068]   do_idle+0x1e8/0x510
[ 1743.618887][ T3068]   cpu_startup_entry+0x44/0x60
[ 1743.623733][ T3068]   start_secondary+0x101/0x110
[ 1743.628588][ T3068]   common_startup_64+0x13e/0x147
[ 1743.633617][ T3068] 
[ 1743.633617][ T3068] to a SOFTIRQ-irq-unsafe lock:
[ 1743.640639][ T3068]  (tasklist_lock){.+.+}-{3:3}
[ 1743.640665][ T3068] 
[ 1743.640665][ T3068] ... which became SOFTIRQ-irq-unsafe at:
[ 1743.653310][ T3068] ...
[ 1743.653317][ T3068]   lock_acquire+0x120/0x360
[ 1743.660500][ T3068]   _raw_read_lock+0x36/0x50
[ 1743.665110][ T3068]   __do_wait+0xde/0x740
[ 1743.669383][ T3068]   do_wait+0x1f8/0x520
[ 1743.673539][ T3068]   kernel_wait+0xab/0x170
[ 1743.677960][ T3068]   call_usermodehelper_exec_work+0xbe/0x230
[ 1743.683951][ T3068]   process_scheduled_works+0xae1/0x17b0
[ 1743.689619][ T3068]   worker_thread+0x8a0/0xda0
[ 1743.694311][ T3068]   kthread+0x70e/0x8a0
[ 1743.698496][ T3068]   ret_from_fork+0x3fc/0x770
[ 1743.703180][ T3068]   ret_from_fork_asm+0x1a/0x30
[ 1743.708033][ T3068] 
[ 1743.708033][ T3068] other info that might help us debug this:
[ 1743.708033][ T3068] 
[ 1743.718291][ T3068] Chain exists of:
[ 1743.718291][ T3068]   &client->buffer_lock --> &f_owner->lock --> tasklist_lock
[ 1743.718291][ T3068] 
[ 1743.731534][ T3068]  Possible interrupt unsafe locking scenario:
[ 1743.731534][ T3068] 
[ 1743.739867][ T3068]        CPU0                    CPU1
[ 1743.745247][ T3068]        ----                    ----
[ 1743.750612][ T3068]   lock(tasklist_lock);
[ 1743.754863][ T3068]                                local_irq_disable();
[ 1743.761620][ T3068]                                lock(&client->buffer_lock);
[ 1743.768996][ T3068]                                lock(&f_owner->lock);
[ 1743.775852][ T3068]   <Interrupt>
[ 1743.779305][ T3068]     lock(&client->buffer_lock);
[ 1743.784349][ T3068] 
[ 1743.784349][ T3068]  *** DEADLOCK ***
[ 1743.784349][ T3068] 
[ 1743.792493][ T3068] 2 locks held by syz.0.8909/3068:
[ 1743.797601][ T3068]  #0: ffff888068f427c0 (&u->lock){+.+.}-{3:3}, at: queue_oob+0x187/0x5a0
[ 1743.806163][ T3068]  #1: ffff88804fae3120 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x55/0x420
[ 1743.815352][ T3068] 
[ 1743.815352][ T3068] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 1743.825759][ T3068]   -> (&client->buffer_lock){..-.}-{3:3} {
[ 1743.831678][ T3068]      IN-SOFTIRQ-W at:
[ 1743.835832][ T3068]                         lock_acquire+0x120/0x360
[ 1743.842350][ T3068]                         _raw_spin_lock+0x2e/0x40
[ 1743.848877][ T3068]                         evdev_pass_values+0xb9/0xbd0
[ 1743.855730][ T3068]                         evdev_events+0x1e6/0x340
[ 1743.862248][ T3068]                         input_pass_values+0x288/0x890
[ 1743.869181][ T3068]                         input_event_dispose+0x3e5/0x6b0
[ 1743.876301][ T3068]                         input_event+0x8c/0xc0
[ 1743.882555][ T3068]                         hidinput_hid_event+0x132c/0x1c90
[ 1743.889755][ T3068]                         hid_process_event+0x4be/0x620
[ 1743.896694][ T3068]                         hid_report_raw_event+0xe91/0x16d0
[ 1743.904014][ T3068]                         hid_input_report+0x43e/0x520
[ 1743.910882][ T3068]                         hid_irq_in+0x47e/0x6d0
[ 1743.917219][ T3068]                         __usb_hcd_giveback_urb+0x417/0x690
[ 1743.924596][ T3068]                         dummy_timer+0x862/0x4550
[ 1743.931107][ T3068]                         __hrtimer_run_queues+0x529/0xc60
[ 1743.938311][ T3068]                         hrtimer_run_softirq+0x187/0x2b0
[ 1743.945423][ T3068]                         handle_softirqs+0x286/0x870
[ 1743.952197][ T3068]                         __irq_exit_rcu+0xca/0x1f0
[ 1743.958799][ T3068]                         irq_exit_rcu+0x9/0x30
[ 1743.965061][ T3068]                         sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1743.972716][ T3068]                         asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1743.980695][ T3068]                         pv_native_safe_halt+0x13/0x20
[ 1743.987641][ T3068]                         default_idle+0x13/0x20
[ 1743.993988][ T3068]                         default_idle_call+0x74/0xb0
[ 1744.000784][ T3068]                         do_idle+0x1e8/0x510
[ 1744.006853][ T3068]                         cpu_startup_entry+0x44/0x60
[ 1744.013617][ T3068]                         start_secondary+0x101/0x110
[ 1744.020411][ T3068]                         common_startup_64+0x13e/0x147
[ 1744.027357][ T3068]      INITIAL USE at:
[ 1744.031434][ T3068]                        lock_acquire+0x120/0x360
[ 1744.037875][ T3068]                        _raw_spin_lock+0x2e/0x40
[ 1744.044299][ T3068]                        evdev_pass_values+0xb9/0xbd0
[ 1744.051072][ T3068]                        evdev_events+0x1e6/0x340
[ 1744.057486][ T3068]                        input_pass_values+0x288/0x890
[ 1744.064437][ T3068]                        input_event_dispose+0x3e5/0x6b0
[ 1744.071577][ T3068]                        input_event+0x8c/0xc0
[ 1744.077741][ T3068]                        hidinput_hid_event+0x132c/0x1c90
[ 1744.084865][ T3068]                        hid_process_event+0x4be/0x620
[ 1744.091844][ T3068]                        hid_report_raw_event+0xe91/0x16d0
[ 1744.099057][ T3068]                        hid_input_report+0x43e/0x520
[ 1744.105835][ T3068]                        hid_irq_in+0x47e/0x6d0
[ 1744.112084][ T3068]                        __usb_hcd_giveback_urb+0x417/0x690
[ 1744.119380][ T3068]                        dummy_timer+0x862/0x4550
[ 1744.125802][ T3068]                        __hrtimer_run_queues+0x529/0xc60
[ 1744.132937][ T3068]                        hrtimer_run_softirq+0x187/0x2b0
[ 1744.139966][ T3068]                        handle_softirqs+0x286/0x870
[ 1744.146649][ T3068]                        __irq_exit_rcu+0xca/0x1f0
[ 1744.153166][ T3068]                        irq_exit_rcu+0x9/0x30
[ 1744.159364][ T3068]                        sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1744.166931][ T3068]                        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1744.174828][ T3068]                        pv_native_safe_halt+0x13/0x20
[ 1744.181692][ T3068]                        default_idle+0x13/0x20
[ 1744.187952][ T3068]                        default_idle_call+0x74/0xb0
[ 1744.194632][ T3068]                        do_idle+0x1e8/0x510
[ 1744.200619][ T3068]                        cpu_startup_entry+0x44/0x60
[ 1744.207317][ T3068]                        start_secondary+0x101/0x110
[ 1744.214021][ T3068]                        common_startup_64+0x13e/0x147
[ 1744.220891][ T3068]    }
[ 1744.223570][ T3068]    ... key      at: [<ffffffff99e04460>] evdev_open.__key.25+0x0/0x20
[ 1744.231907][ T3068]  -> (&new->fa_lock){....}-{3:3} {
[ 1744.237130][ T3068]     INITIAL USE at:
[ 1744.241117][ T3068]                      lock_acquire+0x120/0x360
[ 1744.247364][ T3068]                      _raw_write_lock_irq+0xa2/0xf0
[ 1744.254064][ T3068]                      fasync_remove_entry+0xf1/0x1c0
[ 1744.260846][ T3068]                      lease_modify+0x1ca/0x3c0
[ 1744.267093][ T3068]                      generic_setlease+0x9ae/0x1240
[ 1744.273773][ T3068]                      fcntl_setlease+0xc6/0x4c0
[ 1744.280108][ T3068]                      do_fcntl+0x6a9/0x1910
[ 1744.286096][ T3068]                      __se_sys_fcntl+0xc8/0x150
[ 1744.292429][ T3068]                      do_syscall_64+0xfa/0x3b0
[ 1744.298678][ T3068]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.306325][ T3068]     INITIAL READ USE at:
[ 1744.310776][ T3068]                           lock_acquire+0x120/0x360
[ 1744.317499][ T3068]                           _raw_read_lock_irqsave+0xaf/0x100
[ 1744.325001][ T3068]                           kill_fasync+0x199/0x4d0
[ 1744.331628][ T3068]                           lease_break_callback+0x26/0x30
[ 1744.338834][ T3068]                           __break_lease+0x6a5/0x1620
[ 1744.345689][ T3068]                           vfs_truncate+0x428/0x520
[ 1744.352367][ T3068]                           do_sys_truncate+0xdb/0x190
[ 1744.359223][ T3068]                           __x64_sys_truncate+0x5b/0x70
[ 1744.366252][ T3068]                           do_syscall_64+0xfa/0x3b0
[ 1744.372941][ T3068]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.381032][ T3068]   }
[ 1744.383629][ T3068]   ... key      at: [<ffffffff99af5400>] fasync_insert_entry.__key+0x0/0x20
[ 1744.392405][ T3068]   ... acquired at:
[ 1744.396296][ T3068]    lock_acquire+0x120/0x360
[ 1744.400990][ T3068]    _raw_read_lock_irqsave+0xaf/0x100
[ 1744.406464][ T3068]    kill_fasync+0x199/0x4d0
[ 1744.411074][ T3068]    evdev_pass_values+0x627/0xbd0
[ 1744.416198][ T3068]    evdev_events+0x1e6/0x340
[ 1744.420882][ T3068]    input_pass_values+0x288/0x890
[ 1744.426004][ T3068]    input_event_dispose+0x330/0x6b0
[ 1744.431301][ T3068]    input_inject_event+0x1fe/0x320
[ 1744.436516][ T3068]    evdev_write+0x2fc/0x480
[ 1744.441117][ T3068]    vfs_write+0x27e/0xa90
[ 1744.445560][ T3068]    ksys_write+0x145/0x250
[ 1744.450066][ T3068]    do_syscall_64+0xfa/0x3b0
[ 1744.454762][ T3068]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.461104][ T3068] 
[ 1744.463431][ T3068] -> (&f_owner->lock){....}-{3:3} {
[ 1744.468653][ T3068]    INITIAL USE at:
[ 1744.472547][ T3068]                    lock_acquire+0x120/0x360
[ 1744.478632][ T3068]                    _raw_write_lock_irq+0xa2/0xf0
[ 1744.485178][ T3068]                    __f_setown+0x67/0x370
[ 1744.490993][ T3068]                    generic_setlease+0xd5d/0x1240
[ 1744.497503][ T3068]                    fcntl_setlease+0x3a2/0x4c0
[ 1744.503756][ T3068]                    do_fcntl+0x6a9/0x1910
[ 1744.509582][ T3068]                    __se_sys_fcntl+0xc8/0x150
[ 1744.515831][ T3068]                    do_syscall_64+0xfa/0x3b0
[ 1744.521920][ T3068]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.529394][ T3068]    INITIAL READ USE at:
[ 1744.533751][ T3068]                         lock_acquire+0x120/0x360
[ 1744.540267][ T3068]                         _raw_read_lock_irqsave+0xaf/0x100
[ 1744.547558][ T3068]                         send_sigio+0x38/0x370
[ 1744.553813][ T3068]                         kill_fasync+0x24d/0x4d0
[ 1744.560242][ T3068]                         lease_break_callback+0x26/0x30
[ 1744.567282][ T3068]                         __break_lease+0x6a5/0x1620
[ 1744.574024][ T3068]                         vfs_truncate+0x428/0x520
[ 1744.580539][ T3068]                         do_sys_truncate+0xdb/0x190
[ 1744.587217][ T3068]                         __x64_sys_truncate+0x5b/0x70
[ 1744.594070][ T3068]                         do_syscall_64+0xfa/0x3b0
[ 1744.600595][ T3068]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.608487][ T3068]  }
[ 1744.610987][ T3068]  ... key      at: [<ffffffff99af53e0>] file_f_owner_allocate.__key+0x0/0x20
[ 1744.619844][ T3068]  ... acquired at:
[ 1744.623646][ T3068]    lock_acquire+0x120/0x360
[ 1744.628443][ T3068]    _raw_read_lock_irqsave+0xaf/0x100
[ 1744.633911][ T3068]    send_sigio+0x38/0x370
[ 1744.638359][ T3068]    kill_fasync+0x24d/0x4d0
[ 1744.642955][ T3068]    lease_break_callback+0x26/0x30
[ 1744.648165][ T3068]    __break_lease+0x6a5/0x1620
[ 1744.653023][ T3068]    vfs_truncate+0x428/0x520
[ 1744.657710][ T3068]    do_sys_truncate+0xdb/0x190
[ 1744.662559][ T3068]    __x64_sys_truncate+0x5b/0x70
[ 1744.667580][ T3068]    do_syscall_64+0xfa/0x3b0
[ 1744.672268][ T3068]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.678331][ T3068] 
[ 1744.680653][ T3068] 
[ 1744.680653][ T3068] the dependencies between the lock to be acquired
[ 1744.680663][ T3068]  and SOFTIRQ-irq-unsafe lock:
[ 1744.694178][ T3068] -> (tasklist_lock){.+.+}-{3:3} {
[ 1744.699321][ T3068]    HARDIRQ-ON-R at:
[ 1744.703303][ T3068]                     lock_acquire+0x120/0x360
[ 1744.709466][ T3068]                     _raw_read_lock+0x36/0x50
[ 1744.715628][ T3068]                     __do_wait+0xde/0x740
[ 1744.721439][ T3068]                     do_wait+0x1f8/0x520
[ 1744.727167][ T3068]                     kernel_wait+0xab/0x170
[ 1744.733155][ T3068]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1744.740709][ T3068]                     process_scheduled_works+0xae1/0x17b0
[ 1744.747911][ T3068]                     worker_thread+0x8a0/0xda0
[ 1744.754164][ T3068]                     kthread+0x70e/0x8a0
[ 1744.759897][ T3068]                     ret_from_fork+0x3fc/0x770
[ 1744.766153][ T3068]                     ret_from_fork_asm+0x1a/0x30
[ 1744.772574][ T3068]    SOFTIRQ-ON-R at:
[ 1744.776557][ T3068]                     lock_acquire+0x120/0x360
[ 1744.782816][ T3068]                     _raw_read_lock+0x36/0x50
[ 1744.788973][ T3068]                     __do_wait+0xde/0x740
[ 1744.794784][ T3068]                     do_wait+0x1f8/0x520
[ 1744.800514][ T3068]                     kernel_wait+0xab/0x170
[ 1744.806537][ T3068]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1744.814102][ T3068]                     process_scheduled_works+0xae1/0x17b0
[ 1744.821321][ T3068]                     worker_thread+0x8a0/0xda0
[ 1744.827585][ T3068]                     kthread+0x70e/0x8a0
[ 1744.833312][ T3068]                     ret_from_fork+0x3fc/0x770
[ 1744.839563][ T3068]                     ret_from_fork_asm+0x1a/0x30
[ 1744.845988][ T3068]    INITIAL USE at:
[ 1744.849896][ T3068]                    lock_acquire+0x120/0x360
[ 1744.856371][ T3068]                    _raw_write_lock_irq+0xa2/0xf0
[ 1744.862894][ T3068]                    copy_process+0x224f/0x3c00
[ 1744.869137][ T3068]                    kernel_clone+0x21e/0x870
[ 1744.875217][ T3068]                    user_mode_thread+0xdd/0x140
[ 1744.881542][ T3068]                    rest_init+0x23/0x300
[ 1744.887270][ T3068]                    start_kernel+0x47d/0x500
[ 1744.893343][ T3068]                    x86_64_start_reservations+0x24/0x30
[ 1744.900375][ T3068]                    x86_64_start_kernel+0x143/0x1c0
[ 1744.907077][ T3068]                    common_startup_64+0x13e/0x147
[ 1744.913590][ T3068]    INITIAL READ USE at:
[ 1744.917932][ T3068]                         lock_acquire+0x120/0x360
[ 1744.924465][ T3068]                         _raw_read_lock+0x36/0x50
[ 1744.930980][ T3068]                         __do_wait+0xde/0x740
[ 1744.937153][ T3068]                         do_wait+0x1f8/0x520
[ 1744.943228][ T3068]                         kernel_wait+0xab/0x170
[ 1744.949645][ T3068]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1744.957806][ T3068]                         process_scheduled_works+0xae1/0x17b0
[ 1744.965361][ T3068]                         worker_thread+0x8a0/0xda0
[ 1744.971952][ T3068]                         kthread+0x70e/0x8a0
[ 1744.978026][ T3068]                         ret_from_fork+0x3fc/0x770
[ 1744.984620][ T3068]                         ret_from_fork_asm+0x1a/0x30
[ 1744.991387][ T3068]  }
[ 1744.993885][ T3068]  ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[ 1745.001611][ T3068]  ... acquired at:
[ 1745.005412][ T3068]    lock_acquire+0x120/0x360
[ 1745.010094][ T3068]    _raw_read_lock+0x36/0x50
[ 1745.014776][ T3068]    send_sigurg+0x12b/0x420
[ 1745.019377][ T3068]    sk_send_sigurg+0x6c/0x2e0
[ 1745.024154][ T3068]    queue_oob+0x490/0x5a0
[ 1745.028671][ T3068]    unix_stream_sendmsg+0xaf9/0xc90
[ 1745.033988][ T3068]    __sock_sendmsg+0x219/0x270
[ 1745.038947][ T3068]    ____sys_sendmsg+0x52d/0x830
[ 1745.043895][ T3068]    ___sys_sendmsg+0x21f/0x2a0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1745.048754][ T3068]    __sys_sendmmsg+0x227/0x430
[ 1745.053606][ T3068]    __x64_sys_sendmmsg+0xa0/0xc0
[ 1745.058903][ T3068]    do_syscall_64+0xfa/0x3b0
[ 1745.063591][ T3068]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1745.069665][ T3068] 
[ 1745.071997][ T3068] 
[ 1745.071997][ T3068] stack backtrace:
[ 1745.077890][ T3068] CPU: 1 UID: 0 PID: 3068 Comm: syz.0.8909 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[ 1745.077910][ T3068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1745.077920][ T3068] Call Trace:
[ 1745.077928][ T3068]  <TASK>
[ 1745.077934][ T3068]  dump_stack_lvl+0x189/0x250
[ 1745.077962][ T3068]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1745.077986][ T3068]  ? __pfx__printk+0x10/0x10
[ 1745.078013][ T3068]  validate_chain+0x1f05/0x2140
[ 1745.078036][ T3068]  __lock_acquire+0xab9/0xd20
[ 1745.078077][ T3068]  ? send_sigurg+0x12b/0x420
[ 1745.078097][ T3068]  lock_acquire+0x120/0x360
[ 1745.078118][ T3068]  ? send_sigurg+0x12b/0x420
[ 1745.078140][ T3068]  ? _raw_read_lock_irqsave+0xbb/0x100
[ 1745.078167][ T3068]  _raw_read_lock+0x36/0x50
[ 1745.078187][ T3068]  ? send_sigurg+0x12b/0x420
[ 1745.078208][ T3068]  send_sigurg+0x12b/0x420
[ 1745.078231][ T3068]  sk_send_sigurg+0x6c/0x2e0
[ 1745.078257][ T3068]  queue_oob+0x490/0x5a0
[ 1745.078280][ T3068]  ? __pfx_queue_oob+0x10/0x10
[ 1745.078300][ T3068]  ? __pfx___might_resched+0x10/0x10
[ 1745.078326][ T3068]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[ 1745.078350][ T3068]  unix_stream_sendmsg+0xaf9/0xc90
[ 1745.078372][ T3068]  ? aa_sk_perm+0x81e/0x950
[ 1745.078391][ T3068]  ? rcu_is_watching+0x15/0xb0
[ 1745.078416][ T3068]  ? trace_sched_exit_tp+0x38/0x120
[ 1745.078436][ T3068]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[ 1745.078457][ T3068]  ? aa_sock_msg_perm+0x94/0x160
[ 1745.078477][ T3068]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1745.078497][ T3068]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[ 1745.078516][ T3068]  __sock_sendmsg+0x219/0x270
[ 1745.078541][ T3068]  ____sys_sendmsg+0x52d/0x830
[ 1745.078562][ T3068]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1745.078584][ T3068]  ? import_iovec+0x74/0xa0
[ 1745.078601][ T3068]  ___sys_sendmsg+0x21f/0x2a0
[ 1745.078621][ T3068]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1745.078652][ T3068]  ? __fget_files+0x2a/0x420
[ 1745.078669][ T3068]  ? __fget_files+0x3a0/0x420
[ 1745.078690][ T3068]  __sys_sendmmsg+0x227/0x430
[ 1745.078711][ T3068]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1745.078730][ T3068]  ? do_futex+0x395/0x420
[ 1745.078751][ T3068]  ? __pfx___sys_bpf+0x10/0x10
[ 1745.078778][ T3068]  ? rcu_is_watching+0x15/0xb0
[ 1745.078805][ T3068]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1745.078825][ T3068]  do_syscall_64+0xfa/0x3b0
[ 1745.078850][ T3068]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1745.078873][ T3068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1745.078889][ T3068]  ? clear_bhb_loop+0x60/0xb0
[ 1745.078907][ T3068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1745.078923][ T3068] RIP: 0033:0x7f95a958e929
[ 1745.078937][ T3068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1745.078953][ T3068] RSP: 002b:00007f95aa348038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1745.078989][ T3068] RAX: ffffffffffffffda RBX: 00007f95a97b6160 RCX: 00007f95a958e929
[ 1745.079008][ T3068] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000006
[ 1745.079020][ T3068] RBP: 00007f95a9610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1745.079031][ T3068] R10: 0000000000040015 R11: 0000000000000246 R12: 0000000000000000
[ 1745.079043][ T3068] R13: 0000000000000000 R14: 00007f95a97b6160 R15: 00007f95a98dfa28
[ 1745.079061][ T3068]  </TASK>
[ 1745.632365][ T5838] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1745.800392][ T1125] vivid-000: reconnect
[ 1746.199592][ T1345] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1746.219373][ T1345] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1746.308461][ T1345] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1746.331667][ T1345] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1746.464294][ T1345] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1746.475533][ T1345] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1746.539503][ T1345] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1746.549852][ T1345] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1746.648714][ T1345] bridge_slave_1: left allmulticast mode
[ 1746.654459][ T1345] bridge_slave_1: left promiscuous mode
[ 1746.660595][ T1345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1746.675029][ T1345] bridge_slave_0: left allmulticast mode
[ 1746.680726][ T1345] bridge_slave_0: left promiscuous mode
[ 1746.689711][ T1345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1746.764227][ T1345] batman_adv: batadv0: Interface deactivated: macsec1
[ 1746.773274][ T1345] batman_adv: batadv0: Removing interface: macsec1
[ 1746.830751][ T1345] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1746.840636][ T1345] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1746.851168][ T1345] bond0 (unregistering): Released all slaves
[ 1747.071014][ T1345] hsr_slave_0: left promiscuous mode
[ 1747.085602][ T1345] hsr_slave_1: left promiscuous mode
[ 1747.091384][ T1345] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1747.102554][ T1345] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1747.111266][ T1345] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1747.123110][ T1345] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1747.135434][ T1345] veth1_macvtap: left promiscuous mode
[ 1747.140960][ T1345] veth0_macvtap: left promiscuous mode
[ 1747.149977][ T1345] veth1_vlan: left promiscuous mode
[ 1747.155380][ T1345] veth0_vlan: left promiscuous mode
[ 1747.264682][ T1345] team0 (unregistering): Port device team_slave_1 removed
[ 1747.302370][ T1345] team0 (unregistering): Port device team_slave_0 removed